6367 lines
288 KiB
YAML
6367 lines
288 KiB
YAML
---
|
|
# Source: operator/templates/gen/v1_serviceaccount_formance-controller-manager.yaml
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: rbac
|
|
app.kubernetes.io/created-by: operatorv2
|
|
app.kubernetes.io/instance: controller-manager-sa
|
|
app.kubernetes.io/managed-by: kustomize
|
|
app.kubernetes.io/name: serviceaccount
|
|
app.kubernetes.io/part-of: operatorv2
|
|
name: formance-controller-manager
|
|
namespace: "tilt-dev"
|
|
---
|
|
# Source: operator/templates/licence-secret.yaml
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: formance-operator-operator-licence
|
|
namespace: tilt-dev
|
|
labels:
|
|
formance.com/stack: any
|
|
stringData:
|
|
token:
|
|
issuer:
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_analytics.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
labels:
|
|
formance.com/is-ee: "true"
|
|
formance.com/kind: module
|
|
name: analytics.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Analytics
|
|
listKind: AnalyticsList
|
|
plural: analytics
|
|
singular: analytics
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Is ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Analytics is the Schema for the analytics API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: AnalyticsSpec defines the desired state of Analytics
|
|
properties:
|
|
debug:
|
|
default: false
|
|
description: Allow to enable debug mode on the module
|
|
type: boolean
|
|
dev:
|
|
default: false
|
|
description: |-
|
|
Allow to enable dev mode on the module
|
|
Dev mode is used to allow some application to do custom setup in development mode (allow insecure certificates for example)
|
|
type: boolean
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
version:
|
|
description:
|
|
Version allow to override global version defined at stack
|
|
level for a specific module
|
|
type: string
|
|
type: object
|
|
status:
|
|
description: AnalyticsStatus defines the observed state of Analytics
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_authclients.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
name: authclients.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: AuthClient
|
|
listKind: AuthClientList
|
|
plural: authclients
|
|
singular: authclient
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Is ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description:
|
|
AuthClient allow to create OAuth2/OIDC clients on the auth server
|
|
(see [Auth](#auth))
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
description:
|
|
description:
|
|
Description represents an optional description of the
|
|
client
|
|
type: string
|
|
id:
|
|
description: |-
|
|
ID indicates the client id
|
|
It must be used with oauth2 `client_id` parameter
|
|
type: string
|
|
postLogoutRedirectUris:
|
|
description:
|
|
RedirectUris allow to list allowed post logout redirect
|
|
uris for the client
|
|
items:
|
|
type: string
|
|
type: array
|
|
public:
|
|
default: false
|
|
description: |-
|
|
Public indicate whether a client is confidential or not.
|
|
Confidential clients are clients which the secret can be kept secret...
|
|
As opposed to public clients which cannot have a secret (application single page for example)
|
|
type: boolean
|
|
redirectUris:
|
|
description:
|
|
RedirectUris allow to list allowed redirect uris for
|
|
the client
|
|
items:
|
|
type: string
|
|
type: array
|
|
scopes:
|
|
description: Scopes allow to five some scope to the client
|
|
items:
|
|
type: string
|
|
type: array
|
|
secret:
|
|
description: |-
|
|
Secret allow to configure a secret for the client.
|
|
It is not required as some client could use some oauth2 flows which does not requires a client secret
|
|
type: string
|
|
secretFromSecret:
|
|
description: SecretKeySelector selects a key of a Secret.
|
|
properties:
|
|
key:
|
|
description:
|
|
The key of the secret to select from. Must be a
|
|
valid secret key.
|
|
type: string
|
|
name:
|
|
description: |-
|
|
Name of the referent.
|
|
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
|
TODO: Add other useful fields. apiVersion, kind, uid?
|
|
type: string
|
|
optional:
|
|
description: Specify whether the Secret or its key must be defined
|
|
type: boolean
|
|
required:
|
|
- key
|
|
type: object
|
|
x-kubernetes-map-type: atomic
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
required:
|
|
- id
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
hash:
|
|
type: string
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_auths.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
labels:
|
|
formance.com/kind: module
|
|
name: auths.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Auth
|
|
listKind: AuthList
|
|
plural: auths
|
|
singular: auth
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Synchronized auth clients
|
|
jsonPath: .status.clients
|
|
name: Clients
|
|
type: string
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Is ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: |-
|
|
Auth represent the authentication module of a stack.
|
|
|
|
|
|
It is an OIDC compliant server.
|
|
|
|
|
|
Creating it for a stack automatically add authentication on all supported modules.
|
|
|
|
|
|
The auth service is basically a proxy to another OIDC compliant server.
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
debug:
|
|
default: false
|
|
description: Allow to enable debug mode on the module
|
|
type: boolean
|
|
delegatedOIDCServer:
|
|
description:
|
|
Contains information about a delegated authentication
|
|
server to use to delegate authentication
|
|
properties:
|
|
clientID:
|
|
description: ClientID is the client id to use for authentication
|
|
type: string
|
|
clientSecret:
|
|
description: ClientSecret is the client secret to use for authentication
|
|
type: string
|
|
clientSecretFromSecret:
|
|
description:
|
|
ClientSecretFromSecret is the client secret to use
|
|
for authentication
|
|
properties:
|
|
key:
|
|
description:
|
|
The key of the secret to select from. Must be
|
|
a valid secret key.
|
|
type: string
|
|
name:
|
|
description: |-
|
|
Name of the referent.
|
|
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
|
TODO: Add other useful fields. apiVersion, kind, uid?
|
|
type: string
|
|
optional:
|
|
description:
|
|
Specify whether the Secret or its key must be
|
|
defined
|
|
type: boolean
|
|
required:
|
|
- key
|
|
type: object
|
|
x-kubernetes-map-type: atomic
|
|
issuer:
|
|
description: Issuer is the url of the delegated oidc server
|
|
type: string
|
|
type: object
|
|
dev:
|
|
default: false
|
|
description: |-
|
|
Allow to enable dev mode on the module
|
|
Dev mode is used to allow some application to do custom setup in development mode (allow insecure certificates for example)
|
|
type: boolean
|
|
enableScopes:
|
|
default: false
|
|
description: |-
|
|
Allow to enable scopes usage on authentication.
|
|
|
|
|
|
If not enabled, each service will check the authentication but will not restrict access following scopes.
|
|
in this case, if authenticated, it is ok.
|
|
type: boolean
|
|
signingKey:
|
|
description:
|
|
Allow to override the default signing key used to sign
|
|
JWT tokens.
|
|
type: string
|
|
signingKeyFromSecret:
|
|
description:
|
|
Allow to override the default signing key used to sign
|
|
JWT tokens using a k8s secret
|
|
properties:
|
|
key:
|
|
description:
|
|
The key of the secret to select from. Must be a
|
|
valid secret key.
|
|
type: string
|
|
name:
|
|
description: |-
|
|
Name of the referent.
|
|
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
|
TODO: Add other useful fields. apiVersion, kind, uid?
|
|
type: string
|
|
optional:
|
|
description: Specify whether the Secret or its key must be defined
|
|
type: boolean
|
|
required:
|
|
- key
|
|
type: object
|
|
x-kubernetes-map-type: atomic
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
version:
|
|
description:
|
|
Version allow to override global version defined at stack
|
|
level for a specific module
|
|
type: string
|
|
type: object
|
|
status:
|
|
properties:
|
|
clients:
|
|
description: Clients contains the list of clients created using [AuthClient](#authclient)
|
|
items:
|
|
type: string
|
|
type: array
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_benthos.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
name: benthos.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Benthos
|
|
listKind: BenthosList
|
|
plural: benthos
|
|
singular: benthos
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Is ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Benthos is the Schema for the benthos API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
batching:
|
|
description: Batching allow to define custom batching configuration
|
|
properties:
|
|
count:
|
|
description:
|
|
Count indicates the number of messages that can be
|
|
kept in memory before being flushed to ElasticSearch
|
|
type: integer
|
|
period:
|
|
description:
|
|
Period indicates the maximum duration messages can
|
|
be kept in memory before being flushed to ElasticSearch
|
|
type: string
|
|
required:
|
|
- count
|
|
- period
|
|
type: object
|
|
debug:
|
|
default: false
|
|
description: Allow to enable debug mode on the module
|
|
type: boolean
|
|
dev:
|
|
default: false
|
|
description: |-
|
|
Allow to enable dev mode on the module
|
|
Dev mode is used to allow some application to do custom setup in development mode (allow insecure certificates for example)
|
|
type: boolean
|
|
initContainers:
|
|
items:
|
|
description:
|
|
A single application container that you want to run
|
|
within a pod.
|
|
properties:
|
|
args:
|
|
description: |-
|
|
Arguments to the entrypoint.
|
|
The container image's CMD is used if this is not provided.
|
|
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
|
|
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
|
|
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
|
|
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
|
|
of whether the variable exists or not. Cannot be updated.
|
|
More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
|
|
items:
|
|
type: string
|
|
type: array
|
|
command:
|
|
description: |-
|
|
Entrypoint array. Not executed within a shell.
|
|
The container image's ENTRYPOINT is used if this is not provided.
|
|
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
|
|
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
|
|
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
|
|
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
|
|
of whether the variable exists or not. Cannot be updated.
|
|
More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
|
|
items:
|
|
type: string
|
|
type: array
|
|
env:
|
|
description: |-
|
|
List of environment variables to set in the container.
|
|
Cannot be updated.
|
|
items:
|
|
description:
|
|
EnvVar represents an environment variable present
|
|
in a Container.
|
|
properties:
|
|
name:
|
|
description:
|
|
Name of the environment variable. Must be
|
|
a C_IDENTIFIER.
|
|
type: string
|
|
value:
|
|
description: |-
|
|
Variable references $(VAR_NAME) are expanded
|
|
using the previously defined environment variables in the container and
|
|
any service environment variables. If a variable cannot be resolved,
|
|
the reference in the input string will be unchanged. Double $$ are reduced
|
|
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
|
|
"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
|
|
Escaped references will never be expanded, regardless of whether the variable
|
|
exists or not.
|
|
Defaults to "".
|
|
type: string
|
|
valueFrom:
|
|
description:
|
|
Source for the environment variable's value.
|
|
Cannot be used if value is not empty.
|
|
properties:
|
|
configMapKeyRef:
|
|
description: Selects a key of a ConfigMap.
|
|
properties:
|
|
key:
|
|
description: The key to select.
|
|
type: string
|
|
name:
|
|
description: |-
|
|
Name of the referent.
|
|
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
|
TODO: Add other useful fields. apiVersion, kind, uid?
|
|
type: string
|
|
optional:
|
|
description:
|
|
Specify whether the ConfigMap or
|
|
its key must be defined
|
|
type: boolean
|
|
required:
|
|
- key
|
|
type: object
|
|
x-kubernetes-map-type: atomic
|
|
fieldRef:
|
|
description: |-
|
|
Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
|
|
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
|
|
properties:
|
|
apiVersion:
|
|
description:
|
|
Version of the schema the FieldPath
|
|
is written in terms of, defaults to "v1".
|
|
type: string
|
|
fieldPath:
|
|
description:
|
|
Path of the field to select in the
|
|
specified API version.
|
|
type: string
|
|
required:
|
|
- fieldPath
|
|
type: object
|
|
x-kubernetes-map-type: atomic
|
|
resourceFieldRef:
|
|
description: |-
|
|
Selects a resource of the container: only resources limits and requests
|
|
(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
|
|
properties:
|
|
containerName:
|
|
description:
|
|
"Container name: required for volumes,
|
|
optional for env vars"
|
|
type: string
|
|
divisor:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description:
|
|
Specifies the output format of the
|
|
exposed resources, defaults to "1"
|
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
|
x-kubernetes-int-or-string: true
|
|
resource:
|
|
description: "Required: resource to select"
|
|
type: string
|
|
required:
|
|
- resource
|
|
type: object
|
|
x-kubernetes-map-type: atomic
|
|
secretKeyRef:
|
|
description:
|
|
Selects a key of a secret in the pod's
|
|
namespace
|
|
properties:
|
|
key:
|
|
description:
|
|
The key of the secret to select from. Must
|
|
be a valid secret key.
|
|
type: string
|
|
name:
|
|
description: |-
|
|
Name of the referent.
|
|
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
|
TODO: Add other useful fields. apiVersion, kind, uid?
|
|
type: string
|
|
optional:
|
|
description:
|
|
Specify whether the Secret or its
|
|
key must be defined
|
|
type: boolean
|
|
required:
|
|
- key
|
|
type: object
|
|
x-kubernetes-map-type: atomic
|
|
type: object
|
|
required:
|
|
- name
|
|
type: object
|
|
type: array
|
|
envFrom:
|
|
description: |-
|
|
List of sources to populate environment variables in the container.
|
|
The keys defined within a source must be a C_IDENTIFIER. All invalid keys
|
|
will be reported as an event when the container is starting. When a key exists in multiple
|
|
sources, the value associated with the last source will take precedence.
|
|
Values defined by an Env with a duplicate key will take precedence.
|
|
Cannot be updated.
|
|
items:
|
|
description:
|
|
EnvFromSource represents the source of a set
|
|
of ConfigMaps
|
|
properties:
|
|
configMapRef:
|
|
description: The ConfigMap to select from
|
|
properties:
|
|
name:
|
|
description: |-
|
|
Name of the referent.
|
|
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
|
TODO: Add other useful fields. apiVersion, kind, uid?
|
|
type: string
|
|
optional:
|
|
description:
|
|
Specify whether the ConfigMap must be
|
|
defined
|
|
type: boolean
|
|
type: object
|
|
x-kubernetes-map-type: atomic
|
|
prefix:
|
|
description:
|
|
An optional identifier to prepend to each
|
|
key in the ConfigMap. Must be a C_IDENTIFIER.
|
|
type: string
|
|
secretRef:
|
|
description: The Secret to select from
|
|
properties:
|
|
name:
|
|
description: |-
|
|
Name of the referent.
|
|
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
|
TODO: Add other useful fields. apiVersion, kind, uid?
|
|
type: string
|
|
optional:
|
|
description: Specify whether the Secret must be defined
|
|
type: boolean
|
|
type: object
|
|
x-kubernetes-map-type: atomic
|
|
type: object
|
|
type: array
|
|
image:
|
|
description: |-
|
|
Container image name.
|
|
More info: https://kubernetes.io/docs/concepts/containers/images
|
|
This field is optional to allow higher level config management to default or override
|
|
container images in workload controllers like Deployments and StatefulSets.
|
|
type: string
|
|
imagePullPolicy:
|
|
description: |-
|
|
Image pull policy.
|
|
One of Always, Never, IfNotPresent.
|
|
Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
|
|
Cannot be updated.
|
|
More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
|
|
type: string
|
|
lifecycle:
|
|
description: |-
|
|
Actions that the management system should take in response to container lifecycle events.
|
|
Cannot be updated.
|
|
properties:
|
|
postStart:
|
|
description: |-
|
|
PostStart is called immediately after a container is created. If the handler fails,
|
|
the container is terminated and restarted according to its restart policy.
|
|
Other management of the container blocks until the hook completes.
|
|
More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
|
|
properties:
|
|
exec:
|
|
description: Exec specifies the action to take.
|
|
properties:
|
|
command:
|
|
description: |-
|
|
Command is the command line to execute inside the container, the working directory for the
|
|
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
|
|
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
|
|
a shell, you need to explicitly call out to that shell.
|
|
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
httpGet:
|
|
description: HTTPGet specifies the http request to perform.
|
|
properties:
|
|
host:
|
|
description: |-
|
|
Host name to connect to, defaults to the pod IP. You probably want to set
|
|
"Host" in httpHeaders instead.
|
|
type: string
|
|
httpHeaders:
|
|
description:
|
|
Custom headers to set in the request.
|
|
HTTP allows repeated headers.
|
|
items:
|
|
description:
|
|
HTTPHeader describes a custom header
|
|
to be used in HTTP probes
|
|
properties:
|
|
name:
|
|
description: |-
|
|
The header field name.
|
|
This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
|
type: string
|
|
value:
|
|
description: The header field value
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
path:
|
|
description: Path to access on the HTTP server.
|
|
type: string
|
|
port:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Name or number of the port to access on the container.
|
|
Number must be in the range 1 to 65535.
|
|
Name must be an IANA_SVC_NAME.
|
|
x-kubernetes-int-or-string: true
|
|
scheme:
|
|
description: |-
|
|
Scheme to use for connecting to the host.
|
|
Defaults to HTTP.
|
|
type: string
|
|
required:
|
|
- port
|
|
type: object
|
|
sleep:
|
|
description:
|
|
Sleep represents the duration that the
|
|
container should sleep before being terminated.
|
|
properties:
|
|
seconds:
|
|
description:
|
|
Seconds is the number of seconds to
|
|
sleep.
|
|
format: int64
|
|
type: integer
|
|
required:
|
|
- seconds
|
|
type: object
|
|
tcpSocket:
|
|
description: |-
|
|
Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
|
|
for the backward compatibility. There are no validation of this field and
|
|
lifecycle hooks will fail in runtime when tcp handler is specified.
|
|
properties:
|
|
host:
|
|
description:
|
|
"Optional: Host name to connect to,
|
|
defaults to the pod IP."
|
|
type: string
|
|
port:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Number or name of the port to access on the container.
|
|
Number must be in the range 1 to 65535.
|
|
Name must be an IANA_SVC_NAME.
|
|
x-kubernetes-int-or-string: true
|
|
required:
|
|
- port
|
|
type: object
|
|
type: object
|
|
preStop:
|
|
description: |-
|
|
PreStop is called immediately before a container is terminated due to an
|
|
API request or management event such as liveness/startup probe failure,
|
|
preemption, resource contention, etc. The handler is not called if the
|
|
container crashes or exits. The Pod's termination grace period countdown begins before the
|
|
PreStop hook is executed. Regardless of the outcome of the handler, the
|
|
container will eventually terminate within the Pod's termination grace
|
|
period (unless delayed by finalizers). Other management of the container blocks until the hook completes
|
|
or until the termination grace period is reached.
|
|
More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
|
|
properties:
|
|
exec:
|
|
description: Exec specifies the action to take.
|
|
properties:
|
|
command:
|
|
description: |-
|
|
Command is the command line to execute inside the container, the working directory for the
|
|
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
|
|
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
|
|
a shell, you need to explicitly call out to that shell.
|
|
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
httpGet:
|
|
description: HTTPGet specifies the http request to perform.
|
|
properties:
|
|
host:
|
|
description: |-
|
|
Host name to connect to, defaults to the pod IP. You probably want to set
|
|
"Host" in httpHeaders instead.
|
|
type: string
|
|
httpHeaders:
|
|
description:
|
|
Custom headers to set in the request.
|
|
HTTP allows repeated headers.
|
|
items:
|
|
description:
|
|
HTTPHeader describes a custom header
|
|
to be used in HTTP probes
|
|
properties:
|
|
name:
|
|
description: |-
|
|
The header field name.
|
|
This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
|
type: string
|
|
value:
|
|
description: The header field value
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
path:
|
|
description: Path to access on the HTTP server.
|
|
type: string
|
|
port:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Name or number of the port to access on the container.
|
|
Number must be in the range 1 to 65535.
|
|
Name must be an IANA_SVC_NAME.
|
|
x-kubernetes-int-or-string: true
|
|
scheme:
|
|
description: |-
|
|
Scheme to use for connecting to the host.
|
|
Defaults to HTTP.
|
|
type: string
|
|
required:
|
|
- port
|
|
type: object
|
|
sleep:
|
|
description:
|
|
Sleep represents the duration that the
|
|
container should sleep before being terminated.
|
|
properties:
|
|
seconds:
|
|
description:
|
|
Seconds is the number of seconds to
|
|
sleep.
|
|
format: int64
|
|
type: integer
|
|
required:
|
|
- seconds
|
|
type: object
|
|
tcpSocket:
|
|
description: |-
|
|
Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept
|
|
for the backward compatibility. There are no validation of this field and
|
|
lifecycle hooks will fail in runtime when tcp handler is specified.
|
|
properties:
|
|
host:
|
|
description:
|
|
"Optional: Host name to connect to,
|
|
defaults to the pod IP."
|
|
type: string
|
|
port:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Number or name of the port to access on the container.
|
|
Number must be in the range 1 to 65535.
|
|
Name must be an IANA_SVC_NAME.
|
|
x-kubernetes-int-or-string: true
|
|
required:
|
|
- port
|
|
type: object
|
|
type: object
|
|
type: object
|
|
livenessProbe:
|
|
description: |-
|
|
Periodic probe of container liveness.
|
|
Container will be restarted if the probe fails.
|
|
Cannot be updated.
|
|
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
|
|
properties:
|
|
exec:
|
|
description: Exec specifies the action to take.
|
|
properties:
|
|
command:
|
|
description: |-
|
|
Command is the command line to execute inside the container, the working directory for the
|
|
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
|
|
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
|
|
a shell, you need to explicitly call out to that shell.
|
|
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
failureThreshold:
|
|
description: |-
|
|
Minimum consecutive failures for the probe to be considered failed after having succeeded.
|
|
Defaults to 3. Minimum value is 1.
|
|
format: int32
|
|
type: integer
|
|
grpc:
|
|
description: GRPC specifies an action involving a GRPC port.
|
|
properties:
|
|
port:
|
|
description:
|
|
Port number of the gRPC service. Number
|
|
must be in the range 1 to 65535.
|
|
format: int32
|
|
type: integer
|
|
service:
|
|
description: |-
|
|
Service is the name of the service to place in the gRPC HealthCheckRequest
|
|
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
|
|
|
|
|
|
If this is not specified, the default behavior is defined by gRPC.
|
|
type: string
|
|
required:
|
|
- port
|
|
type: object
|
|
httpGet:
|
|
description: HTTPGet specifies the http request to perform.
|
|
properties:
|
|
host:
|
|
description: |-
|
|
Host name to connect to, defaults to the pod IP. You probably want to set
|
|
"Host" in httpHeaders instead.
|
|
type: string
|
|
httpHeaders:
|
|
description:
|
|
Custom headers to set in the request. HTTP
|
|
allows repeated headers.
|
|
items:
|
|
description:
|
|
HTTPHeader describes a custom header
|
|
to be used in HTTP probes
|
|
properties:
|
|
name:
|
|
description: |-
|
|
The header field name.
|
|
This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
|
type: string
|
|
value:
|
|
description: The header field value
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
path:
|
|
description: Path to access on the HTTP server.
|
|
type: string
|
|
port:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Name or number of the port to access on the container.
|
|
Number must be in the range 1 to 65535.
|
|
Name must be an IANA_SVC_NAME.
|
|
x-kubernetes-int-or-string: true
|
|
scheme:
|
|
description: |-
|
|
Scheme to use for connecting to the host.
|
|
Defaults to HTTP.
|
|
type: string
|
|
required:
|
|
- port
|
|
type: object
|
|
initialDelaySeconds:
|
|
description: |-
|
|
Number of seconds after the container has started before liveness probes are initiated.
|
|
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
|
|
format: int32
|
|
type: integer
|
|
periodSeconds:
|
|
description: |-
|
|
How often (in seconds) to perform the probe.
|
|
Default to 10 seconds. Minimum value is 1.
|
|
format: int32
|
|
type: integer
|
|
successThreshold:
|
|
description: |-
|
|
Minimum consecutive successes for the probe to be considered successful after having failed.
|
|
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
|
|
format: int32
|
|
type: integer
|
|
tcpSocket:
|
|
description:
|
|
TCPSocket specifies an action involving a TCP
|
|
port.
|
|
properties:
|
|
host:
|
|
description:
|
|
"Optional: Host name to connect to, defaults
|
|
to the pod IP."
|
|
type: string
|
|
port:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Number or name of the port to access on the container.
|
|
Number must be in the range 1 to 65535.
|
|
Name must be an IANA_SVC_NAME.
|
|
x-kubernetes-int-or-string: true
|
|
required:
|
|
- port
|
|
type: object
|
|
terminationGracePeriodSeconds:
|
|
description: |-
|
|
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
|
|
The grace period is the duration in seconds after the processes running in the pod are sent
|
|
a termination signal and the time when the processes are forcibly halted with a kill signal.
|
|
Set this value longer than the expected cleanup time for your process.
|
|
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
|
|
value overrides the value provided by the pod spec.
|
|
Value must be non-negative integer. The value zero indicates stop immediately via
|
|
the kill signal (no opportunity to shut down).
|
|
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
|
|
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
|
|
format: int64
|
|
type: integer
|
|
timeoutSeconds:
|
|
description: |-
|
|
Number of seconds after which the probe times out.
|
|
Defaults to 1 second. Minimum value is 1.
|
|
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
name:
|
|
description: |-
|
|
Name of the container specified as a DNS_LABEL.
|
|
Each container in a pod must have a unique name (DNS_LABEL).
|
|
Cannot be updated.
|
|
type: string
|
|
ports:
|
|
description: |-
|
|
List of ports to expose from the container. Not specifying a port here
|
|
DOES NOT prevent that port from being exposed. Any port which is
|
|
listening on the default "0.0.0.0" address inside a container will be
|
|
accessible from the network.
|
|
Modifying this array with strategic merge patch may corrupt the data.
|
|
For more information See https://github.com/kubernetes/kubernetes/issues/108255.
|
|
Cannot be updated.
|
|
items:
|
|
description:
|
|
ContainerPort represents a network port in a
|
|
single container.
|
|
properties:
|
|
containerPort:
|
|
description: |-
|
|
Number of port to expose on the pod's IP address.
|
|
This must be a valid port number, 0 < x < 65536.
|
|
format: int32
|
|
type: integer
|
|
hostIP:
|
|
description: What host IP to bind the external port to.
|
|
type: string
|
|
hostPort:
|
|
description: |-
|
|
Number of port to expose on the host.
|
|
If specified, this must be a valid port number, 0 < x < 65536.
|
|
If HostNetwork is specified, this must match ContainerPort.
|
|
Most containers do not need this.
|
|
format: int32
|
|
type: integer
|
|
name:
|
|
description: |-
|
|
If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
|
|
named port in a pod must have a unique name. Name for the port that can be
|
|
referred to by services.
|
|
type: string
|
|
protocol:
|
|
default: TCP
|
|
description: |-
|
|
Protocol for port. Must be UDP, TCP, or SCTP.
|
|
Defaults to "TCP".
|
|
type: string
|
|
required:
|
|
- containerPort
|
|
type: object
|
|
type: array
|
|
x-kubernetes-list-map-keys:
|
|
- containerPort
|
|
- protocol
|
|
x-kubernetes-list-type: map
|
|
readinessProbe:
|
|
description: |-
|
|
Periodic probe of container service readiness.
|
|
Container will be removed from service endpoints if the probe fails.
|
|
Cannot be updated.
|
|
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
|
|
properties:
|
|
exec:
|
|
description: Exec specifies the action to take.
|
|
properties:
|
|
command:
|
|
description: |-
|
|
Command is the command line to execute inside the container, the working directory for the
|
|
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
|
|
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
|
|
a shell, you need to explicitly call out to that shell.
|
|
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
failureThreshold:
|
|
description: |-
|
|
Minimum consecutive failures for the probe to be considered failed after having succeeded.
|
|
Defaults to 3. Minimum value is 1.
|
|
format: int32
|
|
type: integer
|
|
grpc:
|
|
description: GRPC specifies an action involving a GRPC port.
|
|
properties:
|
|
port:
|
|
description:
|
|
Port number of the gRPC service. Number
|
|
must be in the range 1 to 65535.
|
|
format: int32
|
|
type: integer
|
|
service:
|
|
description: |-
|
|
Service is the name of the service to place in the gRPC HealthCheckRequest
|
|
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
|
|
|
|
|
|
If this is not specified, the default behavior is defined by gRPC.
|
|
type: string
|
|
required:
|
|
- port
|
|
type: object
|
|
httpGet:
|
|
description: HTTPGet specifies the http request to perform.
|
|
properties:
|
|
host:
|
|
description: |-
|
|
Host name to connect to, defaults to the pod IP. You probably want to set
|
|
"Host" in httpHeaders instead.
|
|
type: string
|
|
httpHeaders:
|
|
description:
|
|
Custom headers to set in the request. HTTP
|
|
allows repeated headers.
|
|
items:
|
|
description:
|
|
HTTPHeader describes a custom header
|
|
to be used in HTTP probes
|
|
properties:
|
|
name:
|
|
description: |-
|
|
The header field name.
|
|
This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
|
type: string
|
|
value:
|
|
description: The header field value
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
path:
|
|
description: Path to access on the HTTP server.
|
|
type: string
|
|
port:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Name or number of the port to access on the container.
|
|
Number must be in the range 1 to 65535.
|
|
Name must be an IANA_SVC_NAME.
|
|
x-kubernetes-int-or-string: true
|
|
scheme:
|
|
description: |-
|
|
Scheme to use for connecting to the host.
|
|
Defaults to HTTP.
|
|
type: string
|
|
required:
|
|
- port
|
|
type: object
|
|
initialDelaySeconds:
|
|
description: |-
|
|
Number of seconds after the container has started before liveness probes are initiated.
|
|
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
|
|
format: int32
|
|
type: integer
|
|
periodSeconds:
|
|
description: |-
|
|
How often (in seconds) to perform the probe.
|
|
Default to 10 seconds. Minimum value is 1.
|
|
format: int32
|
|
type: integer
|
|
successThreshold:
|
|
description: |-
|
|
Minimum consecutive successes for the probe to be considered successful after having failed.
|
|
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
|
|
format: int32
|
|
type: integer
|
|
tcpSocket:
|
|
description:
|
|
TCPSocket specifies an action involving a TCP
|
|
port.
|
|
properties:
|
|
host:
|
|
description:
|
|
"Optional: Host name to connect to, defaults
|
|
to the pod IP."
|
|
type: string
|
|
port:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Number or name of the port to access on the container.
|
|
Number must be in the range 1 to 65535.
|
|
Name must be an IANA_SVC_NAME.
|
|
x-kubernetes-int-or-string: true
|
|
required:
|
|
- port
|
|
type: object
|
|
terminationGracePeriodSeconds:
|
|
description: |-
|
|
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
|
|
The grace period is the duration in seconds after the processes running in the pod are sent
|
|
a termination signal and the time when the processes are forcibly halted with a kill signal.
|
|
Set this value longer than the expected cleanup time for your process.
|
|
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
|
|
value overrides the value provided by the pod spec.
|
|
Value must be non-negative integer. The value zero indicates stop immediately via
|
|
the kill signal (no opportunity to shut down).
|
|
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
|
|
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
|
|
format: int64
|
|
type: integer
|
|
timeoutSeconds:
|
|
description: |-
|
|
Number of seconds after which the probe times out.
|
|
Defaults to 1 second. Minimum value is 1.
|
|
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
resizePolicy:
|
|
description: Resources resize policy for the container.
|
|
items:
|
|
description:
|
|
ContainerResizePolicy represents resource resize
|
|
policy for the container.
|
|
properties:
|
|
resourceName:
|
|
description: |-
|
|
Name of the resource to which this resource resize policy applies.
|
|
Supported values: cpu, memory.
|
|
type: string
|
|
restartPolicy:
|
|
description: |-
|
|
Restart policy to apply when specified resource is resized.
|
|
If not specified, it defaults to NotRequired.
|
|
type: string
|
|
required:
|
|
- resourceName
|
|
- restartPolicy
|
|
type: object
|
|
type: array
|
|
x-kubernetes-list-type: atomic
|
|
resources:
|
|
description: |-
|
|
Compute Resources required by this container.
|
|
Cannot be updated.
|
|
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
|
properties:
|
|
claims:
|
|
description: |-
|
|
Claims lists the names of resources, defined in spec.resourceClaims,
|
|
that are used by this container.
|
|
|
|
|
|
This is an alpha field and requires enabling the
|
|
DynamicResourceAllocation feature gate.
|
|
|
|
|
|
This field is immutable. It can only be set for containers.
|
|
items:
|
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
|
properties:
|
|
name:
|
|
description: |-
|
|
Name must match the name of one entry in pod.spec.resourceClaims of
|
|
the Pod where this field is used. It makes that resource available
|
|
inside a container.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
type: array
|
|
x-kubernetes-list-map-keys:
|
|
- name
|
|
x-kubernetes-list-type: map
|
|
limits:
|
|
additionalProperties:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
|
x-kubernetes-int-or-string: true
|
|
description: |-
|
|
Limits describes the maximum amount of compute resources allowed.
|
|
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
|
type: object
|
|
requests:
|
|
additionalProperties:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
|
x-kubernetes-int-or-string: true
|
|
description: |-
|
|
Requests describes the minimum amount of compute resources required.
|
|
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
|
|
otherwise to an implementation-defined value. Requests cannot exceed Limits.
|
|
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
|
type: object
|
|
type: object
|
|
restartPolicy:
|
|
description: |-
|
|
RestartPolicy defines the restart behavior of individual containers in a pod.
|
|
This field may only be set for init containers, and the only allowed value is "Always".
|
|
For non-init containers or when this field is not specified,
|
|
the restart behavior is defined by the Pod's restart policy and the container type.
|
|
Setting the RestartPolicy as "Always" for the init container will have the following effect:
|
|
this init container will be continually restarted on
|
|
exit until all regular containers have terminated. Once all regular
|
|
containers have completed, all init containers with restartPolicy "Always"
|
|
will be shut down. This lifecycle differs from normal init containers and
|
|
is often referred to as a "sidecar" container. Although this init
|
|
container still starts in the init container sequence, it does not wait
|
|
for the container to complete before proceeding to the next init
|
|
container. Instead, the next init container starts immediately after this
|
|
init container is started, or after any startupProbe has successfully
|
|
completed.
|
|
type: string
|
|
securityContext:
|
|
description: |-
|
|
SecurityContext defines the security options the container should be run with.
|
|
If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
|
|
More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
|
properties:
|
|
allowPrivilegeEscalation:
|
|
description: |-
|
|
AllowPrivilegeEscalation controls whether a process can gain more
|
|
privileges than its parent process. This bool directly controls if
|
|
the no_new_privs flag will be set on the container process.
|
|
AllowPrivilegeEscalation is true always when the container is:
|
|
1) run as Privileged
|
|
2) has CAP_SYS_ADMIN
|
|
Note that this field cannot be set when spec.os.name is windows.
|
|
type: boolean
|
|
capabilities:
|
|
description: |-
|
|
The capabilities to add/drop when running containers.
|
|
Defaults to the default set of capabilities granted by the container runtime.
|
|
Note that this field cannot be set when spec.os.name is windows.
|
|
properties:
|
|
add:
|
|
description: Added capabilities
|
|
items:
|
|
description:
|
|
Capability represent POSIX capabilities
|
|
type
|
|
type: string
|
|
type: array
|
|
drop:
|
|
description: Removed capabilities
|
|
items:
|
|
description:
|
|
Capability represent POSIX capabilities
|
|
type
|
|
type: string
|
|
type: array
|
|
type: object
|
|
privileged:
|
|
description: |-
|
|
Run container in privileged mode.
|
|
Processes in privileged containers are essentially equivalent to root on the host.
|
|
Defaults to false.
|
|
Note that this field cannot be set when spec.os.name is windows.
|
|
type: boolean
|
|
procMount:
|
|
description: |-
|
|
procMount denotes the type of proc mount to use for the containers.
|
|
The default is DefaultProcMount which uses the container runtime defaults for
|
|
readonly paths and masked paths.
|
|
This requires the ProcMountType feature flag to be enabled.
|
|
Note that this field cannot be set when spec.os.name is windows.
|
|
type: string
|
|
readOnlyRootFilesystem:
|
|
description: |-
|
|
Whether this container has a read-only root filesystem.
|
|
Default is false.
|
|
Note that this field cannot be set when spec.os.name is windows.
|
|
type: boolean
|
|
runAsGroup:
|
|
description: |-
|
|
The GID to run the entrypoint of the container process.
|
|
Uses runtime default if unset.
|
|
May also be set in PodSecurityContext. If set in both SecurityContext and
|
|
PodSecurityContext, the value specified in SecurityContext takes precedence.
|
|
Note that this field cannot be set when spec.os.name is windows.
|
|
format: int64
|
|
type: integer
|
|
runAsNonRoot:
|
|
description: |-
|
|
Indicates that the container must run as a non-root user.
|
|
If true, the Kubelet will validate the image at runtime to ensure that it
|
|
does not run as UID 0 (root) and fail to start the container if it does.
|
|
If unset or false, no such validation will be performed.
|
|
May also be set in PodSecurityContext. If set in both SecurityContext and
|
|
PodSecurityContext, the value specified in SecurityContext takes precedence.
|
|
type: boolean
|
|
runAsUser:
|
|
description: |-
|
|
The UID to run the entrypoint of the container process.
|
|
Defaults to user specified in image metadata if unspecified.
|
|
May also be set in PodSecurityContext. If set in both SecurityContext and
|
|
PodSecurityContext, the value specified in SecurityContext takes precedence.
|
|
Note that this field cannot be set when spec.os.name is windows.
|
|
format: int64
|
|
type: integer
|
|
seLinuxOptions:
|
|
description: |-
|
|
The SELinux context to be applied to the container.
|
|
If unspecified, the container runtime will allocate a random SELinux context for each
|
|
container. May also be set in PodSecurityContext. If set in both SecurityContext and
|
|
PodSecurityContext, the value specified in SecurityContext takes precedence.
|
|
Note that this field cannot be set when spec.os.name is windows.
|
|
properties:
|
|
level:
|
|
description:
|
|
Level is SELinux level label that applies
|
|
to the container.
|
|
type: string
|
|
role:
|
|
description:
|
|
Role is a SELinux role label that applies
|
|
to the container.
|
|
type: string
|
|
type:
|
|
description:
|
|
Type is a SELinux type label that applies
|
|
to the container.
|
|
type: string
|
|
user:
|
|
description:
|
|
User is a SELinux user label that applies
|
|
to the container.
|
|
type: string
|
|
type: object
|
|
seccompProfile:
|
|
description: |-
|
|
The seccomp options to use by this container. If seccomp options are
|
|
provided at both the pod & container level, the container options
|
|
override the pod options.
|
|
Note that this field cannot be set when spec.os.name is windows.
|
|
properties:
|
|
localhostProfile:
|
|
description: |-
|
|
localhostProfile indicates a profile defined in a file on the node should be used.
|
|
The profile must be preconfigured on the node to work.
|
|
Must be a descending path, relative to the kubelet's configured seccomp profile location.
|
|
Must be set if type is "Localhost". Must NOT be set for any other type.
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type indicates which kind of seccomp profile will be applied.
|
|
Valid options are:
|
|
|
|
|
|
Localhost - a profile defined in a file on the node should be used.
|
|
RuntimeDefault - the container runtime default profile should be used.
|
|
Unconfined - no profile should be applied.
|
|
type: string
|
|
required:
|
|
- type
|
|
type: object
|
|
windowsOptions:
|
|
description: |-
|
|
The Windows specific settings applied to all containers.
|
|
If unspecified, the options from the PodSecurityContext will be used.
|
|
If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
|
Note that this field cannot be set when spec.os.name is linux.
|
|
properties:
|
|
gmsaCredentialSpec:
|
|
description: |-
|
|
GMSACredentialSpec is where the GMSA admission webhook
|
|
(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
|
|
GMSA credential spec named by the GMSACredentialSpecName field.
|
|
type: string
|
|
gmsaCredentialSpecName:
|
|
description:
|
|
GMSACredentialSpecName is the name of the
|
|
GMSA credential spec to use.
|
|
type: string
|
|
hostProcess:
|
|
description: |-
|
|
HostProcess determines if a container should be run as a 'Host Process' container.
|
|
All of a Pod's containers must have the same effective HostProcess value
|
|
(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
|
|
In addition, if HostProcess is true then HostNetwork must also be set to true.
|
|
type: boolean
|
|
runAsUserName:
|
|
description: |-
|
|
The UserName in Windows to run the entrypoint of the container process.
|
|
Defaults to the user specified in image metadata if unspecified.
|
|
May also be set in PodSecurityContext. If set in both SecurityContext and
|
|
PodSecurityContext, the value specified in SecurityContext takes precedence.
|
|
type: string
|
|
type: object
|
|
type: object
|
|
startupProbe:
|
|
description: |-
|
|
StartupProbe indicates that the Pod has successfully initialized.
|
|
If specified, no other probes are executed until this completes successfully.
|
|
If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
|
|
This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
|
|
when it might take a long time to load data or warm a cache, than during steady-state operation.
|
|
This cannot be updated.
|
|
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
|
|
properties:
|
|
exec:
|
|
description: Exec specifies the action to take.
|
|
properties:
|
|
command:
|
|
description: |-
|
|
Command is the command line to execute inside the container, the working directory for the
|
|
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
|
|
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
|
|
a shell, you need to explicitly call out to that shell.
|
|
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
failureThreshold:
|
|
description: |-
|
|
Minimum consecutive failures for the probe to be considered failed after having succeeded.
|
|
Defaults to 3. Minimum value is 1.
|
|
format: int32
|
|
type: integer
|
|
grpc:
|
|
description: GRPC specifies an action involving a GRPC port.
|
|
properties:
|
|
port:
|
|
description:
|
|
Port number of the gRPC service. Number
|
|
must be in the range 1 to 65535.
|
|
format: int32
|
|
type: integer
|
|
service:
|
|
description: |-
|
|
Service is the name of the service to place in the gRPC HealthCheckRequest
|
|
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
|
|
|
|
|
|
If this is not specified, the default behavior is defined by gRPC.
|
|
type: string
|
|
required:
|
|
- port
|
|
type: object
|
|
httpGet:
|
|
description: HTTPGet specifies the http request to perform.
|
|
properties:
|
|
host:
|
|
description: |-
|
|
Host name to connect to, defaults to the pod IP. You probably want to set
|
|
"Host" in httpHeaders instead.
|
|
type: string
|
|
httpHeaders:
|
|
description:
|
|
Custom headers to set in the request. HTTP
|
|
allows repeated headers.
|
|
items:
|
|
description:
|
|
HTTPHeader describes a custom header
|
|
to be used in HTTP probes
|
|
properties:
|
|
name:
|
|
description: |-
|
|
The header field name.
|
|
This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
|
type: string
|
|
value:
|
|
description: The header field value
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
path:
|
|
description: Path to access on the HTTP server.
|
|
type: string
|
|
port:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Name or number of the port to access on the container.
|
|
Number must be in the range 1 to 65535.
|
|
Name must be an IANA_SVC_NAME.
|
|
x-kubernetes-int-or-string: true
|
|
scheme:
|
|
description: |-
|
|
Scheme to use for connecting to the host.
|
|
Defaults to HTTP.
|
|
type: string
|
|
required:
|
|
- port
|
|
type: object
|
|
initialDelaySeconds:
|
|
description: |-
|
|
Number of seconds after the container has started before liveness probes are initiated.
|
|
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
|
|
format: int32
|
|
type: integer
|
|
periodSeconds:
|
|
description: |-
|
|
How often (in seconds) to perform the probe.
|
|
Default to 10 seconds. Minimum value is 1.
|
|
format: int32
|
|
type: integer
|
|
successThreshold:
|
|
description: |-
|
|
Minimum consecutive successes for the probe to be considered successful after having failed.
|
|
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
|
|
format: int32
|
|
type: integer
|
|
tcpSocket:
|
|
description:
|
|
TCPSocket specifies an action involving a TCP
|
|
port.
|
|
properties:
|
|
host:
|
|
description:
|
|
"Optional: Host name to connect to, defaults
|
|
to the pod IP."
|
|
type: string
|
|
port:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Number or name of the port to access on the container.
|
|
Number must be in the range 1 to 65535.
|
|
Name must be an IANA_SVC_NAME.
|
|
x-kubernetes-int-or-string: true
|
|
required:
|
|
- port
|
|
type: object
|
|
terminationGracePeriodSeconds:
|
|
description: |-
|
|
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
|
|
The grace period is the duration in seconds after the processes running in the pod are sent
|
|
a termination signal and the time when the processes are forcibly halted with a kill signal.
|
|
Set this value longer than the expected cleanup time for your process.
|
|
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
|
|
value overrides the value provided by the pod spec.
|
|
Value must be non-negative integer. The value zero indicates stop immediately via
|
|
the kill signal (no opportunity to shut down).
|
|
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
|
|
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
|
|
format: int64
|
|
type: integer
|
|
timeoutSeconds:
|
|
description: |-
|
|
Number of seconds after which the probe times out.
|
|
Defaults to 1 second. Minimum value is 1.
|
|
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
stdin:
|
|
description: |-
|
|
Whether this container should allocate a buffer for stdin in the container runtime. If this
|
|
is not set, reads from stdin in the container will always result in EOF.
|
|
Default is false.
|
|
type: boolean
|
|
stdinOnce:
|
|
description: |-
|
|
Whether the container runtime should close the stdin channel after it has been opened by
|
|
a single attach. When stdin is true the stdin stream will remain open across multiple attach
|
|
sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
|
|
first client attaches to stdin, and then remains open and accepts data until the client disconnects,
|
|
at which time stdin is closed and remains closed until the container is restarted. If this
|
|
flag is false, a container processes that reads from stdin will never receive an EOF.
|
|
Default is false
|
|
type: boolean
|
|
terminationMessagePath:
|
|
description: |-
|
|
Optional: Path at which the file to which the container's termination message
|
|
will be written is mounted into the container's filesystem.
|
|
Message written is intended to be brief final status, such as an assertion failure message.
|
|
Will be truncated by the node if greater than 4096 bytes. The total message length across
|
|
all containers will be limited to 12kb.
|
|
Defaults to /dev/termination-log.
|
|
Cannot be updated.
|
|
type: string
|
|
terminationMessagePolicy:
|
|
description: |-
|
|
Indicate how the termination message should be populated. File will use the contents of
|
|
terminationMessagePath to populate the container status message on both success and failure.
|
|
FallbackToLogsOnError will use the last chunk of container log output if the termination
|
|
message file is empty and the container exited with an error.
|
|
The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
|
|
Defaults to File.
|
|
Cannot be updated.
|
|
type: string
|
|
tty:
|
|
description: |-
|
|
Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
|
|
Default is false.
|
|
type: boolean
|
|
volumeDevices:
|
|
description:
|
|
volumeDevices is the list of block devices to be
|
|
used by the container.
|
|
items:
|
|
description:
|
|
volumeDevice describes a mapping of a raw block
|
|
device within a container.
|
|
properties:
|
|
devicePath:
|
|
description:
|
|
devicePath is the path inside of the container
|
|
that the device will be mapped to.
|
|
type: string
|
|
name:
|
|
description:
|
|
name must match the name of a persistentVolumeClaim
|
|
in the pod
|
|
type: string
|
|
required:
|
|
- devicePath
|
|
- name
|
|
type: object
|
|
type: array
|
|
volumeMounts:
|
|
description: |-
|
|
Pod volumes to mount into the container's filesystem.
|
|
Cannot be updated.
|
|
items:
|
|
description:
|
|
VolumeMount describes a mounting of a Volume
|
|
within a container.
|
|
properties:
|
|
mountPath:
|
|
description: |-
|
|
Path within the container at which the volume should be mounted. Must
|
|
not contain ':'.
|
|
type: string
|
|
mountPropagation:
|
|
description: |-
|
|
mountPropagation determines how mounts are propagated from the host
|
|
to container and the other way around.
|
|
When not set, MountPropagationNone is used.
|
|
This field is beta in 1.10.
|
|
type: string
|
|
name:
|
|
description: This must match the Name of a Volume.
|
|
type: string
|
|
readOnly:
|
|
description: |-
|
|
Mounted read-only if true, read-write otherwise (false or unspecified).
|
|
Defaults to false.
|
|
type: boolean
|
|
subPath:
|
|
description: |-
|
|
Path within the volume from which the container's volume should be mounted.
|
|
Defaults to "" (volume's root).
|
|
type: string
|
|
subPathExpr:
|
|
description: |-
|
|
Expanded path within the volume from which the container's volume should be mounted.
|
|
Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
|
|
Defaults to "" (volume's root).
|
|
SubPathExpr and SubPath are mutually exclusive.
|
|
type: string
|
|
required:
|
|
- mountPath
|
|
- name
|
|
type: object
|
|
type: array
|
|
workingDir:
|
|
description: |-
|
|
Container's working directory.
|
|
If not specified, the container runtime's default will be used, which
|
|
might be configured in the container image.
|
|
Cannot be updated.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
type: array
|
|
resourceRequirements:
|
|
description: ResourceRequirements describes the compute resource requirements.
|
|
properties:
|
|
claims:
|
|
description: |-
|
|
Claims lists the names of resources, defined in spec.resourceClaims,
|
|
that are used by this container.
|
|
|
|
|
|
This is an alpha field and requires enabling the
|
|
DynamicResourceAllocation feature gate.
|
|
|
|
|
|
This field is immutable. It can only be set for containers.
|
|
items:
|
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
|
properties:
|
|
name:
|
|
description: |-
|
|
Name must match the name of one entry in pod.spec.resourceClaims of
|
|
the Pod where this field is used. It makes that resource available
|
|
inside a container.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
type: array
|
|
x-kubernetes-list-map-keys:
|
|
- name
|
|
x-kubernetes-list-type: map
|
|
limits:
|
|
additionalProperties:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
|
x-kubernetes-int-or-string: true
|
|
description: |-
|
|
Limits describes the maximum amount of compute resources allowed.
|
|
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
|
type: object
|
|
requests:
|
|
additionalProperties:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
|
x-kubernetes-int-or-string: true
|
|
description: |-
|
|
Requests describes the minimum amount of compute resources required.
|
|
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
|
|
otherwise to an implementation-defined value. Requests cannot exceed Limits.
|
|
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
|
type: object
|
|
type: object
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
elasticSearchURI:
|
|
type: string
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_benthosstreams.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
name: benthosstreams.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: BenthosStream
|
|
listKind: BenthosStreamList
|
|
plural: benthosstreams
|
|
singular: benthosstream
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: BenthosStream is the Schema for the benthosstreams API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
data:
|
|
type: string
|
|
name:
|
|
type: string
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
required:
|
|
- data
|
|
- name
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_brokerconsumers.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
name: brokerconsumers.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: BrokerConsumer
|
|
listKind: BrokerConsumerList
|
|
plural: brokerconsumers
|
|
singular: brokerconsumer
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Listened services
|
|
jsonPath: .spec.services
|
|
name: Services
|
|
type: string
|
|
- description: Ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: BrokerConsumer is the Schema for the brokerconsumers API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
name:
|
|
description: |-
|
|
As the name is optional, if not provided, the name will be the QueriedBy property
|
|
This is only applied when using one stream by stack see Mode
|
|
type: string
|
|
queriedBy:
|
|
type: string
|
|
services:
|
|
items:
|
|
type: string
|
|
type: array
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
required:
|
|
- queriedBy
|
|
- services
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_brokers.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
name: brokers.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Broker
|
|
listKind: BrokerList
|
|
plural: brokers
|
|
singular: broker
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Mode
|
|
jsonPath: .status.mode
|
|
name: Mode
|
|
type: string
|
|
- description: Ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Broker is the Schema for the brokers API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
mode:
|
|
description: |-
|
|
Mode indicating the configuration of the nats streams
|
|
Two modes are defined :
|
|
* OneStreamByService: In this case, each service will have a dedicated stream created
|
|
* OneStreamByStack: In this case, a stream will be created for the stack and each service will use a specific subject inside this stream
|
|
enum:
|
|
- OneStreamByService
|
|
- OneStreamByStack
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
streams:
|
|
description: Streams list streams created when Mode == ModeOneStreamByService
|
|
items:
|
|
type: string
|
|
type: array
|
|
uri:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_brokertopics.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
name: brokertopics.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: BrokerTopic
|
|
listKind: BrokerTopicList
|
|
plural: brokertopics
|
|
singular: brokertopic
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: BrokerTopic is the Schema for the brokertopics API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
service:
|
|
type: string
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
required:
|
|
- service
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_databases.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
name: databases.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Database
|
|
listKind: DatabaseList
|
|
plural: databases
|
|
singular: database
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Is the databse configuration out of sync
|
|
jsonPath: .status.outOfSync
|
|
name: Out of sync
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: |-
|
|
Database represent a concrete database on a PostgreSQL server, it is created by modules requiring a database ([Ledger](#ledger) for example).
|
|
|
|
|
|
It uses the settings `postgres.<module-name>.uri` which must have the following uri format: `postgresql://[<username>@<password>]@<host>/<db-name>`
|
|
Additionally, the uri can define a query param `secret` indicating a k8s secret, than must be used to retrieve database credentials.
|
|
|
|
|
|
On creation, the reconciler behind the Database object will create the database on the postgresql server using a k8s job.
|
|
On Deletion, by default, the reconciler will let the database untouched.
|
|
You can allow the reconciler to drop the database on the server by using the [Settings](#settings) `clear-database` with the value `true`.
|
|
If you use that setting, the reconciler will use another job to drop the database.
|
|
Be careful, no backup are performed!
|
|
|
|
|
|
Database resource honors `aws.service-account` setting, so, you can create databases on an AWS server if you need.
|
|
See [AWS accounts](#aws-account)
|
|
|
|
|
|
Once a database is fully configured, it retains the postgres uri used.
|
|
If the setting indicating the server uri changed, the Database object will set the field `.status.outOfSync` to true
|
|
and will not change anything.
|
|
|
|
|
|
Therefore, to switch to a new server, you must change the setting value, then drop the Database object.
|
|
It will be recreated with correct uri.
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
debug:
|
|
default: false
|
|
type: boolean
|
|
service:
|
|
description: |-
|
|
Service is a discriminator for the created database.
|
|
Actually, it will be the module name (ledger, payments...).
|
|
Therefore, the created database will be named `<stack-name><service>`
|
|
type: string
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
required:
|
|
- service
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
database:
|
|
description: The generated database name
|
|
type: string
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
outOfSync:
|
|
description: |-
|
|
OutOfSync indicates than a settings changed the uri of the postgres server
|
|
The Database object need to be removed to be recreated
|
|
type: boolean
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
uri:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_gatewayhttpapis.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
name: gatewayhttpapis.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: GatewayHTTPAPI
|
|
listKind: GatewayHTTPAPIList
|
|
plural: gatewayhttpapis
|
|
singular: gatewayhttpapi
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: GatewayHTTPAPI is the Schema for the HTTPAPIs API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
healthCheckEndpoint:
|
|
description: Health check endpoint
|
|
type: string
|
|
name:
|
|
description: Name indicates prefix api
|
|
type: string
|
|
rules:
|
|
description: Rules
|
|
items:
|
|
properties:
|
|
methods:
|
|
items:
|
|
type: string
|
|
type: array
|
|
path:
|
|
type: string
|
|
secured:
|
|
default: false
|
|
type: boolean
|
|
required:
|
|
- path
|
|
type: object
|
|
type: array
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
required:
|
|
- name
|
|
- rules
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_gateways.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
labels:
|
|
formance.com/kind: module
|
|
name: gateways.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Gateway
|
|
listKind: GatewayList
|
|
plural: gateways
|
|
singular: gateway
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Synchronized http apis
|
|
jsonPath: .status.syncHTTPAPIs
|
|
name: HTTP APIs
|
|
type: string
|
|
- description: Is ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Gateway is the Schema for the gateways API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
debug:
|
|
default: false
|
|
description: Allow to enable debug mode on the module
|
|
type: boolean
|
|
dev:
|
|
default: false
|
|
description: |-
|
|
Allow to enable dev mode on the module
|
|
Dev mode is used to allow some application to do custom setup in development mode (allow insecure certificates for example)
|
|
type: boolean
|
|
ingress:
|
|
description: Allow to customize the generated ingress
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
description: Custom annotations to add on the ingress
|
|
type: object
|
|
host:
|
|
description: |-
|
|
Indicates the hostname on which the stack will be served.
|
|
Example : `formance.example.com`
|
|
type: string
|
|
ingressClassName:
|
|
description: Ingress class to use
|
|
type: string
|
|
scheme:
|
|
default: https
|
|
description: |-
|
|
Indicate the scheme.
|
|
|
|
|
|
Actually, It should be `https` unless you know what you are doing.
|
|
type: string
|
|
tls:
|
|
description: Allow to customize the tls part of the ingress
|
|
properties:
|
|
secretName:
|
|
description:
|
|
Specify the secret name used for the tls configuration
|
|
on the ingress
|
|
type: string
|
|
required:
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- host
|
|
- scheme
|
|
type: object
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
version:
|
|
description:
|
|
Version allow to override global version defined at stack
|
|
level for a specific module
|
|
type: string
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
syncHTTPAPIs:
|
|
description: Detected http apis. See [GatewayHTTPAPI](#gatewayhttpapi)
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_ledgers.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
labels:
|
|
formance.com/kind: module
|
|
name: ledgers.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Ledger
|
|
listKind: LedgerList
|
|
plural: ledgers
|
|
singular: ledger
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Is ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: |-
|
|
Ledger is the module allowing to install a ledger instance.
|
|
|
|
|
|
The ledger is actually a stateful application on the writer part.
|
|
So we cannot scale the ledger as we want without prior configuration.
|
|
|
|
|
|
So, the ledger can run in two modes :
|
|
* single instance: Only one instance will be deployed. We cannot scale in that mode.
|
|
* single writer / multiple reader: In this mode, we will have a single writer and multiple readers if needed.
|
|
|
|
|
|
Use setting `ledger.deployment-strategy` with either the value :
|
|
- single : For the single instance mode.
|
|
- single-writer: For the single writer / multiple reader mode.
|
|
Under the hood, the operator create two deployments and force the scaling of the writer to stay at 1.
|
|
Then you can scale the deployment of the reader to the value you want.
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
auth:
|
|
properties:
|
|
checkScopes:
|
|
type: boolean
|
|
readKeySetMaxRetries:
|
|
type: integer
|
|
type: object
|
|
debug:
|
|
default: false
|
|
description: Allow to enable debug mode on the module
|
|
type: boolean
|
|
deploymentStrategy:
|
|
default: single
|
|
description: Deprecated.
|
|
type: string
|
|
dev:
|
|
default: false
|
|
description: |-
|
|
Allow to enable dev mode on the module
|
|
Dev mode is used to allow some application to do custom setup in development mode (allow insecure certificates for example)
|
|
type: boolean
|
|
locking:
|
|
description: Locking is intended for ledger v1 only
|
|
properties:
|
|
redis:
|
|
properties:
|
|
duration:
|
|
description: |-
|
|
A Duration represents the elapsed time between two instants
|
|
as an int64 nanosecond count. The representation limits the
|
|
largest representable duration to approximately 290 years.
|
|
format: int64
|
|
type: integer
|
|
insecure:
|
|
default: false
|
|
type: boolean
|
|
retry:
|
|
description: |-
|
|
A Duration represents the elapsed time between two instants
|
|
as an int64 nanosecond count. The representation limits the
|
|
largest representable duration to approximately 290 years.
|
|
format: int64
|
|
type: integer
|
|
tls:
|
|
default: false
|
|
type: boolean
|
|
uri:
|
|
type: string
|
|
type: object
|
|
strategy:
|
|
default: memory
|
|
type: string
|
|
type: object
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
version:
|
|
description:
|
|
Version allow to override global version defined at stack
|
|
level for a specific module
|
|
type: string
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_orchestrations.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
labels:
|
|
formance.com/is-ee: "true"
|
|
formance.com/kind: module
|
|
name: orchestrations.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Orchestration
|
|
listKind: OrchestrationList
|
|
plural: orchestrations
|
|
singular: orchestration
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Is ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Orchestration is the Schema for the orchestrations API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
auth:
|
|
properties:
|
|
checkScopes:
|
|
type: boolean
|
|
readKeySetMaxRetries:
|
|
type: integer
|
|
type: object
|
|
debug:
|
|
default: false
|
|
description: Allow to enable debug mode on the module
|
|
type: boolean
|
|
dev:
|
|
default: false
|
|
description: |-
|
|
Allow to enable dev mode on the module
|
|
Dev mode is used to allow some application to do custom setup in development mode (allow insecure certificates for example)
|
|
type: boolean
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
version:
|
|
description:
|
|
Version allow to override global version defined at stack
|
|
level for a specific module
|
|
type: string
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
temporalURI:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_payments.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
labels:
|
|
formance.com/kind: module
|
|
name: payments.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Payments
|
|
listKind: PaymentsList
|
|
plural: payments
|
|
singular: payments
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Is ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Payments is the Schema for the payments API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
auth:
|
|
properties:
|
|
checkScopes:
|
|
type: boolean
|
|
readKeySetMaxRetries:
|
|
type: integer
|
|
type: object
|
|
debug:
|
|
default: false
|
|
description: Allow to enable debug mode on the module
|
|
type: boolean
|
|
dev:
|
|
default: false
|
|
description: |-
|
|
Allow to enable dev mode on the module
|
|
Dev mode is used to allow some application to do custom setup in development mode (allow insecure certificates for example)
|
|
type: boolean
|
|
encryptionKey:
|
|
type: string
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
version:
|
|
description:
|
|
Version allow to override global version defined at stack
|
|
level for a specific module
|
|
type: string
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_reconciliations.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
labels:
|
|
formance.com/is-ee: "true"
|
|
formance.com/kind: module
|
|
name: reconciliations.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Reconciliation
|
|
listKind: ReconciliationList
|
|
plural: reconciliations
|
|
singular: reconciliation
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Is ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Reconciliation is the Schema for the reconciliations API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
auth:
|
|
properties:
|
|
checkScopes:
|
|
type: boolean
|
|
readKeySetMaxRetries:
|
|
type: integer
|
|
type: object
|
|
debug:
|
|
default: false
|
|
description: Allow to enable debug mode on the module
|
|
type: boolean
|
|
dev:
|
|
default: false
|
|
description: |-
|
|
Allow to enable dev mode on the module
|
|
Dev mode is used to allow some application to do custom setup in development mode (allow insecure certificates for example)
|
|
type: boolean
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
version:
|
|
description:
|
|
Version allow to override global version defined at stack
|
|
level for a specific module
|
|
type: string
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_resourcereferences.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
name: resourcereferences.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: ResourceReference
|
|
listKind: ResourceReferenceList
|
|
plural: resourcereferences
|
|
singular: resourcereference
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
- description: Is ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description:
|
|
"ResourceReference is a special resources used to refer to externally
|
|
created resources.\n\n\nIt includes k8s service accounts and secrets.\n\n\nWhy?
|
|
Because the operator create a namespace by stack, so, a stack does not have
|
|
access to secrets and service\naccounts created externally.\n\n\nA ResourceReference
|
|
is created by other resource who need to use a specific secret or service
|
|
account.\nFor example, if you want to use a secret for your database connection
|
|
(see [Database](#database), you will\ncreate a setting indicating a secret
|
|
name. You will need to create this secret yourself, and you will put this\nsecret
|
|
inside the namespace you want (`default` maybe).\n\n\nThe Database reconciler
|
|
will create a ResourceReference looking like that :\n```\napiVersion: formance.com/v1beta1\nkind:
|
|
ResourceReference\nmetadata:\n\n\n\tname: jqkuffjxcezj-qlii-auth-postgres\n\townerReferences:\n\t-
|
|
apiVersion: formance.com/v1beta1\n\t blockOwnerDeletion: true\n\t controller:
|
|
true\n\t kind: Database\n\t name: jqkuffjxcezj-qlii-auth\n\t uid: 2cc4b788-3ffb-4e3d-8a30-07ed3941c8d2\n\n\nspec:\n\n\n\tgvk:\n\t
|
|
\ group: \"\"\n\t kind: Secret\n\t version: v1\n\tname: postgres\n\tstack:
|
|
jqkuffjxcezj-qlii\n\n\nstatus:\n\n\n\t...\n\n\n```\nThis reconciler behind
|
|
this ResourceReference will search, in all namespaces, for a secret named
|
|
\"postgres\".\nThe secret must have a label `formance.com/stack` with the
|
|
value matching either a specific stack or `any` to target any stack.\n\n\nOnce
|
|
the reconciler has found the secret, it will copy it inside the stack namespace,
|
|
allowing the ResourceReconciler owner to use it."
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
gvk:
|
|
description: |-
|
|
GroupVersionKind unambiguously identifies a kind. It doesn't anonymously include GroupVersion
|
|
to avoid automatic coercion. It doesn't use a GroupVersion to avoid custom marshalling
|
|
properties:
|
|
group:
|
|
type: string
|
|
kind:
|
|
type: string
|
|
version:
|
|
type: string
|
|
required:
|
|
- group
|
|
- kind
|
|
- version
|
|
type: object
|
|
name:
|
|
type: string
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
required:
|
|
- gvk
|
|
- name
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
hash:
|
|
type: string
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
syncedResource:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_searches.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
labels:
|
|
formance.com/is-ee: "true"
|
|
formance.com/kind: module
|
|
name: searches.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Search
|
|
listKind: SearchList
|
|
plural: searches
|
|
singular: search
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Is ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Search is the Schema for the searches API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
auth:
|
|
properties:
|
|
checkScopes:
|
|
type: boolean
|
|
readKeySetMaxRetries:
|
|
type: integer
|
|
type: object
|
|
batching:
|
|
description: Batching allow to define custom batching configuration
|
|
properties:
|
|
count:
|
|
description:
|
|
Count indicates the number of messages that can be
|
|
kept in memory before being flushed to ElasticSearch
|
|
type: integer
|
|
period:
|
|
description:
|
|
Period indicates the maximum duration messages can
|
|
be kept in memory before being flushed to ElasticSearch
|
|
type: string
|
|
required:
|
|
- count
|
|
- period
|
|
type: object
|
|
debug:
|
|
default: false
|
|
description: Allow to enable debug mode on the module
|
|
type: boolean
|
|
dev:
|
|
default: false
|
|
description: |-
|
|
Allow to enable dev mode on the module
|
|
Dev mode is used to allow some application to do custom setup in development mode (allow insecure certificates for example)
|
|
type: boolean
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
version:
|
|
description:
|
|
Version allow to override global version defined at stack
|
|
level for a specific module
|
|
type: string
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
elasticSearchURI:
|
|
type: string
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
topicCleaned:
|
|
default: false
|
|
description:
|
|
TopicCleaned is used to flag stacks where the topics
|
|
have been cleaned (still search-ledgerv2 and co consumers)
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_settings.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
name: settings.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Settings
|
|
listKind: SettingsList
|
|
plural: settings
|
|
singular: settings
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Key
|
|
jsonPath: .spec.key
|
|
name: Key
|
|
type: string
|
|
- description: Value
|
|
jsonPath: .spec.value
|
|
name: Value
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description:
|
|
"Settings represents a configurable piece of the stacks.\n\n\nThe
|
|
purpose of this resource is to be able to configure some common settings
|
|
between a set of stacks.\n\n\nExample :\n```yaml\napiVersion: formance.com/v1beta1\nkind:
|
|
Settings\nmetadata:\n\n\n\tname: postgres-uri\n\n\nspec:\n\n\n\tkey: postgres.ledger.uri\n\tstacks:\n\t-
|
|
stack0\n\tvalue: postgresql://postgresql.formance.svc.cluster.local:5432\n\n\n```\n\n\nThis
|
|
example create a setting named `postgres-uri` targeting the stack named
|
|
`stack0` and the service `ledger` (see the key `postgres.ledger.uri`).\n\n\nTherefore,
|
|
a [Database](#database) created for the stack `stack0` and the service named
|
|
'ledger' will use the uri `postgresql://postgresql.formance.svc.cluster.local:5432`.\n\n\nSettings
|
|
allow to use wildcards in keys and in stacks list.\n\n\nFor example, if
|
|
you want to use the same database server for all the modules of a specific
|
|
stack, you can write :\n```yaml\napiVersion: formance.com/v1beta1\nkind:
|
|
Settings\nmetadata:\n\n\n\tname: postgres-uri\n\n\nspec:\n\n\n\tkey: postgres.*.uri
|
|
# There, we use a wildcard to indicate we want to use that setting of all
|
|
services of the stack `stack0`\n\tstacks:\n\t- stack0\n\tvalue: postgresql://postgresql.formance.svc.cluster.local:5432\n\n\n```\n\n\nAlso,
|
|
we could use that setting for all of our stacks using :\n```yaml\napiVersion:
|
|
formance.com/v1beta1\nkind: Settings\nmetadata:\n\n\n\tname: postgres-uri\n\n\nspec:\n\n\n\tkey:
|
|
postgres.*.uri # There, we use a wildcard to indicate we want to use that
|
|
setting for all services of all stacks\n\tstacks:\n\t- * # There we select
|
|
all the stacks\n\tvalue: postgresql://postgresql.formance.svc.cluster.local:5432\n\n\n```\n\n\nSome
|
|
settings are really global, while some are used by specific module.\n\n\nRefer
|
|
to the documentation of each module and resource to discover available Settings.\n\n\n#####
|
|
Global settings\n###### AWS account\n\n\nA stack can use an AWS account
|
|
for authentication.\n\n\nIt can be used to connect to any AWS service we
|
|
could use.\n\n\nIt includes RDS, OpenSearch and MSK. To do so, you can create
|
|
the following setting:\n```yaml\napiVersion: formance.com/v1beta1\nkind:
|
|
Settings\nmetadata:\n\n\n\tname: aws-service-account\n\n\nspec:\n\n\n\tkey:
|
|
aws.service-account\n\tstacks:\n\t- '*'\n\tvalue: aws-access\n\n\n```\nThis
|
|
setting instruct the operator than there is somewhere on the cluster a service
|
|
account named `aws-access`.\n\n\nSo, each time a service has the capability
|
|
to use AWS, the operator will use this service account.\n\n\nThe service
|
|
account could look like that :\n```yaml\napiVersion: v1\nkind: ServiceAccount\nmetadata:\n\n\n\tannotations:\n\t
|
|
\ eks.amazonaws.com/role-arn: arn:aws:iam::************:role/staging-eu-west-1-hosting-stack-access\n\tlabels:\n\t
|
|
\ formance.com/stack: any\n\tname: aws-access\n\n\n```\nYou can note two
|
|
things :\n 1. We have an annotation indicating the role arn used to connect
|
|
to AWS. Refer to the AWS documentation to create this role\n 2. We have
|
|
a label `formance.com/stack=any` indicating we are targeting all stacks.\n
|
|
\ Refer to the documentation of [ResourceReference](#resourcereference)
|
|
for further information.\n\n\n###### JSON logging\n\n\nYou can use the setting
|
|
`logging.json` with the value `true` to configure elligible service to log
|
|
as json.\nExample:\n```yaml\napiVersion: formance.com/v1beta1\nkind: Settings\nmetadata:\n\n\n\tname:
|
|
json-logging\n\n\nspec:\n\n\n\tkey: logging.json\n\tstacks:\n\t- '*'\n\tvalue:
|
|
\"true\"\n\n\n```"
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
key:
|
|
description:
|
|
The setting Key. See the documentation of each module
|
|
or [global settings](#global-settings) to discover them.
|
|
type: string
|
|
stacks:
|
|
description:
|
|
Stacks on which the setting is applied. Can contain `*`
|
|
to indicate a wildcard.
|
|
items:
|
|
type: string
|
|
type: array
|
|
value:
|
|
description:
|
|
The value. It must have a specific format following the
|
|
Key.
|
|
type: string
|
|
required:
|
|
- key
|
|
- value
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_stacks.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
name: stacks.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Stack
|
|
listKind: StackList
|
|
plural: stacks
|
|
singular: stack
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack Disabled
|
|
jsonPath: .spec.disabled
|
|
name: Disable
|
|
type: string
|
|
- description: Stack Version
|
|
jsonPath: .spec.version
|
|
name: Version
|
|
type: string
|
|
- description: Stack Version From File
|
|
jsonPath: .spec.versionsFromFile
|
|
name: Versions From file
|
|
type: string
|
|
- description: Is stack ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: boolean
|
|
- description: Modules List Registered
|
|
jsonPath: .status.modules
|
|
name: Modules
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
- description: Creation Timestamp
|
|
jsonPath: .metadata.creationTimestamp
|
|
name: Created
|
|
type: date
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: |-
|
|
Stack represents a formance stack.
|
|
A Stack is basically a container. It holds some global properties and
|
|
creates a namespace if not already existing.
|
|
|
|
|
|
To do more, you need to create some [modules](#modules).
|
|
|
|
|
|
The Stack resource allow to specify the version of the stack.
|
|
|
|
|
|
It can be specified using either the field `.spec.version` or the `.spec.versionsFromFile` field (Refer to the documentation of [Versions](#versions) resource.
|
|
|
|
|
|
The `version` field will have priority over `versionFromFile`.
|
|
|
|
|
|
If `versions` and `versionsFromFile` are not specified, "latest" will be used.
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
debug:
|
|
default: false
|
|
description: Allow to enable debug mode on the module
|
|
type: boolean
|
|
dev:
|
|
default: false
|
|
description: |-
|
|
Allow to enable dev mode on the module
|
|
Dev mode is used to allow some application to do custom setup in development mode (allow insecure certificates for example)
|
|
type: boolean
|
|
disabled:
|
|
default: false
|
|
description: |-
|
|
Disabled indicate the stack is disabled.
|
|
A disabled stack disable everything
|
|
It just keeps the namespace and the [Database](#database) resources.
|
|
type: boolean
|
|
enableAudit:
|
|
default: false
|
|
description: |-
|
|
EnableAudit enable audit at the stack level.
|
|
Actually, it enables audit on [Gateway](#gateway)
|
|
type: boolean
|
|
version:
|
|
description: |-
|
|
Version allow to specify the version of the components
|
|
Must be a valid docker tag
|
|
type: string
|
|
versionsFromFile:
|
|
description: |-
|
|
VersionsFromFile allow to specify a formance.com/Versions object which contains individual versions
|
|
for each component.
|
|
Must reference a valid formance.com/Versions object
|
|
type: string
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
modules:
|
|
description: Modules register detected modules
|
|
items:
|
|
type: string
|
|
type: array
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_stargates.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
labels:
|
|
formance.com/kind: module
|
|
name: stargates.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Stargate
|
|
listKind: StargateList
|
|
plural: stargates
|
|
singular: stargate
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Is ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Stargate is the Schema for the stargates API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
auth:
|
|
properties:
|
|
clientID:
|
|
type: string
|
|
clientSecret:
|
|
type: string
|
|
issuer:
|
|
type: string
|
|
required:
|
|
- clientID
|
|
- clientSecret
|
|
- issuer
|
|
type: object
|
|
debug:
|
|
default: false
|
|
description: Allow to enable debug mode on the module
|
|
type: boolean
|
|
dev:
|
|
default: false
|
|
description: |-
|
|
Allow to enable dev mode on the module
|
|
Dev mode is used to allow some application to do custom setup in development mode (allow insecure certificates for example)
|
|
type: boolean
|
|
organizationID:
|
|
type: string
|
|
serverURL:
|
|
type: string
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
stackID:
|
|
type: string
|
|
version:
|
|
description:
|
|
Version allow to override global version defined at stack
|
|
level for a specific module
|
|
type: string
|
|
required:
|
|
- auth
|
|
- organizationID
|
|
- serverURL
|
|
- stackID
|
|
type: object
|
|
status:
|
|
description: StargateStatus defines the observed state of Stargate
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_versions.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
name: versions.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Versions
|
|
listKind: VersionsList
|
|
plural: versions
|
|
singular: versions
|
|
scope: Cluster
|
|
versions:
|
|
- name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Versions is the Schema for the versions API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_wallets.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
labels:
|
|
formance.com/is-ee: "true"
|
|
formance.com/kind: module
|
|
name: wallets.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Wallets
|
|
listKind: WalletsList
|
|
plural: wallets
|
|
singular: wallets
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Is ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Wallets is the Schema for the wallets API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
auth:
|
|
properties:
|
|
checkScopes:
|
|
type: boolean
|
|
readKeySetMaxRetries:
|
|
type: integer
|
|
type: object
|
|
debug:
|
|
default: false
|
|
description: Allow to enable debug mode on the module
|
|
type: boolean
|
|
dev:
|
|
default: false
|
|
description: |-
|
|
Allow to enable dev mode on the module
|
|
Dev mode is used to allow some application to do custom setup in development mode (allow insecure certificates for example)
|
|
type: boolean
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
version:
|
|
description:
|
|
Version allow to override global version defined at stack
|
|
level for a specific module
|
|
type: string
|
|
type: object
|
|
status:
|
|
description: WalletsStatus defines the observed state of Wallets
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/charts/operator-crds/templates/crds/apiextensions.k8s.io_v1_customresourcedefinition_webhooks.formance.com.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.14.0
|
|
helm.sh/resource-policy: keep
|
|
labels:
|
|
formance.com/is-ee: "true"
|
|
formance.com/kind: module
|
|
name: webhooks.formance.com
|
|
spec:
|
|
group: formance.com
|
|
names:
|
|
kind: Webhooks
|
|
listKind: WebhooksList
|
|
plural: webhooks
|
|
singular: webhooks
|
|
scope: Cluster
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- description: Stack
|
|
jsonPath: .spec.stack
|
|
name: Stack
|
|
type: string
|
|
- description: Is ready
|
|
jsonPath: .status.ready
|
|
name: Ready
|
|
type: string
|
|
- description: Info
|
|
jsonPath: .status.info
|
|
name: Info
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Webhooks is the Schema for the webhooks API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
auth:
|
|
properties:
|
|
checkScopes:
|
|
type: boolean
|
|
readKeySetMaxRetries:
|
|
type: integer
|
|
type: object
|
|
debug:
|
|
default: false
|
|
description: Allow to enable debug mode on the module
|
|
type: boolean
|
|
dev:
|
|
default: false
|
|
description: |-
|
|
Allow to enable dev mode on the module
|
|
Dev mode is used to allow some application to do custom setup in development mode (allow insecure certificates for example)
|
|
type: boolean
|
|
stack:
|
|
description: Stack indicates the stack on which the module is installed
|
|
type: string
|
|
version:
|
|
description:
|
|
Version allow to override global version defined at stack
|
|
level for a specific module
|
|
type: string
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
description:
|
|
"Condition contains details for one aspect of the current
|
|
state of this API Resource.\n---\nThis struct is intended for
|
|
direct use as an array at the field path .status.conditions. For
|
|
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
|
|
observations of a foo's current state.\n\t // Known .status.conditions.type
|
|
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
|
|
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
|
|
\ // +listMapKey=type\n\t Status []metav1.Condition `json:\"conditions,omitempty\"
|
|
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
|
|
\ // other fields\n\t}"
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
pattern: ^([A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?)?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: |-
|
|
type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
---
|
|
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
|
useful (see .node.status.conditions), the ability to deconflict is important.
|
|
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info can contain any additional like reconciliation errors
|
|
type: string
|
|
ready:
|
|
description:
|
|
Ready indicates if the resource is seen as completely
|
|
reconciled
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
# Source: operator/templates/gen/rbac.authorization.k8s.io_v1_clusterrole_formance-manager-role.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: formance-manager-role
|
|
rules:
|
|
- apiGroups:
|
|
- apps
|
|
resources:
|
|
- deployments
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- deletecollection
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- batch
|
|
resources:
|
|
- cronjobs
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- batch
|
|
resources:
|
|
- jobs
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- cert-manager.io
|
|
resources:
|
|
- certificates
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- configmaps
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- events
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- namespaces
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- pods
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- secrets
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- serviceaccounts
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- services
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- analytics
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- analytics/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- analytics/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- authclients
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- authclients/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- authclients/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- auths
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- auths/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- auths/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- benthos
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- benthos/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- benthos/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- benthosstreams
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- deletecollection
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- benthosstreams/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- benthosstreams/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- brokerconsumers
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- brokerconsumers/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- brokerconsumers/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- brokers
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- brokers/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- brokers/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- brokertopics
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- brokertopics/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- brokertopics/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- databases
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- databases/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- databases/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- gatewayhttpapis
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- gatewayhttpapis/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- gatewayhttpapis/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- gateways
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- gateways/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- gateways/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- ledgers
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- ledgers/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- ledgers/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- orchestrations
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- orchestrations/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- orchestrations/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- payments
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- payments/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- payments/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- reconciliations
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- reconciliations/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- reconciliations/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- resourcereferences
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- resourcereferences/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- resourcereferences/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- searches
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- searches/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- searches/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- settings
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- settings/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- settings/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- stacks
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- stacks/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- stacks/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- stargates
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- stargates/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- stargates/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- versions
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- versions/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- versions/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- wallets
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- wallets/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- wallets/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- webhooks
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- webhooks/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- formance.com
|
|
resources:
|
|
- webhooks/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- networking.k8s.io
|
|
resources:
|
|
- ingresses
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- policy
|
|
resources:
|
|
- poddisruptionbudgets
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- deletecollection
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
---
|
|
# Source: operator/templates/gen/rbac.authorization.k8s.io_v1_clusterrolebinding_formance-manager-rolebinding.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: rbac
|
|
app.kubernetes.io/created-by: operatorv2
|
|
app.kubernetes.io/instance: manager-rolebinding
|
|
app.kubernetes.io/managed-by: kustomize
|
|
app.kubernetes.io/name: clusterrolebinding
|
|
app.kubernetes.io/part-of: operatorv2
|
|
name: formance-manager-rolebinding
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: formance-manager-role
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: formance-controller-manager
|
|
namespace: "tilt-dev"
|
|
---
|
|
# Source: operator/templates/gen/rbac.authorization.k8s.io_v1_role_formance-leader-election-role.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: rbac
|
|
app.kubernetes.io/created-by: operatorv2
|
|
app.kubernetes.io/instance: leader-election-role
|
|
app.kubernetes.io/managed-by: kustomize
|
|
app.kubernetes.io/name: role
|
|
app.kubernetes.io/part-of: operatorv2
|
|
name: formance-leader-election-role
|
|
namespace: "tilt-dev"
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- configmaps
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- create
|
|
- update
|
|
- patch
|
|
- delete
|
|
- apiGroups:
|
|
- coordination.k8s.io
|
|
resources:
|
|
- leases
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- create
|
|
- update
|
|
- patch
|
|
- delete
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- events
|
|
verbs:
|
|
- create
|
|
- patch
|
|
---
|
|
# Source: operator/templates/gen/rbac.authorization.k8s.io_v1_rolebinding_formance-leader-election-rolebinding.yaml
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: rbac
|
|
app.kubernetes.io/created-by: operatorv2
|
|
app.kubernetes.io/instance: leader-election-rolebinding
|
|
app.kubernetes.io/managed-by: kustomize
|
|
app.kubernetes.io/name: rolebinding
|
|
app.kubernetes.io/part-of: operatorv2
|
|
name: formance-leader-election-rolebinding
|
|
namespace: "tilt-dev"
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: formance-leader-election-role
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: formance-controller-manager
|
|
namespace: "tilt-dev"
|
|
---
|
|
# Source: operator/templates/deployment.yaml
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: formance-operator-operator
|
|
labels:
|
|
helm.sh/chart: operator-v2.4.0
|
|
app.kubernetes.io/name: operator
|
|
app.kubernetes.io/instance: formance-operator
|
|
app.kubernetes.io/version: "v2.4.0"
|
|
app.kubernetes.io/managed-by: Helm
|
|
control-plane: controller-manager
|
|
namespace: tilt-dev
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: operator
|
|
app.kubernetes.io/instance: formance-operator
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: operator
|
|
app.kubernetes.io/instance: formance-operator
|
|
control-plane: formance-controller-manager
|
|
spec:
|
|
serviceAccountName: formance-controller-manager
|
|
securityContext: {}
|
|
containers:
|
|
- name: operator
|
|
securityContext: {}
|
|
image: "ghcr.io/formancehq/operator:v2.4.0"
|
|
imagePullPolicy: IfNotPresent
|
|
command:
|
|
- /usr/bin/operator
|
|
args:
|
|
- --metrics-bind-address=:8080
|
|
- --health-probe-bind-address=:8081
|
|
- --leader-elect
|
|
- --env=staging
|
|
- --region=eu-west-1
|
|
|
|
- --licence-secret=formance-operator-operator-licence
|
|
|
|
- --utils-version=v2.0.14
|
|
ports:
|
|
- containerPort: 9443
|
|
name: webhook-server
|
|
protocol: TCP
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8081
|
|
initialDelaySeconds: 15
|
|
periodSeconds: 20
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /readyz
|
|
port: 8081
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
resources: {}
|