From 17d6bc8a6cfe5cf9122b283fe4dd4771c74b879d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?H=C3=A9ctor=20Molinero=20Fern=C3=A1ndez?= Date: Tue, 6 Feb 2024 23:20:52 +0100 Subject: [PATCH] Canonicalize output --- .../kubernetes/schemas/_definitions.json | 354 +++--- src/fixtures/kubernetes/schemas/pod-v1.json | 1102 ++++++++--------- src/fixtures/oasv3/schemas/error.json | 16 +- src/fixtures/oasv3/schemas/pet.json | 16 +- src/fixtures/oasv3/schemas/pets.json | 6 +- src/openapi2jsonschema/command.py | 21 +- 6 files changed, 765 insertions(+), 750 deletions(-) diff --git a/src/fixtures/kubernetes/schemas/_definitions.json b/src/fixtures/kubernetes/schemas/_definitions.json index 3596e69..c1ba2f8 100644 --- a/src/fixtures/kubernetes/schemas/_definitions.json +++ b/src/fixtures/kubernetes/schemas/_definitions.json @@ -1,6 +1,7 @@ { "definitions": { "io.k8s.api.core.v1.Affinity": { + "additionalProperties": false, "description": "Affinity is a group of affinity scheduling rules.", "properties": { "nodeAffinity": { @@ -16,10 +17,10 @@ "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.CSIVolumeSource": { + "additionalProperties": false, "description": "Represents a source location of a volume to mount, managed by an external CSI driver", "properties": { "driver": { @@ -49,10 +50,10 @@ "required": [ "driver" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.Capabilities": { + "additionalProperties": false, "description": "Adds and removes POSIX capabilities from running containers.", "properties": { "add": { @@ -72,10 +73,10 @@ "x-kubernetes-list-type": "atomic" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.ClaimSource": { + "additionalProperties": false, "description": "ClaimSource describes a reference to a ResourceClaim.\n\nExactly one of these fields should be set. Consumers of this type must treat an empty object as if it has an unknown value.", "properties": { "resourceClaimName": { @@ -87,10 +88,10 @@ "type": "string" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.ConfigMapEnvSource": { + "additionalProperties": false, "description": "ConfigMapEnvSource selects a ConfigMap to populate the environment variables with.\n\nThe contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.", "properties": { "name": { @@ -102,10 +103,10 @@ "type": "boolean" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.ConfigMapKeySelector": { + "additionalProperties": false, "description": "Selects a key from a ConfigMap.", "properties": { "key": { @@ -125,10 +126,10 @@ "key" ], "type": "object", - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "io.k8s.api.core.v1.ConfigMapVolumeSource": { + "additionalProperties": false, "description": "Adapts a ConfigMap into a volume.\n\nThe contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. ConfigMap volumes support ownership management and SELinux relabeling.", "properties": { "defaultMode": { @@ -153,10 +154,10 @@ "type": "boolean" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.Container": { + "additionalProperties": false, "description": "A single application container that you want to run within a pod.", "properties": { "args": { @@ -312,10 +313,10 @@ "required": [ "name" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.ContainerPort": { + "additionalProperties": false, "description": "ContainerPort represents a network port in a single container.", "properties": { "containerPort": { @@ -344,10 +345,10 @@ "required": [ "containerPort" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.ContainerResizePolicy": { + "additionalProperties": false, "description": "ContainerResizePolicy represents resource resize policy for the container.", "properties": { "resourceName": { @@ -363,10 +364,10 @@ "resourceName", "restartPolicy" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.ContainerState": { + "additionalProperties": false, "description": "ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.", "properties": { "running": { @@ -382,10 +383,10 @@ "description": "Details about a waiting container" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.ContainerStateRunning": { + "additionalProperties": false, "description": "ContainerStateRunning is a running state of a container.", "properties": { "startedAt": { @@ -393,10 +394,10 @@ "description": "Time at which the container was last (re-)started" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.ContainerStateTerminated": { + "additionalProperties": false, "description": "ContainerStateTerminated is a terminated state of a container.", "properties": { "containerID": { @@ -433,10 +434,10 @@ "required": [ "exitCode" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.ContainerStateWaiting": { + "additionalProperties": false, "description": "ContainerStateWaiting is a waiting state of a container.", "properties": { "message": { @@ -448,10 +449,10 @@ "type": "string" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.ContainerStatus": { + "additionalProperties": false, "description": "ContainerStatus contains details for the current status of this container.", "properties": { "allocatedResources": { @@ -510,10 +511,10 @@ "image", "imageID" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.EmptyDirVolumeSource": { + "additionalProperties": false, "description": "Represents an empty directory for a pod. Empty directory volumes support ownership management and SELinux relabeling.", "properties": { "medium": { @@ -525,10 +526,10 @@ "description": "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.EnvFromSource": { + "additionalProperties": false, "description": "EnvFromSource represents the source of a set of ConfigMaps", "properties": { "configMapRef": { @@ -544,10 +545,10 @@ "description": "The Secret to select from" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.EnvVar": { + "additionalProperties": false, "description": "EnvVar represents an environment variable present in a Container.", "properties": { "name": { @@ -566,10 +567,10 @@ "required": [ "name" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.EnvVarSource": { + "additionalProperties": false, "description": "EnvVarSource represents a source for the value of an EnvVar.", "properties": { "configMapKeyRef": { @@ -589,10 +590,10 @@ "description": "Selects a key of a secret in the pod's namespace" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.EphemeralContainer": { + "additionalProperties": false, "description": "An EphemeralContainer is a temporary container that you may add to an existing Pod for user-initiated activities such as debugging. Ephemeral containers have no resource or scheduling guarantees, and they will not be restarted when they exit or when a Pod is removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the Pod to exceed its resource allocation.\n\nTo add an ephemeral container, use the ephemeralcontainers subresource of an existing Pod. Ephemeral containers may not be removed or restarted.", "properties": { "args": { @@ -752,10 +753,10 @@ "required": [ "name" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.EphemeralVolumeSource": { + "additionalProperties": false, "description": "Represents an ephemeral volume that is handled by a normal storage driver.", "properties": { "volumeClaimTemplate": { @@ -763,10 +764,10 @@ "description": "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).\n\nAn existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.\n\nThis field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.\n\nRequired, must not be nil." } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.ExecAction": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -778,10 +779,10 @@ "x-kubernetes-list-type": "atomic" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.GRPCAction": { + "additionalProperties": false, "properties": { "port": { "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", @@ -796,10 +797,10 @@ "required": [ "port" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.HTTPGetAction": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -830,10 +831,10 @@ "required": [ "port" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.HTTPHeader": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -849,10 +850,10 @@ "name", "value" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.HostAlias": { + "additionalProperties": false, "description": "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.", "properties": { "hostnames": { @@ -868,10 +869,10 @@ "type": "string" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.HostIP": { + "additionalProperties": false, "description": "HostIP represents a single IP address allocated to the host.", "properties": { "ip": { @@ -879,10 +880,10 @@ "type": "string" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.HostPathVolumeSource": { + "additionalProperties": false, "description": "Represents a host path mapped into a pod. Host path volumes do not support ownership management or SELinux relabeling.", "properties": { "path": { @@ -897,10 +898,10 @@ "required": [ "path" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.KeyToPath": { + "additionalProperties": false, "description": "Maps a string key to a path within a volume.", "properties": { "key": { @@ -921,10 +922,10 @@ "key", "path" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.Lifecycle": { + "additionalProperties": false, "description": "Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.", "properties": { "postStart": { @@ -936,10 +937,10 @@ "description": "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.LifecycleHandler": { + "additionalProperties": false, "description": "LifecycleHandler defines a specific action that should be taken in a lifecycle hook. One and only one of the fields, except TCPSocket must be specified.", "properties": { "exec": { @@ -959,10 +960,10 @@ "description": "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.LocalObjectReference": { + "additionalProperties": false, "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", "properties": { "name": { @@ -971,10 +972,10 @@ } }, "type": "object", - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "io.k8s.api.core.v1.NodeAffinity": { + "additionalProperties": false, "description": "Node affinity is a group of node affinity scheduling rules.", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { @@ -990,10 +991,10 @@ "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node." } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.NodeSelector": { + "additionalProperties": false, "description": "A node selector represents the union of the results of one or more label queries over a set of nodes; that is, it represents the OR of the selectors represented by the node selector terms.", "properties": { "nodeSelectorTerms": { @@ -1009,10 +1010,10 @@ "nodeSelectorTerms" ], "type": "object", - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "io.k8s.api.core.v1.NodeSelectorRequirement": { + "additionalProperties": false, "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -1036,10 +1037,10 @@ "key", "operator" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.NodeSelectorTerm": { + "additionalProperties": false, "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", "properties": { "matchExpressions": { @@ -1060,10 +1061,10 @@ } }, "type": "object", - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "io.k8s.api.core.v1.ObjectFieldSelector": { + "additionalProperties": false, "description": "ObjectFieldSelector selects an APIVersioned field of an object.", "properties": { "apiVersion": { @@ -1079,10 +1080,10 @@ "fieldPath" ], "type": "object", - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "io.k8s.api.core.v1.PersistentVolumeClaimSpec": { + "additionalProperties": false, "description": "PersistentVolumeClaimSpec describes the common attributes of storage devices and allows a Source for provider-specific attributes", "properties": { "accessModes": { @@ -1126,10 +1127,10 @@ "type": "string" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PersistentVolumeClaimTemplate": { + "additionalProperties": false, "description": "PersistentVolumeClaimTemplate is used to produce PersistentVolumeClaim objects as part of an EphemeralVolumeSource.", "properties": { "metadata": { @@ -1144,10 +1145,10 @@ "required": [ "spec" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PersistentVolumeClaimVolumeSource": { + "additionalProperties": false, "description": "PersistentVolumeClaimVolumeSource references the user's PVC in the same namespace. This volume finds the bound PV and mounts that volume for the pod. A PersistentVolumeClaimVolumeSource is, essentially, a wrapper around another type of volume that is owned by someone else (the system).", "properties": { "claimName": { @@ -1162,25 +1163,25 @@ "required": [ "claimName" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.Pod": { + "additionalProperties": false, "description": "Pod is a collection of containers that can run on a host. This resource is created by clients and scheduled onto hosts.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string", "enum": [ "v1" - ] + ], + "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string", "enum": [ "Pod" - ] + ], + "type": "string" }, "metadata": { "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta", @@ -1202,10 +1203,10 @@ "kind": "Pod", "version": "v1" } - ], - "additionalProperties": false + ] }, "io.k8s.api.core.v1.PodAffinity": { + "additionalProperties": false, "description": "Pod affinity is a group of inter pod affinity scheduling rules.", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { @@ -1225,10 +1226,10 @@ "x-kubernetes-list-type": "atomic" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PodAffinityTerm": { + "additionalProperties": false, "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", "properties": { "labelSelector": { @@ -1271,10 +1272,10 @@ "required": [ "topologyKey" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PodAntiAffinity": { + "additionalProperties": false, "description": "Pod anti affinity is a group of inter pod anti affinity scheduling rules.", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { @@ -1294,10 +1295,10 @@ "x-kubernetes-list-type": "atomic" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PodCondition": { + "additionalProperties": false, "description": "PodCondition contains details for the current condition of this pod.", "properties": { "lastProbeTime": { @@ -1329,10 +1330,10 @@ "type", "status" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PodDNSConfig": { + "additionalProperties": false, "description": "PodDNSConfig defines the DNS parameters of a pod in addition to those generated from DNSPolicy.", "properties": { "nameservers": { @@ -1360,10 +1361,10 @@ "x-kubernetes-list-type": "atomic" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PodDNSConfigOption": { + "additionalProperties": false, "description": "PodDNSConfigOption defines DNS resolver options of a pod.", "properties": { "name": { @@ -1374,10 +1375,10 @@ "type": "string" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PodIP": { + "additionalProperties": false, "description": "PodIP represents a single IP address allocated to the pod.", "properties": { "ip": { @@ -1385,10 +1386,10 @@ "type": "string" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PodOS": { + "additionalProperties": false, "description": "PodOS defines the OS parameters of a pod.", "properties": { "name": { @@ -1399,10 +1400,10 @@ "required": [ "name" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PodReadinessGate": { + "additionalProperties": false, "description": "PodReadinessGate contains the reference to a pod condition", "properties": { "conditionType": { @@ -1413,10 +1414,10 @@ "required": [ "conditionType" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PodResourceClaim": { + "additionalProperties": false, "description": "PodResourceClaim references exactly one ResourceClaim through a ClaimSource. It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.", "properties": { "name": { @@ -1431,10 +1432,10 @@ "required": [ "name" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PodResourceClaimStatus": { + "additionalProperties": false, "description": "PodResourceClaimStatus is stored in the PodStatus for each PodResourceClaim which references a ResourceClaimTemplate. It stores the generated name for the corresponding ResourceClaim.", "properties": { "name": { @@ -1449,10 +1450,10 @@ "required": [ "name" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PodSchedulingGate": { + "additionalProperties": false, "description": "PodSchedulingGate is associated to a Pod to guard its scheduling.", "properties": { "name": { @@ -1463,10 +1464,10 @@ "required": [ "name" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PodSecurityContext": { + "additionalProperties": false, "description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.", "properties": { "fsGroup": { @@ -1522,10 +1523,10 @@ "description": "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PodSpec": { + "additionalProperties": false, "description": "PodSpec is a description of a pod.", "properties": { "activeDeadlineSeconds": { @@ -1788,10 +1789,10 @@ "required": [ "containers" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PodStatus": { + "additionalProperties": false, "description": "PodStatus represents information about the status of a pod. Status may trail the actual state of a system, especially if the node that hosts the pod cannot contact the control plane.", "properties": { "conditions": { @@ -1904,10 +1905,10 @@ "description": "RFC 3339 date and time at which the object was acknowledged by the Kubelet. This is before the Kubelet pulled the container image(s) for the pod." } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.PreferredSchedulingTerm": { + "additionalProperties": false, "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", "properties": { "preference": { @@ -1924,10 +1925,10 @@ "weight", "preference" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.Probe": { + "additionalProperties": false, "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", "properties": { "exec": { @@ -1977,10 +1978,10 @@ "type": "integer" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.ResourceClaim": { + "additionalProperties": false, "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", "properties": { "name": { @@ -1991,10 +1992,10 @@ "required": [ "name" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.ResourceFieldSelector": { + "additionalProperties": false, "description": "ResourceFieldSelector represents container resources (cpu, memory) and their output format", "properties": { "containerName": { @@ -2014,10 +2015,10 @@ "resource" ], "type": "object", - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "io.k8s.api.core.v1.ResourceRequirements": { + "additionalProperties": false, "description": "ResourceRequirements describes the compute resource requirements.", "properties": { "claims": { @@ -2046,10 +2047,10 @@ "type": "object" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.SELinuxOptions": { + "additionalProperties": false, "description": "SELinuxOptions are the labels to be applied to the container", "properties": { "level": { @@ -2069,10 +2070,10 @@ "type": "string" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.SeccompProfile": { + "additionalProperties": false, "description": "SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set.", "properties": { "localhostProfile": { @@ -2095,10 +2096,10 @@ "localhostProfile": "LocalhostProfile" } } - ], - "additionalProperties": false + ] }, "io.k8s.api.core.v1.SecretEnvSource": { + "additionalProperties": false, "description": "SecretEnvSource selects a Secret to populate the environment variables with.\n\nThe contents of the target Secret's Data field will represent the key-value pairs as environment variables.", "properties": { "name": { @@ -2110,10 +2111,10 @@ "type": "boolean" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.SecretKeySelector": { + "additionalProperties": false, "description": "SecretKeySelector selects a key of a Secret.", "properties": { "key": { @@ -2133,10 +2134,10 @@ "key" ], "type": "object", - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "io.k8s.api.core.v1.SecretVolumeSource": { + "additionalProperties": false, "description": "Adapts a Secret into a volume.\n\nThe contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. Secret volumes support ownership management and SELinux relabeling.", "properties": { "defaultMode": { @@ -2161,10 +2162,10 @@ "type": "string" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.SecurityContext": { + "additionalProperties": false, "description": "SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.", "properties": { "allowPrivilegeEscalation": { @@ -2214,10 +2215,10 @@ "description": "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.SleepAction": { + "additionalProperties": false, "description": "SleepAction describes a \"sleep\" action.", "properties": { "seconds": { @@ -2229,10 +2230,10 @@ "required": [ "seconds" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.Sysctl": { + "additionalProperties": false, "description": "Sysctl defines a kernel parameter to be set", "properties": { "name": { @@ -2248,10 +2249,10 @@ "name", "value" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.TCPSocketAction": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -2266,10 +2267,10 @@ "required": [ "port" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.Toleration": { + "additionalProperties": false, "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", "properties": { "effect": { @@ -2294,10 +2295,10 @@ "type": "string" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.TopologySpreadConstraint": { + "additionalProperties": false, "description": "TopologySpreadConstraint specifies how to spread matching pods among the given topology.", "properties": { "labelSelector": { @@ -2344,10 +2345,10 @@ "topologyKey", "whenUnsatisfiable" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.TypedLocalObjectReference": { + "additionalProperties": false, "description": "TypedLocalObjectReference contains enough information to let you locate the typed referenced object inside the same namespace.", "properties": { "apiGroup": { @@ -2368,10 +2369,10 @@ "name" ], "type": "object", - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "io.k8s.api.core.v1.TypedObjectReference": { + "additionalProperties": false, "properties": { "apiGroup": { "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", @@ -2394,10 +2395,10 @@ "kind", "name" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.Volume": { + "additionalProperties": false, "description": "Volume represents a named volume in a pod that may be accessed by any container in the pod.", "properties": { "configMap": { @@ -2432,10 +2433,10 @@ "required": [ "name" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.VolumeDevice": { + "additionalProperties": false, "description": "volumeDevice describes a mapping of a raw block device within a container.", "properties": { "devicePath": { @@ -2451,10 +2452,10 @@ "name", "devicePath" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.VolumeMount": { + "additionalProperties": false, "description": "VolumeMount describes a mounting of a Volume within a container.", "properties": { "mountPath": { @@ -2486,10 +2487,10 @@ "name", "mountPath" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.VolumeResourceRequirements": { + "additionalProperties": false, "description": "VolumeResourceRequirements describes the storage resource requirements for a volume.", "properties": { "limits": { @@ -2507,10 +2508,10 @@ "type": "object" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.WeightedPodAffinityTerm": { + "additionalProperties": false, "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { "podAffinityTerm": { @@ -2527,10 +2528,10 @@ "weight", "podAffinityTerm" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.api.core.v1.WindowsSecurityContextOptions": { + "additionalProperties": false, "description": "WindowsSecurityContextOptions contain Windows-specific options and credentials.", "properties": { "gmsaCredentialSpec": { @@ -2550,8 +2551,10 @@ "type": "string" } }, - "type": "object", - "additionalProperties": false + "type": "object" + }, + "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1.JSONSchemaProps": { + "type": "object" }, "io.k8s.apimachinery.pkg.api.resource.Quantity": { "oneOf": [ @@ -2568,6 +2571,7 @@ "type": "object" }, "io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector": { + "additionalProperties": false, "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", "properties": { "matchExpressions": { @@ -2587,10 +2591,10 @@ } }, "type": "object", - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement": { + "additionalProperties": false, "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -2614,10 +2618,10 @@ "key", "operator" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry": { + "additionalProperties": false, "description": "ManagedFieldsEntry is a workflow-id, a FieldSet and the group version of the resource that the fieldset applies to.", "properties": { "apiVersion": { @@ -2649,10 +2653,10 @@ "description": "Time is the timestamp of when the ManagedFields entry was added. The timestamp will also be updated if a field is added, the manager changes any of the owned fields value or removes a field. The timestamp does not update when a field is removed from the entry because another manager took it over." } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta": { + "additionalProperties": false, "description": "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.", "properties": { "annotations": { @@ -2742,10 +2746,10 @@ "type": "string" } }, - "type": "object", - "additionalProperties": false + "type": "object" }, "io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference": { + "additionalProperties": false, "description": "OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.", "properties": { "apiVersion": { @@ -2780,8 +2784,7 @@ "uid" ], "type": "object", - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "io.k8s.apimachinery.pkg.apis.meta.v1.Time": { "description": "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.", @@ -2797,9 +2800,6 @@ "type": "integer" } ] - }, - "io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1.JSONSchemaProps": { - "type": "object" } } } diff --git a/src/fixtures/kubernetes/schemas/pod-v1.json b/src/fixtures/kubernetes/schemas/pod-v1.json index b9c6e63..8a72076 100644 --- a/src/fixtures/kubernetes/schemas/pod-v1.json +++ b/src/fixtures/kubernetes/schemas/pod-v1.json @@ -1,27 +1,30 @@ { + "$schema": "http://json-schema.org/draft-07/schema#", + "additionalProperties": false, "description": "Pod is a collection of containers that can run on a host. This resource is created by clients and scheduled onto hosts.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "enum": [ + "v1" + ], "type": [ "string", "null" - ], - "enum": [ - "v1" ] }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "enum": [ + "Pod" + ], "type": [ "string", "null" - ], - "enum": [ - "Pod" ] }, "metadata": { + "additionalProperties": false, "description": "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.", "properties": { "annotations": { @@ -107,6 +110,7 @@ "managedFields": { "description": "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object.", "items": { + "additionalProperties": false, "description": "ManagedFieldsEntry is a workflow-id, a FieldSet and the group version of the resource that the fieldset applies to.", "properties": { "apiVersion": { @@ -163,8 +167,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -189,6 +192,7 @@ "ownerReferences": { "description": "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.", "items": { + "additionalProperties": false, "description": "OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.", "properties": { "apiVersion": { @@ -232,8 +236,7 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "type": [ "array", @@ -271,10 +274,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "spec": { + "additionalProperties": false, "description": "PodSpec is a description of a pod.", "properties": { "activeDeadlineSeconds": { @@ -286,22 +289,27 @@ ] }, "affinity": { + "additionalProperties": false, "description": "Affinity is a group of affinity scheduling rules.", "properties": { "nodeAffinity": { + "additionalProperties": false, "description": "Node affinity is a group of node affinity scheduling rules.", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.", "items": { + "additionalProperties": false, "description": "An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", "properties": { "preference": { + "additionalProperties": false, "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", "properties": { "matchExpressions": { "description": "A list of node selector requirements by node's labels.", "items": { + "additionalProperties": false, "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -334,8 +342,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -346,6 +353,7 @@ "matchFields": { "description": "A list of node selector requirements by node's fields.", "items": { + "additionalProperties": false, "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -378,8 +386,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -389,8 +396,7 @@ } }, "type": "object", - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "weight": { "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", @@ -405,8 +411,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -415,16 +420,19 @@ "x-kubernetes-list-type": "atomic" }, "requiredDuringSchedulingIgnoredDuringExecution": { + "additionalProperties": false, "description": "A node selector represents the union of the results of one or more label queries over a set of nodes; that is, it represents the OR of the selectors represented by the node selector terms.", "properties": { "nodeSelectorTerms": { "description": "Required. A list of node selector terms. The terms are ORed.", "items": { + "additionalProperties": false, "description": "A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", "properties": { "matchExpressions": { "description": "A list of node selector requirements by node's labels.", "items": { + "additionalProperties": false, "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -457,8 +465,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -469,6 +476,7 @@ "matchFields": { "description": "A list of node selector requirements by node's fields.", "items": { + "additionalProperties": false, "description": "A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -501,8 +509,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -515,8 +522,7 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "type": "array", "x-kubernetes-list-type": "atomic" @@ -529,33 +535,36 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "podAffinity": { + "additionalProperties": false, "description": "Pod affinity is a group of inter pod affinity scheduling rules.", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", "items": { + "additionalProperties": false, "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { "podAffinityTerm": { + "additionalProperties": false, "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", "properties": { "labelSelector": { + "additionalProperties": false, "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { + "additionalProperties": false, "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -588,8 +597,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -615,8 +623,7 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", @@ -647,11 +654,13 @@ "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { + "additionalProperties": false, "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { + "additionalProperties": false, "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -684,8 +693,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -711,8 +719,7 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", @@ -736,8 +743,7 @@ "required": [ "topologyKey" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "weight": { "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", @@ -752,8 +758,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -764,14 +769,17 @@ "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", "items": { + "additionalProperties": false, "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", "properties": { "labelSelector": { + "additionalProperties": false, "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { + "additionalProperties": false, "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -804,8 +812,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -831,8 +838,7 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", @@ -863,11 +869,13 @@ "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { + "additionalProperties": false, "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { + "additionalProperties": false, "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -900,8 +908,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -927,8 +934,7 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", @@ -955,8 +961,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -968,26 +973,30 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "podAntiAffinity": { + "additionalProperties": false, "description": "Pod anti affinity is a group of inter pod anti affinity scheduling rules.", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.", "items": { + "additionalProperties": false, "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { "podAffinityTerm": { + "additionalProperties": false, "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", "properties": { "labelSelector": { + "additionalProperties": false, "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { + "additionalProperties": false, "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -1020,8 +1029,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -1047,8 +1055,7 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", @@ -1079,11 +1086,13 @@ "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { + "additionalProperties": false, "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { + "additionalProperties": false, "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -1116,8 +1125,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -1143,8 +1151,7 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", @@ -1168,8 +1175,7 @@ "required": [ "topologyKey" ], - "type": "object", - "additionalProperties": false + "type": "object" }, "weight": { "description": "weight associated with matching the corresponding podAffinityTerm, in the range 1-100.", @@ -1184,8 +1190,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -1196,14 +1201,17 @@ "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.", "items": { + "additionalProperties": false, "description": "Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running", "properties": { "labelSelector": { + "additionalProperties": false, "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { + "additionalProperties": false, "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -1236,8 +1244,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -1263,8 +1270,7 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", @@ -1295,11 +1301,13 @@ "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { + "additionalProperties": false, "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { + "additionalProperties": false, "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -1332,8 +1340,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -1359,8 +1366,7 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", @@ -1387,8 +1393,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -1400,15 +1405,13 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "automountServiceAccountToken": { "description": "AutomountServiceAccountToken indicates whether a service account token should be automatically mounted.", @@ -1420,6 +1423,7 @@ "containers": { "description": "List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated.", "items": { + "additionalProperties": false, "description": "A single application container that you want to run within a pod.", "properties": { "args": { @@ -1453,6 +1457,7 @@ "env": { "description": "List of environment variables to set in the container. Cannot be updated.", "items": { + "additionalProperties": false, "description": "EnvVar represents an environment variable present in a Container.", "properties": { "name": { @@ -1467,9 +1472,11 @@ ] }, "valueFrom": { + "additionalProperties": false, "description": "EnvVarSource represents a source for the value of an EnvVar.", "properties": { "configMapKeyRef": { + "additionalProperties": false, "description": "Selects a key from a ConfigMap.", "properties": { "key": { @@ -1498,10 +1505,10 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "fieldRef": { + "additionalProperties": false, "description": "ObjectFieldSelector selects an APIVersioned field of an object.", "properties": { "apiVersion": { @@ -1523,10 +1530,10 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "resourceFieldRef": { + "additionalProperties": false, "description": "ResourceFieldSelector represents container resources (cpu, memory) and their output format", "properties": { "containerName": { @@ -1564,10 +1571,10 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "secretKeyRef": { + "additionalProperties": false, "description": "SecretKeySelector selects a key of a Secret.", "properties": { "key": { @@ -1596,15 +1603,13 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "required": [ @@ -1613,8 +1618,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -1630,9 +1634,11 @@ "envFrom": { "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", "items": { + "additionalProperties": false, "description": "EnvFromSource represents the source of a set of ConfigMaps", "properties": { "configMapRef": { + "additionalProperties": false, "description": "ConfigMapEnvSource selects a ConfigMap to populate the environment variables with.\n\nThe contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.", "properties": { "name": { @@ -1653,8 +1659,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "prefix": { "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", @@ -1664,6 +1669,7 @@ ] }, "secretRef": { + "additionalProperties": false, "description": "SecretEnvSource selects a Secret to populate the environment variables with.\n\nThe contents of the target Secret's Data field will represent the key-value pairs as environment variables.", "properties": { "name": { @@ -1684,15 +1690,13 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -1715,12 +1719,15 @@ ] }, "lifecycle": { + "additionalProperties": false, "description": "Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.", "properties": { "postStart": { + "additionalProperties": false, "description": "LifecycleHandler defines a specific action that should be taken in a lifecycle hook. One and only one of the fields, except TCPSocket must be specified.", "properties": { "exec": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -1741,10 +1748,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "httpGet": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -1757,6 +1764,7 @@ "httpHeaders": { "description": "Custom headers to set in the request. HTTP allows repeated headers.", "items": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -1775,8 +1783,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -1821,10 +1828,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "sleep": { + "additionalProperties": false, "description": "SleepAction describes a \"sleep\" action.", "properties": { "seconds": { @@ -1839,10 +1846,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "tcpSocket": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -1875,20 +1882,20 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "preStop": { + "additionalProperties": false, "description": "LifecycleHandler defines a specific action that should be taken in a lifecycle hook. One and only one of the fields, except TCPSocket must be specified.", "properties": { "exec": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -1909,10 +1916,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "httpGet": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -1925,6 +1932,7 @@ "httpHeaders": { "description": "Custom headers to set in the request. HTTP allows repeated headers.", "items": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -1943,8 +1951,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -1989,10 +1996,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "sleep": { + "additionalProperties": false, "description": "SleepAction describes a \"sleep\" action.", "properties": { "seconds": { @@ -2007,10 +2014,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "tcpSocket": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -2043,27 +2050,26 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "livenessProbe": { + "additionalProperties": false, "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", "properties": { "exec": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -2084,8 +2090,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "failureThreshold": { "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", @@ -2096,6 +2101,7 @@ ] }, "grpc": { + "additionalProperties": false, "properties": { "port": { "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", @@ -2116,10 +2122,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "httpGet": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -2132,6 +2138,7 @@ "httpHeaders": { "description": "Custom headers to set in the request. HTTP allows repeated headers.", "items": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -2150,8 +2157,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -2196,8 +2202,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "initialDelaySeconds": { "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", @@ -2224,6 +2229,7 @@ ] }, "tcpSocket": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -2256,8 +2262,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "terminationGracePeriodSeconds": { "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", @@ -2279,8 +2284,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "name": { "description": "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.", @@ -2289,6 +2293,7 @@ "ports": { "description": "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.", "items": { + "additionalProperties": false, "description": "ContainerPort represents a network port in a single container.", "properties": { "containerPort": { @@ -2332,8 +2337,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -2348,9 +2352,11 @@ "x-kubernetes-patch-strategy": "merge" }, "readinessProbe": { + "additionalProperties": false, "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", "properties": { "exec": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -2371,8 +2377,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "failureThreshold": { "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", @@ -2383,6 +2388,7 @@ ] }, "grpc": { + "additionalProperties": false, "properties": { "port": { "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", @@ -2403,10 +2409,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "httpGet": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -2419,6 +2425,7 @@ "httpHeaders": { "description": "Custom headers to set in the request. HTTP allows repeated headers.", "items": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -2437,8 +2444,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -2483,8 +2489,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "initialDelaySeconds": { "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", @@ -2511,6 +2516,7 @@ ] }, "tcpSocket": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -2543,8 +2549,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "terminationGracePeriodSeconds": { "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", @@ -2566,12 +2571,12 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "resizePolicy": { "description": "Resources resize policy for the container.", "items": { + "additionalProperties": false, "description": "ContainerResizePolicy represents resource resize policy for the container.", "properties": { "resourceName": { @@ -2590,8 +2595,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -2600,11 +2604,13 @@ "x-kubernetes-list-type": "atomic" }, "resources": { + "additionalProperties": false, "description": "ResourceRequirements describes the compute resource requirements.", "properties": { "claims": { "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", "items": { + "additionalProperties": false, "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", "properties": { "name": { @@ -2618,8 +2624,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -2680,8 +2685,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "restartPolicy": { "description": "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", @@ -2691,6 +2695,7 @@ ] }, "securityContext": { + "additionalProperties": false, "description": "SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.", "properties": { "allowPrivilegeEscalation": { @@ -2701,6 +2706,7 @@ ] }, "capabilities": { + "additionalProperties": false, "description": "Adds and removes POSIX capabilities from running containers.", "properties": { "add": { @@ -2735,8 +2741,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "privileged": { "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", @@ -2783,6 +2788,7 @@ ] }, "seLinuxOptions": { + "additionalProperties": false, "description": "SELinuxOptions are the labels to be applied to the container", "properties": { "level": { @@ -2817,10 +2823,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "seccompProfile": { + "additionalProperties": false, "description": "SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set.", "properties": { "localhostProfile": { @@ -2849,10 +2855,10 @@ "localhostProfile": "LocalhostProfile" } } - ], - "additionalProperties": false + ] }, "windowsOptions": { + "additionalProperties": false, "description": "WindowsSecurityContextOptions contain Windows-specific options and credentials.", "properties": { "gmsaCredentialSpec": { @@ -2887,20 +2893,20 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "startupProbe": { + "additionalProperties": false, "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", "properties": { "exec": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -2921,8 +2927,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "failureThreshold": { "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", @@ -2933,6 +2938,7 @@ ] }, "grpc": { + "additionalProperties": false, "properties": { "port": { "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", @@ -2953,10 +2959,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "httpGet": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -2969,6 +2975,7 @@ "httpHeaders": { "description": "Custom headers to set in the request. HTTP allows repeated headers.", "items": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -2987,8 +2994,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -3033,8 +3039,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "initialDelaySeconds": { "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", @@ -3061,6 +3066,7 @@ ] }, "tcpSocket": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -3093,8 +3099,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "terminationGracePeriodSeconds": { "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", @@ -3116,8 +3121,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "stdin": { "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", @@ -3157,6 +3161,7 @@ "volumeDevices": { "description": "volumeDevices is the list of block devices to be used by the container.", "items": { + "additionalProperties": false, "description": "volumeDevice describes a mapping of a raw block device within a container.", "properties": { "devicePath": { @@ -3175,8 +3180,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -3192,6 +3196,7 @@ "volumeMounts": { "description": "Pod volumes to mount into the container's filesystem. Cannot be updated.", "items": { + "additionalProperties": false, "description": "VolumeMount describes a mounting of a Volume within a container.", "properties": { "mountPath": { @@ -3238,8 +3243,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -3266,8 +3270,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": "array", "x-kubernetes-list-map-keys": [ @@ -3278,6 +3281,7 @@ "x-kubernetes-patch-strategy": "merge" }, "dnsConfig": { + "additionalProperties": false, "description": "PodDNSConfig defines the DNS parameters of a pod in addition to those generated from DNSPolicy.", "properties": { "nameservers": { @@ -3297,6 +3301,7 @@ "options": { "description": "A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy.", "items": { + "additionalProperties": false, "description": "PodDNSConfigOption defines DNS resolver options of a pod.", "properties": { "name": { @@ -3316,8 +3321,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -3343,8 +3347,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "dnsPolicy": { "description": "Set DNS policy for the pod. Defaults to \"ClusterFirst\". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.", @@ -3363,6 +3366,7 @@ "ephemeralContainers": { "description": "List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing pod to perform user-initiated actions such as debugging. This list cannot be specified when creating a pod, and it cannot be modified by updating the pod spec. In order to add an ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource.", "items": { + "additionalProperties": false, "description": "An EphemeralContainer is a temporary container that you may add to an existing Pod for user-initiated activities such as debugging. Ephemeral containers have no resource or scheduling guarantees, and they will not be restarted when they exit or when a Pod is removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the Pod to exceed its resource allocation.\n\nTo add an ephemeral container, use the ephemeralcontainers subresource of an existing Pod. Ephemeral containers may not be removed or restarted.", "properties": { "args": { @@ -3396,6 +3400,7 @@ "env": { "description": "List of environment variables to set in the container. Cannot be updated.", "items": { + "additionalProperties": false, "description": "EnvVar represents an environment variable present in a Container.", "properties": { "name": { @@ -3410,9 +3415,11 @@ ] }, "valueFrom": { + "additionalProperties": false, "description": "EnvVarSource represents a source for the value of an EnvVar.", "properties": { "configMapKeyRef": { + "additionalProperties": false, "description": "Selects a key from a ConfigMap.", "properties": { "key": { @@ -3441,10 +3448,10 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "fieldRef": { + "additionalProperties": false, "description": "ObjectFieldSelector selects an APIVersioned field of an object.", "properties": { "apiVersion": { @@ -3466,10 +3473,10 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "resourceFieldRef": { + "additionalProperties": false, "description": "ResourceFieldSelector represents container resources (cpu, memory) and their output format", "properties": { "containerName": { @@ -3507,10 +3514,10 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "secretKeyRef": { + "additionalProperties": false, "description": "SecretKeySelector selects a key of a Secret.", "properties": { "key": { @@ -3539,15 +3546,13 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "required": [ @@ -3556,8 +3561,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -3573,9 +3577,11 @@ "envFrom": { "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", "items": { + "additionalProperties": false, "description": "EnvFromSource represents the source of a set of ConfigMaps", "properties": { "configMapRef": { + "additionalProperties": false, "description": "ConfigMapEnvSource selects a ConfigMap to populate the environment variables with.\n\nThe contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.", "properties": { "name": { @@ -3596,8 +3602,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "prefix": { "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", @@ -3607,6 +3612,7 @@ ] }, "secretRef": { + "additionalProperties": false, "description": "SecretEnvSource selects a Secret to populate the environment variables with.\n\nThe contents of the target Secret's Data field will represent the key-value pairs as environment variables.", "properties": { "name": { @@ -3627,15 +3633,13 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -3658,12 +3662,15 @@ ] }, "lifecycle": { + "additionalProperties": false, "description": "Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.", "properties": { "postStart": { + "additionalProperties": false, "description": "LifecycleHandler defines a specific action that should be taken in a lifecycle hook. One and only one of the fields, except TCPSocket must be specified.", "properties": { "exec": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -3684,10 +3691,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "httpGet": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -3700,6 +3707,7 @@ "httpHeaders": { "description": "Custom headers to set in the request. HTTP allows repeated headers.", "items": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -3718,8 +3726,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -3764,10 +3771,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "sleep": { + "additionalProperties": false, "description": "SleepAction describes a \"sleep\" action.", "properties": { "seconds": { @@ -3782,10 +3789,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "tcpSocket": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -3818,20 +3825,20 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "preStop": { + "additionalProperties": false, "description": "LifecycleHandler defines a specific action that should be taken in a lifecycle hook. One and only one of the fields, except TCPSocket must be specified.", "properties": { "exec": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -3852,10 +3859,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "httpGet": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -3868,6 +3875,7 @@ "httpHeaders": { "description": "Custom headers to set in the request. HTTP allows repeated headers.", "items": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -3886,8 +3894,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -3932,10 +3939,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "sleep": { + "additionalProperties": false, "description": "SleepAction describes a \"sleep\" action.", "properties": { "seconds": { @@ -3950,10 +3957,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "tcpSocket": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -3986,27 +3993,26 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "livenessProbe": { + "additionalProperties": false, "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", "properties": { "exec": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -4027,8 +4033,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "failureThreshold": { "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", @@ -4039,6 +4044,7 @@ ] }, "grpc": { + "additionalProperties": false, "properties": { "port": { "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", @@ -4059,10 +4065,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "httpGet": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -4075,6 +4081,7 @@ "httpHeaders": { "description": "Custom headers to set in the request. HTTP allows repeated headers.", "items": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -4093,8 +4100,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -4139,8 +4145,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "initialDelaySeconds": { "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", @@ -4167,6 +4172,7 @@ ] }, "tcpSocket": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -4199,8 +4205,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "terminationGracePeriodSeconds": { "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", @@ -4222,8 +4227,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "name": { "description": "Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers.", @@ -4232,6 +4236,7 @@ "ports": { "description": "Ports are not allowed for ephemeral containers.", "items": { + "additionalProperties": false, "description": "ContainerPort represents a network port in a single container.", "properties": { "containerPort": { @@ -4275,8 +4280,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -4291,9 +4295,11 @@ "x-kubernetes-patch-strategy": "merge" }, "readinessProbe": { + "additionalProperties": false, "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", "properties": { "exec": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -4314,8 +4320,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "failureThreshold": { "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", @@ -4326,6 +4331,7 @@ ] }, "grpc": { + "additionalProperties": false, "properties": { "port": { "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", @@ -4346,10 +4352,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "httpGet": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -4362,6 +4368,7 @@ "httpHeaders": { "description": "Custom headers to set in the request. HTTP allows repeated headers.", "items": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -4380,8 +4387,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -4426,8 +4432,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "initialDelaySeconds": { "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", @@ -4454,6 +4459,7 @@ ] }, "tcpSocket": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -4486,8 +4492,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "terminationGracePeriodSeconds": { "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", @@ -4509,12 +4514,12 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "resizePolicy": { "description": "Resources resize policy for the container.", "items": { + "additionalProperties": false, "description": "ContainerResizePolicy represents resource resize policy for the container.", "properties": { "resourceName": { @@ -4533,8 +4538,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -4543,11 +4547,13 @@ "x-kubernetes-list-type": "atomic" }, "resources": { + "additionalProperties": false, "description": "ResourceRequirements describes the compute resource requirements.", "properties": { "claims": { "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", "items": { + "additionalProperties": false, "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", "properties": { "name": { @@ -4561,8 +4567,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -4623,8 +4628,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "restartPolicy": { "description": "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.", @@ -4634,6 +4638,7 @@ ] }, "securityContext": { + "additionalProperties": false, "description": "SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.", "properties": { "allowPrivilegeEscalation": { @@ -4644,6 +4649,7 @@ ] }, "capabilities": { + "additionalProperties": false, "description": "Adds and removes POSIX capabilities from running containers.", "properties": { "add": { @@ -4678,8 +4684,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "privileged": { "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", @@ -4726,6 +4731,7 @@ ] }, "seLinuxOptions": { + "additionalProperties": false, "description": "SELinuxOptions are the labels to be applied to the container", "properties": { "level": { @@ -4760,10 +4766,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "seccompProfile": { + "additionalProperties": false, "description": "SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set.", "properties": { "localhostProfile": { @@ -4792,10 +4798,10 @@ "localhostProfile": "LocalhostProfile" } } - ], - "additionalProperties": false + ] }, "windowsOptions": { + "additionalProperties": false, "description": "WindowsSecurityContextOptions contain Windows-specific options and credentials.", "properties": { "gmsaCredentialSpec": { @@ -4830,20 +4836,20 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "startupProbe": { + "additionalProperties": false, "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", "properties": { "exec": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -4864,8 +4870,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "failureThreshold": { "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", @@ -4876,6 +4881,7 @@ ] }, "grpc": { + "additionalProperties": false, "properties": { "port": { "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", @@ -4896,10 +4902,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "httpGet": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -4912,6 +4918,7 @@ "httpHeaders": { "description": "Custom headers to set in the request. HTTP allows repeated headers.", "items": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -4930,8 +4937,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -4976,8 +4982,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "initialDelaySeconds": { "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", @@ -5004,6 +5009,7 @@ ] }, "tcpSocket": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -5036,8 +5042,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "terminationGracePeriodSeconds": { "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", @@ -5059,8 +5064,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "stdin": { "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", @@ -5107,6 +5111,7 @@ "volumeDevices": { "description": "volumeDevices is the list of block devices to be used by the container.", "items": { + "additionalProperties": false, "description": "volumeDevice describes a mapping of a raw block device within a container.", "properties": { "devicePath": { @@ -5125,8 +5130,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -5142,6 +5146,7 @@ "volumeMounts": { "description": "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated.", "items": { + "additionalProperties": false, "description": "VolumeMount describes a mounting of a Volume within a container.", "properties": { "mountPath": { @@ -5188,8 +5193,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -5216,8 +5220,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -5233,6 +5236,7 @@ "hostAliases": { "description": "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods.", "items": { + "additionalProperties": false, "description": "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.", "properties": { "hostnames": { @@ -5260,8 +5264,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -5312,6 +5315,7 @@ "imagePullSecrets": { "description": "ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod", "items": { + "additionalProperties": false, "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", "properties": { "name": { @@ -5326,8 +5330,7 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "type": [ "array", @@ -5343,6 +5346,7 @@ "initContainers": { "description": "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/", "items": { + "additionalProperties": false, "description": "A single application container that you want to run within a pod.", "properties": { "args": { @@ -5376,6 +5380,7 @@ "env": { "description": "List of environment variables to set in the container. Cannot be updated.", "items": { + "additionalProperties": false, "description": "EnvVar represents an environment variable present in a Container.", "properties": { "name": { @@ -5390,9 +5395,11 @@ ] }, "valueFrom": { + "additionalProperties": false, "description": "EnvVarSource represents a source for the value of an EnvVar.", "properties": { "configMapKeyRef": { + "additionalProperties": false, "description": "Selects a key from a ConfigMap.", "properties": { "key": { @@ -5421,10 +5428,10 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "fieldRef": { + "additionalProperties": false, "description": "ObjectFieldSelector selects an APIVersioned field of an object.", "properties": { "apiVersion": { @@ -5446,10 +5453,10 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "resourceFieldRef": { + "additionalProperties": false, "description": "ResourceFieldSelector represents container resources (cpu, memory) and their output format", "properties": { "containerName": { @@ -5487,10 +5494,10 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "secretKeyRef": { + "additionalProperties": false, "description": "SecretKeySelector selects a key of a Secret.", "properties": { "key": { @@ -5519,15 +5526,13 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "required": [ @@ -5536,8 +5541,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -5553,9 +5557,11 @@ "envFrom": { "description": "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.", "items": { + "additionalProperties": false, "description": "EnvFromSource represents the source of a set of ConfigMaps", "properties": { "configMapRef": { + "additionalProperties": false, "description": "ConfigMapEnvSource selects a ConfigMap to populate the environment variables with.\n\nThe contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables.", "properties": { "name": { @@ -5576,8 +5582,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "prefix": { "description": "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.", @@ -5587,6 +5592,7 @@ ] }, "secretRef": { + "additionalProperties": false, "description": "SecretEnvSource selects a Secret to populate the environment variables with.\n\nThe contents of the target Secret's Data field will represent the key-value pairs as environment variables.", "properties": { "name": { @@ -5607,15 +5613,13 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -5638,12 +5642,15 @@ ] }, "lifecycle": { + "additionalProperties": false, "description": "Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.", "properties": { "postStart": { + "additionalProperties": false, "description": "LifecycleHandler defines a specific action that should be taken in a lifecycle hook. One and only one of the fields, except TCPSocket must be specified.", "properties": { "exec": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -5664,10 +5671,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "httpGet": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -5680,6 +5687,7 @@ "httpHeaders": { "description": "Custom headers to set in the request. HTTP allows repeated headers.", "items": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -5698,8 +5706,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -5744,10 +5751,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "sleep": { + "additionalProperties": false, "description": "SleepAction describes a \"sleep\" action.", "properties": { "seconds": { @@ -5762,10 +5769,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "tcpSocket": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -5798,20 +5805,20 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "preStop": { + "additionalProperties": false, "description": "LifecycleHandler defines a specific action that should be taken in a lifecycle hook. One and only one of the fields, except TCPSocket must be specified.", "properties": { "exec": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -5832,10 +5839,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "httpGet": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -5848,6 +5855,7 @@ "httpHeaders": { "description": "Custom headers to set in the request. HTTP allows repeated headers.", "items": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -5866,8 +5874,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -5912,10 +5919,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "sleep": { + "additionalProperties": false, "description": "SleepAction describes a \"sleep\" action.", "properties": { "seconds": { @@ -5930,10 +5937,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "tcpSocket": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -5966,27 +5973,26 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "livenessProbe": { + "additionalProperties": false, "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", "properties": { "exec": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -6007,8 +6013,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "failureThreshold": { "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", @@ -6019,6 +6024,7 @@ ] }, "grpc": { + "additionalProperties": false, "properties": { "port": { "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", @@ -6039,10 +6045,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "httpGet": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -6055,6 +6061,7 @@ "httpHeaders": { "description": "Custom headers to set in the request. HTTP allows repeated headers.", "items": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -6073,8 +6080,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -6119,8 +6125,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "initialDelaySeconds": { "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", @@ -6147,6 +6152,7 @@ ] }, "tcpSocket": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -6179,8 +6185,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "terminationGracePeriodSeconds": { "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", @@ -6202,8 +6207,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "name": { "description": "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.", @@ -6212,6 +6216,7 @@ "ports": { "description": "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.", "items": { + "additionalProperties": false, "description": "ContainerPort represents a network port in a single container.", "properties": { "containerPort": { @@ -6255,8 +6260,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -6271,9 +6275,11 @@ "x-kubernetes-patch-strategy": "merge" }, "readinessProbe": { + "additionalProperties": false, "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", "properties": { "exec": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -6294,8 +6300,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "failureThreshold": { "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", @@ -6306,6 +6311,7 @@ ] }, "grpc": { + "additionalProperties": false, "properties": { "port": { "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", @@ -6326,10 +6332,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "httpGet": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -6342,6 +6348,7 @@ "httpHeaders": { "description": "Custom headers to set in the request. HTTP allows repeated headers.", "items": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -6360,8 +6367,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -6406,8 +6412,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "initialDelaySeconds": { "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", @@ -6434,6 +6439,7 @@ ] }, "tcpSocket": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -6466,8 +6472,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "terminationGracePeriodSeconds": { "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", @@ -6489,12 +6494,12 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "resizePolicy": { "description": "Resources resize policy for the container.", "items": { + "additionalProperties": false, "description": "ContainerResizePolicy represents resource resize policy for the container.", "properties": { "resourceName": { @@ -6513,8 +6518,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -6523,11 +6527,13 @@ "x-kubernetes-list-type": "atomic" }, "resources": { + "additionalProperties": false, "description": "ResourceRequirements describes the compute resource requirements.", "properties": { "claims": { "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", "items": { + "additionalProperties": false, "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", "properties": { "name": { @@ -6541,8 +6547,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -6603,8 +6608,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "restartPolicy": { "description": "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.", @@ -6614,6 +6618,7 @@ ] }, "securityContext": { + "additionalProperties": false, "description": "SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.", "properties": { "allowPrivilegeEscalation": { @@ -6624,6 +6629,7 @@ ] }, "capabilities": { + "additionalProperties": false, "description": "Adds and removes POSIX capabilities from running containers.", "properties": { "add": { @@ -6658,8 +6664,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "privileged": { "description": "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.", @@ -6706,6 +6711,7 @@ ] }, "seLinuxOptions": { + "additionalProperties": false, "description": "SELinuxOptions are the labels to be applied to the container", "properties": { "level": { @@ -6740,10 +6746,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "seccompProfile": { + "additionalProperties": false, "description": "SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set.", "properties": { "localhostProfile": { @@ -6772,10 +6778,10 @@ "localhostProfile": "LocalhostProfile" } } - ], - "additionalProperties": false + ] }, "windowsOptions": { + "additionalProperties": false, "description": "WindowsSecurityContextOptions contain Windows-specific options and credentials.", "properties": { "gmsaCredentialSpec": { @@ -6810,20 +6816,20 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "startupProbe": { + "additionalProperties": false, "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", "properties": { "exec": { + "additionalProperties": false, "description": "ExecAction describes a \"run in container\" action.", "properties": { "command": { @@ -6844,8 +6850,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "failureThreshold": { "description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.", @@ -6856,6 +6861,7 @@ ] }, "grpc": { + "additionalProperties": false, "properties": { "port": { "description": "Port number of the gRPC service. Number must be in the range 1 to 65535.", @@ -6876,10 +6882,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "httpGet": { + "additionalProperties": false, "description": "HTTPGetAction describes an action based on HTTP Get requests.", "properties": { "host": { @@ -6892,6 +6898,7 @@ "httpHeaders": { "description": "Custom headers to set in the request. HTTP allows repeated headers.", "items": { + "additionalProperties": false, "description": "HTTPHeader describes a custom header to be used in HTTP probes", "properties": { "name": { @@ -6910,8 +6917,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -6956,8 +6962,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "initialDelaySeconds": { "description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", @@ -6984,6 +6989,7 @@ ] }, "tcpSocket": { + "additionalProperties": false, "description": "TCPSocketAction describes an action based on opening a socket", "properties": { "host": { @@ -7016,8 +7022,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "terminationGracePeriodSeconds": { "description": "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.", @@ -7039,8 +7044,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "stdin": { "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", @@ -7080,6 +7084,7 @@ "volumeDevices": { "description": "volumeDevices is the list of block devices to be used by the container.", "items": { + "additionalProperties": false, "description": "volumeDevice describes a mapping of a raw block device within a container.", "properties": { "devicePath": { @@ -7098,8 +7103,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -7115,6 +7119,7 @@ "volumeMounts": { "description": "Pod volumes to mount into the container's filesystem. Cannot be updated.", "items": { + "additionalProperties": false, "description": "VolumeMount describes a mounting of a Volume within a container.", "properties": { "mountPath": { @@ -7161,8 +7166,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -7189,8 +7193,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -7225,6 +7228,7 @@ "x-kubernetes-map-type": "atomic" }, "os": { + "additionalProperties": false, "description": "PodOS defines the OS parameters of a pod.", "properties": { "name": { @@ -7238,8 +7242,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "overhead": { "additionalProperties": { @@ -7289,6 +7292,7 @@ "readinessGates": { "description": "If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to \"True\" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates", "items": { + "additionalProperties": false, "description": "PodReadinessGate contains the reference to a pod condition", "properties": { "conditionType": { @@ -7302,8 +7306,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -7314,6 +7317,7 @@ "resourceClaims": { "description": "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable.", "items": { + "additionalProperties": false, "description": "PodResourceClaim references exactly one ResourceClaim through a ClaimSource. It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name.", "properties": { "name": { @@ -7321,6 +7325,7 @@ "type": "string" }, "source": { + "additionalProperties": false, "description": "ClaimSource describes a reference to a ResourceClaim.\n\nExactly one of these fields should be set. Consumers of this type must treat an empty object as if it has an unknown value.", "properties": { "resourceClaimName": { @@ -7341,8 +7346,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "required": [ @@ -7351,8 +7355,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -7389,6 +7392,7 @@ "schedulingGates": { "description": "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod.\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards.\n\nThis is a beta feature enabled by the PodSchedulingReadiness feature gate.", "items": { + "additionalProperties": false, "description": "PodSchedulingGate is associated to a Pod to guard its scheduling.", "properties": { "name": { @@ -7402,8 +7406,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -7417,6 +7420,7 @@ "x-kubernetes-patch-strategy": "merge" }, "securityContext": { + "additionalProperties": false, "description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.", "properties": { "fsGroup": { @@ -7458,6 +7462,7 @@ ] }, "seLinuxOptions": { + "additionalProperties": false, "description": "SELinuxOptions are the labels to be applied to the container", "properties": { "level": { @@ -7492,10 +7497,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "seccompProfile": { + "additionalProperties": false, "description": "SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set.", "properties": { "localhostProfile": { @@ -7524,8 +7529,7 @@ "localhostProfile": "LocalhostProfile" } } - ], - "additionalProperties": false + ] }, "supplementalGroups": { "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.", @@ -7545,6 +7549,7 @@ "sysctls": { "description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.", "items": { + "additionalProperties": false, "description": "Sysctl defines a kernel parameter to be set", "properties": { "name": { @@ -7563,8 +7568,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -7573,6 +7577,7 @@ "x-kubernetes-list-type": "atomic" }, "windowsOptions": { + "additionalProperties": false, "description": "WindowsSecurityContextOptions contain Windows-specific options and credentials.", "properties": { "gmsaCredentialSpec": { @@ -7607,15 +7612,13 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "serviceAccount": { "description": "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.", @@ -7663,6 +7666,7 @@ "tolerations": { "description": "If specified, the pod's tolerations.", "items": { + "additionalProperties": false, "description": "The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator .", "properties": { "effect": { @@ -7705,8 +7709,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -7717,14 +7720,17 @@ "topologySpreadConstraints": { "description": "TopologySpreadConstraints describes how a group of pods ought to spread across topology domains. Scheduler will schedule pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed.", "items": { + "additionalProperties": false, "description": "TopologySpreadConstraint specifies how to spread matching pods among the given topology.", "properties": { "labelSelector": { + "additionalProperties": false, "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { + "additionalProperties": false, "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -7757,8 +7763,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -7784,8 +7789,7 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).", @@ -7845,8 +7849,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -7863,9 +7866,11 @@ "volumes": { "description": "List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes", "items": { + "additionalProperties": false, "description": "Volume represents a named volume in a pod that may be accessed by any container in the pod.", "properties": { "configMap": { + "additionalProperties": false, "description": "Adapts a ConfigMap into a volume.\n\nThe contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. ConfigMap volumes support ownership management and SELinux relabeling.", "properties": { "defaultMode": { @@ -7879,6 +7884,7 @@ "items": { "description": "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", "items": { + "additionalProperties": false, "description": "Maps a string key to a path within a volume.", "properties": { "key": { @@ -7905,8 +7911,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -7932,10 +7937,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "csi": { + "additionalProperties": false, "description": "Represents a source location of a volume to mount, managed by an external CSI driver", "properties": { "driver": { @@ -7950,6 +7955,7 @@ ] }, "nodePublishSecretRef": { + "additionalProperties": false, "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", "properties": { "name": { @@ -7964,8 +7970,7 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "readOnly": { "description": "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).", @@ -7994,10 +7999,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "emptyDir": { + "additionalProperties": false, "description": "Represents an empty directory for a pod. Empty directory volumes support ownership management and SELinux relabeling.", "properties": { "medium": { @@ -8027,16 +8032,18 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "ephemeral": { + "additionalProperties": false, "description": "Represents an ephemeral volume that is handled by a normal storage driver.", "properties": { "volumeClaimTemplate": { + "additionalProperties": false, "description": "PersistentVolumeClaimTemplate is used to produce PersistentVolumeClaim objects as part of an EphemeralVolumeSource.", "properties": { "metadata": { + "additionalProperties": false, "description": "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.", "properties": { "annotations": { @@ -8122,6 +8129,7 @@ "managedFields": { "description": "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object.", "items": { + "additionalProperties": false, "description": "ManagedFieldsEntry is a workflow-id, a FieldSet and the group version of the resource that the fieldset applies to.", "properties": { "apiVersion": { @@ -8178,8 +8186,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -8204,6 +8211,7 @@ "ownerReferences": { "description": "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.", "items": { + "additionalProperties": false, "description": "OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.", "properties": { "apiVersion": { @@ -8247,8 +8255,7 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "type": [ "array", @@ -8286,10 +8293,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "spec": { + "additionalProperties": false, "description": "PersistentVolumeClaimSpec describes the common attributes of storage devices and allows a Source for provider-specific attributes", "properties": { "accessModes": { @@ -8307,6 +8314,7 @@ "x-kubernetes-list-type": "atomic" }, "dataSource": { + "additionalProperties": false, "description": "TypedLocalObjectReference contains enough information to let you locate the typed referenced object inside the same namespace.", "properties": { "apiGroup": { @@ -8333,10 +8341,10 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "dataSourceRef": { + "additionalProperties": false, "properties": { "apiGroup": { "description": "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.", @@ -8368,10 +8376,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "resources": { + "additionalProperties": false, "description": "VolumeResourceRequirements describes the storage resource requirements for a volume.", "properties": { "limits": { @@ -8424,15 +8432,16 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "selector": { + "additionalProperties": false, "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { + "additionalProperties": false, "description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.", "properties": { "key": { @@ -8465,8 +8474,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -8492,8 +8500,7 @@ "object", "null" ], - "x-kubernetes-map-type": "atomic", - "additionalProperties": false + "x-kubernetes-map-type": "atomic" }, "storageClassName": { "description": "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1", @@ -8524,8 +8531,7 @@ ] } }, - "type": "object", - "additionalProperties": false + "type": "object" } }, "required": [ @@ -8534,17 +8540,16 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "hostPath": { + "additionalProperties": false, "description": "Represents a host path mapped into a pod. Host path volumes do not support ownership management or SELinux relabeling.", "properties": { "path": { @@ -8565,10 +8570,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "persistentVolumeClaim": { + "additionalProperties": false, "description": "PersistentVolumeClaimVolumeSource references the user's PVC in the same namespace. This volume finds the bound PV and mounts that volume for the pod. A PersistentVolumeClaimVolumeSource is, essentially, a wrapper around another type of volume that is owned by someone else (the system).", "properties": { "claimName": { @@ -8589,10 +8594,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "secret": { + "additionalProperties": false, "description": "Adapts a Secret into a volume.\n\nThe contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. Secret volumes support ownership management and SELinux relabeling.", "properties": { "defaultMode": { @@ -8606,6 +8611,7 @@ "items": { "description": "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.", "items": { + "additionalProperties": false, "description": "Maps a string key to a path within a volume.", "properties": { "key": { @@ -8632,8 +8638,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -8659,8 +8664,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "required": [ @@ -8669,8 +8673,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -8690,15 +8693,16 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "status": { + "additionalProperties": false, "description": "PodStatus represents information about the status of a pod. Status may trail the actual state of a system, especially if the node that hosts the pod cannot contact the control plane.", "properties": { "conditions": { "description": "Current service state of pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions", "items": { + "additionalProperties": false, "description": "PodCondition contains details for the current condition of this pod.", "properties": { "lastProbeTime": { @@ -8747,8 +8751,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -8764,6 +8767,7 @@ "containerStatuses": { "description": "The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", "items": { + "additionalProperties": false, "description": "ContainerStatus contains details for the current status of this container.", "properties": { "allocatedResources": { @@ -8805,9 +8809,11 @@ "type": "string" }, "lastState": { + "additionalProperties": false, "description": "ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.", "properties": { "running": { + "additionalProperties": false, "description": "ContainerStateRunning is a running state of a container.", "properties": { "startedAt": { @@ -8822,10 +8828,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "terminated": { + "additionalProperties": false, "description": "ContainerStateTerminated is a terminated state of a container.", "properties": { "containerID": { @@ -8885,10 +8891,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "waiting": { + "additionalProperties": false, "description": "ContainerStateWaiting is a waiting state of a container.", "properties": { "message": { @@ -8909,15 +8915,13 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "name": { "description": "Name is a DNS_LABEL representing the unique name of the container. Each container in a pod must have a unique name across all container types. Cannot be updated.", @@ -8928,11 +8932,13 @@ "type": "boolean" }, "resources": { + "additionalProperties": false, "description": "ResourceRequirements describes the compute resource requirements.", "properties": { "claims": { "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", "items": { + "additionalProperties": false, "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", "properties": { "name": { @@ -8946,8 +8952,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -9008,8 +9013,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "restartCount": { "description": "RestartCount holds the number of times the container has been restarted. Kubelet makes an effort to always increment the value, but there are cases when the state may be lost due to node restarts and then the value may be reset to 0. The value is never negative.", @@ -9024,9 +9028,11 @@ ] }, "state": { + "additionalProperties": false, "description": "ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.", "properties": { "running": { + "additionalProperties": false, "description": "ContainerStateRunning is a running state of a container.", "properties": { "startedAt": { @@ -9041,10 +9047,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "terminated": { + "additionalProperties": false, "description": "ContainerStateTerminated is a terminated state of a container.", "properties": { "containerID": { @@ -9104,10 +9110,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "waiting": { + "additionalProperties": false, "description": "ContainerStateWaiting is a waiting state of a container.", "properties": { "message": { @@ -9128,15 +9134,13 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "required": [ @@ -9149,8 +9153,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -9161,6 +9164,7 @@ "ephemeralContainerStatuses": { "description": "Status for any ephemeral containers that have run in this pod.", "items": { + "additionalProperties": false, "description": "ContainerStatus contains details for the current status of this container.", "properties": { "allocatedResources": { @@ -9202,9 +9206,11 @@ "type": "string" }, "lastState": { + "additionalProperties": false, "description": "ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.", "properties": { "running": { + "additionalProperties": false, "description": "ContainerStateRunning is a running state of a container.", "properties": { "startedAt": { @@ -9219,10 +9225,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "terminated": { + "additionalProperties": false, "description": "ContainerStateTerminated is a terminated state of a container.", "properties": { "containerID": { @@ -9282,10 +9288,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "waiting": { + "additionalProperties": false, "description": "ContainerStateWaiting is a waiting state of a container.", "properties": { "message": { @@ -9306,15 +9312,13 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "name": { "description": "Name is a DNS_LABEL representing the unique name of the container. Each container in a pod must have a unique name across all container types. Cannot be updated.", @@ -9325,11 +9329,13 @@ "type": "boolean" }, "resources": { + "additionalProperties": false, "description": "ResourceRequirements describes the compute resource requirements.", "properties": { "claims": { "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", "items": { + "additionalProperties": false, "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", "properties": { "name": { @@ -9343,8 +9349,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -9405,8 +9410,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "restartCount": { "description": "RestartCount holds the number of times the container has been restarted. Kubelet makes an effort to always increment the value, but there are cases when the state may be lost due to node restarts and then the value may be reset to 0. The value is never negative.", @@ -9421,9 +9425,11 @@ ] }, "state": { + "additionalProperties": false, "description": "ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.", "properties": { "running": { + "additionalProperties": false, "description": "ContainerStateRunning is a running state of a container.", "properties": { "startedAt": { @@ -9438,10 +9444,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "terminated": { + "additionalProperties": false, "description": "ContainerStateTerminated is a terminated state of a container.", "properties": { "containerID": { @@ -9501,10 +9507,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "waiting": { + "additionalProperties": false, "description": "ContainerStateWaiting is a waiting state of a container.", "properties": { "message": { @@ -9525,15 +9531,13 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "required": [ @@ -9546,8 +9550,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -9565,6 +9568,7 @@ "hostIPs": { "description": "hostIPs holds the IP addresses allocated to the host. If this field is specified, the first entry must match the hostIP field. This list is empty if the pod has not started yet. A pod can be assigned to a node that has a problem in kubelet which in turns means that HostIPs will not be updated even if there is a node is assigned to this pod.", "items": { + "additionalProperties": false, "description": "HostIP represents a single IP address allocated to the host.", "properties": { "ip": { @@ -9578,8 +9582,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -9592,6 +9595,7 @@ "initContainerStatuses": { "description": "The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", "items": { + "additionalProperties": false, "description": "ContainerStatus contains details for the current status of this container.", "properties": { "allocatedResources": { @@ -9633,9 +9637,11 @@ "type": "string" }, "lastState": { + "additionalProperties": false, "description": "ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.", "properties": { "running": { + "additionalProperties": false, "description": "ContainerStateRunning is a running state of a container.", "properties": { "startedAt": { @@ -9650,10 +9656,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "terminated": { + "additionalProperties": false, "description": "ContainerStateTerminated is a terminated state of a container.", "properties": { "containerID": { @@ -9713,10 +9719,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "waiting": { + "additionalProperties": false, "description": "ContainerStateWaiting is a waiting state of a container.", "properties": { "message": { @@ -9737,15 +9743,13 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "name": { "description": "Name is a DNS_LABEL representing the unique name of the container. Each container in a pod must have a unique name across all container types. Cannot be updated.", @@ -9756,11 +9760,13 @@ "type": "boolean" }, "resources": { + "additionalProperties": false, "description": "ResourceRequirements describes the compute resource requirements.", "properties": { "claims": { "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable. It can only be set for containers.", "items": { + "additionalProperties": false, "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", "properties": { "name": { @@ -9774,8 +9780,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -9836,8 +9841,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "restartCount": { "description": "RestartCount holds the number of times the container has been restarted. Kubelet makes an effort to always increment the value, but there are cases when the state may be lost due to node restarts and then the value may be reset to 0. The value is never negative.", @@ -9852,9 +9856,11 @@ ] }, "state": { + "additionalProperties": false, "description": "ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.", "properties": { "running": { + "additionalProperties": false, "description": "ContainerStateRunning is a running state of a container.", "properties": { "startedAt": { @@ -9869,10 +9875,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "terminated": { + "additionalProperties": false, "description": "ContainerStateTerminated is a terminated state of a container.", "properties": { "containerID": { @@ -9932,10 +9938,10 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "waiting": { + "additionalProperties": false, "description": "ContainerStateWaiting is a waiting state of a container.", "properties": { "message": { @@ -9956,15 +9962,13 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "required": [ @@ -9977,8 +9981,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -10017,6 +10020,7 @@ "podIPs": { "description": "podIPs holds the IP addresses allocated to the pod. If this field is specified, the 0th entry must match the podIP field. Pods may be allocated at most 1 value for each of IPv4 and IPv6. This list is empty if no IPs have been allocated yet.", "items": { + "additionalProperties": false, "description": "PodIP represents a single IP address allocated to the pod.", "properties": { "ip": { @@ -10030,8 +10034,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -10068,6 +10071,7 @@ "resourceClaimStatuses": { "description": "Status of resource claims.", "items": { + "additionalProperties": false, "description": "PodResourceClaimStatus is stored in the PodStatus for each PodResourceClaim which references a ResourceClaimTemplate. It stores the generated name for the corresponding ResourceClaim.", "properties": { "name": { @@ -10088,8 +10092,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] }, "type": [ "array", @@ -10114,8 +10117,7 @@ "type": [ "object", "null" - ], - "additionalProperties": false + ] } }, "type": "object", @@ -10125,7 +10127,5 @@ "kind": "Pod", "version": "v1" } - ], - "additionalProperties": false, - "$schema": "http://json-schema.org/draft-07/schema#" + ] } diff --git a/src/fixtures/oasv3/schemas/error.json b/src/fixtures/oasv3/schemas/error.json index ccc2ea5..854589a 100644 --- a/src/fixtures/oasv3/schemas/error.json +++ b/src/fixtures/oasv3/schemas/error.json @@ -1,17 +1,17 @@ { - "type": "object", - "required": [ - "code", - "message" - ], + "$schema": "http://json-schema.org/draft-07/schema#", "properties": { "code": { - "type": "integer", - "format": "int32" + "format": "int32", + "type": "integer" }, "message": { "type": "string" } }, - "$schema": "http://json-schema.org/draft-07/schema#" + "required": [ + "code", + "message" + ], + "type": "object" } diff --git a/src/fixtures/oasv3/schemas/pet.json b/src/fixtures/oasv3/schemas/pet.json index e941a9f..ed8b3e5 100644 --- a/src/fixtures/oasv3/schemas/pet.json +++ b/src/fixtures/oasv3/schemas/pet.json @@ -1,13 +1,9 @@ { - "type": "object", - "required": [ - "id", - "name" - ], + "$schema": "http://json-schema.org/draft-07/schema#", "properties": { "id": { - "type": "integer", - "format": "int64" + "format": "int64", + "type": "integer" }, "name": { "type": "string" @@ -16,5 +12,9 @@ "type": "string" } }, - "$schema": "http://json-schema.org/draft-07/schema#" + "required": [ + "id", + "name" + ], + "type": "object" } diff --git a/src/fixtures/oasv3/schemas/pets.json b/src/fixtures/oasv3/schemas/pets.json index d92ad58..64503b6 100644 --- a/src/fixtures/oasv3/schemas/pets.json +++ b/src/fixtures/oasv3/schemas/pets.json @@ -1,8 +1,8 @@ { - "type": "array", - "maxItems": 100, + "$schema": "http://json-schema.org/draft-07/schema#", "items": { "$ref": "Pet.json" }, - "$schema": "http://json-schema.org/draft-07/schema#" + "maxItems": 100, + "type": "array" } diff --git a/src/openapi2jsonschema/command.py b/src/openapi2jsonschema/command.py index 02185bf..8f17534 100644 --- a/src/openapi2jsonschema/command.py +++ b/src/openapi2jsonschema/command.py @@ -52,6 +52,15 @@ ) @click.argument("schema", metavar="SCHEMA_URL") def default(output, schema, prefix, stand_alone, expanded, kubernetes, strict): + json_encoder = json.JSONEncoder( + skipkeys=False, + ensure_ascii=True, + check_circular=True, + allow_nan=False, + sort_keys=True, + indent=2, + ) + json_validator = jsonschema.Draft7Validator """ @@ -138,7 +147,7 @@ def default(output, schema, prefix, stand_alone, expanded, kubernetes, strict): if strict: definitions = additional_properties(definitions) print( - json.dumps({"definitions": definitions}, indent=2), + json_encoder.encode({"definitions": definitions}), file=definitions_file, ) @@ -217,7 +226,10 @@ def default(output, schema, prefix, stand_alone, expanded, kubernetes, strict): "%s/%s.json" % (output, full_name), "w", newline="\n" ) as schema_file: debug("Generating %s.json" % full_name) - print(json.dumps(specification, indent=2), file=schema_file) + print( + json_encoder.encode(specification), + file=schema_file, + ) except Exception as e: error("An error occured processing %s: %s" % (kind, e)) @@ -233,7 +245,10 @@ def default(output, schema, prefix, stand_alone, expanded, kubernetes, strict): contents["oneOf"].append( {"$ref": (title.replace("#/components/schemas/", "") + ".json")} ) - print(json.dumps(contents, indent=2), file=all_file) + print( + json_encoder.encode(contents), + file=all_file, + ) if __name__ == "__main__":