mirror of
https://github.com/argoproj/argo-cd
synced 2026-04-21 17:07:16 +00:00
1348 lines
47 KiB
Protocol Buffer
1348 lines
47 KiB
Protocol Buffer
|
|
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
|
|
|
|
syntax = "proto2";
|
|
|
|
package github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1;
|
|
|
|
import "k8s.io/api/core/v1/generated.proto";
|
|
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
|
|
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
|
|
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
|
|
|
|
// Package-wide variables from generator "generated".
|
|
option go_package = "v1alpha1";
|
|
|
|
// AWSAuthConfig is an AWS IAM authentication configuration
|
|
message AWSAuthConfig {
|
|
// ClusterName contains AWS cluster name
|
|
optional string clusterName = 1;
|
|
|
|
// RoleARN contains optional role ARN. If set then AWS IAM Authenticator assume a role to perform cluster operations instead of the default AWS credential provider chain.
|
|
optional string roleARN = 2;
|
|
}
|
|
|
|
// AppProject provides a logical grouping of applications, providing controls for:
|
|
// * where the apps may deploy to (cluster whitelist)
|
|
// * what may be deployed (repository whitelist, resource whitelist/blacklist)
|
|
// * who can access these applications (roles, OIDC group claims bindings)
|
|
// * and what they can do (RBAC policies)
|
|
// * automation access to these roles (JWT tokens)
|
|
// +genclient
|
|
// +genclient:noStatus
|
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
|
// +kubebuilder:resource:path=appprojects,shortName=appproj;appprojs
|
|
message AppProject {
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
|
|
|
|
optional AppProjectSpec spec = 2;
|
|
|
|
optional AppProjectStatus status = 3;
|
|
}
|
|
|
|
// AppProjectList is list of AppProject resources
|
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
|
message AppProjectList {
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
|
|
|
|
repeated AppProject items = 2;
|
|
}
|
|
|
|
// AppProjectSpec is the specification of an AppProject
|
|
message AppProjectSpec {
|
|
// SourceRepos contains list of repository URLs which can be used for deployment
|
|
repeated string sourceRepos = 1;
|
|
|
|
// Destinations contains list of destinations available for deployment
|
|
repeated ApplicationDestination destinations = 2;
|
|
|
|
// Description contains optional project description
|
|
optional string description = 3;
|
|
|
|
// Roles are user defined RBAC roles associated with this project
|
|
repeated ProjectRole roles = 4;
|
|
|
|
// ClusterResourceWhitelist contains list of whitelisted cluster level resources
|
|
repeated k8s.io.apimachinery.pkg.apis.meta.v1.GroupKind clusterResourceWhitelist = 5;
|
|
|
|
// NamespaceResourceBlacklist contains list of blacklisted namespace level resources
|
|
repeated k8s.io.apimachinery.pkg.apis.meta.v1.GroupKind namespaceResourceBlacklist = 6;
|
|
|
|
// OrphanedResources specifies if controller should monitor orphaned resources of apps in this project
|
|
optional OrphanedResourcesMonitorSettings orphanedResources = 7;
|
|
|
|
// SyncWindows controls when syncs can be run for apps in this project
|
|
repeated SyncWindow syncWindows = 8;
|
|
|
|
// NamespaceResourceWhitelist contains list of whitelisted namespace level resources
|
|
repeated k8s.io.apimachinery.pkg.apis.meta.v1.GroupKind namespaceResourceWhitelist = 9;
|
|
|
|
// SignatureKeys contains a list of PGP key IDs that commits in Git must be signed with in order to be allowed for sync
|
|
repeated SignatureKey signatureKeys = 10;
|
|
|
|
// ClusterResourceBlacklist contains list of blacklisted cluster level resources
|
|
repeated k8s.io.apimachinery.pkg.apis.meta.v1.GroupKind clusterResourceBlacklist = 11;
|
|
}
|
|
|
|
// AppProjectStatus contains status information for AppProject CRs
|
|
message AppProjectStatus {
|
|
// JWTTokensByRole contains a list of JWT tokens issued for a given role
|
|
map<string, JWTTokens> jwtTokensByRole = 1;
|
|
}
|
|
|
|
// Application is a definition of Application resource.
|
|
// +genclient
|
|
// +genclient:noStatus
|
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
|
// +kubebuilder:resource:path=applications,shortName=app;apps
|
|
// +kubebuilder:printcolumn:name="Sync Status",type=string,JSONPath=`.status.sync.status`
|
|
// +kubebuilder:printcolumn:name="Health Status",type=string,JSONPath=`.status.health.status`
|
|
// +kubebuilder:printcolumn:name="Revision",type=string,JSONPath=`.status.sync.revision`,priority=10
|
|
message Application {
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
|
|
|
|
optional ApplicationSpec spec = 2;
|
|
|
|
optional ApplicationStatus status = 3;
|
|
|
|
optional Operation operation = 4;
|
|
}
|
|
|
|
// ApplicationCondition contains details about an application condition, which is usally an error or warning
|
|
message ApplicationCondition {
|
|
// Type is an application condition type
|
|
optional string type = 1;
|
|
|
|
// Message contains human-readable message indicating details about condition
|
|
optional string message = 2;
|
|
|
|
// LastTransitionTime is the time the condition was last observed
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
|
|
}
|
|
|
|
// ApplicationDestination holds information about the application's destination
|
|
message ApplicationDestination {
|
|
// Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API
|
|
optional string server = 1;
|
|
|
|
// Namespace specifies the target namespace for the application's resources.
|
|
// The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace
|
|
optional string namespace = 2;
|
|
|
|
// Name is an alternate way of specifying the target cluster by its symbolic name
|
|
optional string name = 3;
|
|
}
|
|
|
|
// ApplicationList is list of Application resources
|
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
|
message ApplicationList {
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
|
|
|
|
repeated Application items = 2;
|
|
}
|
|
|
|
// ApplicationSource contains all required information about the source of an application
|
|
message ApplicationSource {
|
|
// RepoURL is the URL to the repository (Git or Helm) that contains the application manifests
|
|
optional string repoURL = 1;
|
|
|
|
// Path is a directory path within the Git repository, and is only valid for applications sourced from Git.
|
|
optional string path = 2;
|
|
|
|
// TargetRevision defines the revision of the source to sync the application to.
|
|
// In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD.
|
|
// In case of Helm, this is a semver tag for the Chart's version.
|
|
optional string targetRevision = 4;
|
|
|
|
// Helm holds helm specific options
|
|
optional ApplicationSourceHelm helm = 7;
|
|
|
|
// Kustomize holds kustomize specific options
|
|
optional ApplicationSourceKustomize kustomize = 8;
|
|
|
|
// Ksonnet holds ksonnet specific options
|
|
optional ApplicationSourceKsonnet ksonnet = 9;
|
|
|
|
// Directory holds path/directory specific options
|
|
optional ApplicationSourceDirectory directory = 10;
|
|
|
|
// ConfigManagementPlugin holds config management plugin specific options
|
|
optional ApplicationSourcePlugin plugin = 11;
|
|
|
|
// Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo.
|
|
optional string chart = 12;
|
|
}
|
|
|
|
// ApplicationSourceDirectory holds options for applications of type plain YAML or Jsonnet
|
|
message ApplicationSourceDirectory {
|
|
// Recurse specifies whether to scan a directory recursively for manifests
|
|
optional bool recurse = 1;
|
|
|
|
// Jsonnet holds options specific to Jsonnet
|
|
optional ApplicationSourceJsonnet jsonnet = 2;
|
|
|
|
// Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation
|
|
optional string exclude = 3;
|
|
|
|
// Include contains a glob pattern to match paths against that should be explicitly included during manifest generation
|
|
optional string include = 4;
|
|
}
|
|
|
|
// ApplicationSourceHelm holds helm specific options
|
|
message ApplicationSourceHelm {
|
|
// ValuesFiles is a list of Helm value files to use when generating a template
|
|
repeated string valueFiles = 1;
|
|
|
|
// Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation
|
|
repeated HelmParameter parameters = 2;
|
|
|
|
// ReleaseName is the Helm release name to use. If omitted it will use the application name
|
|
optional string releaseName = 3;
|
|
|
|
// Values specifies Helm values to be passed to helm template, typically defined as a block
|
|
optional string values = 4;
|
|
|
|
// FileParameters are file parameters to the helm template
|
|
repeated HelmFileParameter fileParameters = 5;
|
|
|
|
// Version is the Helm version to use for templating (either "2" or "3")
|
|
optional string version = 6;
|
|
}
|
|
|
|
// ApplicationSourceJsonnet holds options specific to applications of type Jsonnet
|
|
message ApplicationSourceJsonnet {
|
|
// ExtVars is a list of Jsonnet External Variables
|
|
repeated JsonnetVar extVars = 1;
|
|
|
|
// TLAS is a list of Jsonnet Top-level Arguments
|
|
repeated JsonnetVar tlas = 2;
|
|
|
|
// Additional library search dirs
|
|
repeated string libs = 3;
|
|
}
|
|
|
|
// ApplicationSourceKsonnet holds ksonnet specific options
|
|
message ApplicationSourceKsonnet {
|
|
// Environment is a ksonnet application environment name
|
|
optional string environment = 1;
|
|
|
|
// Parameters are a list of ksonnet component parameter override values
|
|
repeated KsonnetParameter parameters = 2;
|
|
}
|
|
|
|
// ApplicationSourceKustomize holds options specific to an Application source specific to Kustomize
|
|
message ApplicationSourceKustomize {
|
|
// NamePrefix is a prefix appended to resources for Kustomize apps
|
|
optional string namePrefix = 1;
|
|
|
|
// NameSuffix is a suffix appended to resources for Kustomize apps
|
|
optional string nameSuffix = 2;
|
|
|
|
// Images is a list of Kustomize image override specifications
|
|
repeated string images = 3;
|
|
|
|
// CommonLabels is a list of additional labels to add to rendered manifests
|
|
map<string, string> commonLabels = 4;
|
|
|
|
// Version controls which version of Kustomize to use for rendering manifests
|
|
optional string version = 5;
|
|
|
|
// CommonAnnotations is a list of additional annotations to add to rendered manifests
|
|
map<string, string> commonAnnotations = 6;
|
|
|
|
// ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps
|
|
optional bool forceCommonLabels = 7;
|
|
|
|
// ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps
|
|
optional bool forceCommonAnnotations = 8;
|
|
}
|
|
|
|
// ApplicationSourcePlugin holds options specific to config management plugins
|
|
message ApplicationSourcePlugin {
|
|
optional string name = 1;
|
|
|
|
repeated EnvEntry env = 2;
|
|
}
|
|
|
|
// ApplicationSpec represents desired application state. Contains link to repository with application definition and additional parameters link definition revision.
|
|
message ApplicationSpec {
|
|
// Source is a reference to the location of the application's manifests or chart
|
|
optional ApplicationSource source = 1;
|
|
|
|
// Destination is a reference to the target Kubernetes server and namespace
|
|
optional ApplicationDestination destination = 2;
|
|
|
|
// Project is a reference to the project this application belongs to.
|
|
// The empty string means that application belongs to the 'default' project.
|
|
optional string project = 3;
|
|
|
|
// SyncPolicy controls when and how a sync will be performed
|
|
optional SyncPolicy syncPolicy = 4;
|
|
|
|
// IgnoreDifferences is a list of resources and their fields which should be ignored during comparison
|
|
repeated ResourceIgnoreDifferences ignoreDifferences = 5;
|
|
|
|
// Info contains a list of information (URLs, email addresses, and plain text) that relates to the application
|
|
repeated Info info = 6;
|
|
|
|
// RevisionHistoryLimit limits the number of items kept in the application's revision history, which is used for informational purposes as well as for rollbacks to previous versions.
|
|
// This should only be changed in exceptional circumstances.
|
|
// Setting to zero will store no history. This will reduce storage used.
|
|
// Increasing will increase the space used to store the history, so we do not recommend increasing it.
|
|
// Default is 10.
|
|
optional int64 revisionHistoryLimit = 7;
|
|
}
|
|
|
|
// ApplicationStatus contains status information for the application
|
|
message ApplicationStatus {
|
|
// Resources is a list of Kubernetes resources managed by this application
|
|
repeated ResourceStatus resources = 1;
|
|
|
|
// Sync contains information about the application's current sync status
|
|
optional SyncStatus sync = 2;
|
|
|
|
// Health contains information about the application's current health status
|
|
optional HealthStatus health = 3;
|
|
|
|
// History contains information about the application's sync history
|
|
repeated RevisionHistory history = 4;
|
|
|
|
// Conditions is a list of currently observed application conditions
|
|
repeated ApplicationCondition conditions = 5;
|
|
|
|
// ReconciledAt indicates when the application state was reconciled using the latest git version
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time reconciledAt = 6;
|
|
|
|
// OperationState contains information about any ongoing operations, such as a sync
|
|
optional OperationState operationState = 7;
|
|
|
|
// ObservedAt indicates when the application state was updated without querying latest git state
|
|
// Deprecated: controller no longer updates ObservedAt field
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time observedAt = 8;
|
|
|
|
// SourceType specifies the type of this application
|
|
optional string sourceType = 9;
|
|
|
|
// Summary contains a list of URLs and container images used by this application
|
|
optional ApplicationSummary summary = 10;
|
|
}
|
|
|
|
// ApplicationSummary contains information about URLs and container images used by an application
|
|
message ApplicationSummary {
|
|
// ExternalURLs holds all external URLs of application child resources.
|
|
repeated string externalURLs = 1;
|
|
|
|
// Images holds all images of application child resources.
|
|
repeated string images = 2;
|
|
}
|
|
|
|
// ApplicationTree holds nodes which belongs to the application
|
|
// TODO: describe purpose of this type
|
|
message ApplicationTree {
|
|
// Nodes contains list of nodes which either directly managed by the application and children of directly managed nodes.
|
|
repeated ResourceNode nodes = 1;
|
|
|
|
// OrphanedNodes contains if or orphaned nodes: nodes which are not managed by the app but in the same namespace. List is populated only if orphaned resources enabled in app project.
|
|
repeated ResourceNode orphanedNodes = 2;
|
|
|
|
// Hosts holds list of Kubernetes nodes that run application related pods
|
|
repeated HostInfo hosts = 3;
|
|
}
|
|
|
|
// ApplicationWatchEvent contains information about application change.
|
|
message ApplicationWatchEvent {
|
|
optional string type = 1;
|
|
|
|
// Application is:
|
|
// * If Type is Added or Modified: the new state of the object.
|
|
// * If Type is Deleted: the state of the object immediately before deletion.
|
|
// * If Type is Error: *api.Status is recommended; other types may make sense
|
|
// depending on context.
|
|
optional Application application = 2;
|
|
}
|
|
|
|
// Backoff is the backoff strategy to use on subsequent retries for failing syncs
|
|
message Backoff {
|
|
// Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h")
|
|
optional string duration = 1;
|
|
|
|
// Factor is a factor to multiply the base duration after each failed retry
|
|
optional int64 factor = 2;
|
|
|
|
// MaxDuration is the maximum amount of time allowed for the backoff strategy
|
|
optional string maxDuration = 3;
|
|
}
|
|
|
|
// Cluster is the definition of a cluster resource
|
|
message Cluster {
|
|
// Server is the API server URL of the Kubernetes cluster
|
|
optional string server = 1;
|
|
|
|
// Name of the cluster. If omitted, will use the server address
|
|
optional string name = 2;
|
|
|
|
// Config holds cluster information for connecting to a cluster
|
|
optional ClusterConfig config = 3;
|
|
|
|
// DEPRECATED: use Info.ConnectionState field instead.
|
|
// ConnectionState contains information about cluster connection state
|
|
optional ConnectionState connectionState = 4;
|
|
|
|
// DEPRECATED: use Info.ServerVersion field instead.
|
|
// The server version
|
|
optional string serverVersion = 5;
|
|
|
|
// Holds list of namespaces which are accessible in that cluster. Cluster level resources will be ignored if namespace list is not empty.
|
|
repeated string namespaces = 6;
|
|
|
|
// RefreshRequestedAt holds time when cluster cache refresh has been requested
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time refreshRequestedAt = 7;
|
|
|
|
// Info holds information about cluster cache and state
|
|
optional ClusterInfo info = 8;
|
|
|
|
// Shard contains optional shard number. Calculated on the fly by the application controller if not specified.
|
|
optional int64 shard = 9;
|
|
|
|
// Indicates if cluster level resources should be managed. This setting is used only if cluster is connected in a namespaced mode.
|
|
optional bool clusterResources = 10;
|
|
|
|
// Reference between project and cluster that allow you automatically to be added as item inside Destinations project entity
|
|
optional string project = 11;
|
|
}
|
|
|
|
// ClusterCacheInfo contains information about the cluster cache
|
|
message ClusterCacheInfo {
|
|
// ResourcesCount holds number of observed Kubernetes resources
|
|
optional int64 resourcesCount = 1;
|
|
|
|
// APIsCount holds number of observed Kubernetes API count
|
|
optional int64 apisCount = 2;
|
|
|
|
// LastCacheSyncTime holds time of most recent cache synchronization
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastCacheSyncTime = 3;
|
|
}
|
|
|
|
// ClusterConfig is the configuration attributes. This structure is subset of the go-client
|
|
// rest.Config with annotations added for marshalling.
|
|
message ClusterConfig {
|
|
// Server requires Basic authentication
|
|
optional string username = 1;
|
|
|
|
optional string password = 2;
|
|
|
|
// Server requires Bearer authentication. This client will not attempt to use
|
|
// refresh tokens for an OAuth2 flow.
|
|
// TODO: demonstrate an OAuth2 compatible client.
|
|
optional string bearerToken = 3;
|
|
|
|
// TLSClientConfig contains settings to enable transport layer security
|
|
optional TLSClientConfig tlsClientConfig = 4;
|
|
|
|
// AWSAuthConfig contains IAM authentication configuration
|
|
optional AWSAuthConfig awsAuthConfig = 5;
|
|
|
|
// ExecProviderConfig contains configuration for an exec provider
|
|
optional ExecProviderConfig execProviderConfig = 6;
|
|
}
|
|
|
|
// ClusterInfo contains information about the cluster
|
|
message ClusterInfo {
|
|
// ConnectionState contains information about the connection to the cluster
|
|
optional ConnectionState connectionState = 1;
|
|
|
|
// ServerVersion contains information about the Kubernetes version of the cluster
|
|
optional string serverVersion = 2;
|
|
|
|
// CacheInfo contains information about the cluster cache
|
|
optional ClusterCacheInfo cacheInfo = 3;
|
|
|
|
// ApplicationsCount is the number of applications managed by Argo CD on the cluster
|
|
optional int64 applicationsCount = 4;
|
|
|
|
// APIVersions contains list of API versions supported by the cluster
|
|
repeated string apiVersions = 5;
|
|
}
|
|
|
|
// ClusterList is a collection of Clusters.
|
|
message ClusterList {
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
|
|
|
|
repeated Cluster items = 2;
|
|
}
|
|
|
|
// Command holds binary path and arguments list
|
|
message Command {
|
|
repeated string command = 1;
|
|
|
|
repeated string args = 2;
|
|
}
|
|
|
|
// ComparedTo contains application source and target which was used for resources comparison
|
|
message ComparedTo {
|
|
// Source is a reference to the application's source used for comparison
|
|
optional ApplicationSource source = 1;
|
|
|
|
// Destination is a reference to the application's destination used for comparison
|
|
optional ApplicationDestination destination = 2;
|
|
}
|
|
|
|
// ComponentParameter contains information about component parameter value
|
|
message ComponentParameter {
|
|
optional string component = 1;
|
|
|
|
optional string name = 2;
|
|
|
|
optional string value = 3;
|
|
}
|
|
|
|
// ConfigManagementPlugin contains config management plugin configuration
|
|
message ConfigManagementPlugin {
|
|
optional string name = 1;
|
|
|
|
optional Command init = 2;
|
|
|
|
optional Command generate = 3;
|
|
}
|
|
|
|
// ConnectionState contains information about remote resource connection state, currently used for clusters and repositories
|
|
message ConnectionState {
|
|
// Status contains the current status indicator for the connection
|
|
optional string status = 1;
|
|
|
|
// Message contains human readable information about the connection status
|
|
optional string message = 2;
|
|
|
|
// ModifiedAt contains the timestamp when this connection status has been determined
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time attemptedAt = 3;
|
|
}
|
|
|
|
// EnvEntry represents an entry in the application's environment
|
|
message EnvEntry {
|
|
// Name is the name of the variable, usually expressed in uppercase
|
|
optional string name = 1;
|
|
|
|
// Value is the value of the variable
|
|
optional string value = 2;
|
|
}
|
|
|
|
// ExecProviderConfig is config used to call an external command to perform cluster authentication
|
|
// See: https://godoc.org/k8s.io/client-go/tools/clientcmd/api#ExecConfig
|
|
message ExecProviderConfig {
|
|
// Command to execute
|
|
optional string command = 1;
|
|
|
|
// Arguments to pass to the command when executing it
|
|
repeated string args = 2;
|
|
|
|
// Env defines additional environment variables to expose to the process
|
|
map<string, string> env = 3;
|
|
|
|
// Preferred input version of the ExecInfo
|
|
optional string apiVersion = 4;
|
|
|
|
// This text is shown to the user when the executable doesn't seem to be present
|
|
optional string installHint = 5;
|
|
}
|
|
|
|
// GnuPGPublicKey is a representation of a GnuPG public key
|
|
message GnuPGPublicKey {
|
|
// KeyID specifies the key ID, in hexadecimal string format
|
|
optional string keyID = 1;
|
|
|
|
// Fingerprint is the fingerprint of the key
|
|
optional string fingerprint = 2;
|
|
|
|
// Owner holds the owner identification, e.g. a name and e-mail address
|
|
optional string owner = 3;
|
|
|
|
// Trust holds the level of trust assigned to this key
|
|
optional string trust = 4;
|
|
|
|
// SubType holds the key's sub type (e.g. rsa4096)
|
|
optional string subType = 5;
|
|
|
|
// KeyData holds the raw key data, in base64 encoded format
|
|
optional string keyData = 6;
|
|
}
|
|
|
|
// GnuPGPublicKeyList is a collection of GnuPGPublicKey objects
|
|
message GnuPGPublicKeyList {
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
|
|
|
|
repeated GnuPGPublicKey items = 2;
|
|
}
|
|
|
|
// HealthStatus contains information about the currently observed health state of an application or resource
|
|
message HealthStatus {
|
|
// Status holds the status code of the application or resource
|
|
optional string status = 1;
|
|
|
|
// Message is a human-readable informational message describing the health status
|
|
optional string message = 2;
|
|
}
|
|
|
|
// HelmFileParameter is a file parameter that's passed to helm template during manifest generation
|
|
message HelmFileParameter {
|
|
// Name is the name of the Helm parameter
|
|
optional string name = 1;
|
|
|
|
// Path is the path to the file containing the values for the Helm parameter
|
|
optional string path = 2;
|
|
}
|
|
|
|
// HelmParameter is a parameter that's passed to helm template during manifest generation
|
|
message HelmParameter {
|
|
// Name is the name of the Helm parameter
|
|
optional string name = 1;
|
|
|
|
// Value is the value for the Helm parameter
|
|
optional string value = 2;
|
|
|
|
// ForceString determines whether to tell Helm to interpret booleans and numbers as strings
|
|
optional bool forceString = 3;
|
|
}
|
|
|
|
// HostInfo holds host name and resources metrics
|
|
// TODO: describe purpose of this type
|
|
// TODO: describe members of this type
|
|
message HostInfo {
|
|
optional string name = 1;
|
|
|
|
repeated HostResourceInfo resourcesInfo = 2;
|
|
|
|
optional k8s.io.api.core.v1.NodeSystemInfo systemInfo = 3;
|
|
}
|
|
|
|
// TODO: describe this type
|
|
message HostResourceInfo {
|
|
optional string resourceName = 1;
|
|
|
|
optional int64 requestedByApp = 2;
|
|
|
|
optional int64 requestedByNeighbors = 3;
|
|
|
|
optional int64 capacity = 4;
|
|
}
|
|
|
|
message Info {
|
|
optional string name = 1;
|
|
|
|
optional string value = 2;
|
|
}
|
|
|
|
// InfoItem contains arbitrary, human readable information about an application
|
|
message InfoItem {
|
|
// Name is a human readable title for this piece of information.
|
|
optional string name = 1;
|
|
|
|
// Value is human readable content.
|
|
optional string value = 2;
|
|
}
|
|
|
|
// JWTToken holds the issuedAt and expiresAt values of a token
|
|
message JWTToken {
|
|
optional int64 iat = 1;
|
|
|
|
optional int64 exp = 2;
|
|
|
|
optional string id = 3;
|
|
}
|
|
|
|
// JWTTokens represents a list of JWT tokens
|
|
message JWTTokens {
|
|
repeated JWTToken items = 1;
|
|
}
|
|
|
|
// JsonnetVar represents a variable to be passed to jsonnet during manifest generation
|
|
message JsonnetVar {
|
|
optional string name = 1;
|
|
|
|
optional string value = 2;
|
|
|
|
optional bool code = 3;
|
|
}
|
|
|
|
// KnownTypeField contains mapping between CRD field and known Kubernetes type.
|
|
// This is mainly used for unit conversion in unknown resources (e.g. 0.1 == 100mi)
|
|
// TODO: Describe the members of this type
|
|
message KnownTypeField {
|
|
optional string field = 1;
|
|
|
|
optional string type = 2;
|
|
}
|
|
|
|
// KsonnetParameter is a ksonnet component parameter
|
|
message KsonnetParameter {
|
|
optional string component = 1;
|
|
|
|
optional string name = 2;
|
|
|
|
optional string value = 3;
|
|
}
|
|
|
|
// KustomizeOptions are options for kustomize to use when building manifests
|
|
message KustomizeOptions {
|
|
// BuildOptions is a string of build parameters to use when calling `kustomize build`
|
|
optional string buildOptions = 1;
|
|
|
|
// BinaryPath holds optional path to kustomize binary
|
|
optional string binaryPath = 2;
|
|
}
|
|
|
|
// Operation contains information about a requested or running operation
|
|
message Operation {
|
|
// Sync contains parameters for the operation
|
|
optional SyncOperation sync = 1;
|
|
|
|
// InitiatedBy contains information about who initiated the operations
|
|
optional OperationInitiator initiatedBy = 2;
|
|
|
|
// Info is a list of informational items for this operation
|
|
repeated Info info = 3;
|
|
|
|
// Retry controls the strategy to apply if a sync fails
|
|
optional RetryStrategy retry = 4;
|
|
}
|
|
|
|
// OperationInitiator contains information about the initiator of an operation
|
|
message OperationInitiator {
|
|
// Username contains the name of a user who started operation
|
|
optional string username = 1;
|
|
|
|
// Automated is set to true if operation was initiated automatically by the application controller.
|
|
optional bool automated = 2;
|
|
}
|
|
|
|
// OperationState contains information about state of a running operation
|
|
message OperationState {
|
|
// Operation is the original requested operation
|
|
optional Operation operation = 1;
|
|
|
|
// Phase is the current phase of the operation
|
|
optional string phase = 2;
|
|
|
|
// Message holds any pertinent messages when attempting to perform operation (typically errors).
|
|
optional string message = 3;
|
|
|
|
// SyncResult is the result of a Sync operation
|
|
optional SyncOperationResult syncResult = 4;
|
|
|
|
// StartedAt contains time of operation start
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time startedAt = 6;
|
|
|
|
// FinishedAt contains time of operation completion
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time finishedAt = 7;
|
|
|
|
// RetryCount contains time of operation retries
|
|
optional int64 retryCount = 8;
|
|
}
|
|
|
|
// OrphanedResourceKey is a reference to a resource to be ignored from
|
|
message OrphanedResourceKey {
|
|
optional string group = 1;
|
|
|
|
optional string kind = 2;
|
|
|
|
optional string name = 3;
|
|
}
|
|
|
|
// OrphanedResourcesMonitorSettings holds settings of orphaned resources monitoring
|
|
message OrphanedResourcesMonitorSettings {
|
|
// Warn indicates if warning condition should be created for apps which have orphaned resources
|
|
optional bool warn = 1;
|
|
|
|
// Ignore contains a list of resources that are to be excluded from orphaned resources monitoring
|
|
repeated OrphanedResourceKey ignore = 2;
|
|
}
|
|
|
|
// TODO: describe this type
|
|
message OverrideIgnoreDiff {
|
|
repeated string jSONPointers = 1;
|
|
|
|
repeated string jqPathExpressions = 2;
|
|
}
|
|
|
|
// ProjectRole represents a role that has access to a project
|
|
message ProjectRole {
|
|
// Name is a name for this role
|
|
optional string name = 1;
|
|
|
|
// Description is a description of the role
|
|
optional string description = 2;
|
|
|
|
// Policies Stores a list of casbin formatted strings that define access policies for the role in the project
|
|
repeated string policies = 3;
|
|
|
|
// JWTTokens are a list of generated JWT tokens bound to this role
|
|
repeated JWTToken jwtTokens = 4;
|
|
|
|
// Groups are a list of OIDC group claims bound to this role
|
|
repeated string groups = 5;
|
|
}
|
|
|
|
// RepoCreds holds the definition for repository credentials
|
|
message RepoCreds {
|
|
// URL is the URL that this credentials matches to
|
|
optional string url = 1;
|
|
|
|
// Username for authenticating at the repo server
|
|
optional string username = 2;
|
|
|
|
// Password for authenticating at the repo server
|
|
optional string password = 3;
|
|
|
|
// SSHPrivateKey contains the private key data for authenticating at the repo server using SSH (only Git repos)
|
|
optional string sshPrivateKey = 4;
|
|
|
|
// TLSClientCertData specifies the TLS client cert data for authenticating at the repo server
|
|
optional string tlsClientCertData = 5;
|
|
|
|
// TLSClientCertKey specifies the TLS client cert key for authenticating at the repo server
|
|
optional string tlsClientCertKey = 6;
|
|
|
|
// GithubAppPrivateKey specifies the private key PEM data for authentication via GitHub app
|
|
optional string githubAppPrivateKey = 7;
|
|
|
|
// GithubAppId specifies the Github App ID of the app used to access the repo for GitHub app authentication
|
|
optional int64 githubAppID = 8;
|
|
|
|
// GithubAppInstallationId specifies the ID of the installed GitHub App for GitHub app authentication
|
|
optional int64 githubAppInstallationID = 9;
|
|
|
|
// GithubAppEnterpriseBaseURL specifies the GitHub API URL for GitHub app authentication. If empty will default to https://api.github.com
|
|
optional string githubAppEnterpriseBaseUrl = 10;
|
|
|
|
// EnableOCI specifies whether helm-oci support should be enabled for this repo
|
|
optional bool enableOCI = 11;
|
|
|
|
// Type specifies the type of the repoCreds. Can be either "git" or "helm. "git" is assumed if empty or absent.
|
|
optional string type = 12;
|
|
}
|
|
|
|
// RepositoryList is a collection of Repositories.
|
|
message RepoCredsList {
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
|
|
|
|
repeated RepoCreds items = 2;
|
|
}
|
|
|
|
// Repository is a repository holding application configurations
|
|
message Repository {
|
|
// Repo contains the URL to the remote repository
|
|
optional string repo = 1;
|
|
|
|
// Username contains the user name used for authenticating at the remote repository
|
|
optional string username = 2;
|
|
|
|
// Password contains the password or PAT used for authenticating at the remote repository
|
|
optional string password = 3;
|
|
|
|
// SSHPrivateKey contains the PEM data for authenticating at the repo server. Only used with Git repos.
|
|
optional string sshPrivateKey = 4;
|
|
|
|
// ConnectionState contains information about the current state of connection to the repository server
|
|
optional ConnectionState connectionState = 5;
|
|
|
|
// InsecureIgnoreHostKey should not be used anymore, Insecure is favoured
|
|
// Used only for Git repos
|
|
optional bool insecureIgnoreHostKey = 6;
|
|
|
|
// Insecure specifies whether the connection to the repository ignores any errors when verifying TLS certificates or SSH host keys
|
|
optional bool insecure = 7;
|
|
|
|
// EnableLFS specifies whether git-lfs support should be enabled for this repo. Only valid for Git repositories.
|
|
optional bool enableLfs = 8;
|
|
|
|
// TLSClientCertData contains a certificate in PEM format for authenticating at the repo server
|
|
optional string tlsClientCertData = 9;
|
|
|
|
// TLSClientCertKey contains a private key in PEM format for authenticating at the repo server
|
|
optional string tlsClientCertKey = 10;
|
|
|
|
// Type specifies the type of the repo. Can be either "git" or "helm. "git" is assumed if empty or absent.
|
|
optional string type = 11;
|
|
|
|
// Name specifies a name to be used for this repo. Only used with Helm repos
|
|
optional string name = 12;
|
|
|
|
// Whether credentials were inherited from a credential set
|
|
optional bool inheritedCreds = 13;
|
|
|
|
// EnableOCI specifies whether helm-oci support should be enabled for this repo
|
|
optional bool enableOCI = 14;
|
|
|
|
// Github App Private Key PEM data
|
|
optional string githubAppPrivateKey = 15;
|
|
|
|
// GithubAppId specifies the ID of the GitHub app used to access the repo
|
|
optional int64 githubAppID = 16;
|
|
|
|
// GithubAppInstallationId specifies the installation ID of the GitHub App used to access the repo
|
|
optional int64 githubAppInstallationID = 17;
|
|
|
|
// GithubAppEnterpriseBaseURL specifies the base URL of GitHub Enterprise installation. If empty will default to https://api.github.com
|
|
optional string githubAppEnterpriseBaseUrl = 18;
|
|
|
|
// Proxy specifies the HTTP/HTTPS proxy used to access the repo
|
|
optional string proxy = 19;
|
|
|
|
// Reference between project and repository that allow you automatically to be added as item inside SourceRepos project entity
|
|
optional string project = 20;
|
|
}
|
|
|
|
// A RepositoryCertificate is either SSH known hosts entry or TLS certificate
|
|
message RepositoryCertificate {
|
|
// ServerName specifies the DNS name of the server this certificate is intended for
|
|
optional string serverName = 1;
|
|
|
|
// CertType specifies the type of the certificate - currently one of "https" or "ssh"
|
|
optional string certType = 2;
|
|
|
|
// CertSubType specifies the sub type of the cert, i.e. "ssh-rsa"
|
|
optional string certSubType = 3;
|
|
|
|
// CertData contains the actual certificate data, dependent on the certificate type
|
|
optional bytes certData = 4;
|
|
|
|
// CertInfo will hold additional certificate info, depdendent on the certificate type (e.g. SSH fingerprint, X509 CommonName)
|
|
optional string certInfo = 5;
|
|
}
|
|
|
|
// RepositoryCertificateList is a collection of RepositoryCertificates
|
|
message RepositoryCertificateList {
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
|
|
|
|
// List of certificates to be processed
|
|
repeated RepositoryCertificate items = 2;
|
|
}
|
|
|
|
// RepositoryList is a collection of Repositories.
|
|
message RepositoryList {
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
|
|
|
|
repeated Repository items = 2;
|
|
}
|
|
|
|
// TODO: describe this type
|
|
// TODO: describe members of this type
|
|
message ResourceAction {
|
|
optional string name = 1;
|
|
|
|
repeated ResourceActionParam params = 2;
|
|
|
|
optional bool disabled = 3;
|
|
}
|
|
|
|
// TODO: describe this type
|
|
// TODO: describe members of this type
|
|
message ResourceActionDefinition {
|
|
optional string name = 1;
|
|
|
|
optional string actionLua = 2;
|
|
}
|
|
|
|
// TODO: describe this type
|
|
// TODO: describe members of this type
|
|
message ResourceActionParam {
|
|
optional string name = 1;
|
|
|
|
optional string value = 2;
|
|
|
|
optional string type = 3;
|
|
|
|
optional string default = 4;
|
|
}
|
|
|
|
// TODO: describe this type
|
|
// TODO: describe members of this type
|
|
message ResourceActions {
|
|
optional string actionDiscoveryLua = 1;
|
|
|
|
repeated ResourceActionDefinition definitions = 2;
|
|
}
|
|
|
|
// ResourceDiff holds the diff of a live and target resource object
|
|
// TODO: describe members of this type
|
|
message ResourceDiff {
|
|
optional string group = 1;
|
|
|
|
optional string kind = 2;
|
|
|
|
optional string namespace = 3;
|
|
|
|
optional string name = 4;
|
|
|
|
// TargetState contains the JSON serialized resource manifest defined in the Git/Helm
|
|
optional string targetState = 5;
|
|
|
|
// TargetState contains the JSON live resource manifest
|
|
optional string liveState = 6;
|
|
|
|
// Diff contains the JSON patch between target and live resource
|
|
// Deprecated: use NormalizedLiveState and PredictedLiveState to render the difference
|
|
optional string diff = 7;
|
|
|
|
optional bool hook = 8;
|
|
|
|
// NormalizedLiveState contains JSON serialized live resource state with applied normalizations
|
|
optional string normalizedLiveState = 9;
|
|
|
|
// PredictedLiveState contains JSON serialized resource state that is calculated based on normalized and target resource state
|
|
optional string predictedLiveState = 10;
|
|
|
|
optional string resourceVersion = 11;
|
|
|
|
optional bool modified = 12;
|
|
}
|
|
|
|
// ResourceIgnoreDifferences contains resource filter and list of json paths which should be ignored during comparison with live state.
|
|
message ResourceIgnoreDifferences {
|
|
optional string group = 1;
|
|
|
|
optional string kind = 2;
|
|
|
|
optional string name = 3;
|
|
|
|
optional string namespace = 4;
|
|
|
|
repeated string jsonPointers = 5;
|
|
|
|
repeated string jqPathExpressions = 6;
|
|
}
|
|
|
|
// ResourceNetworkingInfo holds networking resource related information
|
|
// TODO: describe members of this type
|
|
message ResourceNetworkingInfo {
|
|
map<string, string> targetLabels = 1;
|
|
|
|
repeated ResourceRef targetRefs = 2;
|
|
|
|
map<string, string> labels = 3;
|
|
|
|
repeated k8s.io.api.core.v1.LoadBalancerIngress ingress = 4;
|
|
|
|
// ExternalURLs holds list of URLs which should be available externally. List is populated for ingress resources using rules hostnames.
|
|
repeated string externalURLs = 5;
|
|
}
|
|
|
|
// ResourceNode contains information about live resource and its children
|
|
// TODO: describe members of this type
|
|
message ResourceNode {
|
|
optional ResourceRef resourceRef = 1;
|
|
|
|
repeated ResourceRef parentRefs = 2;
|
|
|
|
repeated InfoItem info = 3;
|
|
|
|
optional ResourceNetworkingInfo networkingInfo = 4;
|
|
|
|
optional string resourceVersion = 5;
|
|
|
|
repeated string images = 6;
|
|
|
|
optional HealthStatus health = 7;
|
|
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time createdAt = 8;
|
|
}
|
|
|
|
// ResourceOverride holds configuration to customize resource diffing and health assessment
|
|
// TODO: describe the members of this type
|
|
message ResourceOverride {
|
|
optional string healthLua = 1;
|
|
|
|
optional bool useOpenLibs = 5;
|
|
|
|
optional string actions = 3;
|
|
|
|
optional OverrideIgnoreDiff ignoreDifferences = 2;
|
|
|
|
repeated KnownTypeField knownTypeFields = 4;
|
|
}
|
|
|
|
// ResourceRef includes fields which uniquely identify a resource
|
|
message ResourceRef {
|
|
optional string group = 1;
|
|
|
|
optional string version = 2;
|
|
|
|
optional string kind = 3;
|
|
|
|
optional string namespace = 4;
|
|
|
|
optional string name = 5;
|
|
|
|
optional string uid = 6;
|
|
}
|
|
|
|
// ResourceResult holds the operation result details of a specific resource
|
|
message ResourceResult {
|
|
// Group specifies the API group of the resource
|
|
optional string group = 1;
|
|
|
|
// Version specifies the API version of the resource
|
|
optional string version = 2;
|
|
|
|
// Kind specifies the API kind of the resource
|
|
optional string kind = 3;
|
|
|
|
// Namespace specifies the target namespace of the resource
|
|
optional string namespace = 4;
|
|
|
|
// Name specifies the name of the resource
|
|
optional string name = 5;
|
|
|
|
// Status holds the final result of the sync. Will be empty if the resources is yet to be applied/pruned and is always zero-value for hooks
|
|
optional string status = 6;
|
|
|
|
// Message contains an informational or error message for the last sync OR operation
|
|
optional string message = 7;
|
|
|
|
// HookType specifies the type of the hook. Empty for non-hook resources
|
|
optional string hookType = 8;
|
|
|
|
// HookPhase contains the state of any operation associated with this resource OR hook
|
|
// This can also contain values for non-hook resources.
|
|
optional string hookPhase = 9;
|
|
|
|
// SyncPhase indicates the particular phase of the sync that this result was acquired in
|
|
optional string syncPhase = 10;
|
|
}
|
|
|
|
// ResourceStatus holds the current sync and health status of a resource
|
|
// TODO: describe members of this type
|
|
message ResourceStatus {
|
|
optional string group = 1;
|
|
|
|
optional string version = 2;
|
|
|
|
optional string kind = 3;
|
|
|
|
optional string namespace = 4;
|
|
|
|
optional string name = 5;
|
|
|
|
optional string status = 6;
|
|
|
|
optional HealthStatus health = 7;
|
|
|
|
optional bool hook = 8;
|
|
|
|
optional bool requiresPruning = 9;
|
|
}
|
|
|
|
// RetryStrategy contains information about the strategy to apply when a sync failed
|
|
message RetryStrategy {
|
|
// Limit is the maximum number of attempts for retrying a failed sync. If set to 0, no retries will be performed.
|
|
optional int64 limit = 1;
|
|
|
|
// Backoff controls how to backoff on subsequent retries of failed syncs
|
|
optional Backoff backoff = 2;
|
|
}
|
|
|
|
// RevisionHistory contains history information about a previous sync
|
|
message RevisionHistory {
|
|
// Revision holds the revision the sync was performed against
|
|
optional string revision = 2;
|
|
|
|
// DeployedAt holds the time the sync operation completed
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time deployedAt = 4;
|
|
|
|
// ID is an auto incrementing identifier of the RevisionHistory
|
|
optional int64 id = 5;
|
|
|
|
// Source is a reference to the application source used for the sync operation
|
|
optional ApplicationSource source = 6;
|
|
|
|
// DeployStartedAt holds the time the sync operation started
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time deployStartedAt = 7;
|
|
}
|
|
|
|
// RevisionMetadata contains metadata for a specific revision in a Git repository
|
|
message RevisionMetadata {
|
|
// who authored this revision,
|
|
// typically their name and email, e.g. "John Doe <john_doe@my-company.com>",
|
|
// but might not match this example
|
|
optional string author = 1;
|
|
|
|
// Date specifies when the revision was authored
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time date = 2;
|
|
|
|
// Tags specifies any tags currently attached to the revision
|
|
// Floating tags can move from one revision to another
|
|
repeated string tags = 3;
|
|
|
|
// Message contains the message associated with the revision, most likely the commit message.
|
|
// The message is truncated to the first newline or 64 characters (which ever comes first)
|
|
optional string message = 4;
|
|
|
|
// SignatureInfo contains a hint on the signer if the revision was signed with GPG, and signature verification is enabled.
|
|
optional string signatureInfo = 5;
|
|
}
|
|
|
|
// SignatureKey is the specification of a key required to verify commit signatures with
|
|
message SignatureKey {
|
|
// The ID of the key in hexadecimal notation
|
|
optional string keyID = 1;
|
|
}
|
|
|
|
// SyncOperation contains details about a sync operation.
|
|
message SyncOperation {
|
|
// Revision is the revision (Git) or chart version (Helm) which to sync the application to
|
|
// If omitted, will use the revision specified in app spec.
|
|
optional string revision = 1;
|
|
|
|
// Prune specifies to delete resources from the cluster that are no longer tracked in git
|
|
optional bool prune = 2;
|
|
|
|
// DryRun specifies to perform a `kubectl apply --dry-run` without actually performing the sync
|
|
optional bool dryRun = 3;
|
|
|
|
// SyncStrategy describes how to perform the sync
|
|
optional SyncStrategy syncStrategy = 4;
|
|
|
|
// Resources describes which resources shall be part of the sync
|
|
repeated SyncOperationResource resources = 6;
|
|
|
|
// Source overrides the source definition set in the application.
|
|
// This is typically set in a Rollback operation and is nil during a Sync operation
|
|
optional ApplicationSource source = 7;
|
|
|
|
// Manifests is an optional field that overrides sync source with a local directory for development
|
|
repeated string manifests = 8;
|
|
|
|
// SyncOptions provide per-sync sync-options, e.g. Validate=false
|
|
repeated string syncOptions = 9;
|
|
}
|
|
|
|
// SyncOperationResource contains resources to sync.
|
|
message SyncOperationResource {
|
|
optional string group = 1;
|
|
|
|
optional string kind = 2;
|
|
|
|
optional string name = 3;
|
|
|
|
optional string namespace = 4;
|
|
}
|
|
|
|
// SyncOperationResult represent result of sync operation
|
|
message SyncOperationResult {
|
|
// Resources contains a list of sync result items for each individual resource in a sync operation
|
|
repeated ResourceResult resources = 1;
|
|
|
|
// Revision holds the revision this sync operation was performed to
|
|
optional string revision = 2;
|
|
|
|
// Source records the application source information of the sync, used for comparing auto-sync
|
|
optional ApplicationSource source = 3;
|
|
}
|
|
|
|
// SyncPolicy controls when a sync will be performed in response to updates in git
|
|
message SyncPolicy {
|
|
// Automated will keep an application synced to the target revision
|
|
optional SyncPolicyAutomated automated = 1;
|
|
|
|
// Options allow you to specify whole app sync-options
|
|
repeated string syncOptions = 2;
|
|
|
|
// Retry controls failed sync retry behavior
|
|
optional RetryStrategy retry = 3;
|
|
}
|
|
|
|
// SyncPolicyAutomated controls the behavior of an automated sync
|
|
message SyncPolicyAutomated {
|
|
// Prune specifies whether to delete resources from the cluster that are not found in the sources anymore as part of automated sync (default: false)
|
|
optional bool prune = 1;
|
|
|
|
// SelfHeal specifes whether to revert resources back to their desired state upon modification in the cluster (default: false)
|
|
optional bool selfHeal = 2;
|
|
|
|
// AllowEmpty allows apps have zero live resources (default: false)
|
|
optional bool allowEmpty = 3;
|
|
}
|
|
|
|
// SyncStatus contains information about the currently observed live and desired states of an application
|
|
message SyncStatus {
|
|
// Status is the sync state of the comparison
|
|
optional string status = 1;
|
|
|
|
// ComparedTo contains information about what has been compared
|
|
optional ComparedTo comparedTo = 2;
|
|
|
|
// Revision contains information about the revision the comparison has been performed to
|
|
optional string revision = 3;
|
|
}
|
|
|
|
// SyncStrategy controls the manner in which a sync is performed
|
|
message SyncStrategy {
|
|
// Apply will perform a `kubectl apply` to perform the sync.
|
|
optional SyncStrategyApply apply = 1;
|
|
|
|
// Hook will submit any referenced resources to perform the sync. This is the default strategy
|
|
optional SyncStrategyHook hook = 2;
|
|
}
|
|
|
|
// SyncStrategyApply uses `kubectl apply` to perform the apply
|
|
message SyncStrategyApply {
|
|
// Force indicates whether or not to supply the --force flag to `kubectl apply`.
|
|
// The --force flag deletes and re-create the resource, when PATCH encounters conflict and has
|
|
// retried for 5 times.
|
|
optional bool force = 1;
|
|
}
|
|
|
|
// SyncStrategyHook will perform a sync using hooks annotations.
|
|
// If no hook annotation is specified falls back to `kubectl apply`.
|
|
message SyncStrategyHook {
|
|
// Embed SyncStrategyApply type to inherit any `apply` options
|
|
// +optional
|
|
optional SyncStrategyApply syncStrategyApply = 1;
|
|
}
|
|
|
|
// SyncWindow contains the kind, time, duration and attributes that are used to assign the syncWindows to apps
|
|
message SyncWindow {
|
|
// Kind defines if the window allows or blocks syncs
|
|
optional string kind = 1;
|
|
|
|
// Schedule is the time the window will begin, specified in cron format
|
|
optional string schedule = 2;
|
|
|
|
// Duration is the amount of time the sync window will be open
|
|
optional string duration = 3;
|
|
|
|
// Applications contains a list of applications that the window will apply to
|
|
repeated string applications = 4;
|
|
|
|
// Namespaces contains a list of namespaces that the window will apply to
|
|
repeated string namespaces = 5;
|
|
|
|
// Clusters contains a list of clusters that the window will apply to
|
|
repeated string clusters = 6;
|
|
|
|
// ManualSync enables manual syncs when they would otherwise be blocked
|
|
optional bool manualSync = 7;
|
|
}
|
|
|
|
// TLSClientConfig contains settings to enable transport layer security
|
|
message TLSClientConfig {
|
|
// Insecure specifies that the server should be accessed without verifying the TLS certificate. For testing only.
|
|
optional bool insecure = 1;
|
|
|
|
// ServerName is passed to the server for SNI and is used in the client to check server
|
|
// certificates against. If ServerName is empty, the hostname used to contact the
|
|
// server is used.
|
|
optional string serverName = 2;
|
|
|
|
// CertData holds PEM-encoded bytes (typically read from a client certificate file).
|
|
// CertData takes precedence over CertFile
|
|
optional bytes certData = 3;
|
|
|
|
// KeyData holds PEM-encoded bytes (typically read from a client certificate key file).
|
|
// KeyData takes precedence over KeyFile
|
|
optional bytes keyData = 4;
|
|
|
|
// CAData holds PEM-encoded bytes (typically read from a root certificates bundle).
|
|
// CAData takes precedence over CAFile
|
|
optional bytes caData = 5;
|
|
}
|
|
|