diff --git a/config-dev/values-schema.yml b/config-dev/values-schema.yml index 1e4ca0cb3..7e41b8e66 100644 --- a/config-dev/values-schema.yml +++ b/config-dev/values-schema.yml @@ -9,7 +9,7 @@ dev: #@schema/desc "Whether to use the faster deployment type whilst developing (must have deployed to a cluster once fully first)" rapid_deploy: false #@schema/desc "Location of kapp-controller image" - image_repo: docker.io/rohitagg2020/kapp-controller-test + image_repo: docker.io/k14s/kapp-controller-test #@schema/desc "Development version" version: develop #@schema/desc "Comma separated list of supported architectures" diff --git a/go.mod b/go.mod index 70c99aa58..9727de74a 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module carvel.dev/kapp-controller -go 1.22.7 +go 1.22.9 require ( carvel.dev/vendir v0.40.0 diff --git a/hack/deploy.sh b/hack/deploy.sh index eb9869081..cdae77a99 100755 --- a/hack/deploy.sh +++ b/hack/deploy.sh @@ -5,8 +5,7 @@ set -e # makes the get_kappctrl_ver function available (scrapes version from git tag) source $(dirname "$0")/version-util.sh -# ./hack/build.sh && ytt -f config/config -f config/values-schema.yml -f config-dev -v dev.version="$(get_kappctrl_ver)+develop" | kbld -f- | kapp deploy -a kc -f- -c -y +./hack/build.sh && ytt -f config/config -f config/values-schema.yml -f config-dev -v dev.version="$(get_kappctrl_ver)+develop" | kbld -f- | kapp deploy -a kc -f- -c -y -./hack/build.sh && ytt -f config/config -f config/values-schema.yml -f config-dev -v dev.version="$(get_kappctrl_ver)+develop" | kbld -f- > output.yml source ./hack/secretgen-controller.sh deploy_secretgen-controller diff --git a/hack/gen-apiserver-namer.patch b/hack/gen-apiserver-namer.patch index 2d2cabac4..c10775796 100644 --- a/hack/gen-apiserver-namer.patch +++ b/hack/gen-apiserver-namer.patch @@ -1,7 +1,7 @@ -diff --git a/vendor/k8s.io/gengo/namer/namer.go b/vendor/k8s.io/gengo/namer/namer.go +diff --git a/vendor/k8s.io/gengo/v2/namer/namer.go b/vendor/k8s.io/gengo/v2/namer/namer.go index 6feb2d0c..5ae36b12 100644 ---- a/vendor/k8s.io/gengo/namer/namer.go -+++ b/vendor/k8s.io/gengo/namer/namer.go +--- a/vendor/k8s.io/gengo/v2/namer/namer.go ++++ b/vendor/k8s.io/gengo/v2/namer/namer.go @@ -61,6 +61,7 @@ func NewPublicNamer(prependPackageNames int, ignoreWords ...string) *NameStrateg // arguments to this constructor. func NewPrivateNamer(prependPackageNames int, ignoreWords ...string) *NameStrategy { diff --git a/hack/gen-apiserver.sh b/hack/gen-apiserver.sh index 14423b30f..6a0bfc150 100755 --- a/hack/gen-apiserver.sh +++ b/hack/gen-apiserver.sh @@ -12,7 +12,7 @@ KC_PKG="carvel.dev/kapp-controller" # Following patch allows us to name gen-s with a name Package # (without it generated Go code is not valid since word "package" is reserved) -git checkout vendor/k8s.io/gengo/namer/namer.go +git checkout vendor/k8s.io/gengo/v2/namer/namer.go git apply ./hack/gen-apiserver-namer.patch rm -rf pkg/apiserver/{client,openapi} @@ -22,47 +22,55 @@ go run vendor/k8s.io/code-generator/cmd/client-gen/main.go \ --clientset-name versioned \ --input-base "${KC_PKG}/pkg/apiserver/apis/" \ --input "datapackaging/v1alpha1" \ - --output-package "${KC_PKG}/pkg/apiserver/client/clientset" \ + --output-dir "pkg/apiserver/client/clientset" \ + --output-pkg "${KC_PKG}/pkg/apiserver/client/clientset" \ --go-header-file hack/gen-boilerplate.txt echo "Generating listers" go run vendor/k8s.io/code-generator/cmd/lister-gen/main.go \ - --input-dirs "${KC_PKG}/pkg/apiserver/apis/datapackaging/v1alpha1" \ - --output-package "${KC_PKG}/pkg/apiserver/client/listers" \ + "${KC_PKG}/pkg/apiserver/apis/datapackaging/v1alpha1" \ + --output-dir "pkg/apiserver/client/listers" \ + --output-pkg "${KC_PKG}/pkg/apiserver/client/listers" \ --go-header-file hack/gen-boilerplate.txt echo "Generating informers" go run vendor/k8s.io/code-generator/cmd/informer-gen/main.go \ - --input-dirs "${KC_PKG}/pkg/apiserver/apis/datapackaging/v1alpha1" \ + "${KC_PKG}/pkg/apiserver/apis/datapackaging/v1alpha1" \ --versioned-clientset-package "${KC_PKG}/pkg/apiserver/client/clientset/versioned" \ --listers-package "${KC_PKG}/pkg/apiserver/client/listers" \ - --output-package "${KC_PKG}/pkg/apiserver/client/informers" \ + --output-dir "pkg/apiserver/client/informers" \ + --output-pkg "${KC_PKG}/pkg/apiserver/client/informers" \ --go-header-file hack/gen-boilerplate.txt echo "Generating deepcopy" rm -f $(find pkg/apiserver|grep zz_generated.deepcopy) go run vendor/k8s.io/code-generator/cmd/deepcopy-gen/main.go \ - --input-dirs "${KC_PKG}/pkg/apiserver/apis/datapackaging/v1alpha1" \ - --input-dirs "${KC_PKG}/pkg/apiserver/apis/datapackaging" \ - -O zz_generated.deepcopy \ + "${KC_PKG}/pkg/apiserver/apis/datapackaging/v1alpha1" \ + "${KC_PKG}/pkg/apiserver/apis/datapackaging" \ + --output-file zz_generated.deepcopy.go \ --go-header-file hack/gen-boilerplate.txt echo "Generating conversions" rm -f $(find pkg/apiserver|grep zz_generated.conversion) go run vendor/k8s.io/code-generator/cmd/conversion-gen/main.go \ - --input-dirs "${KC_PKG}/pkg/apiserver/apis/datapackaging/v1alpha1,${KC_PKG}/pkg/apiserver/apis/datapackaging" \ - -O zz_generated.conversion \ + "${KC_PKG}/pkg/apiserver/apis/datapackaging/v1alpha1" \ + "${KC_PKG}/pkg/apiserver/apis/datapackaging" \ + --output-file zz_generated.conversion.go \ --go-header-file hack/gen-boilerplate.txt echo "Generating openapi" rm -f $(find pkg/apiserver|grep zz_generated.openapi) -go run vendor/k8s.io/code-generator/cmd/openapi-gen/main.go \ - --input-dirs "${KC_PKG}/pkg/apiserver/apis/datapackaging/v1alpha1" \ - --input-dirs "${KC_PKG}/pkg/apis/kappctrl/v1alpha1" \ - --input-dirs "carvel.dev/vendir/pkg/vendir/versions/v1alpha1,k8s.io/apimachinery/pkg/apis/meta/v1,k8s.io/apimachinery/pkg/runtime,k8s.io/apimachinery/pkg/util/intstr" \ - --input-dirs "k8s.io/api/core/v1" \ - --output-package "${KC_PKG}/pkg/apiserver/openapi" \ - -O zz_generated.openapi \ +go run vendor/k8s.io/kube-openapi/cmd/openapi-gen/openapi-gen.go \ + "${KC_PKG}/pkg/apiserver/apis/datapackaging/v1alpha1" \ + "${KC_PKG}/pkg/apis/kappctrl/v1alpha1" \ + "carvel.dev/vendir/pkg/vendir/versions/v1alpha1" \ + "k8s.io/apimachinery/pkg/apis/meta/v1" \ + "k8s.io/apimachinery/pkg/runtime" \ + "k8s.io/apimachinery/pkg/util/intstr" \ + "k8s.io/api/core/v1" \ + --output-pkg "${KC_PKG}/pkg/apiserver/openapi" \ + --output-dir "pkg/apiserver/openapi" \ + --output-file zz_generated.openapi.go \ --go-header-file hack/gen-boilerplate.txt # Install protoc binary as directed by https://github.com/gogo/protobuf#installation @@ -83,11 +91,11 @@ export PATH=$GOBIN:$PATH rm -f $(find pkg|grep '\.proto') -# TODO It seems this command messes around with protos in vendor directory go-to-protobuf \ --proto-import "${GOPATH}/src/${KC_PKG}/vendor" \ --packages "-carvel.dev/vendir/pkg/vendir/versions/v1alpha1,${KC_PKG}/pkg/apis/kappctrl/v1alpha1,${KC_PKG}/pkg/apiserver/apis/datapackaging/v1alpha1" \ - --vendor-output-base="${GOPATH}/src/${KC_PKG}/vendor" \ - --go-header-file hack/gen-boilerplate.txt + --apimachinery-packages "-k8s.io/apimachinery/pkg/runtime/schema,-k8s.io/apimachinery/pkg/runtime,-k8s.io/apimachinery/pkg/apis/meta/v1" \ + --go-header-file hack/gen-boilerplate.txt \ + --output-dir "${GOPATH}/src" echo "GEN SUCCESS" diff --git a/hack/gen.sh b/hack/gen.sh index c68b6a8c3..13145533a 100755 --- a/hack/gen.sh +++ b/hack/gen.sh @@ -18,8 +18,10 @@ rm -rf pkg/client echo "Generating deepcopy funcs" rm -f $(find pkg/apis|grep zz_generated.deepcopy.go) go run vendor/k8s.io/code-generator/cmd/deepcopy-gen/main.go \ - --input-dirs ${KC_PKG}/pkg/apis/kappctrl/v1alpha1,${KC_PKG}/pkg/apis/packaging/v1alpha1,${KC_PKG}/pkg/apis/internalpackaging/v1alpha1 \ - -O zz_generated.deepcopy \ + ${KC_PKG}/pkg/apis/kappctrl/v1alpha1 \ + ${KC_PKG}/pkg/apis/packaging/v1alpha1 \ + ${KC_PKG}/pkg/apis/internalpackaging/v1alpha1 \ + --output-file zz_generated.deepcopy.go \ --bounding-dirs ${KC_PKG}/pkg/apis \ --go-header-file ./hack/gen-boilerplate.txt @@ -28,21 +30,28 @@ go run vendor/k8s.io/code-generator/cmd/client-gen/main.go \ --clientset-name versioned \ --input-base '' \ --input ${KC_PKG}/pkg/apis/kappctrl/v1alpha1,${KC_PKG}/pkg/apis/packaging/v1alpha1,${KC_PKG}/pkg/apis/internalpackaging/v1alpha1 \ - --output-package ${KC_PKG}/pkg/client/clientset \ + --output-pkg ${KC_PKG}/pkg/client/clientset \ + --output-dir pkg/client/clientset \ --go-header-file ./hack/gen-boilerplate.txt echo "Generating listers" go run vendor/k8s.io/code-generator/cmd/lister-gen/main.go \ - --input-dirs ${KC_PKG}/pkg/apis/kappctrl/v1alpha1,${KC_PKG}/pkg/apis/packaging/v1alpha1,${KC_PKG}/pkg/apis/internalpackaging/v1alpha1 \ - --output-package ${KC_PKG}/pkg/client/listers \ + ${KC_PKG}/pkg/apis/kappctrl/v1alpha1 \ + ${KC_PKG}/pkg/apis/packaging/v1alpha1 \ + ${KC_PKG}/pkg/apis/internalpackaging/v1alpha1 \ + --output-pkg ${KC_PKG}/pkg/client/listers \ + --output-dir pkg/client/listers \ --go-header-file ./hack/gen-boilerplate.txt echo "Generating informers" go run vendor/k8s.io/code-generator/cmd/informer-gen/main.go \ - --input-dirs ${KC_PKG}/pkg/apis/kappctrl/v1alpha1,${KC_PKG}/pkg/apis/packaging/v1alpha1,${KC_PKG}/pkg/apis/internalpackaging/v1alpha1 \ + ${KC_PKG}/pkg/apis/kappctrl/v1alpha1 \ + ${KC_PKG}/pkg/apis/packaging/v1alpha1 \ + ${KC_PKG}/pkg/apis/internalpackaging/v1alpha1 \ --versioned-clientset-package ${KC_PKG}/pkg/client/clientset/versioned \ --listers-package ${KC_PKG}/pkg/client/listers \ - --output-package ${KC_PKG}/pkg/client/informers \ + --output-pkg ${KC_PKG}/pkg/client/informers \ + --output-dir pkg/client/informers \ --go-header-file ./hack/gen-boilerplate.txt echo GEN SUCCESS diff --git a/kc.yml b/kc.yml deleted file mode 100644 index a4ed62312..000000000 --- a/kc.yml +++ /dev/null @@ -1,2346 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: kapp-controller ---- -apiVersion: v1 -kind: Namespace -metadata: - name: kapp-controller-packaging-global ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - name: v1alpha1.data.packaging.carvel.dev -spec: - group: data.packaging.carvel.dev - groupPriorityMinimum: 100 - version: v1alpha1 - versionPriority: 100 - service: - name: packaging-api - namespace: kapp-controller ---- -apiVersion: v1 -kind: Service -metadata: - name: packaging-api - namespace: kapp-controller -spec: - ports: - - port: 443 - protocol: TCP - targetPort: api - name: main - - port: 8080 - protocol: TCP - targetPort: metrics - name: metrics - selector: - app: kapp-controller ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: internalpackagemetadatas.internal.packaging.carvel.dev -spec: - group: internal.packaging.carvel.dev - names: - kind: InternalPackageMetadata - listKind: InternalPackageMetadataList - plural: internalpackagemetadatas - singular: internalpackagemetadata - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - categories: - description: Classifiers of the package (optional; Array of strings) - items: - type: string - type: array - displayName: - description: Human friendly name of the package (optional; string) - type: string - iconSVGBase64: - description: Base64 encoded icon (optional; string) - type: string - longDescription: - description: Long description of the package (optional; string) - type: string - maintainers: - description: List of maintainer info for the package. Currently only supports the name key. (optional; array of maintner info) - items: - properties: - name: - type: string - type: object - type: array - providerName: - description: Name of the entity distributing the package (optional; string) - type: string - shortDescription: - description: Short desription of the package (optional; string) - type: string - supportDescription: - description: Description of the support available for the package (optional; string) - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: internalpackages.internal.packaging.carvel.dev -spec: - group: internal.packaging.carvel.dev - names: - kind: InternalPackage - listKind: InternalPackageList - plural: internalpackages - singular: internalpackage - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - capacityRequirementsDescription: - description: 'System requirements needed to install the package. Note: these requirements will not be verified by kapp-controller on installation. (optional; string)' - type: string - includedSoftware: - description: IncludedSoftware can be used to show the software contents of a Package. This is especially useful if the underlying versions do not match the Package version - items: - description: IncludedSoftware contains the underlying Software Contents of a Package - properties: - description: - type: string - displayName: - type: string - version: - type: string - type: object - type: array - kappControllerVersionSelection: - description: KappControllerVersionSelection specifies the versions of kapp-controller which can install this package - properties: - constraints: - type: string - type: object - kubernetesVersionSelection: - description: KubernetesVersionSelection specifies the versions of k8s which this package can be installed on - properties: - constraints: - type: string - type: object - licenses: - description: Description of the licenses that apply to the package software (optional; Array of strings) - items: - type: string - type: array - refName: - description: The name of the PackageMetadata associated with this version Must be a valid PackageMetadata name (see PackageMetadata CR for details) Cannot be empty - type: string - releaseNotes: - description: Version release notes (optional; string) - type: string - releasedAt: - description: Timestamp of release (iso8601 formatted string; optional) - format: date-time - nullable: true - type: string - template: - properties: - spec: - properties: - canceled: - description: Cancels current and future reconciliations (optional; default=false) - type: boolean - cluster: - description: Specifies that app should be deployed to destination cluster; by default, cluster is same as where this resource resides (optional; v0.5.0+) - properties: - kubeconfigSecretRef: - description: Specifies secret containing kubeconfig (required) - properties: - key: - description: Specifies key that contains kubeconfig (optional) - type: string - name: - description: Specifies secret name within app's namespace (required) - type: string - type: object - namespace: - description: Specifies namespace in destination cluster (optional) - type: string - type: object - defaultNamespace: - description: Specifies the default namespace to install the App resources, by default this is same as the App's namespace (optional; v0.48.0+) - type: string - deploy: - items: - properties: - kapp: - description: Use kapp to deploy resources - properties: - delete: - description: Configuration for delete command (optional) - properties: - rawOptions: - description: Pass through options to kapp delete (optional) - items: - type: string - type: array - type: object - inspect: - description: 'Configuration for inspect command (optional) as of kapp-controller v0.31.0, inspect is disabled by default add rawOptions or use an empty inspect config like `inspect: {}` to enable' - properties: - rawOptions: - description: Pass through options to kapp inspect (optional) - items: - type: string - type: array - type: object - intoNs: - description: Override namespace for all resources (optional) - type: string - mapNs: - description: Provide custom namespace override mapping (optional) - items: - type: string - type: array - rawOptions: - description: Pass through options to kapp deploy (optional) - items: - type: string - type: array - type: object - type: object - type: array - fetch: - items: - properties: - git: - description: Uses git to clone repository - properties: - depth: - description: depth of commits to fetch; 1 (default) means only latest commit, 0 means everything (optional) - format: int64 - type: integer - forceHTTPBasicAuth: - description: Force the usage of HTTP Basic Auth when Basic Auth is provided (optional) - type: boolean - lfsSkipSmudge: - description: Skip lfs download (optional) - type: boolean - ref: - description: Branch, tag, commit; origin is the name of the remote (optional) - type: string - refSelection: - description: Specifies a strategy to resolve to an explicit ref (optional; v0.24.0+) - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - secretRef: - description: 'Secret with auth details. allowed keys: ssh-privatekey, ssh-knownhosts, username, password (optional) (if ssh-knownhosts is not specified, git will not perform strict host checking)' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - subPath: - description: Grab only portion of repository (optional) - type: string - url: - description: http or ssh urls are supported (required) - type: string - type: object - helmChart: - description: Uses helm fetch to fetch specified chart - properties: - name: - description: 'Example: stable/redis' - type: string - repository: - properties: - secretRef: - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - url: - description: Repository url; scheme of oci:// will fetch experimental helm oci chart (v0.19.0+) (required) - type: string - type: object - version: - type: string - type: object - http: - description: Uses http library to fetch file - properties: - secretRef: - description: 'Secret to provide auth details (optional) Secret may include one or more keys: username, password' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - sha256: - description: Checksum to verify after download (optional) - type: string - subPath: - description: Grab only portion of download (optional) - type: string - url: - description: 'URL can point to one of following formats: text, tgz, zip http and https url are supported; plain file, tgz and tar types are supported (required)' - type: string - type: object - image: - description: Pulls content from Docker/OCI registry - properties: - secretRef: - description: 'Secret may include one or more keys: username, password, token. By default anonymous access is used for authentication.' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - subPath: - description: Grab only portion of image (optional) - type: string - tagSelection: - description: Specifies a strategy to choose a tag (optional; v0.24.0+) if specified, do not include a tag in url key - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - url: - description: 'Docker image url; unqualified, tagged, or digest references supported (required) Example: username/app1-config:v0.1.0' - type: string - type: object - imgpkgBundle: - description: Pulls imgpkg bundle from Docker/OCI registry (v0.17.0+) - properties: - image: - description: Docker image url; unqualified, tagged, or digest references supported (required) - type: string - secretRef: - description: 'Secret may include one or more keys: username, password, token. By default anonymous access is used for authentication.' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - tagSelection: - description: Specifies a strategy to choose a tag (optional; v0.24.0+) if specified, do not include a tag in url key - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - type: object - inline: - description: Pulls content from within this resource; or other resources in the cluster - properties: - paths: - additionalProperties: - type: string - description: Specifies mapping of paths to their content; not recommended for sensitive values as CR is not encrypted (optional) - type: object - pathsFrom: - description: Specifies content via secrets and config maps; data values are recommended to be placed in secrets (optional) - items: - properties: - configMapRef: - properties: - directoryPath: - description: Specifies where to place files found in secret (optional) - type: string - name: - type: string - type: object - secretRef: - properties: - directoryPath: - description: Specifies where to place files found in secret (optional) - type: string - name: - type: string - type: object - type: object - type: array - type: object - path: - description: Relative path to place the fetched artifacts - type: string - type: object - type: array - noopDelete: - description: Deletion requests for the App will result in the App CR being deleted, but its associated resources will not be deleted (optional; default=false; v0.18.0+) - type: boolean - paused: - description: Pauses _future_ reconciliation; does _not_ affect currently running reconciliation (optional; default=false) - type: boolean - serviceAccountName: - description: Specifies that app should be deployed authenticated via given service account, found in this namespace (optional; v0.6.0+) - type: string - syncPeriod: - description: Specifies the length of time to wait, in time + unit format, before reconciling. Always >= 30s. If value below 30s is specified, 30s will be used. (optional; v0.9.0+; default=30s) - type: string - template: - items: - properties: - cue: - properties: - inputExpression: - description: Cue expression for single path component, can be used to unify ValuesFrom into a given field (optional) - type: string - outputExpression: - description: Cue expression to output, default will export all visible fields (optional) - type: string - paths: - description: Explicit list of files/directories (optional) - items: - type: string - type: array - valuesFrom: - description: Provide values (optional) - items: - properties: - configMapRef: - properties: - name: - type: string - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldPath: - description: 'Required: Selects a field of the app: only annotations, labels, uid, name and namespace are supported.' - type: string - kappControllerVersion: - description: 'Optional: Get running KappController version, defaults (empty) to retrieving the current running version.. Can be manually supplied instead.' - properties: - version: - type: string - type: object - kubernetesAPIs: - description: 'Optional: Get running KubernetesAPIs from cluster, defaults (empty) to retrieving the APIs from the cluster. Can be manually supplied instead, e.g ["group/version", "group2/version2"]' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get running Kubernetes version from cluster, defaults (empty) to retrieving the version from the cluster. Can be manually supplied instead.' - properties: - version: - type: string - type: object - name: - type: string - type: object - type: array - type: object - path: - type: string - secretRef: - properties: - name: - type: string - type: object - type: object - type: array - type: object - helmTemplate: - description: Use helm template command to render helm chart - properties: - kubernetesAPIs: - description: 'Optional: Use kubernetes group/versions resources available in the live cluster' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get Kubernetes version, defaults (empty) to retrieving the version from the cluster. Can be manually overridden to a value instead.' - properties: - version: - type: string - type: object - name: - description: Set name explicitly, default is App CR's name (optional; v0.13.0+) - type: string - namespace: - description: Set namespace explicitly, default is App CR's namespace (optional; v0.13.0+) - type: string - path: - description: Path to chart (optional; v0.13.0+) - type: string - valuesFrom: - description: One or more secrets, config maps, paths that provide values (optional) - items: - properties: - configMapRef: - properties: - name: - type: string - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldPath: - description: 'Required: Selects a field of the app: only annotations, labels, uid, name and namespace are supported.' - type: string - kappControllerVersion: - description: 'Optional: Get running KappController version, defaults (empty) to retrieving the current running version.. Can be manually supplied instead.' - properties: - version: - type: string - type: object - kubernetesAPIs: - description: 'Optional: Get running KubernetesAPIs from cluster, defaults (empty) to retrieving the APIs from the cluster. Can be manually supplied instead, e.g ["group/version", "group2/version2"]' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get running Kubernetes version from cluster, defaults (empty) to retrieving the version from the cluster. Can be manually supplied instead.' - properties: - version: - type: string - type: object - name: - type: string - type: object - type: array - type: object - path: - type: string - secretRef: - properties: - name: - type: string - type: object - type: object - type: array - type: object - jsonnet: - description: TODO implement jsonnet - type: object - kbld: - description: Use kbld to resolve image references to use digests - properties: - paths: - items: - type: string - type: array - type: object - kustomize: - description: TODO implement kustomize - type: object - sops: - description: Use sops to decrypt *.sops.yml files (optional; v0.11.0+) - properties: - age: - properties: - privateKeysSecretRef: - description: Secret with private armored PGP private keys (required) - properties: - name: - type: string - type: object - type: object - paths: - description: Lists paths to decrypt explicitly (optional; v0.13.0+) - items: - type: string - type: array - pgp: - description: Use PGP to decrypt files (required) - properties: - privateKeysSecretRef: - description: Secret with private armored PGP private keys (required) - properties: - name: - type: string - type: object - type: object - type: object - ytt: - description: Use ytt to template configuration - properties: - fileMarks: - description: Control metadata about input files passed to ytt (optional; v0.18.0+) see https://carvel.dev/ytt/docs/latest/file-marks/ for more details - items: - type: string - type: array - ignoreUnknownComments: - description: Ignores comments that ytt doesn't recognize (optional; default=false) - type: boolean - inline: - description: Specify additional files, including data values (optional) - properties: - paths: - additionalProperties: - type: string - description: Specifies mapping of paths to their content; not recommended for sensitive values as CR is not encrypted (optional) - type: object - pathsFrom: - description: Specifies content via secrets and config maps; data values are recommended to be placed in secrets (optional) - items: - properties: - configMapRef: - properties: - directoryPath: - description: Specifies where to place files found in secret (optional) - type: string - name: - type: string - type: object - secretRef: - properties: - directoryPath: - description: Specifies where to place files found in secret (optional) - type: string - name: - type: string - type: object - type: object - type: array - type: object - paths: - description: Lists paths to provide to ytt explicitly (optional) - items: - type: string - type: array - strict: - description: Forces strict mode https://github.com/k14s/ytt/blob/develop/docs/strict.md (optional; default=false) - type: boolean - valuesFrom: - description: Provide values via ytt's --data-values-file (optional; v0.19.0-alpha.9) - items: - properties: - configMapRef: - properties: - name: - type: string - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldPath: - description: 'Required: Selects a field of the app: only annotations, labels, uid, name and namespace are supported.' - type: string - kappControllerVersion: - description: 'Optional: Get running KappController version, defaults (empty) to retrieving the current running version.. Can be manually supplied instead.' - properties: - version: - type: string - type: object - kubernetesAPIs: - description: 'Optional: Get running KubernetesAPIs from cluster, defaults (empty) to retrieving the APIs from the cluster. Can be manually supplied instead, e.g ["group/version", "group2/version2"]' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get running Kubernetes version from cluster, defaults (empty) to retrieving the version from the cluster. Can be manually supplied instead.' - properties: - version: - type: string - type: object - name: - type: string - type: object - type: array - type: object - path: - type: string - secretRef: - properties: - name: - type: string - type: object - type: object - type: array - type: object - type: object - type: array - type: object - required: - - spec - type: object - valuesSchema: - description: valuesSchema can be used to show template values that can be configured by users when a Package is installed in an OpenAPI schema format. - properties: - openAPIv3: - nullable: true - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - version: - description: Package version; Referenced by PackageInstall; Must be valid semver (required) Cannot be empty - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: apps.kappctrl.k14s.io -spec: - group: kappctrl.k14s.io - names: - categories: - - carvel - kind: App - listKind: AppList - plural: apps - singular: app - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Friendly description - jsonPath: .status.friendlyDescription - name: Description - type: string - - description: Last time app started being deployed. Does not mean anything was changed. - jsonPath: .status.deploy.startedAt - name: Since-Deploy - type: date - - description: Time since creation - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: 'An App is a set of Kubernetes resources. These resources could span any number of namespaces or could be cluster-wide (e.g. CRDs). An App is represented in kapp-controller using a App CR. The App CR comprises of three main sections: spec.fetch – declare source for fetching configuration and OCI images spec.template – declare templating tool and values spec.deploy – declare deployment tool and any deploy specific configuration' - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - canceled: - description: Cancels current and future reconciliations (optional; default=false) - type: boolean - cluster: - description: Specifies that app should be deployed to destination cluster; by default, cluster is same as where this resource resides (optional; v0.5.0+) - properties: - kubeconfigSecretRef: - description: Specifies secret containing kubeconfig (required) - properties: - key: - description: Specifies key that contains kubeconfig (optional) - type: string - name: - description: Specifies secret name within app's namespace (required) - type: string - type: object - namespace: - description: Specifies namespace in destination cluster (optional) - type: string - type: object - defaultNamespace: - description: Specifies the default namespace to install the App resources, by default this is same as the App's namespace (optional; v0.48.0+) - type: string - deploy: - items: - properties: - kapp: - description: Use kapp to deploy resources - properties: - delete: - description: Configuration for delete command (optional) - properties: - rawOptions: - description: Pass through options to kapp delete (optional) - items: - type: string - type: array - type: object - inspect: - description: 'Configuration for inspect command (optional) as of kapp-controller v0.31.0, inspect is disabled by default add rawOptions or use an empty inspect config like `inspect: {}` to enable' - properties: - rawOptions: - description: Pass through options to kapp inspect (optional) - items: - type: string - type: array - type: object - intoNs: - description: Override namespace for all resources (optional) - type: string - mapNs: - description: Provide custom namespace override mapping (optional) - items: - type: string - type: array - rawOptions: - description: Pass through options to kapp deploy (optional) - items: - type: string - type: array - type: object - type: object - type: array - fetch: - items: - properties: - git: - description: Uses git to clone repository - properties: - depth: - description: depth of commits to fetch; 1 (default) means only latest commit, 0 means everything (optional) - format: int64 - type: integer - forceHTTPBasicAuth: - description: Force the usage of HTTP Basic Auth when Basic Auth is provided (optional) - type: boolean - lfsSkipSmudge: - description: Skip lfs download (optional) - type: boolean - ref: - description: Branch, tag, commit; origin is the name of the remote (optional) - type: string - refSelection: - description: Specifies a strategy to resolve to an explicit ref (optional; v0.24.0+) - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - secretRef: - description: 'Secret with auth details. allowed keys: ssh-privatekey, ssh-knownhosts, username, password (optional) (if ssh-knownhosts is not specified, git will not perform strict host checking)' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - subPath: - description: Grab only portion of repository (optional) - type: string - url: - description: http or ssh urls are supported (required) - type: string - type: object - helmChart: - description: Uses helm fetch to fetch specified chart - properties: - name: - description: 'Example: stable/redis' - type: string - repository: - properties: - secretRef: - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - url: - description: Repository url; scheme of oci:// will fetch experimental helm oci chart (v0.19.0+) (required) - type: string - type: object - version: - type: string - type: object - http: - description: Uses http library to fetch file - properties: - secretRef: - description: 'Secret to provide auth details (optional) Secret may include one or more keys: username, password' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - sha256: - description: Checksum to verify after download (optional) - type: string - subPath: - description: Grab only portion of download (optional) - type: string - url: - description: 'URL can point to one of following formats: text, tgz, zip http and https url are supported; plain file, tgz and tar types are supported (required)' - type: string - type: object - image: - description: Pulls content from Docker/OCI registry - properties: - secretRef: - description: 'Secret may include one or more keys: username, password, token. By default anonymous access is used for authentication.' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - subPath: - description: Grab only portion of image (optional) - type: string - tagSelection: - description: Specifies a strategy to choose a tag (optional; v0.24.0+) if specified, do not include a tag in url key - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - url: - description: 'Docker image url; unqualified, tagged, or digest references supported (required) Example: username/app1-config:v0.1.0' - type: string - type: object - imgpkgBundle: - description: Pulls imgpkg bundle from Docker/OCI registry (v0.17.0+) - properties: - image: - description: Docker image url; unqualified, tagged, or digest references supported (required) - type: string - secretRef: - description: 'Secret may include one or more keys: username, password, token. By default anonymous access is used for authentication.' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - tagSelection: - description: Specifies a strategy to choose a tag (optional; v0.24.0+) if specified, do not include a tag in url key - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - type: object - inline: - description: Pulls content from within this resource; or other resources in the cluster - properties: - paths: - additionalProperties: - type: string - description: Specifies mapping of paths to their content; not recommended for sensitive values as CR is not encrypted (optional) - type: object - pathsFrom: - description: Specifies content via secrets and config maps; data values are recommended to be placed in secrets (optional) - items: - properties: - configMapRef: - properties: - directoryPath: - description: Specifies where to place files found in secret (optional) - type: string - name: - type: string - type: object - secretRef: - properties: - directoryPath: - description: Specifies where to place files found in secret (optional) - type: string - name: - type: string - type: object - type: object - type: array - type: object - path: - description: Relative path to place the fetched artifacts - type: string - type: object - type: array - noopDelete: - description: Deletion requests for the App will result in the App CR being deleted, but its associated resources will not be deleted (optional; default=false; v0.18.0+) - type: boolean - paused: - description: Pauses _future_ reconciliation; does _not_ affect currently running reconciliation (optional; default=false) - type: boolean - serviceAccountName: - description: Specifies that app should be deployed authenticated via given service account, found in this namespace (optional; v0.6.0+) - type: string - syncPeriod: - description: Specifies the length of time to wait, in time + unit format, before reconciling. Always >= 30s. If value below 30s is specified, 30s will be used. (optional; v0.9.0+; default=30s) - type: string - template: - items: - properties: - cue: - properties: - inputExpression: - description: Cue expression for single path component, can be used to unify ValuesFrom into a given field (optional) - type: string - outputExpression: - description: Cue expression to output, default will export all visible fields (optional) - type: string - paths: - description: Explicit list of files/directories (optional) - items: - type: string - type: array - valuesFrom: - description: Provide values (optional) - items: - properties: - configMapRef: - properties: - name: - type: string - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldPath: - description: 'Required: Selects a field of the app: only annotations, labels, uid, name and namespace are supported.' - type: string - kappControllerVersion: - description: 'Optional: Get running KappController version, defaults (empty) to retrieving the current running version.. Can be manually supplied instead.' - properties: - version: - type: string - type: object - kubernetesAPIs: - description: 'Optional: Get running KubernetesAPIs from cluster, defaults (empty) to retrieving the APIs from the cluster. Can be manually supplied instead, e.g ["group/version", "group2/version2"]' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get running Kubernetes version from cluster, defaults (empty) to retrieving the version from the cluster. Can be manually supplied instead.' - properties: - version: - type: string - type: object - name: - type: string - type: object - type: array - type: object - path: - type: string - secretRef: - properties: - name: - type: string - type: object - type: object - type: array - type: object - helmTemplate: - description: Use helm template command to render helm chart - properties: - kubernetesAPIs: - description: 'Optional: Use kubernetes group/versions resources available in the live cluster' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get Kubernetes version, defaults (empty) to retrieving the version from the cluster. Can be manually overridden to a value instead.' - properties: - version: - type: string - type: object - name: - description: Set name explicitly, default is App CR's name (optional; v0.13.0+) - type: string - namespace: - description: Set namespace explicitly, default is App CR's namespace (optional; v0.13.0+) - type: string - path: - description: Path to chart (optional; v0.13.0+) - type: string - valuesFrom: - description: One or more secrets, config maps, paths that provide values (optional) - items: - properties: - configMapRef: - properties: - name: - type: string - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldPath: - description: 'Required: Selects a field of the app: only annotations, labels, uid, name and namespace are supported.' - type: string - kappControllerVersion: - description: 'Optional: Get running KappController version, defaults (empty) to retrieving the current running version.. Can be manually supplied instead.' - properties: - version: - type: string - type: object - kubernetesAPIs: - description: 'Optional: Get running KubernetesAPIs from cluster, defaults (empty) to retrieving the APIs from the cluster. Can be manually supplied instead, e.g ["group/version", "group2/version2"]' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get running Kubernetes version from cluster, defaults (empty) to retrieving the version from the cluster. Can be manually supplied instead.' - properties: - version: - type: string - type: object - name: - type: string - type: object - type: array - type: object - path: - type: string - secretRef: - properties: - name: - type: string - type: object - type: object - type: array - type: object - jsonnet: - description: TODO implement jsonnet - type: object - kbld: - description: Use kbld to resolve image references to use digests - properties: - paths: - items: - type: string - type: array - type: object - kustomize: - description: TODO implement kustomize - type: object - sops: - description: Use sops to decrypt *.sops.yml files (optional; v0.11.0+) - properties: - age: - properties: - privateKeysSecretRef: - description: Secret with private armored PGP private keys (required) - properties: - name: - type: string - type: object - type: object - paths: - description: Lists paths to decrypt explicitly (optional; v0.13.0+) - items: - type: string - type: array - pgp: - description: Use PGP to decrypt files (required) - properties: - privateKeysSecretRef: - description: Secret with private armored PGP private keys (required) - properties: - name: - type: string - type: object - type: object - type: object - ytt: - description: Use ytt to template configuration - properties: - fileMarks: - description: Control metadata about input files passed to ytt (optional; v0.18.0+) see https://carvel.dev/ytt/docs/latest/file-marks/ for more details - items: - type: string - type: array - ignoreUnknownComments: - description: Ignores comments that ytt doesn't recognize (optional; default=false) - type: boolean - inline: - description: Specify additional files, including data values (optional) - properties: - paths: - additionalProperties: - type: string - description: Specifies mapping of paths to their content; not recommended for sensitive values as CR is not encrypted (optional) - type: object - pathsFrom: - description: Specifies content via secrets and config maps; data values are recommended to be placed in secrets (optional) - items: - properties: - configMapRef: - properties: - directoryPath: - description: Specifies where to place files found in secret (optional) - type: string - name: - type: string - type: object - secretRef: - properties: - directoryPath: - description: Specifies where to place files found in secret (optional) - type: string - name: - type: string - type: object - type: object - type: array - type: object - paths: - description: Lists paths to provide to ytt explicitly (optional) - items: - type: string - type: array - strict: - description: Forces strict mode https://github.com/k14s/ytt/blob/develop/docs/strict.md (optional; default=false) - type: boolean - valuesFrom: - description: Provide values via ytt's --data-values-file (optional; v0.19.0-alpha.9) - items: - properties: - configMapRef: - properties: - name: - type: string - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldPath: - description: 'Required: Selects a field of the app: only annotations, labels, uid, name and namespace are supported.' - type: string - kappControllerVersion: - description: 'Optional: Get running KappController version, defaults (empty) to retrieving the current running version.. Can be manually supplied instead.' - properties: - version: - type: string - type: object - kubernetesAPIs: - description: 'Optional: Get running KubernetesAPIs from cluster, defaults (empty) to retrieving the APIs from the cluster. Can be manually supplied instead, e.g ["group/version", "group2/version2"]' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get running Kubernetes version from cluster, defaults (empty) to retrieving the version from the cluster. Can be manually supplied instead.' - properties: - version: - type: string - type: object - name: - type: string - type: object - type: array - type: object - path: - type: string - secretRef: - properties: - name: - type: string - type: object - type: object - type: array - type: object - type: object - type: array - type: object - status: - properties: - conditions: - items: - properties: - message: - description: Human-readable message indicating details about last transition. - type: string - reason: - description: Unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized. - type: string - status: - type: string - type: - description: ConditionType represents reconciler state - type: string - required: - - status - - type - type: object - type: array - consecutiveReconcileFailures: - type: integer - consecutiveReconcileSuccesses: - type: integer - deploy: - properties: - error: - type: string - exitCode: - type: integer - finished: - type: boolean - kapp: - description: KappDeployStatus contains the associated AppCR deployed resources - properties: - associatedResources: - description: AssociatedResources contains the associated App label, namespaces and GKs - properties: - groupKinds: - items: - description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - label: - type: string - namespaces: - items: - type: string - type: array - type: object - type: object - startedAt: - format: date-time - type: string - stderr: - type: string - stdout: - type: string - updatedAt: - format: date-time - type: string - type: object - fetch: - properties: - error: - type: string - exitCode: - type: integer - startedAt: - format: date-time - type: string - stderr: - type: string - stdout: - type: string - updatedAt: - format: date-time - type: string - type: object - friendlyDescription: - type: string - inspect: - properties: - error: - type: string - exitCode: - type: integer - stderr: - type: string - stdout: - type: string - updatedAt: - format: date-time - type: string - type: object - managedAppName: - type: string - observedGeneration: - description: Populated based on metadata.generation when controller observes a change to the resource; if this value is out of data, other status fields do not reflect latest state - format: int64 - type: integer - template: - properties: - error: - type: string - exitCode: - type: integer - stderr: - type: string - updatedAt: - format: date-time - type: string - type: object - usefulErrorMessage: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: packageinstalls.packaging.carvel.dev -spec: - group: packaging.carvel.dev - names: - categories: - - carvel - kind: PackageInstall - listKind: PackageInstallList - plural: packageinstalls - shortNames: - - pkgi - singular: packageinstall - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: PackageMetadata name - jsonPath: .spec.packageRef.refName - name: Package name - type: string - - description: PackageMetadata version - jsonPath: .status.version - name: Package version - type: string - - description: Friendly description - jsonPath: .status.friendlyDescription - name: Description - type: string - - description: Time since creation - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: A Package Install is an actual installation of a package and its underlying resources on a Kubernetes cluster. It is represented in kapp-controller by a PackageInstall CR. A PackageInstall CR must reference a Package CR. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - canceled: - description: Canceled when set to true will stop all active changes - type: boolean - cluster: - description: Specifies that Package should be deployed to destination cluster; by default, cluster is same as where this resource resides (optional) - properties: - kubeconfigSecretRef: - description: Specifies secret containing kubeconfig (required) - properties: - key: - description: Specifies key that contains kubeconfig (optional) - type: string - name: - description: Specifies secret name within app's namespace (required) - type: string - type: object - namespace: - description: Specifies namespace in destination cluster (optional) - type: string - type: object - defaultNamespace: - description: Specifies the default namespace to install the Package resources, by default this is same as the PackageInstall namespace (optional; v0.48.0+) - type: string - noopDelete: - description: When NoopDelete set to true, PackageInstall deletion should delete PackageInstall/App CR but preserve App's associated resources. - type: boolean - packageRef: - description: Specifies the name of the package to install (required) - properties: - refName: - type: string - versionSelection: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - paused: - description: Paused when set to true will ignore all pending changes, once it set back to false, pending changes will be applied - type: boolean - serviceAccountName: - description: Specifies service account that will be used to install underlying package contents - type: string - syncPeriod: - description: Controls frequency of App reconciliation in time + unit format. Always >= 30s. If value below 30s is specified, 30s will be used. - type: string - values: - description: Values to be included in package's templating step (currently only included in the first templating step) (optional) - items: - properties: - secretRef: - properties: - key: - type: string - name: - type: string - type: object - type: object - type: array - type: object - status: - properties: - conditions: - items: - properties: - message: - description: Human-readable message indicating details about last transition. - type: string - reason: - description: Unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized. - type: string - status: - type: string - type: - description: ConditionType represents reconciler state - type: string - required: - - status - - type - type: object - type: array - friendlyDescription: - type: string - lastAttemptedVersion: - description: LastAttemptedVersion specifies what version was last attempted to be installed. It does _not_ indicate it was successfully installed. - type: string - observedGeneration: - description: Populated based on metadata.generation when controller observes a change to the resource; if this value is out of data, other status fields do not reflect latest state - format: int64 - type: integer - usefulErrorMessage: - type: string - version: - description: TODO this is desired resolved version (not actually deployed) - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: packagerepositories.packaging.carvel.dev - annotations: - packaging.carvel.dev/global-namespace: kapp-controller-packaging-global -spec: - group: packaging.carvel.dev - names: - categories: - - carvel - kind: PackageRepository - listKind: PackageRepositoryList - plural: packagerepositories - shortNames: - - pkgr - singular: packagerepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Time since creation - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Friendly description - jsonPath: .status.friendlyDescription - name: Description - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: A package repository is a collection of packages and their metadata. Similar to a maven repository or a rpm repository, adding a package repository to a cluster gives users of that cluster the ability to install any of the packages from that repository. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - fetch: - properties: - git: - description: Uses git to clone repository containing package list - properties: - depth: - description: depth of commits to fetch; 1 (default) means only latest commit, 0 means everything (optional) - format: int64 - type: integer - forceHTTPBasicAuth: - description: Force the usage of HTTP Basic Auth when Basic Auth is provided (optional) - type: boolean - lfsSkipSmudge: - description: Skip lfs download (optional) - type: boolean - ref: - description: Branch, tag, commit; origin is the name of the remote (optional) - type: string - refSelection: - description: Specifies a strategy to resolve to an explicit ref (optional; v0.24.0+) - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - secretRef: - description: 'Secret with auth details. allowed keys: ssh-privatekey, ssh-knownhosts, username, password (optional) (if ssh-knownhosts is not specified, git will not perform strict host checking)' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - subPath: - description: Grab only portion of repository (optional) - type: string - url: - description: http or ssh urls are supported (required) - type: string - type: object - http: - description: Uses http library to fetch file containing packages - properties: - secretRef: - description: 'Secret to provide auth details (optional) Secret may include one or more keys: username, password' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - sha256: - description: Checksum to verify after download (optional) - type: string - subPath: - description: Grab only portion of download (optional) - type: string - url: - description: 'URL can point to one of following formats: text, tgz, zip http and https url are supported; plain file, tgz and tar types are supported (required)' - type: string - type: object - image: - description: Image url; unqualified, tagged, or digest references supported (required) - properties: - secretRef: - description: 'Secret may include one or more keys: username, password, token. By default anonymous access is used for authentication.' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - subPath: - description: Grab only portion of image (optional) - type: string - tagSelection: - description: Specifies a strategy to choose a tag (optional; v0.24.0+) if specified, do not include a tag in url key - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - url: - description: 'Docker image url; unqualified, tagged, or digest references supported (required) Example: username/app1-config:v0.1.0' - type: string - type: object - imgpkgBundle: - description: Pulls imgpkg bundle from Docker/OCI registry - properties: - image: - description: Docker image url; unqualified, tagged, or digest references supported (required) - type: string - secretRef: - description: 'Secret may include one or more keys: username, password, token. By default anonymous access is used for authentication.' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - tagSelection: - description: Specifies a strategy to choose a tag (optional; v0.24.0+) if specified, do not include a tag in url key - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - type: object - inline: - description: Pull content from within this resource; or other resources in the cluster - properties: - paths: - additionalProperties: - type: string - description: Specifies mapping of paths to their content; not recommended for sensitive values as CR is not encrypted (optional) - type: object - pathsFrom: - description: Specifies content via secrets and config maps; data values are recommended to be placed in secrets (optional) - items: - properties: - configMapRef: - properties: - directoryPath: - description: Specifies where to place files found in secret (optional) - type: string - name: - type: string - type: object - secretRef: - properties: - directoryPath: - description: Specifies where to place files found in secret (optional) - type: string - name: - type: string - type: object - type: object - type: array - type: object - type: object - paused: - description: Paused when set to true will ignore all pending changes, once it set back to false, pending changes will be applied - type: boolean - syncPeriod: - description: Controls frequency of PackageRepository reconciliation - type: string - required: - - fetch - type: object - status: - properties: - conditions: - items: - properties: - message: - description: Human-readable message indicating details about last transition. - type: string - reason: - description: Unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized. - type: string - status: - type: string - type: - description: ConditionType represents reconciler state - type: string - required: - - status - - type - type: object - type: array - consecutiveReconcileFailures: - type: integer - consecutiveReconcileSuccesses: - type: integer - deploy: - properties: - error: - type: string - exitCode: - type: integer - finished: - type: boolean - kapp: - description: KappDeployStatus contains the associated AppCR deployed resources - properties: - associatedResources: - description: AssociatedResources contains the associated App label, namespaces and GKs - properties: - groupKinds: - items: - description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - label: - type: string - namespaces: - items: - type: string - type: array - type: object - type: object - startedAt: - format: date-time - type: string - stderr: - type: string - stdout: - type: string - updatedAt: - format: date-time - type: string - type: object - fetch: - properties: - error: - type: string - exitCode: - type: integer - startedAt: - format: date-time - type: string - stderr: - type: string - stdout: - type: string - updatedAt: - format: date-time - type: string - type: object - friendlyDescription: - type: string - observedGeneration: - description: Populated based on metadata.generation when controller observes a change to the resource; if this value is out of data, other status fields do not reflect latest state - format: int64 - type: integer - template: - properties: - error: - type: string - exitCode: - type: integer - stderr: - type: string - updatedAt: - format: date-time - type: string - type: object - usefulErrorMessage: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: kapp-controller - namespace: kapp-controller - annotations: - kapp-controller.carvel.dev/version: v0.0.0 -spec: - selector: - matchLabels: - app: kapp-controller - replicas: 1 - revisionHistoryLimit: 0 - template: - metadata: - labels: - app: kapp-controller - spec: - serviceAccount: kapp-controller-sa - containers: - - name: kapp-controller - image: docker.io/rohitagg2020/kapp-controller-test:rand-1731671583192097000-49157684187-kapp-controller - args: - - -packaging-global-namespace=kapp-controller-packaging-global - - -enable-api-priority-and-fairness=True - - -tls-cipher-suites= - env: - - name: KAPPCTRL_MEM_TMP_DIR - value: /etc/kappctrl-mem-tmp - - name: KAPPCTRL_SIDECAREXEC_SOCK - value: /etc/kappctrl-mem-tmp/sidecarexec.sock - - name: KAPPCTRL_SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: KAPPCTRL_API_PORT - value: "8443" - resources: - requests: - cpu: 120m - memory: 100Mi - volumeMounts: - - name: template-fs - mountPath: /etc/kappctrl-mem-tmp - - name: home - mountPath: /home/kapp-controller - ports: - - containerPort: 8443 - name: api - protocol: TCP - - containerPort: 8080 - name: metrics - protocol: TCP - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - - name: kapp-controller-sidecarexec - image: docker.io/rohitagg2020/kapp-controller-test:rand-1731671583192097000-49157684187-kapp-controller - args: - - --sidecarexec - resources: - requests: - cpu: 120m - memory: 100Mi - env: - - name: KAPPCTRL_SIDECAREXEC_SOCK - value: /etc/kappctrl-mem-tmp/sidecarexec.sock - - name: IMGPKG_ACTIVE_KEYCHAINS - value: gke,aks,ecr - volumeMounts: - - name: template-fs - mountPath: /etc/kappctrl-mem-tmp - - name: home - mountPath: /home/kapp-controller - - name: empty-sa - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: false - runAsNonRoot: true - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - volumes: - - name: template-fs - emptyDir: - medium: Memory - - name: home - emptyDir: - medium: Memory - - name: empty-sa - emptyDir: {} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kapp-controller-sa - namespace: kapp-controller ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: kapp-controller-cluster-role -rules: -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - get - - list - - watch -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get -- apiGroups: - - "" - resources: - - serviceaccounts/token - verbs: - - create -- apiGroups: - - kappctrl.k14s.io - resources: - - apps - - apps/status - verbs: - - '*' -- apiGroups: - - packaging.carvel.dev - resources: - - packageinstalls - - packageinstalls/status - - packageinstalls/finalizers - verbs: - - '*' -- apiGroups: - - packaging.carvel.dev - resources: - - packagerepositories - - packagerepositories/status - verbs: - - '*' -- apiGroups: - - internal.packaging.carvel.dev - resources: - - internalpackagemetadatas - verbs: - - '*' -- apiGroups: - - data.packaging.carvel.dev - resources: - - packagemetadatas - - packagemetadatas/status - verbs: - - '*' -- apiGroups: - - internal.packaging.carvel.dev - resources: - - internalpackages - verbs: - - '*' -- apiGroups: - - data.packaging.carvel.dev - resources: - - packages - - packages/status - verbs: - - '*' -- apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' -- apiGroups: - - apiregistration.k8s.io - resources: - - apiservices - verbs: - - update - - get -- apiGroups: - - "" - resources: - - namespaces - verbs: - - list - - watch - - get - - update -- apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - - validatingwebhookconfigurations - - validatingadmissionpolicies - - validatingadmissionpolicybindings - verbs: - - list - - watch -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create -- apiGroups: - - flowcontrol.apiserver.k8s.io - resources: - - prioritylevelconfigurations - - flowschemas - verbs: - - list - - watch ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: kapp-controller-user-role -rules: -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - get - - list - - watch -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get -- apiGroups: - - "" - resources: - - serviceaccounts/token - verbs: - - create -- apiGroups: - - kappctrl.k14s.io - resources: - - apps - - apps/status - verbs: - - '*' -- apiGroups: - - packaging.carvel.dev - resources: - - packageinstalls - - packageinstalls/status - - packageinstalls/finalizers - verbs: - - '*' -- apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' -- apiGroups: - - packaging.carvel.dev - resources: - - packagerepositories - - packagerepositories/status - verbs: - - get - - list - - watch -- apiGroups: - - internal.packaging.carvel.dev - resources: - - internalpackagemetadatas - verbs: - - get - - list - - watch -- apiGroups: - - data.packaging.carvel.dev - resources: - - packagemetadatas - - packagemetadatas/status - verbs: - - get - - list - - watch -- apiGroups: - - internal.packaging.carvel.dev - resources: - - internalpackages - verbs: - - get - - list - - watch -- apiGroups: - - data.packaging.carvel.dev - resources: - - packages - - packages/status - verbs: - - get - - list - - watch ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: kapp-controller-cluster-role-binding -subjects: -- kind: ServiceAccount - name: kapp-controller-sa - namespace: kapp-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: kapp-controller-cluster-role ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: pkg-apiserver:system:auth-delegator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:auth-delegator -subjects: -- kind: ServiceAccount - name: kapp-controller-sa - namespace: kapp-controller ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: pkgserver-auth-reader - namespace: kube-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: extension-apiserver-authentication-reader -subjects: -- kind: ServiceAccount - name: kapp-controller-sa - namespace: kapp-controller diff --git a/output.yml b/output.yml deleted file mode 100644 index cbdb2d8b9..000000000 --- a/output.yml +++ /dev/null @@ -1,2709 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: kapp-controller ---- -apiVersion: v1 -kind: Namespace -metadata: - name: kapp-controller-packaging-global ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - name: v1alpha1.data.packaging.carvel.dev -spec: - group: data.packaging.carvel.dev - groupPriorityMinimum: 100 - service: - name: packaging-api - namespace: kapp-controller - version: v1alpha1 - versionPriority: 100 ---- -apiVersion: v1 -kind: Service -metadata: - name: packaging-api - namespace: kapp-controller -spec: - ports: - - name: main - port: 443 - protocol: TCP - targetPort: api - - name: metrics - port: 8080 - protocol: TCP - targetPort: metrics - selector: - app: kapp-controller ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: internalpackagemetadatas.internal.packaging.carvel.dev -spec: - group: internal.packaging.carvel.dev - names: - kind: InternalPackageMetadata - listKind: InternalPackageMetadataList - plural: internalpackagemetadatas - singular: internalpackagemetadata - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - categories: - description: Classifiers of the package (optional; Array of strings) - items: - type: string - type: array - displayName: - description: Human friendly name of the package (optional; string) - type: string - iconSVGBase64: - description: Base64 encoded icon (optional; string) - type: string - longDescription: - description: Long description of the package (optional; string) - type: string - maintainers: - description: List of maintainer info for the package. Currently only - supports the name key. (optional; array of maintner info) - items: - properties: - name: - type: string - type: object - type: array - providerName: - description: Name of the entity distributing the package (optional; - string) - type: string - shortDescription: - description: Short desription of the package (optional; string) - type: string - supportDescription: - description: Description of the support available for the package - (optional; string) - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: internalpackages.internal.packaging.carvel.dev -spec: - group: internal.packaging.carvel.dev - names: - kind: InternalPackage - listKind: InternalPackageList - plural: internalpackages - singular: internalpackage - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - capacityRequirementsDescription: - description: 'System requirements needed to install the package. Note: - these requirements will not be verified by kapp-controller on installation. - (optional; string)' - type: string - includedSoftware: - description: IncludedSoftware can be used to show the software contents - of a Package. This is especially useful if the underlying versions - do not match the Package version - items: - description: IncludedSoftware contains the underlying Software Contents - of a Package - properties: - description: - type: string - displayName: - type: string - version: - type: string - type: object - type: array - kappControllerVersionSelection: - description: KappControllerVersionSelection specifies the versions - of kapp-controller which can install this package - properties: - constraints: - type: string - type: object - kubernetesVersionSelection: - description: KubernetesVersionSelection specifies the versions of - k8s which this package can be installed on - properties: - constraints: - type: string - type: object - licenses: - description: Description of the licenses that apply to the package - software (optional; Array of strings) - items: - type: string - type: array - refName: - description: The name of the PackageMetadata associated with this - version Must be a valid PackageMetadata name (see PackageMetadata - CR for details) Cannot be empty - type: string - releaseNotes: - description: Version release notes (optional; string) - type: string - releasedAt: - description: Timestamp of release (iso8601 formatted string; optional) - format: date-time - nullable: true - type: string - template: - properties: - spec: - properties: - canceled: - description: Cancels current and future reconciliations (optional; - default=false) - type: boolean - cluster: - description: Specifies that app should be deployed to destination - cluster; by default, cluster is same as where this resource - resides (optional; v0.5.0+) - properties: - kubeconfigSecretRef: - description: Specifies secret containing kubeconfig (required) - properties: - key: - description: Specifies key that contains kubeconfig - (optional) - type: string - name: - description: Specifies secret name within app's namespace - (required) - type: string - type: object - namespace: - description: Specifies namespace in destination cluster - (optional) - type: string - type: object - defaultNamespace: - description: Specifies the default namespace to install the - App resources, by default this is same as the App's namespace - (optional; v0.48.0+) - type: string - deploy: - items: - properties: - kapp: - description: Use kapp to deploy resources - properties: - delete: - description: Configuration for delete command (optional) - properties: - rawOptions: - description: Pass through options to kapp delete - (optional) - items: - type: string - type: array - type: object - inspect: - description: 'Configuration for inspect command - (optional) as of kapp-controller v0.31.0, inspect - is disabled by default add rawOptions or use an - empty inspect config like `inspect: {}` to enable' - properties: - rawOptions: - description: Pass through options to kapp inspect - (optional) - items: - type: string - type: array - type: object - intoNs: - description: Override namespace for all resources - (optional) - type: string - mapNs: - description: Provide custom namespace override mapping - (optional) - items: - type: string - type: array - rawOptions: - description: Pass through options to kapp deploy - (optional) - items: - type: string - type: array - type: object - type: object - type: array - fetch: - items: - properties: - git: - description: Uses git to clone repository - properties: - depth: - description: depth of commits to fetch; 1 (default) - means only latest commit, 0 means everything (optional) - format: int64 - type: integer - forceHTTPBasicAuth: - description: Force the usage of HTTP Basic Auth - when Basic Auth is provided (optional) - type: boolean - lfsSkipSmudge: - description: Skip lfs download (optional) - type: boolean - ref: - description: Branch, tag, commit; origin is the - name of the remote (optional) - type: string - refSelection: - description: Specifies a strategy to resolve to - an explicit ref (optional; v0.24.0+) - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - secretRef: - description: 'Secret with auth details. allowed - keys: ssh-privatekey, ssh-knownhosts, username, - password (optional) (if ssh-knownhosts is not - specified, git will not perform strict host checking)' - properties: - name: - description: Object is expected to be within - same namespace - type: string - type: object - subPath: - description: Grab only portion of repository (optional) - type: string - url: - description: http or ssh urls are supported (required) - type: string - type: object - helmChart: - description: Uses helm fetch to fetch specified chart - properties: - name: - description: 'Example: stable/redis' - type: string - repository: - properties: - secretRef: - properties: - name: - description: Object is expected to be within - same namespace - type: string - type: object - url: - description: Repository url; scheme of oci:// - will fetch experimental helm oci chart (v0.19.0+) - (required) - type: string - type: object - version: - type: string - type: object - http: - description: Uses http library to fetch file - properties: - secretRef: - description: 'Secret to provide auth details (optional) - Secret may include one or more keys: username, - password' - properties: - name: - description: Object is expected to be within - same namespace - type: string - type: object - sha256: - description: Checksum to verify after download (optional) - type: string - subPath: - description: Grab only portion of download (optional) - type: string - url: - description: 'URL can point to one of following - formats: text, tgz, zip http and https url are - supported; plain file, tgz and tar types are supported - (required)' - type: string - type: object - image: - description: Pulls content from Docker/OCI registry - properties: - secretRef: - description: 'Secret may include one or more keys: - username, password, token. By default anonymous - access is used for authentication.' - properties: - name: - description: Object is expected to be within - same namespace - type: string - type: object - subPath: - description: Grab only portion of image (optional) - type: string - tagSelection: - description: Specifies a strategy to choose a tag - (optional; v0.24.0+) if specified, do not include - a tag in url key - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - url: - description: 'Docker image url; unqualified, tagged, - or digest references supported (required) Example: - username/app1-config:v0.1.0' - type: string - type: object - imgpkgBundle: - description: Pulls imgpkg bundle from Docker/OCI registry - (v0.17.0+) - properties: - image: - description: Docker image url; unqualified, tagged, - or digest references supported (required) - type: string - secretRef: - description: 'Secret may include one or more keys: - username, password, token. By default anonymous - access is used for authentication.' - properties: - name: - description: Object is expected to be within - same namespace - type: string - type: object - tagSelection: - description: Specifies a strategy to choose a tag - (optional; v0.24.0+) if specified, do not include - a tag in url key - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - type: object - inline: - description: Pulls content from within this resource; - or other resources in the cluster - properties: - paths: - additionalProperties: - type: string - description: Specifies mapping of paths to their - content; not recommended for sensitive values - as CR is not encrypted (optional) - type: object - pathsFrom: - description: Specifies content via secrets and config - maps; data values are recommended to be placed - in secrets (optional) - items: - properties: - configMapRef: - properties: - directoryPath: - description: Specifies where to place - files found in secret (optional) - type: string - name: - type: string - type: object - secretRef: - properties: - directoryPath: - description: Specifies where to place - files found in secret (optional) - type: string - name: - type: string - type: object - type: object - type: array - type: object - path: - description: Relative path to place the fetched artifacts - type: string - type: object - type: array - noopDelete: - description: Deletion requests for the App will result in - the App CR being deleted, but its associated resources will - not be deleted (optional; default=false; v0.18.0+) - type: boolean - paused: - description: Pauses _future_ reconciliation; does _not_ affect - currently running reconciliation (optional; default=false) - type: boolean - serviceAccountName: - description: Specifies that app should be deployed authenticated - via given service account, found in this namespace (optional; - v0.6.0+) - type: string - syncPeriod: - description: Specifies the length of time to wait, in time - + unit format, before reconciling. Always >= 30s. If value - below 30s is specified, 30s will be used. (optional; v0.9.0+; - default=30s) - type: string - template: - items: - properties: - cue: - properties: - inputExpression: - description: Cue expression for single path component, - can be used to unify ValuesFrom into a given field - (optional) - type: string - outputExpression: - description: Cue expression to output, default will - export all visible fields (optional) - type: string - paths: - description: Explicit list of files/directories - (optional) - items: - type: string - type: array - valuesFrom: - description: Provide values (optional) - items: - properties: - configMapRef: - properties: - name: - type: string - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldPath: - description: 'Required: Selects - a field of the app: only annotations, - labels, uid, name and namespace - are supported.' - type: string - kappControllerVersion: - description: 'Optional: Get running - KappController version, defaults - (empty) to retrieving the current - running version.. Can be manually - supplied instead.' - properties: - version: - type: string - type: object - kubernetesAPIs: - description: 'Optional: Get running - KubernetesAPIs from cluster, defaults - (empty) to retrieving the APIs - from the cluster. Can be manually - supplied instead, e.g ["group/version", - "group2/version2"]' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get running - Kubernetes version from cluster, - defaults (empty) to retrieving - the version from the cluster. - Can be manually supplied instead.' - properties: - version: - type: string - type: object - name: - type: string - type: object - type: array - type: object - path: - type: string - secretRef: - properties: - name: - type: string - type: object - type: object - type: array - type: object - helmTemplate: - description: Use helm template command to render helm - chart - properties: - kubernetesAPIs: - description: 'Optional: Use kubernetes group/versions - resources available in the live cluster' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get Kubernetes version, - defaults (empty) to retrieving the version from - the cluster. Can be manually overridden to a value - instead.' - properties: - version: - type: string - type: object - name: - description: Set name explicitly, default is App - CR's name (optional; v0.13.0+) - type: string - namespace: - description: Set namespace explicitly, default is - App CR's namespace (optional; v0.13.0+) - type: string - path: - description: Path to chart (optional; v0.13.0+) - type: string - valuesFrom: - description: One or more secrets, config maps, paths - that provide values (optional) - items: - properties: - configMapRef: - properties: - name: - type: string - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldPath: - description: 'Required: Selects - a field of the app: only annotations, - labels, uid, name and namespace - are supported.' - type: string - kappControllerVersion: - description: 'Optional: Get running - KappController version, defaults - (empty) to retrieving the current - running version.. Can be manually - supplied instead.' - properties: - version: - type: string - type: object - kubernetesAPIs: - description: 'Optional: Get running - KubernetesAPIs from cluster, defaults - (empty) to retrieving the APIs - from the cluster. Can be manually - supplied instead, e.g ["group/version", - "group2/version2"]' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get running - Kubernetes version from cluster, - defaults (empty) to retrieving - the version from the cluster. - Can be manually supplied instead.' - properties: - version: - type: string - type: object - name: - type: string - type: object - type: array - type: object - path: - type: string - secretRef: - properties: - name: - type: string - type: object - type: object - type: array - type: object - jsonnet: - description: TODO implement jsonnet - type: object - kbld: - description: Use kbld to resolve image references to - use digests - properties: - paths: - items: - type: string - type: array - type: object - kustomize: - description: TODO implement kustomize - type: object - sops: - description: Use sops to decrypt *.sops.yml files (optional; - v0.11.0+) - properties: - age: - properties: - privateKeysSecretRef: - description: Secret with private armored PGP - private keys (required) - properties: - name: - type: string - type: object - type: object - paths: - description: Lists paths to decrypt explicitly (optional; - v0.13.0+) - items: - type: string - type: array - pgp: - description: Use PGP to decrypt files (required) - properties: - privateKeysSecretRef: - description: Secret with private armored PGP - private keys (required) - properties: - name: - type: string - type: object - type: object - type: object - ytt: - description: Use ytt to template configuration - properties: - fileMarks: - description: Control metadata about input files - passed to ytt (optional; v0.18.0+) see https://carvel.dev/ytt/docs/latest/file-marks/ - for more details - items: - type: string - type: array - ignoreUnknownComments: - description: Ignores comments that ytt doesn't recognize - (optional; default=false) - type: boolean - inline: - description: Specify additional files, including - data values (optional) - properties: - paths: - additionalProperties: - type: string - description: Specifies mapping of paths to their - content; not recommended for sensitive values - as CR is not encrypted (optional) - type: object - pathsFrom: - description: Specifies content via secrets and - config maps; data values are recommended to - be placed in secrets (optional) - items: - properties: - configMapRef: - properties: - directoryPath: - description: Specifies where to place - files found in secret (optional) - type: string - name: - type: string - type: object - secretRef: - properties: - directoryPath: - description: Specifies where to place - files found in secret (optional) - type: string - name: - type: string - type: object - type: object - type: array - type: object - paths: - description: Lists paths to provide to ytt explicitly - (optional) - items: - type: string - type: array - strict: - description: Forces strict mode https://github.com/k14s/ytt/blob/develop/docs/strict.md - (optional; default=false) - type: boolean - valuesFrom: - description: Provide values via ytt's --data-values-file - (optional; v0.19.0-alpha.9) - items: - properties: - configMapRef: - properties: - name: - type: string - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldPath: - description: 'Required: Selects - a field of the app: only annotations, - labels, uid, name and namespace - are supported.' - type: string - kappControllerVersion: - description: 'Optional: Get running - KappController version, defaults - (empty) to retrieving the current - running version.. Can be manually - supplied instead.' - properties: - version: - type: string - type: object - kubernetesAPIs: - description: 'Optional: Get running - KubernetesAPIs from cluster, defaults - (empty) to retrieving the APIs - from the cluster. Can be manually - supplied instead, e.g ["group/version", - "group2/version2"]' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get running - Kubernetes version from cluster, - defaults (empty) to retrieving - the version from the cluster. - Can be manually supplied instead.' - properties: - version: - type: string - type: object - name: - type: string - type: object - type: array - type: object - path: - type: string - secretRef: - properties: - name: - type: string - type: object - type: object - type: array - type: object - type: object - type: array - type: object - required: - - spec - type: object - valuesSchema: - description: valuesSchema can be used to show template values that - can be configured by users when a Package is installed in an OpenAPI - schema format. - properties: - openAPIv3: - nullable: true - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - version: - description: Package version; Referenced by PackageInstall; Must be - valid semver (required) Cannot be empty - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: apps.kappctrl.k14s.io -spec: - group: kappctrl.k14s.io - names: - categories: - - carvel - kind: App - listKind: AppList - plural: apps - singular: app - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Friendly description - jsonPath: .status.friendlyDescription - name: Description - type: string - - description: Last time app started being deployed. Does not mean anything was - changed. - jsonPath: .status.deploy.startedAt - name: Since-Deploy - type: date - - description: Time since creation - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: 'An App is a set of Kubernetes resources. These resources could - span any number of namespaces or could be cluster-wide (e.g. CRDs). An App - is represented in kapp-controller using a App CR. The App CR comprises of - three main sections: spec.fetch – declare source for fetching configuration - and OCI images spec.template – declare templating tool and values spec.deploy - – declare deployment tool and any deploy specific configuration' - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - canceled: - description: Cancels current and future reconciliations (optional; - default=false) - type: boolean - cluster: - description: Specifies that app should be deployed to destination - cluster; by default, cluster is same as where this resource resides - (optional; v0.5.0+) - properties: - kubeconfigSecretRef: - description: Specifies secret containing kubeconfig (required) - properties: - key: - description: Specifies key that contains kubeconfig (optional) - type: string - name: - description: Specifies secret name within app's namespace - (required) - type: string - type: object - namespace: - description: Specifies namespace in destination cluster (optional) - type: string - type: object - defaultNamespace: - description: Specifies the default namespace to install the App resources, - by default this is same as the App's namespace (optional; v0.48.0+) - type: string - deploy: - items: - properties: - kapp: - description: Use kapp to deploy resources - properties: - delete: - description: Configuration for delete command (optional) - properties: - rawOptions: - description: Pass through options to kapp delete (optional) - items: - type: string - type: array - type: object - inspect: - description: 'Configuration for inspect command (optional) - as of kapp-controller v0.31.0, inspect is disabled by - default add rawOptions or use an empty inspect config - like `inspect: {}` to enable' - properties: - rawOptions: - description: Pass through options to kapp inspect (optional) - items: - type: string - type: array - type: object - intoNs: - description: Override namespace for all resources (optional) - type: string - mapNs: - description: Provide custom namespace override mapping (optional) - items: - type: string - type: array - rawOptions: - description: Pass through options to kapp deploy (optional) - items: - type: string - type: array - type: object - type: object - type: array - fetch: - items: - properties: - git: - description: Uses git to clone repository - properties: - depth: - description: depth of commits to fetch; 1 (default) means - only latest commit, 0 means everything (optional) - format: int64 - type: integer - forceHTTPBasicAuth: - description: Force the usage of HTTP Basic Auth when Basic - Auth is provided (optional) - type: boolean - lfsSkipSmudge: - description: Skip lfs download (optional) - type: boolean - ref: - description: Branch, tag, commit; origin is the name of - the remote (optional) - type: string - refSelection: - description: Specifies a strategy to resolve to an explicit - ref (optional; v0.24.0+) - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - secretRef: - description: 'Secret with auth details. allowed keys: ssh-privatekey, - ssh-knownhosts, username, password (optional) (if ssh-knownhosts - is not specified, git will not perform strict host checking)' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - subPath: - description: Grab only portion of repository (optional) - type: string - url: - description: http or ssh urls are supported (required) - type: string - type: object - helmChart: - description: Uses helm fetch to fetch specified chart - properties: - name: - description: 'Example: stable/redis' - type: string - repository: - properties: - secretRef: - properties: - name: - description: Object is expected to be within same - namespace - type: string - type: object - url: - description: Repository url; scheme of oci:// will fetch - experimental helm oci chart (v0.19.0+) (required) - type: string - type: object - version: - type: string - type: object - http: - description: Uses http library to fetch file - properties: - secretRef: - description: 'Secret to provide auth details (optional) - Secret may include one or more keys: username, password' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - sha256: - description: Checksum to verify after download (optional) - type: string - subPath: - description: Grab only portion of download (optional) - type: string - url: - description: 'URL can point to one of following formats: - text, tgz, zip http and https url are supported; plain - file, tgz and tar types are supported (required)' - type: string - type: object - image: - description: Pulls content from Docker/OCI registry - properties: - secretRef: - description: 'Secret may include one or more keys: username, - password, token. By default anonymous access is used for - authentication.' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - subPath: - description: Grab only portion of image (optional) - type: string - tagSelection: - description: Specifies a strategy to choose a tag (optional; - v0.24.0+) if specified, do not include a tag in url key - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - url: - description: 'Docker image url; unqualified, tagged, or - digest references supported (required) Example: username/app1-config:v0.1.0' - type: string - type: object - imgpkgBundle: - description: Pulls imgpkg bundle from Docker/OCI registry (v0.17.0+) - properties: - image: - description: Docker image url; unqualified, tagged, or digest - references supported (required) - type: string - secretRef: - description: 'Secret may include one or more keys: username, - password, token. By default anonymous access is used for - authentication.' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - tagSelection: - description: Specifies a strategy to choose a tag (optional; - v0.24.0+) if specified, do not include a tag in url key - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - type: object - inline: - description: Pulls content from within this resource; or other - resources in the cluster - properties: - paths: - additionalProperties: - type: string - description: Specifies mapping of paths to their content; - not recommended for sensitive values as CR is not encrypted - (optional) - type: object - pathsFrom: - description: Specifies content via secrets and config maps; - data values are recommended to be placed in secrets (optional) - items: - properties: - configMapRef: - properties: - directoryPath: - description: Specifies where to place files found - in secret (optional) - type: string - name: - type: string - type: object - secretRef: - properties: - directoryPath: - description: Specifies where to place files found - in secret (optional) - type: string - name: - type: string - type: object - type: object - type: array - type: object - path: - description: Relative path to place the fetched artifacts - type: string - type: object - type: array - noopDelete: - description: Deletion requests for the App will result in the App - CR being deleted, but its associated resources will not be deleted - (optional; default=false; v0.18.0+) - type: boolean - paused: - description: Pauses _future_ reconciliation; does _not_ affect currently - running reconciliation (optional; default=false) - type: boolean - serviceAccountName: - description: Specifies that app should be deployed authenticated via - given service account, found in this namespace (optional; v0.6.0+) - type: string - syncPeriod: - description: Specifies the length of time to wait, in time + unit - format, before reconciling. Always >= 30s. If value below 30s is - specified, 30s will be used. (optional; v0.9.0+; default=30s) - type: string - template: - items: - properties: - cue: - properties: - inputExpression: - description: Cue expression for single path component, can - be used to unify ValuesFrom into a given field (optional) - type: string - outputExpression: - description: Cue expression to output, default will export - all visible fields (optional) - type: string - paths: - description: Explicit list of files/directories (optional) - items: - type: string - type: array - valuesFrom: - description: Provide values (optional) - items: - properties: - configMapRef: - properties: - name: - type: string - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldPath: - description: 'Required: Selects a field - of the app: only annotations, labels, - uid, name and namespace are supported.' - type: string - kappControllerVersion: - description: 'Optional: Get running KappController - version, defaults (empty) to retrieving - the current running version.. Can be manually - supplied instead.' - properties: - version: - type: string - type: object - kubernetesAPIs: - description: 'Optional: Get running KubernetesAPIs - from cluster, defaults (empty) to retrieving - the APIs from the cluster. Can be manually - supplied instead, e.g ["group/version", - "group2/version2"]' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get running Kubernetes - version from cluster, defaults (empty) - to retrieving the version from the cluster. - Can be manually supplied instead.' - properties: - version: - type: string - type: object - name: - type: string - type: object - type: array - type: object - path: - type: string - secretRef: - properties: - name: - type: string - type: object - type: object - type: array - type: object - helmTemplate: - description: Use helm template command to render helm chart - properties: - kubernetesAPIs: - description: 'Optional: Use kubernetes group/versions resources - available in the live cluster' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get Kubernetes version, defaults - (empty) to retrieving the version from the cluster. Can - be manually overridden to a value instead.' - properties: - version: - type: string - type: object - name: - description: Set name explicitly, default is App CR's name - (optional; v0.13.0+) - type: string - namespace: - description: Set namespace explicitly, default is App CR's - namespace (optional; v0.13.0+) - type: string - path: - description: Path to chart (optional; v0.13.0+) - type: string - valuesFrom: - description: One or more secrets, config maps, paths that - provide values (optional) - items: - properties: - configMapRef: - properties: - name: - type: string - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldPath: - description: 'Required: Selects a field - of the app: only annotations, labels, - uid, name and namespace are supported.' - type: string - kappControllerVersion: - description: 'Optional: Get running KappController - version, defaults (empty) to retrieving - the current running version.. Can be manually - supplied instead.' - properties: - version: - type: string - type: object - kubernetesAPIs: - description: 'Optional: Get running KubernetesAPIs - from cluster, defaults (empty) to retrieving - the APIs from the cluster. Can be manually - supplied instead, e.g ["group/version", - "group2/version2"]' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get running Kubernetes - version from cluster, defaults (empty) - to retrieving the version from the cluster. - Can be manually supplied instead.' - properties: - version: - type: string - type: object - name: - type: string - type: object - type: array - type: object - path: - type: string - secretRef: - properties: - name: - type: string - type: object - type: object - type: array - type: object - jsonnet: - description: TODO implement jsonnet - type: object - kbld: - description: Use kbld to resolve image references to use digests - properties: - paths: - items: - type: string - type: array - type: object - kustomize: - description: TODO implement kustomize - type: object - sops: - description: Use sops to decrypt *.sops.yml files (optional; - v0.11.0+) - properties: - age: - properties: - privateKeysSecretRef: - description: Secret with private armored PGP private - keys (required) - properties: - name: - type: string - type: object - type: object - paths: - description: Lists paths to decrypt explicitly (optional; - v0.13.0+) - items: - type: string - type: array - pgp: - description: Use PGP to decrypt files (required) - properties: - privateKeysSecretRef: - description: Secret with private armored PGP private - keys (required) - properties: - name: - type: string - type: object - type: object - type: object - ytt: - description: Use ytt to template configuration - properties: - fileMarks: - description: Control metadata about input files passed to - ytt (optional; v0.18.0+) see https://carvel.dev/ytt/docs/latest/file-marks/ - for more details - items: - type: string - type: array - ignoreUnknownComments: - description: Ignores comments that ytt doesn't recognize - (optional; default=false) - type: boolean - inline: - description: Specify additional files, including data values - (optional) - properties: - paths: - additionalProperties: - type: string - description: Specifies mapping of paths to their content; - not recommended for sensitive values as CR is not - encrypted (optional) - type: object - pathsFrom: - description: Specifies content via secrets and config - maps; data values are recommended to be placed in - secrets (optional) - items: - properties: - configMapRef: - properties: - directoryPath: - description: Specifies where to place files - found in secret (optional) - type: string - name: - type: string - type: object - secretRef: - properties: - directoryPath: - description: Specifies where to place files - found in secret (optional) - type: string - name: - type: string - type: object - type: object - type: array - type: object - paths: - description: Lists paths to provide to ytt explicitly (optional) - items: - type: string - type: array - strict: - description: Forces strict mode https://github.com/k14s/ytt/blob/develop/docs/strict.md - (optional; default=false) - type: boolean - valuesFrom: - description: Provide values via ytt's --data-values-file - (optional; v0.19.0-alpha.9) - items: - properties: - configMapRef: - properties: - name: - type: string - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldPath: - description: 'Required: Selects a field - of the app: only annotations, labels, - uid, name and namespace are supported.' - type: string - kappControllerVersion: - description: 'Optional: Get running KappController - version, defaults (empty) to retrieving - the current running version.. Can be manually - supplied instead.' - properties: - version: - type: string - type: object - kubernetesAPIs: - description: 'Optional: Get running KubernetesAPIs - from cluster, defaults (empty) to retrieving - the APIs from the cluster. Can be manually - supplied instead, e.g ["group/version", - "group2/version2"]' - properties: - groupVersions: - items: - type: string - type: array - type: object - kubernetesVersion: - description: 'Optional: Get running Kubernetes - version from cluster, defaults (empty) - to retrieving the version from the cluster. - Can be manually supplied instead.' - properties: - version: - type: string - type: object - name: - type: string - type: object - type: array - type: object - path: - type: string - secretRef: - properties: - name: - type: string - type: object - type: object - type: array - type: object - type: object - type: array - type: object - status: - properties: - conditions: - items: - properties: - message: - description: Human-readable message indicating details about - last transition. - type: string - reason: - description: Unique, this should be a short, machine understandable - string that gives the reason for condition's last transition. - If it reports "ResizeStarted" that means the underlying persistent - volume is being resized. - type: string - status: - type: string - type: - description: ConditionType represents reconciler state - type: string - required: - - status - - type - type: object - type: array - consecutiveReconcileFailures: - type: integer - consecutiveReconcileSuccesses: - type: integer - deploy: - properties: - error: - type: string - exitCode: - type: integer - finished: - type: boolean - kapp: - description: KappDeployStatus contains the associated AppCR deployed - resources - properties: - associatedResources: - description: AssociatedResources contains the associated App - label, namespaces and GKs - properties: - groupKinds: - items: - description: GroupKind specifies a Group and a Kind, - but does not force a version. This is useful for - identifying concepts during lookup stages without - having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - label: - type: string - namespaces: - items: - type: string - type: array - type: object - type: object - startedAt: - format: date-time - type: string - stderr: - type: string - stdout: - type: string - updatedAt: - format: date-time - type: string - type: object - fetch: - properties: - error: - type: string - exitCode: - type: integer - startedAt: - format: date-time - type: string - stderr: - type: string - stdout: - type: string - updatedAt: - format: date-time - type: string - type: object - friendlyDescription: - type: string - inspect: - properties: - error: - type: string - exitCode: - type: integer - stderr: - type: string - stdout: - type: string - updatedAt: - format: date-time - type: string - type: object - managedAppName: - type: string - observedGeneration: - description: Populated based on metadata.generation when controller - observes a change to the resource; if this value is out of data, - other status fields do not reflect latest state - format: int64 - type: integer - template: - properties: - error: - type: string - exitCode: - type: integer - stderr: - type: string - updatedAt: - format: date-time - type: string - type: object - usefulErrorMessage: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: packageinstalls.packaging.carvel.dev -spec: - group: packaging.carvel.dev - names: - categories: - - carvel - kind: PackageInstall - listKind: PackageInstallList - plural: packageinstalls - shortNames: - - pkgi - singular: packageinstall - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: PackageMetadata name - jsonPath: .spec.packageRef.refName - name: Package name - type: string - - description: PackageMetadata version - jsonPath: .status.version - name: Package version - type: string - - description: Friendly description - jsonPath: .status.friendlyDescription - name: Description - type: string - - description: Time since creation - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: A Package Install is an actual installation of a package and - its underlying resources on a Kubernetes cluster. It is represented in kapp-controller - by a PackageInstall CR. A PackageInstall CR must reference a Package CR. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - canceled: - description: Canceled when set to true will stop all active changes - type: boolean - cluster: - description: Specifies that Package should be deployed to destination - cluster; by default, cluster is same as where this resource resides - (optional) - properties: - kubeconfigSecretRef: - description: Specifies secret containing kubeconfig (required) - properties: - key: - description: Specifies key that contains kubeconfig (optional) - type: string - name: - description: Specifies secret name within app's namespace - (required) - type: string - type: object - namespace: - description: Specifies namespace in destination cluster (optional) - type: string - type: object - defaultNamespace: - description: Specifies the default namespace to install the Package - resources, by default this is same as the PackageInstall namespace - (optional; v0.48.0+) - type: string - noopDelete: - description: When NoopDelete set to true, PackageInstall deletion - should delete PackageInstall/App CR but preserve App's associated - resources. - type: boolean - packageRef: - description: Specifies the name of the package to install (required) - properties: - refName: - type: string - versionSelection: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - paused: - description: Paused when set to true will ignore all pending changes, - once it set back to false, pending changes will be applied - type: boolean - serviceAccountName: - description: Specifies service account that will be used to install - underlying package contents - type: string - syncPeriod: - description: Controls frequency of App reconciliation in time + unit - format. Always >= 30s. If value below 30s is specified, 30s will - be used. - type: string - values: - description: Values to be included in package's templating step (currently - only included in the first templating step) (optional) - items: - properties: - secretRef: - properties: - key: - type: string - name: - type: string - type: object - type: object - type: array - type: object - status: - properties: - conditions: - items: - properties: - message: - description: Human-readable message indicating details about - last transition. - type: string - reason: - description: Unique, this should be a short, machine understandable - string that gives the reason for condition's last transition. - If it reports "ResizeStarted" that means the underlying persistent - volume is being resized. - type: string - status: - type: string - type: - description: ConditionType represents reconciler state - type: string - required: - - status - - type - type: object - type: array - friendlyDescription: - type: string - lastAttemptedVersion: - description: LastAttemptedVersion specifies what version was last - attempted to be installed. It does _not_ indicate it was successfully - installed. - type: string - observedGeneration: - description: Populated based on metadata.generation when controller - observes a change to the resource; if this value is out of data, - other status fields do not reflect latest state - format: int64 - type: integer - usefulErrorMessage: - type: string - version: - description: TODO this is desired resolved version (not actually deployed) - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - packaging.carvel.dev/global-namespace: kapp-controller-packaging-global - name: packagerepositories.packaging.carvel.dev -spec: - group: packaging.carvel.dev - names: - categories: - - carvel - kind: PackageRepository - listKind: PackageRepositoryList - plural: packagerepositories - shortNames: - - pkgr - singular: packagerepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Time since creation - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Friendly description - jsonPath: .status.friendlyDescription - name: Description - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: A package repository is a collection of packages and their metadata. - Similar to a maven repository or a rpm repository, adding a package repository - to a cluster gives users of that cluster the ability to install any of the - packages from that repository. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - fetch: - properties: - git: - description: Uses git to clone repository containing package list - properties: - depth: - description: depth of commits to fetch; 1 (default) means - only latest commit, 0 means everything (optional) - format: int64 - type: integer - forceHTTPBasicAuth: - description: Force the usage of HTTP Basic Auth when Basic - Auth is provided (optional) - type: boolean - lfsSkipSmudge: - description: Skip lfs download (optional) - type: boolean - ref: - description: Branch, tag, commit; origin is the name of the - remote (optional) - type: string - refSelection: - description: Specifies a strategy to resolve to an explicit - ref (optional; v0.24.0+) - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - secretRef: - description: 'Secret with auth details. allowed keys: ssh-privatekey, - ssh-knownhosts, username, password (optional) (if ssh-knownhosts - is not specified, git will not perform strict host checking)' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - subPath: - description: Grab only portion of repository (optional) - type: string - url: - description: http or ssh urls are supported (required) - type: string - type: object - http: - description: Uses http library to fetch file containing packages - properties: - secretRef: - description: 'Secret to provide auth details (optional) Secret - may include one or more keys: username, password' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - sha256: - description: Checksum to verify after download (optional) - type: string - subPath: - description: Grab only portion of download (optional) - type: string - url: - description: 'URL can point to one of following formats: text, - tgz, zip http and https url are supported; plain file, tgz - and tar types are supported (required)' - type: string - type: object - image: - description: Image url; unqualified, tagged, or digest references - supported (required) - properties: - secretRef: - description: 'Secret may include one or more keys: username, - password, token. By default anonymous access is used for - authentication.' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - subPath: - description: Grab only portion of image (optional) - type: string - tagSelection: - description: Specifies a strategy to choose a tag (optional; - v0.24.0+) if specified, do not include a tag in url key - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - url: - description: 'Docker image url; unqualified, tagged, or digest - references supported (required) Example: username/app1-config:v0.1.0' - type: string - type: object - imgpkgBundle: - description: Pulls imgpkg bundle from Docker/OCI registry - properties: - image: - description: Docker image url; unqualified, tagged, or digest - references supported (required) - type: string - secretRef: - description: 'Secret may include one or more keys: username, - password, token. By default anonymous access is used for - authentication.' - properties: - name: - description: Object is expected to be within same namespace - type: string - type: object - tagSelection: - description: Specifies a strategy to choose a tag (optional; - v0.24.0+) if specified, do not include a tag in url key - properties: - semver: - properties: - constraints: - type: string - prereleases: - properties: - identifiers: - items: - type: string - type: array - type: object - type: object - type: object - type: object - inline: - description: Pull content from within this resource; or other - resources in the cluster - properties: - paths: - additionalProperties: - type: string - description: Specifies mapping of paths to their content; - not recommended for sensitive values as CR is not encrypted - (optional) - type: object - pathsFrom: - description: Specifies content via secrets and config maps; - data values are recommended to be placed in secrets (optional) - items: - properties: - configMapRef: - properties: - directoryPath: - description: Specifies where to place files found - in secret (optional) - type: string - name: - type: string - type: object - secretRef: - properties: - directoryPath: - description: Specifies where to place files found - in secret (optional) - type: string - name: - type: string - type: object - type: object - type: array - type: object - type: object - paused: - description: Paused when set to true will ignore all pending changes, - once it set back to false, pending changes will be applied - type: boolean - syncPeriod: - description: Controls frequency of PackageRepository reconciliation - type: string - required: - - fetch - type: object - status: - properties: - conditions: - items: - properties: - message: - description: Human-readable message indicating details about - last transition. - type: string - reason: - description: Unique, this should be a short, machine understandable - string that gives the reason for condition's last transition. - If it reports "ResizeStarted" that means the underlying persistent - volume is being resized. - type: string - status: - type: string - type: - description: ConditionType represents reconciler state - type: string - required: - - status - - type - type: object - type: array - consecutiveReconcileFailures: - type: integer - consecutiveReconcileSuccesses: - type: integer - deploy: - properties: - error: - type: string - exitCode: - type: integer - finished: - type: boolean - kapp: - description: KappDeployStatus contains the associated AppCR deployed - resources - properties: - associatedResources: - description: AssociatedResources contains the associated App - label, namespaces and GKs - properties: - groupKinds: - items: - description: GroupKind specifies a Group and a Kind, - but does not force a version. This is useful for - identifying concepts during lookup stages without - having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - label: - type: string - namespaces: - items: - type: string - type: array - type: object - type: object - startedAt: - format: date-time - type: string - stderr: - type: string - stdout: - type: string - updatedAt: - format: date-time - type: string - type: object - fetch: - properties: - error: - type: string - exitCode: - type: integer - startedAt: - format: date-time - type: string - stderr: - type: string - stdout: - type: string - updatedAt: - format: date-time - type: string - type: object - friendlyDescription: - type: string - observedGeneration: - description: Populated based on metadata.generation when controller - observes a change to the resource; if this value is out of data, - other status fields do not reflect latest state - format: int64 - type: integer - template: - properties: - error: - type: string - exitCode: - type: integer - stderr: - type: string - updatedAt: - format: date-time - type: string - type: object - usefulErrorMessage: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - annotations: - kapp-controller.carvel.dev/version: v0.0.0 - kbld.k14s.io/images: | - - origins: - - local: - path: /Users/roaggarwal/git/fork/kapp-controller - - git: - dirty: true - remoteURL: git@github.com:rohitagg2020/kapp-controller.git - sha: e4b4822224f7bd06e27787a013e3c3e997beb043 - url: kbld:kapp-controller-sha256-b5445b2e430d37f3960e3a347a3b89a676a36456a5f5c36a24172a998de2dcdd - name: kapp-controller - namespace: kapp-controller -spec: - replicas: 1 - revisionHistoryLimit: 0 - selector: - matchLabels: - app: kapp-controller - template: - metadata: - labels: - app: kapp-controller - spec: - containers: - - args: - - -packaging-global-namespace=kapp-controller-packaging-global - - -enable-api-priority-and-fairness=True - - -tls-cipher-suites= - env: - - name: KAPPCTRL_MEM_TMP_DIR - value: /etc/kappctrl-mem-tmp - - name: KAPPCTRL_SIDECAREXEC_SOCK - value: /etc/kappctrl-mem-tmp/sidecarexec.sock - - name: KAPPCTRL_SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: KAPPCTRL_API_PORT - value: "8443" - image: kbld:kapp-controller-sha256-b5445b2e430d37f3960e3a347a3b89a676a36456a5f5c36a24172a998de2dcdd - name: kapp-controller - ports: - - containerPort: 8443 - name: api - protocol: TCP - - containerPort: 8080 - name: metrics - protocol: TCP - resources: - requests: - cpu: 120m - memory: 100Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /etc/kappctrl-mem-tmp - name: template-fs - - mountPath: /home/kapp-controller - name: home - - args: - - --sidecarexec - env: - - name: KAPPCTRL_SIDECAREXEC_SOCK - value: /etc/kappctrl-mem-tmp/sidecarexec.sock - - name: IMGPKG_ACTIVE_KEYCHAINS - value: gke,aks,ecr - image: kbld:kapp-controller-sha256-b5445b2e430d37f3960e3a347a3b89a676a36456a5f5c36a24172a998de2dcdd - name: kapp-controller-sidecarexec - resources: - requests: - cpu: 120m - memory: 100Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: false - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /etc/kappctrl-mem-tmp - name: template-fs - - mountPath: /home/kapp-controller - name: home - - mountPath: /var/run/secrets/kubernetes.io/serviceaccount - name: empty-sa - serviceAccount: kapp-controller-sa - volumes: - - emptyDir: - medium: Memory - name: template-fs - - emptyDir: - medium: Memory - name: home - - emptyDir: {} - name: empty-sa ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kapp-controller-sa - namespace: kapp-controller ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: kapp-controller-cluster-role -rules: -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - get - - list - - watch -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get -- apiGroups: - - "" - resources: - - serviceaccounts/token - verbs: - - create -- apiGroups: - - kappctrl.k14s.io - resources: - - apps - - apps/status - verbs: - - '*' -- apiGroups: - - packaging.carvel.dev - resources: - - packageinstalls - - packageinstalls/status - - packageinstalls/finalizers - verbs: - - '*' -- apiGroups: - - packaging.carvel.dev - resources: - - packagerepositories - - packagerepositories/status - verbs: - - '*' -- apiGroups: - - internal.packaging.carvel.dev - resources: - - internalpackagemetadatas - verbs: - - '*' -- apiGroups: - - data.packaging.carvel.dev - resources: - - packagemetadatas - - packagemetadatas/status - verbs: - - '*' -- apiGroups: - - internal.packaging.carvel.dev - resources: - - internalpackages - verbs: - - '*' -- apiGroups: - - data.packaging.carvel.dev - resources: - - packages - - packages/status - verbs: - - '*' -- apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' -- apiGroups: - - apiregistration.k8s.io - resources: - - apiservices - verbs: - - update - - get -- apiGroups: - - "" - resources: - - namespaces - verbs: - - list - - watch - - get - - update -- apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - - validatingwebhookconfigurations - - validatingadmissionpolicies - - validatingadmissionpolicybindings - verbs: - - list - - watch -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create -- apiGroups: - - flowcontrol.apiserver.k8s.io - resources: - - prioritylevelconfigurations - - flowschemas - verbs: - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: kapp-controller-user-role -rules: -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - get - - list - - watch -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get -- apiGroups: - - "" - resources: - - serviceaccounts/token - verbs: - - create -- apiGroups: - - kappctrl.k14s.io - resources: - - apps - - apps/status - verbs: - - '*' -- apiGroups: - - packaging.carvel.dev - resources: - - packageinstalls - - packageinstalls/status - - packageinstalls/finalizers - verbs: - - '*' -- apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' -- apiGroups: - - packaging.carvel.dev - resources: - - packagerepositories - - packagerepositories/status - verbs: - - get - - list - - watch -- apiGroups: - - internal.packaging.carvel.dev - resources: - - internalpackagemetadatas - verbs: - - get - - list - - watch -- apiGroups: - - data.packaging.carvel.dev - resources: - - packagemetadatas - - packagemetadatas/status - verbs: - - get - - list - - watch -- apiGroups: - - internal.packaging.carvel.dev - resources: - - internalpackages - verbs: - - get - - list - - watch -- apiGroups: - - data.packaging.carvel.dev - resources: - - packages - - packages/status - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kapp-controller-cluster-role-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: kapp-controller-cluster-role -subjects: -- kind: ServiceAccount - name: kapp-controller-sa - namespace: kapp-controller ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: pkg-apiserver:system:auth-delegator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:auth-delegator -subjects: -- kind: ServiceAccount - name: kapp-controller-sa - namespace: kapp-controller ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: pkgserver-auth-reader - namespace: kube-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: extension-apiserver-authentication-reader -subjects: -- kind: ServiceAccount - name: kapp-controller-sa - namespace: kapp-controller diff --git a/pkg/client/informers/externalversions/factory.go b/pkg/client/informers/externalversions/factory.go index c792d3c92..d59506aba 100644 --- a/pkg/client/informers/externalversions/factory.go +++ b/pkg/client/informers/externalversions/factory.go @@ -28,6 +28,7 @@ type sharedInformerFactory struct { lock sync.Mutex defaultResync time.Duration customResync map[reflect.Type]time.Duration + transform cache.TransformFunc informers map[reflect.Type]cache.SharedIndexInformer // startedInformers is used for tracking which informers have been started. @@ -66,6 +67,14 @@ func WithNamespace(namespace string) SharedInformerOption { } } +// WithTransform sets a transform on all informers. +func WithTransform(transform cache.TransformFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.transform = transform + return factory + } +} + // NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { return NewSharedInformerFactoryWithOptions(client, defaultResync) @@ -152,7 +161,7 @@ func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[ref return res } -// InternalInformerFor returns the SharedIndexInformer for obj using an internal +// InformerFor returns the SharedIndexInformer for obj using an internal // client. func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { f.lock.Lock() @@ -170,6 +179,7 @@ func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internal } informer = newFunc(f.client, resyncPeriod) + informer.SetTransform(f.transform) f.informers[informerType] = informer return informer @@ -225,7 +235,7 @@ type SharedInformerFactory interface { // ForResource gives generic access to a shared informer of the matching type. ForResource(resource schema.GroupVersionResource) (GenericInformer, error) - // InternalInformerFor returns the SharedIndexInformer for obj using an internal + // InformerFor returns the SharedIndexInformer for obj using an internal // client. InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer diff --git a/vendor/modules.txt b/vendor/modules.txt index 9f931cf67..04bbe1cb9 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1286,6 +1286,7 @@ k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/typed/apiregistr k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/typed/apiregistration/v1beta1 # k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 ## explicit; go 1.20 +k8s.io/kube-openapi/cmd/openapi-gen k8s.io/kube-openapi/pkg/builder k8s.io/kube-openapi/pkg/builder3 k8s.io/kube-openapi/pkg/builder3/util