// This file was autogenerated by go-to-protobuf. Do not edit it manually! syntax = "proto2"; package github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1; import "k8s.io/api/core/v1/generated.proto"; import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto"; import "k8s.io/apimachinery/pkg/runtime/generated.proto"; import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto"; // Package-wide variables from generator "generated". option go_package = "v1alpha1"; // AWSAuthConfig is an AWS IAM authentication configuration message AWSAuthConfig { // ClusterName contains AWS cluster name optional string clusterName = 1; // RoleARN contains optional role ARN. If set then AWS IAM Authenticator assume a role to perform cluster operations instead of the default AWS credential provider chain. optional string roleARN = 2; } // AppProject provides a logical grouping of applications, providing controls for: // * where the apps may deploy to (cluster whitelist) // * what may be deployed (repository whitelist, resource whitelist/blacklist) // * who can access these applications (roles, OIDC group claims bindings) // * and what they can do (RBAC policies) // * automation access to these roles (JWT tokens) // +genclient // +genclient:noStatus // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +kubebuilder:resource:path=appprojects,shortName=appproj;appprojs message AppProject { optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; optional AppProjectSpec spec = 2; optional AppProjectStatus status = 3; } // AppProjectList is list of AppProject resources // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object message AppProjectList { optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; repeated AppProject items = 2; } // AppProjectSpec is the specification of an AppProject message AppProjectSpec { // SourceRepos contains list of repository URLs which can be used for deployment repeated string sourceRepos = 1; // Destinations contains list of destinations available for deployment repeated ApplicationDestination destinations = 2; // Description contains optional project description optional string description = 3; // Roles are user defined RBAC roles associated with this project repeated ProjectRole roles = 4; // ClusterResourceWhitelist contains list of whitelisted cluster level resources repeated k8s.io.apimachinery.pkg.apis.meta.v1.GroupKind clusterResourceWhitelist = 5; // NamespaceResourceBlacklist contains list of blacklisted namespace level resources repeated k8s.io.apimachinery.pkg.apis.meta.v1.GroupKind namespaceResourceBlacklist = 6; // OrphanedResources specifies if controller should monitor orphaned resources of apps in this project optional OrphanedResourcesMonitorSettings orphanedResources = 7; // SyncWindows controls when syncs can be run for apps in this project repeated SyncWindow syncWindows = 8; // NamespaceResourceWhitelist contains list of whitelisted namespace level resources repeated k8s.io.apimachinery.pkg.apis.meta.v1.GroupKind namespaceResourceWhitelist = 9; // SignatureKeys contains a list of PGP key IDs that commits in Git must be signed with in order to be allowed for sync repeated SignatureKey signatureKeys = 10; // ClusterResourceBlacklist contains list of blacklisted cluster level resources repeated k8s.io.apimachinery.pkg.apis.meta.v1.GroupKind clusterResourceBlacklist = 11; } // AppProjectStatus contains status information for AppProject CRs message AppProjectStatus { // JWTTokensByRole contains a list of JWT tokens issued for a given role map jwtTokensByRole = 1; } // Application is a definition of Application resource. // +genclient // +genclient:noStatus // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +kubebuilder:resource:path=applications,shortName=app;apps // +kubebuilder:printcolumn:name="Sync Status",type=string,JSONPath=`.status.sync.status` // +kubebuilder:printcolumn:name="Health Status",type=string,JSONPath=`.status.health.status` // +kubebuilder:printcolumn:name="Revision",type=string,JSONPath=`.status.sync.revision`,priority=10 message Application { optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; optional ApplicationSpec spec = 2; optional ApplicationStatus status = 3; optional Operation operation = 4; } // ApplicationCondition contains details about an application condition, which is usally an error or warning message ApplicationCondition { // Type is an application condition type optional string type = 1; // Message contains human-readable message indicating details about condition optional string message = 2; // LastTransitionTime is the time the condition was last observed optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3; } // ApplicationDestination holds information about the application's destination message ApplicationDestination { // Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API optional string server = 1; // Namespace specifies the target namespace for the application's resources. // The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace optional string namespace = 2; // Name is an alternate way of specifying the target cluster by its symbolic name optional string name = 3; } // ApplicationList is list of Application resources // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object message ApplicationList { optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; repeated Application items = 2; } // ApplicationSource contains all required information about the source of an application message ApplicationSource { // RepoURL is the URL to the repository (Git or Helm) that contains the application manifests optional string repoURL = 1; // Path is a directory path within the Git repository, and is only valid for applications sourced from Git. optional string path = 2; // TargetRevision defines the revision of the source to sync the application to. // In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. // In case of Helm, this is a semver tag for the Chart's version. optional string targetRevision = 4; // Helm holds helm specific options optional ApplicationSourceHelm helm = 7; // Kustomize holds kustomize specific options optional ApplicationSourceKustomize kustomize = 8; // Ksonnet holds ksonnet specific options optional ApplicationSourceKsonnet ksonnet = 9; // Directory holds path/directory specific options optional ApplicationSourceDirectory directory = 10; // ConfigManagementPlugin holds config management plugin specific options optional ApplicationSourcePlugin plugin = 11; // Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. optional string chart = 12; } // ApplicationSourceDirectory holds options for applications of type plain YAML or Jsonnet message ApplicationSourceDirectory { // Recurse specifies whether to scan a directory recursively for manifests optional bool recurse = 1; // Jsonnet holds options specific to Jsonnet optional ApplicationSourceJsonnet jsonnet = 2; // Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation optional string exclude = 3; // Include contains a glob pattern to match paths against that should be explicitly included during manifest generation optional string include = 4; } // ApplicationSourceHelm holds helm specific options message ApplicationSourceHelm { // ValuesFiles is a list of Helm value files to use when generating a template repeated string valueFiles = 1; // Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation repeated HelmParameter parameters = 2; // ReleaseName is the Helm release name to use. If omitted it will use the application name optional string releaseName = 3; // Values specifies Helm values to be passed to helm template, typically defined as a block optional string values = 4; // FileParameters are file parameters to the helm template repeated HelmFileParameter fileParameters = 5; // Version is the Helm version to use for templating (either "2" or "3") optional string version = 6; } // ApplicationSourceJsonnet holds options specific to applications of type Jsonnet message ApplicationSourceJsonnet { // ExtVars is a list of Jsonnet External Variables repeated JsonnetVar extVars = 1; // TLAS is a list of Jsonnet Top-level Arguments repeated JsonnetVar tlas = 2; // Additional library search dirs repeated string libs = 3; } // ApplicationSourceKsonnet holds ksonnet specific options message ApplicationSourceKsonnet { // Environment is a ksonnet application environment name optional string environment = 1; // Parameters are a list of ksonnet component parameter override values repeated KsonnetParameter parameters = 2; } // ApplicationSourceKustomize holds options specific to an Application source specific to Kustomize message ApplicationSourceKustomize { // NamePrefix is a prefix appended to resources for Kustomize apps optional string namePrefix = 1; // NameSuffix is a suffix appended to resources for Kustomize apps optional string nameSuffix = 2; // Images is a list of Kustomize image override specifications repeated string images = 3; // CommonLabels is a list of additional labels to add to rendered manifests map commonLabels = 4; // Version controls which version of Kustomize to use for rendering manifests optional string version = 5; // CommonAnnotations is a list of additional annotations to add to rendered manifests map commonAnnotations = 6; // ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps optional bool forceCommonLabels = 7; // ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps optional bool forceCommonAnnotations = 8; } // ApplicationSourcePlugin holds options specific to config management plugins message ApplicationSourcePlugin { optional string name = 1; repeated EnvEntry env = 2; } // ApplicationSpec represents desired application state. Contains link to repository with application definition and additional parameters link definition revision. message ApplicationSpec { // Source is a reference to the location of the application's manifests or chart optional ApplicationSource source = 1; // Destination is a reference to the target Kubernetes server and namespace optional ApplicationDestination destination = 2; // Project is a reference to the project this application belongs to. // The empty string means that application belongs to the 'default' project. optional string project = 3; // SyncPolicy controls when and how a sync will be performed optional SyncPolicy syncPolicy = 4; // IgnoreDifferences is a list of resources and their fields which should be ignored during comparison repeated ResourceIgnoreDifferences ignoreDifferences = 5; // Info contains a list of information (URLs, email addresses, and plain text) that relates to the application repeated Info info = 6; // RevisionHistoryLimit limits the number of items kept in the application's revision history, which is used for informational purposes as well as for rollbacks to previous versions. // This should only be changed in exceptional circumstances. // Setting to zero will store no history. This will reduce storage used. // Increasing will increase the space used to store the history, so we do not recommend increasing it. // Default is 10. optional int64 revisionHistoryLimit = 7; } // ApplicationStatus contains status information for the application message ApplicationStatus { // Resources is a list of Kubernetes resources managed by this application repeated ResourceStatus resources = 1; // Sync contains information about the application's current sync status optional SyncStatus sync = 2; // Health contains information about the application's current health status optional HealthStatus health = 3; // History contains information about the application's sync history repeated RevisionHistory history = 4; // Conditions is a list of currently observed application conditions repeated ApplicationCondition conditions = 5; // ReconciledAt indicates when the application state was reconciled using the latest git version optional k8s.io.apimachinery.pkg.apis.meta.v1.Time reconciledAt = 6; // OperationState contains information about any ongoing operations, such as a sync optional OperationState operationState = 7; // ObservedAt indicates when the application state was updated without querying latest git state // Deprecated: controller no longer updates ObservedAt field optional k8s.io.apimachinery.pkg.apis.meta.v1.Time observedAt = 8; // SourceType specifies the type of this application optional string sourceType = 9; // Summary contains a list of URLs and container images used by this application optional ApplicationSummary summary = 10; } // ApplicationSummary contains information about URLs and container images used by an application message ApplicationSummary { // ExternalURLs holds all external URLs of application child resources. repeated string externalURLs = 1; // Images holds all images of application child resources. repeated string images = 2; } // ApplicationTree holds nodes which belongs to the application // TODO: describe purpose of this type message ApplicationTree { // Nodes contains list of nodes which either directly managed by the application and children of directly managed nodes. repeated ResourceNode nodes = 1; // OrphanedNodes contains if or orphaned nodes: nodes which are not managed by the app but in the same namespace. List is populated only if orphaned resources enabled in app project. repeated ResourceNode orphanedNodes = 2; // Hosts holds list of Kubernetes nodes that run application related pods repeated HostInfo hosts = 3; } // ApplicationWatchEvent contains information about application change. message ApplicationWatchEvent { optional string type = 1; // Application is: // * If Type is Added or Modified: the new state of the object. // * If Type is Deleted: the state of the object immediately before deletion. // * If Type is Error: *api.Status is recommended; other types may make sense // depending on context. optional Application application = 2; } // Backoff is the backoff strategy to use on subsequent retries for failing syncs message Backoff { // Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") optional string duration = 1; // Factor is a factor to multiply the base duration after each failed retry optional int64 factor = 2; // MaxDuration is the maximum amount of time allowed for the backoff strategy optional string maxDuration = 3; } // Cluster is the definition of a cluster resource message Cluster { // Server is the API server URL of the Kubernetes cluster optional string server = 1; // Name of the cluster. If omitted, will use the server address optional string name = 2; // Config holds cluster information for connecting to a cluster optional ClusterConfig config = 3; // DEPRECATED: use Info.ConnectionState field instead. // ConnectionState contains information about cluster connection state optional ConnectionState connectionState = 4; // DEPRECATED: use Info.ServerVersion field instead. // The server version optional string serverVersion = 5; // Holds list of namespaces which are accessible in that cluster. Cluster level resources will be ignored if namespace list is not empty. repeated string namespaces = 6; // RefreshRequestedAt holds time when cluster cache refresh has been requested optional k8s.io.apimachinery.pkg.apis.meta.v1.Time refreshRequestedAt = 7; // Info holds information about cluster cache and state optional ClusterInfo info = 8; // Shard contains optional shard number. Calculated on the fly by the application controller if not specified. optional int64 shard = 9; // Indicates if cluster level resources should be managed. This setting is used only if cluster is connected in a namespaced mode. optional bool clusterResources = 10; // Reference between project and cluster that allow you automatically to be added as item inside Destinations project entity optional string project = 11; } // ClusterCacheInfo contains information about the cluster cache message ClusterCacheInfo { // ResourcesCount holds number of observed Kubernetes resources optional int64 resourcesCount = 1; // APIsCount holds number of observed Kubernetes API count optional int64 apisCount = 2; // LastCacheSyncTime holds time of most recent cache synchronization optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastCacheSyncTime = 3; } // ClusterConfig is the configuration attributes. This structure is subset of the go-client // rest.Config with annotations added for marshalling. message ClusterConfig { // Server requires Basic authentication optional string username = 1; optional string password = 2; // Server requires Bearer authentication. This client will not attempt to use // refresh tokens for an OAuth2 flow. // TODO: demonstrate an OAuth2 compatible client. optional string bearerToken = 3; // TLSClientConfig contains settings to enable transport layer security optional TLSClientConfig tlsClientConfig = 4; // AWSAuthConfig contains IAM authentication configuration optional AWSAuthConfig awsAuthConfig = 5; // ExecProviderConfig contains configuration for an exec provider optional ExecProviderConfig execProviderConfig = 6; } // ClusterInfo contains information about the cluster message ClusterInfo { // ConnectionState contains information about the connection to the cluster optional ConnectionState connectionState = 1; // ServerVersion contains information about the Kubernetes version of the cluster optional string serverVersion = 2; // CacheInfo contains information about the cluster cache optional ClusterCacheInfo cacheInfo = 3; // ApplicationsCount is the number of applications managed by Argo CD on the cluster optional int64 applicationsCount = 4; // APIVersions contains list of API versions supported by the cluster repeated string apiVersions = 5; } // ClusterList is a collection of Clusters. message ClusterList { optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; repeated Cluster items = 2; } // Command holds binary path and arguments list message Command { repeated string command = 1; repeated string args = 2; } // ComparedTo contains application source and target which was used for resources comparison message ComparedTo { // Source is a reference to the application's source used for comparison optional ApplicationSource source = 1; // Destination is a reference to the application's destination used for comparison optional ApplicationDestination destination = 2; } // ComponentParameter contains information about component parameter value message ComponentParameter { optional string component = 1; optional string name = 2; optional string value = 3; } // ConfigManagementPlugin contains config management plugin configuration message ConfigManagementPlugin { optional string name = 1; optional Command init = 2; optional Command generate = 3; } // ConnectionState contains information about remote resource connection state, currently used for clusters and repositories message ConnectionState { // Status contains the current status indicator for the connection optional string status = 1; // Message contains human readable information about the connection status optional string message = 2; // ModifiedAt contains the timestamp when this connection status has been determined optional k8s.io.apimachinery.pkg.apis.meta.v1.Time attemptedAt = 3; } // EnvEntry represents an entry in the application's environment message EnvEntry { // Name is the name of the variable, usually expressed in uppercase optional string name = 1; // Value is the value of the variable optional string value = 2; } // ExecProviderConfig is config used to call an external command to perform cluster authentication // See: https://godoc.org/k8s.io/client-go/tools/clientcmd/api#ExecConfig message ExecProviderConfig { // Command to execute optional string command = 1; // Arguments to pass to the command when executing it repeated string args = 2; // Env defines additional environment variables to expose to the process map env = 3; // Preferred input version of the ExecInfo optional string apiVersion = 4; // This text is shown to the user when the executable doesn't seem to be present optional string installHint = 5; } // GnuPGPublicKey is a representation of a GnuPG public key message GnuPGPublicKey { // KeyID specifies the key ID, in hexadecimal string format optional string keyID = 1; // Fingerprint is the fingerprint of the key optional string fingerprint = 2; // Owner holds the owner identification, e.g. a name and e-mail address optional string owner = 3; // Trust holds the level of trust assigned to this key optional string trust = 4; // SubType holds the key's sub type (e.g. rsa4096) optional string subType = 5; // KeyData holds the raw key data, in base64 encoded format optional string keyData = 6; } // GnuPGPublicKeyList is a collection of GnuPGPublicKey objects message GnuPGPublicKeyList { optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; repeated GnuPGPublicKey items = 2; } // HealthStatus contains information about the currently observed health state of an application or resource message HealthStatus { // Status holds the status code of the application or resource optional string status = 1; // Message is a human-readable informational message describing the health status optional string message = 2; } // HelmFileParameter is a file parameter that's passed to helm template during manifest generation message HelmFileParameter { // Name is the name of the Helm parameter optional string name = 1; // Path is the path to the file containing the values for the Helm parameter optional string path = 2; } // HelmParameter is a parameter that's passed to helm template during manifest generation message HelmParameter { // Name is the name of the Helm parameter optional string name = 1; // Value is the value for the Helm parameter optional string value = 2; // ForceString determines whether to tell Helm to interpret booleans and numbers as strings optional bool forceString = 3; } // HostInfo holds host name and resources metrics // TODO: describe purpose of this type // TODO: describe members of this type message HostInfo { optional string name = 1; repeated HostResourceInfo resourcesInfo = 2; optional k8s.io.api.core.v1.NodeSystemInfo systemInfo = 3; } // TODO: describe this type message HostResourceInfo { optional string resourceName = 1; optional int64 requestedByApp = 2; optional int64 requestedByNeighbors = 3; optional int64 capacity = 4; } message Info { optional string name = 1; optional string value = 2; } // InfoItem contains arbitrary, human readable information about an application message InfoItem { // Name is a human readable title for this piece of information. optional string name = 1; // Value is human readable content. optional string value = 2; } // JWTToken holds the issuedAt and expiresAt values of a token message JWTToken { optional int64 iat = 1; optional int64 exp = 2; optional string id = 3; } // JWTTokens represents a list of JWT tokens message JWTTokens { repeated JWTToken items = 1; } // JsonnetVar represents a variable to be passed to jsonnet during manifest generation message JsonnetVar { optional string name = 1; optional string value = 2; optional bool code = 3; } // KnownTypeField contains mapping between CRD field and known Kubernetes type. // This is mainly used for unit conversion in unknown resources (e.g. 0.1 == 100mi) // TODO: Describe the members of this type message KnownTypeField { optional string field = 1; optional string type = 2; } // KsonnetParameter is a ksonnet component parameter message KsonnetParameter { optional string component = 1; optional string name = 2; optional string value = 3; } // KustomizeOptions are options for kustomize to use when building manifests message KustomizeOptions { // BuildOptions is a string of build parameters to use when calling `kustomize build` optional string buildOptions = 1; // BinaryPath holds optional path to kustomize binary optional string binaryPath = 2; } // Operation contains information about a requested or running operation message Operation { // Sync contains parameters for the operation optional SyncOperation sync = 1; // InitiatedBy contains information about who initiated the operations optional OperationInitiator initiatedBy = 2; // Info is a list of informational items for this operation repeated Info info = 3; // Retry controls the strategy to apply if a sync fails optional RetryStrategy retry = 4; } // OperationInitiator contains information about the initiator of an operation message OperationInitiator { // Username contains the name of a user who started operation optional string username = 1; // Automated is set to true if operation was initiated automatically by the application controller. optional bool automated = 2; } // OperationState contains information about state of a running operation message OperationState { // Operation is the original requested operation optional Operation operation = 1; // Phase is the current phase of the operation optional string phase = 2; // Message holds any pertinent messages when attempting to perform operation (typically errors). optional string message = 3; // SyncResult is the result of a Sync operation optional SyncOperationResult syncResult = 4; // StartedAt contains time of operation start optional k8s.io.apimachinery.pkg.apis.meta.v1.Time startedAt = 6; // FinishedAt contains time of operation completion optional k8s.io.apimachinery.pkg.apis.meta.v1.Time finishedAt = 7; // RetryCount contains time of operation retries optional int64 retryCount = 8; } // OrphanedResourceKey is a reference to a resource to be ignored from message OrphanedResourceKey { optional string group = 1; optional string kind = 2; optional string name = 3; } // OrphanedResourcesMonitorSettings holds settings of orphaned resources monitoring message OrphanedResourcesMonitorSettings { // Warn indicates if warning condition should be created for apps which have orphaned resources optional bool warn = 1; // Ignore contains a list of resources that are to be excluded from orphaned resources monitoring repeated OrphanedResourceKey ignore = 2; } // TODO: describe this type message OverrideIgnoreDiff { repeated string jSONPointers = 1; repeated string jqPathExpressions = 2; } // ProjectRole represents a role that has access to a project message ProjectRole { // Name is a name for this role optional string name = 1; // Description is a description of the role optional string description = 2; // Policies Stores a list of casbin formatted strings that define access policies for the role in the project repeated string policies = 3; // JWTTokens are a list of generated JWT tokens bound to this role repeated JWTToken jwtTokens = 4; // Groups are a list of OIDC group claims bound to this role repeated string groups = 5; } // RepoCreds holds the definition for repository credentials message RepoCreds { // URL is the URL that this credentials matches to optional string url = 1; // Username for authenticating at the repo server optional string username = 2; // Password for authenticating at the repo server optional string password = 3; // SSHPrivateKey contains the private key data for authenticating at the repo server using SSH (only Git repos) optional string sshPrivateKey = 4; // TLSClientCertData specifies the TLS client cert data for authenticating at the repo server optional string tlsClientCertData = 5; // TLSClientCertKey specifies the TLS client cert key for authenticating at the repo server optional string tlsClientCertKey = 6; // GithubAppPrivateKey specifies the private key PEM data for authentication via GitHub app optional string githubAppPrivateKey = 7; // GithubAppId specifies the Github App ID of the app used to access the repo for GitHub app authentication optional int64 githubAppID = 8; // GithubAppInstallationId specifies the ID of the installed GitHub App for GitHub app authentication optional int64 githubAppInstallationID = 9; // GithubAppEnterpriseBaseURL specifies the GitHub API URL for GitHub app authentication. If empty will default to https://api.github.com optional string githubAppEnterpriseBaseUrl = 10; // EnableOCI specifies whether helm-oci support should be enabled for this repo optional bool enableOCI = 11; // Type specifies the type of the repoCreds. Can be either "git" or "helm. "git" is assumed if empty or absent. optional string type = 12; } // RepositoryList is a collection of Repositories. message RepoCredsList { optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; repeated RepoCreds items = 2; } // Repository is a repository holding application configurations message Repository { // Repo contains the URL to the remote repository optional string repo = 1; // Username contains the user name used for authenticating at the remote repository optional string username = 2; // Password contains the password or PAT used for authenticating at the remote repository optional string password = 3; // SSHPrivateKey contains the PEM data for authenticating at the repo server. Only used with Git repos. optional string sshPrivateKey = 4; // ConnectionState contains information about the current state of connection to the repository server optional ConnectionState connectionState = 5; // InsecureIgnoreHostKey should not be used anymore, Insecure is favoured // Used only for Git repos optional bool insecureIgnoreHostKey = 6; // Insecure specifies whether the connection to the repository ignores any errors when verifying TLS certificates or SSH host keys optional bool insecure = 7; // EnableLFS specifies whether git-lfs support should be enabled for this repo. Only valid for Git repositories. optional bool enableLfs = 8; // TLSClientCertData contains a certificate in PEM format for authenticating at the repo server optional string tlsClientCertData = 9; // TLSClientCertKey contains a private key in PEM format for authenticating at the repo server optional string tlsClientCertKey = 10; // Type specifies the type of the repo. Can be either "git" or "helm. "git" is assumed if empty or absent. optional string type = 11; // Name specifies a name to be used for this repo. Only used with Helm repos optional string name = 12; // Whether credentials were inherited from a credential set optional bool inheritedCreds = 13; // EnableOCI specifies whether helm-oci support should be enabled for this repo optional bool enableOCI = 14; // Github App Private Key PEM data optional string githubAppPrivateKey = 15; // GithubAppId specifies the ID of the GitHub app used to access the repo optional int64 githubAppID = 16; // GithubAppInstallationId specifies the installation ID of the GitHub App used to access the repo optional int64 githubAppInstallationID = 17; // GithubAppEnterpriseBaseURL specifies the base URL of GitHub Enterprise installation. If empty will default to https://api.github.com optional string githubAppEnterpriseBaseUrl = 18; // Proxy specifies the HTTP/HTTPS proxy used to access the repo optional string proxy = 19; // Reference between project and repository that allow you automatically to be added as item inside SourceRepos project entity optional string project = 20; } // A RepositoryCertificate is either SSH known hosts entry or TLS certificate message RepositoryCertificate { // ServerName specifies the DNS name of the server this certificate is intended for optional string serverName = 1; // CertType specifies the type of the certificate - currently one of "https" or "ssh" optional string certType = 2; // CertSubType specifies the sub type of the cert, i.e. "ssh-rsa" optional string certSubType = 3; // CertData contains the actual certificate data, dependent on the certificate type optional bytes certData = 4; // CertInfo will hold additional certificate info, depdendent on the certificate type (e.g. SSH fingerprint, X509 CommonName) optional string certInfo = 5; } // RepositoryCertificateList is a collection of RepositoryCertificates message RepositoryCertificateList { optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; // List of certificates to be processed repeated RepositoryCertificate items = 2; } // RepositoryList is a collection of Repositories. message RepositoryList { optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1; repeated Repository items = 2; } // TODO: describe this type // TODO: describe members of this type message ResourceAction { optional string name = 1; repeated ResourceActionParam params = 2; optional bool disabled = 3; } // TODO: describe this type // TODO: describe members of this type message ResourceActionDefinition { optional string name = 1; optional string actionLua = 2; } // TODO: describe this type // TODO: describe members of this type message ResourceActionParam { optional string name = 1; optional string value = 2; optional string type = 3; optional string default = 4; } // TODO: describe this type // TODO: describe members of this type message ResourceActions { optional string actionDiscoveryLua = 1; repeated ResourceActionDefinition definitions = 2; } // ResourceDiff holds the diff of a live and target resource object // TODO: describe members of this type message ResourceDiff { optional string group = 1; optional string kind = 2; optional string namespace = 3; optional string name = 4; // TargetState contains the JSON serialized resource manifest defined in the Git/Helm optional string targetState = 5; // TargetState contains the JSON live resource manifest optional string liveState = 6; // Diff contains the JSON patch between target and live resource // Deprecated: use NormalizedLiveState and PredictedLiveState to render the difference optional string diff = 7; optional bool hook = 8; // NormalizedLiveState contains JSON serialized live resource state with applied normalizations optional string normalizedLiveState = 9; // PredictedLiveState contains JSON serialized resource state that is calculated based on normalized and target resource state optional string predictedLiveState = 10; optional string resourceVersion = 11; optional bool modified = 12; } // ResourceIgnoreDifferences contains resource filter and list of json paths which should be ignored during comparison with live state. message ResourceIgnoreDifferences { optional string group = 1; optional string kind = 2; optional string name = 3; optional string namespace = 4; repeated string jsonPointers = 5; repeated string jqPathExpressions = 6; } // ResourceNetworkingInfo holds networking resource related information // TODO: describe members of this type message ResourceNetworkingInfo { map targetLabels = 1; repeated ResourceRef targetRefs = 2; map labels = 3; repeated k8s.io.api.core.v1.LoadBalancerIngress ingress = 4; // ExternalURLs holds list of URLs which should be available externally. List is populated for ingress resources using rules hostnames. repeated string externalURLs = 5; } // ResourceNode contains information about live resource and its children // TODO: describe members of this type message ResourceNode { optional ResourceRef resourceRef = 1; repeated ResourceRef parentRefs = 2; repeated InfoItem info = 3; optional ResourceNetworkingInfo networkingInfo = 4; optional string resourceVersion = 5; repeated string images = 6; optional HealthStatus health = 7; optional k8s.io.apimachinery.pkg.apis.meta.v1.Time createdAt = 8; } // ResourceOverride holds configuration to customize resource diffing and health assessment // TODO: describe the members of this type message ResourceOverride { optional string healthLua = 1; optional bool useOpenLibs = 5; optional string actions = 3; optional OverrideIgnoreDiff ignoreDifferences = 2; repeated KnownTypeField knownTypeFields = 4; } // ResourceRef includes fields which uniquely identify a resource message ResourceRef { optional string group = 1; optional string version = 2; optional string kind = 3; optional string namespace = 4; optional string name = 5; optional string uid = 6; } // ResourceResult holds the operation result details of a specific resource message ResourceResult { // Group specifies the API group of the resource optional string group = 1; // Version specifies the API version of the resource optional string version = 2; // Kind specifies the API kind of the resource optional string kind = 3; // Namespace specifies the target namespace of the resource optional string namespace = 4; // Name specifies the name of the resource optional string name = 5; // Status holds the final result of the sync. Will be empty if the resources is yet to be applied/pruned and is always zero-value for hooks optional string status = 6; // Message contains an informational or error message for the last sync OR operation optional string message = 7; // HookType specifies the type of the hook. Empty for non-hook resources optional string hookType = 8; // HookPhase contains the state of any operation associated with this resource OR hook // This can also contain values for non-hook resources. optional string hookPhase = 9; // SyncPhase indicates the particular phase of the sync that this result was acquired in optional string syncPhase = 10; } // ResourceStatus holds the current sync and health status of a resource // TODO: describe members of this type message ResourceStatus { optional string group = 1; optional string version = 2; optional string kind = 3; optional string namespace = 4; optional string name = 5; optional string status = 6; optional HealthStatus health = 7; optional bool hook = 8; optional bool requiresPruning = 9; } // RetryStrategy contains information about the strategy to apply when a sync failed message RetryStrategy { // Limit is the maximum number of attempts for retrying a failed sync. If set to 0, no retries will be performed. optional int64 limit = 1; // Backoff controls how to backoff on subsequent retries of failed syncs optional Backoff backoff = 2; } // RevisionHistory contains history information about a previous sync message RevisionHistory { // Revision holds the revision the sync was performed against optional string revision = 2; // DeployedAt holds the time the sync operation completed optional k8s.io.apimachinery.pkg.apis.meta.v1.Time deployedAt = 4; // ID is an auto incrementing identifier of the RevisionHistory optional int64 id = 5; // Source is a reference to the application source used for the sync operation optional ApplicationSource source = 6; // DeployStartedAt holds the time the sync operation started optional k8s.io.apimachinery.pkg.apis.meta.v1.Time deployStartedAt = 7; } // RevisionMetadata contains metadata for a specific revision in a Git repository message RevisionMetadata { // who authored this revision, // typically their name and email, e.g. "John Doe ", // but might not match this example optional string author = 1; // Date specifies when the revision was authored optional k8s.io.apimachinery.pkg.apis.meta.v1.Time date = 2; // Tags specifies any tags currently attached to the revision // Floating tags can move from one revision to another repeated string tags = 3; // Message contains the message associated with the revision, most likely the commit message. // The message is truncated to the first newline or 64 characters (which ever comes first) optional string message = 4; // SignatureInfo contains a hint on the signer if the revision was signed with GPG, and signature verification is enabled. optional string signatureInfo = 5; } // SignatureKey is the specification of a key required to verify commit signatures with message SignatureKey { // The ID of the key in hexadecimal notation optional string keyID = 1; } // SyncOperation contains details about a sync operation. message SyncOperation { // Revision is the revision (Git) or chart version (Helm) which to sync the application to // If omitted, will use the revision specified in app spec. optional string revision = 1; // Prune specifies to delete resources from the cluster that are no longer tracked in git optional bool prune = 2; // DryRun specifies to perform a `kubectl apply --dry-run` without actually performing the sync optional bool dryRun = 3; // SyncStrategy describes how to perform the sync optional SyncStrategy syncStrategy = 4; // Resources describes which resources shall be part of the sync repeated SyncOperationResource resources = 6; // Source overrides the source definition set in the application. // This is typically set in a Rollback operation and is nil during a Sync operation optional ApplicationSource source = 7; // Manifests is an optional field that overrides sync source with a local directory for development repeated string manifests = 8; // SyncOptions provide per-sync sync-options, e.g. Validate=false repeated string syncOptions = 9; } // SyncOperationResource contains resources to sync. message SyncOperationResource { optional string group = 1; optional string kind = 2; optional string name = 3; optional string namespace = 4; } // SyncOperationResult represent result of sync operation message SyncOperationResult { // Resources contains a list of sync result items for each individual resource in a sync operation repeated ResourceResult resources = 1; // Revision holds the revision this sync operation was performed to optional string revision = 2; // Source records the application source information of the sync, used for comparing auto-sync optional ApplicationSource source = 3; } // SyncPolicy controls when a sync will be performed in response to updates in git message SyncPolicy { // Automated will keep an application synced to the target revision optional SyncPolicyAutomated automated = 1; // Options allow you to specify whole app sync-options repeated string syncOptions = 2; // Retry controls failed sync retry behavior optional RetryStrategy retry = 3; } // SyncPolicyAutomated controls the behavior of an automated sync message SyncPolicyAutomated { // Prune specifies whether to delete resources from the cluster that are not found in the sources anymore as part of automated sync (default: false) optional bool prune = 1; // SelfHeal specifes whether to revert resources back to their desired state upon modification in the cluster (default: false) optional bool selfHeal = 2; // AllowEmpty allows apps have zero live resources (default: false) optional bool allowEmpty = 3; } // SyncStatus contains information about the currently observed live and desired states of an application message SyncStatus { // Status is the sync state of the comparison optional string status = 1; // ComparedTo contains information about what has been compared optional ComparedTo comparedTo = 2; // Revision contains information about the revision the comparison has been performed to optional string revision = 3; } // SyncStrategy controls the manner in which a sync is performed message SyncStrategy { // Apply will perform a `kubectl apply` to perform the sync. optional SyncStrategyApply apply = 1; // Hook will submit any referenced resources to perform the sync. This is the default strategy optional SyncStrategyHook hook = 2; } // SyncStrategyApply uses `kubectl apply` to perform the apply message SyncStrategyApply { // Force indicates whether or not to supply the --force flag to `kubectl apply`. // The --force flag deletes and re-create the resource, when PATCH encounters conflict and has // retried for 5 times. optional bool force = 1; } // SyncStrategyHook will perform a sync using hooks annotations. // If no hook annotation is specified falls back to `kubectl apply`. message SyncStrategyHook { // Embed SyncStrategyApply type to inherit any `apply` options // +optional optional SyncStrategyApply syncStrategyApply = 1; } // SyncWindow contains the kind, time, duration and attributes that are used to assign the syncWindows to apps message SyncWindow { // Kind defines if the window allows or blocks syncs optional string kind = 1; // Schedule is the time the window will begin, specified in cron format optional string schedule = 2; // Duration is the amount of time the sync window will be open optional string duration = 3; // Applications contains a list of applications that the window will apply to repeated string applications = 4; // Namespaces contains a list of namespaces that the window will apply to repeated string namespaces = 5; // Clusters contains a list of clusters that the window will apply to repeated string clusters = 6; // ManualSync enables manual syncs when they would otherwise be blocked optional bool manualSync = 7; } // TLSClientConfig contains settings to enable transport layer security message TLSClientConfig { // Insecure specifies that the server should be accessed without verifying the TLS certificate. For testing only. optional bool insecure = 1; // ServerName is passed to the server for SNI and is used in the client to check server // certificates against. If ServerName is empty, the hostname used to contact the // server is used. optional string serverName = 2; // CertData holds PEM-encoded bytes (typically read from a client certificate file). // CertData takes precedence over CertFile optional bytes certData = 3; // KeyData holds PEM-encoded bytes (typically read from a client certificate key file). // KeyData takes precedence over KeyFile optional bytes keyData = 4; // CAData holds PEM-encoded bytes (typically read from a root certificates bundle). // CAData takes precedence over CAFile optional bytes caData = 5; }