v1beta2

package
v1.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 26, 2024 License: Apache-2.0 Imports: 11 Imported by: 129

Documentation

Overview

Package v1beta2 contains API Schema definitions for the source v1beta2 API group +kubebuilder:object:generate=true +groupName=source.toolkit.fluxcd.io

Index

Constants

View Source
const (
	// BucketProviderGeneric for any S3 API compatible storage Bucket.
	BucketProviderGeneric string = apiv1.BucketProviderGeneric
	// BucketProviderAmazon for an AWS S3 object storage Bucket.
	// Provides support for retrieving credentials from the AWS EC2 service.
	BucketProviderAmazon string = apiv1.BucketProviderAmazon
	// BucketProviderGoogle for a Google Cloud Storage Bucket.
	// Provides support for authentication using a workload identity.
	BucketProviderGoogle string = apiv1.BucketProviderGoogle
	// BucketProviderAzure for an Azure Blob Storage Bucket.
	// Provides support for authentication using a Service Principal,
	// Managed Identity or Shared Key.
	BucketProviderAzure string = apiv1.BucketProviderAzure

	// GenericBucketProvider for any S3 API compatible storage Bucket.
	//
	// Deprecated: use BucketProviderGeneric.
	GenericBucketProvider string = apiv1.BucketProviderGeneric
	// AmazonBucketProvider for an AWS S3 object storage Bucket.
	// Provides support for retrieving credentials from the AWS EC2 service.
	//
	// Deprecated: use BucketProviderAmazon.
	AmazonBucketProvider string = apiv1.BucketProviderAmazon
	// GoogleBucketProvider for a Google Cloud Storage Bucket.
	// Provides support for authentication using a workload identity.
	//
	// Deprecated: use BucketProviderGoogle.
	GoogleBucketProvider string = apiv1.BucketProviderGoogle
	// AzureBucketProvider for an Azure Blob Storage Bucket.
	// Provides support for authentication using a Service Principal,
	// Managed Identity or Shared Key.
	//
	// Deprecated: use BucketProviderAzure.
	AzureBucketProvider string = apiv1.BucketProviderAzure
)
View Source
const (
	// BucketOperationSucceededReason signals that the Bucket listing and fetch
	// operations succeeded.
	BucketOperationSucceededReason string = "BucketOperationSucceeded"

	// BucketOperationFailedReason signals that the Bucket listing or fetch
	// operations failed.
	BucketOperationFailedReason string = "BucketOperationFailed"
)
View Source
const (
	// ArtifactInStorageCondition indicates the availability of the Artifact in
	// the storage.
	// If True, the Artifact is stored successfully.
	// This Condition is only present on the resource if the Artifact is
	// successfully stored.
	ArtifactInStorageCondition string = "ArtifactInStorage"

	// ArtifactOutdatedCondition indicates the current Artifact of the Source
	// is outdated.
	// This is a "negative polarity" or "abnormal-true" type, and is only
	// present on the resource if it is True.
	ArtifactOutdatedCondition string = "ArtifactOutdated"

	// SourceVerifiedCondition indicates the integrity verification of the
	// Source.
	// If True, the integrity check succeeded. If False, it failed.
	// This Condition is only present on the resource if the integrity check
	// is enabled.
	SourceVerifiedCondition string = "SourceVerified"

	// FetchFailedCondition indicates a transient or persistent fetch failure
	// of an upstream Source.
	// If True, observations on the upstream Source revision may be impossible,
	// and the Artifact available for the Source may be outdated.
	// This is a "negative polarity" or "abnormal-true" type, and is only
	// present on the resource if it is True.
	FetchFailedCondition string = "FetchFailed"

	// BuildFailedCondition indicates a transient or persistent build failure
	// of a Source's Artifact.
	// If True, the Source can be in an ArtifactOutdatedCondition.
	// This is a "negative polarity" or "abnormal-true" type, and is only
	// present on the resource if it is True.
	BuildFailedCondition string = "BuildFailed"

	// StorageOperationFailedCondition indicates a transient or persistent
	// failure related to storage. If True, the reconciliation failed while
	// performing some filesystem operation.
	// This is a "negative polarity" or "abnormal-true" type, and is only
	// present on the resource if it is True.
	StorageOperationFailedCondition string = "StorageOperationFailed"
)
View Source
const (
	// URLInvalidReason signals that a given Source has an invalid URL.
	URLInvalidReason string = "URLInvalid"

	// AuthenticationFailedReason signals that a Secret does not have the
	// required fields, or the provided credentials do not match.
	AuthenticationFailedReason string = "AuthenticationFailed"

	// VerificationError signals that the Source's verification
	// check failed.
	VerificationError string = "VerificationError"

	// DirCreationFailedReason signals a failure caused by a directory creation
	// operation.
	DirCreationFailedReason string = "DirectoryCreationFailed"

	// StatOperationFailedReason signals a failure caused by a stat operation on
	// a path.
	StatOperationFailedReason string = "StatOperationFailed"

	// ReadOperationFailedReason signals a failure caused by a read operation.
	ReadOperationFailedReason string = "ReadOperationFailed"

	// AcquireLockFailedReason signals a failure in acquiring lock.
	AcquireLockFailedReason string = "AcquireLockFailed"

	// InvalidPathReason signals a failure caused by an invalid path.
	InvalidPathReason string = "InvalidPath"

	// ArchiveOperationFailedReason signals a failure in archive operation.
	ArchiveOperationFailedReason string = "ArchiveOperationFailed"

	// SymlinkUpdateFailedReason signals a failure in updating a symlink.
	SymlinkUpdateFailedReason string = "SymlinkUpdateFailed"

	// ArtifactUpToDateReason signals that an existing Artifact is up-to-date
	// with the Source.
	ArtifactUpToDateReason string = "ArtifactUpToDate"

	// CacheOperationFailedReason signals a failure in cache operation.
	CacheOperationFailedReason string = "CacheOperationFailed"
)

Reasons are provided as utility, and not part of the declarative API.

View Source
const (
	// GitRepositoryKind is the string representation of a GitRepository.
	GitRepositoryKind = "GitRepository"

	// GoGitImplementation for performing Git operations using go-git.
	GoGitImplementation = "go-git"
	// LibGit2Implementation for performing Git operations using libgit2.
	LibGit2Implementation = "libgit2"
)
View Source
const (
	// GitOperationSucceedReason signals that a Git operation (e.g. clone,
	// checkout, etc.) succeeded.
	GitOperationSucceedReason string = "GitOperationSucceeded"

	// GitOperationFailedReason signals that a Git operation (e.g. clone,
	// checkout, etc.) failed.
	GitOperationFailedReason string = "GitOperationFailed"
)
View Source
const (
	// ReconcileStrategyChartVersion reconciles when the version of the Helm chart is different.
	ReconcileStrategyChartVersion string = "ChartVersion"

	// ReconcileStrategyRevision reconciles when the Revision of the source is different.
	ReconcileStrategyRevision string = "Revision"
)
View Source
const (
	// ChartPullSucceededReason signals that the pull of the Helm chart
	// succeeded.
	ChartPullSucceededReason string = "ChartPullSucceeded"

	// ChartPackageSucceededReason signals that the package of the Helm
	// chart succeeded.
	ChartPackageSucceededReason string = "ChartPackageSucceeded"
)
View Source
const (
	// HelmRepositoryKind is the string representation of a HelmRepository.
	HelmRepositoryKind = "HelmRepository"
	// HelmRepositoryURLIndexKey is the key used for indexing HelmRepository
	// objects by their HelmRepositorySpec.URL.
	HelmRepositoryURLIndexKey = ".metadata.helmRepositoryURL"
	// HelmRepositoryTypeDefault is the default HelmRepository type.
	// It is used when no type is specified and corresponds to a Helm repository.
	HelmRepositoryTypeDefault = "default"
	// HelmRepositoryTypeOCI is the type for an OCI repository.
	HelmRepositoryTypeOCI = "oci"
)
View Source
const (
	// OCIRepositoryKind is the string representation of a OCIRepository.
	OCIRepositoryKind = "OCIRepository"

	// OCIRepositoryPrefix is the prefix used for OCIRepository URLs.
	OCIRepositoryPrefix = "oci://"

	// GenericOCIProvider provides support for authentication using static credentials
	// for any OCI compatible API such as Docker Registry, GitHub Container Registry,
	// Docker Hub, Quay, etc.
	GenericOCIProvider string = "generic"

	// AmazonOCIProvider provides support for OCI authentication using AWS IRSA.
	AmazonOCIProvider string = "aws"

	// GoogleOCIProvider provides support for OCI authentication using GCP workload identity.
	GoogleOCIProvider string = "gcp"

	// AzureOCIProvider provides support for OCI authentication using a Azure Service Principal,
	// Managed Identity or Shared Key.
	AzureOCIProvider string = "azure"

	// OCILayerExtract defines the operation type for extracting the content from an OCI artifact layer.
	OCILayerExtract = "extract"

	// OCILayerCopy defines the operation type for copying the content from an OCI artifact layer.
	OCILayerCopy = "copy"
)
View Source
const (
	// OCIPullFailedReason signals that a pull operation failed.
	OCIPullFailedReason string = "OCIArtifactPullFailed"

	// OCILayerOperationFailedReason signals that an OCI layer operation failed.
	OCILayerOperationFailedReason string = "OCIArtifactLayerOperationFailed"
)
View Source
const (
	// STSProviderAmazon represents the AWS provider for Security Token Service.
	// Provides support for fetching temporary credentials from an AWS STS endpoint.
	STSProviderAmazon string = "aws"
	// STSProviderLDAP represents the LDAP provider for Security Token Service.
	// Provides support for fetching temporary credentials from an LDAP endpoint.
	STSProviderLDAP string = "ldap"
)
View Source
const (
	// BucketKind is the string representation of a Bucket.
	BucketKind = "Bucket"
)
View Source
const HelmChartKind = "HelmChart"

HelmChartKind is the string representation of a HelmChart.

View Source
const (
	// IncludeUnavailableCondition indicates one of the includes is not
	// available. For example, because it does not exist, or does not have an
	// Artifact.
	// This is a "negative polarity" or "abnormal-true" type, and is only
	// present on the resource if it is True.
	IncludeUnavailableCondition string = "IncludeUnavailable"
)
View Source
const (
	// IndexationFailedReason signals that the HelmRepository index fetch
	// failed.
	IndexationFailedReason string = "IndexationFailed"
)
View Source
const SourceFinalizer = "finalizers.fluxcd.io"
View Source
const (
	// SourceIndexKey is the key used for indexing objects based on their
	// referenced Source.
	SourceIndexKey string = ".metadata.source"
)

Variables

View Source
var (
	// GroupVersion is group version used to register these objects.
	GroupVersion = schema.GroupVersion{Group: "source.toolkit.fluxcd.io", Version: "v1beta2"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme.
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

func ArtifactDir

func ArtifactDir(kind, namespace, name string) string

ArtifactDir returns the artifact dir path in the form of '<kind>/<namespace>/<name>'.

func ArtifactPath

func ArtifactPath(kind, namespace, name, filename string) string

ArtifactPath returns the artifact path in the form of '<kind>/<namespace>/name>/<filename>'.

func TransformLegacyRevision added in v0.35.0

func TransformLegacyRevision(rev string) string

TransformLegacyRevision transforms a "legacy" revision string into a "new" revision string. It accepts the following formats:

  • main/5394cb7f48332b2de7c17dd8b8384bbc84b7e738
  • feature/branch/5394cb7f48332b2de7c17dd8b8384bbc84b7e738
  • HEAD/5394cb7f48332b2de7c17dd8b8384bbc84b7e738
  • tag/55609ff9d959589ed917ce32e6bc0f0a36809565f308602c15c3668965979edc
  • d52bde83c5b2bd0fa7910264e0afc3ac9cfe9b6636ca29c05c09742f01d5a4bd

Which are transformed into the following formats respectively:

  • main@sha1:5394cb7f48332b2de7c17dd8b8384bbc84b7e738
  • feature/branch@sha1:5394cb7f48332b2de7c17dd8b8384bbc84b7e738
  • sha1:5394cb7f48332b2de7c17dd8b8384bbc84b7e738
  • tag@sha256:55609ff9d959589ed917ce32e6bc0f0a36809565f308602c15c3668965979edc
  • sha256:d52bde83c5b2bd0fa7910264e0afc3ac9cfe9b6636ca29c05c09742f01d5a4bd

Deprecated, this function exists for backwards compatibility with existing resources, and to provide a transition period. Will be removed in a future release.

Types

type Artifact deprecated

type Artifact struct {
	// Path is the relative file path of the Artifact. It can be used to locate
	// the file in the root of the Artifact storage on the local file system of
	// the controller managing the Source.
	// +required
	Path string `json:"path"`

	// URL is the HTTP address of the Artifact as exposed by the controller
	// managing the Source. It can be used to retrieve the Artifact for
	// consumption, e.g. by another controller applying the Artifact contents.
	// +required
	URL string `json:"url"`

	// Revision is a human-readable identifier traceable in the origin source
	// system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
	// +optional
	Revision string `json:"revision"`

	// Checksum is the SHA256 checksum of the Artifact file.
	// Deprecated: use Artifact.Digest instead.
	// +optional
	Checksum string `json:"checksum,omitempty"`

	// Digest is the digest of the file in the form of '<algorithm>:<checksum>'.
	// +optional
	// +kubebuilder:validation:Pattern="^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$"
	Digest string `json:"digest,omitempty"`

	// LastUpdateTime is the timestamp corresponding to the last update of the
	// Artifact.
	// +required
	LastUpdateTime metav1.Time `json:"lastUpdateTime,omitempty"`

	// Size is the number of bytes in the file.
	// +optional
	Size *int64 `json:"size,omitempty"`

	// Metadata holds upstream information such as OCI annotations.
	// +optional
	Metadata map[string]string `json:"metadata,omitempty"`
}

Artifact represents the output of a Source reconciliation.

Deprecated: use Artifact from api/v1 instead. This type will be removed in a future release.

func (*Artifact) DeepCopy

func (in *Artifact) DeepCopy() *Artifact

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Artifact.

func (*Artifact) DeepCopyInto

func (in *Artifact) DeepCopyInto(out *Artifact)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Artifact) HasChecksum added in v0.24.2

func (in *Artifact) HasChecksum(checksum string) bool

HasChecksum returns if the given checksum matches the current Checksum of the Artifact.

func (*Artifact) HasRevision

func (in *Artifact) HasRevision(revision string) bool

HasRevision returns if the given revision matches the current Revision of the Artifact.

type Bucket

type Bucket struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec BucketSpec `json:"spec,omitempty"`
	// +kubebuilder:default={"observedGeneration":-1}
	Status BucketStatus `json:"status,omitempty"`
}

Bucket is the Schema for the buckets API.

func (*Bucket) DeepCopy

func (in *Bucket) DeepCopy() *Bucket

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Bucket.

func (*Bucket) DeepCopyInto

func (in *Bucket) DeepCopyInto(out *Bucket)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Bucket) DeepCopyObject

func (in *Bucket) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Bucket) GetArtifact

func (in *Bucket) GetArtifact() *apiv1.Artifact

GetArtifact returns the latest artifact from the source if present in the status sub-resource.

func (Bucket) GetConditions

func (in Bucket) GetConditions() []metav1.Condition

GetConditions returns the status conditions of the object.

func (Bucket) GetRequeueAfter

func (in Bucket) GetRequeueAfter() time.Duration

GetRequeueAfter returns the duration after which the source must be reconciled again.

func (*Bucket) SetConditions

func (in *Bucket) SetConditions(conditions []metav1.Condition)

SetConditions sets the status conditions on the object.

type BucketList

type BucketList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Bucket `json:"items"`
}

BucketList contains a list of Bucket objects. +kubebuilder:object:root=true

func (*BucketList) DeepCopy

func (in *BucketList) DeepCopy() *BucketList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketList.

func (*BucketList) DeepCopyInto

func (in *BucketList) DeepCopyInto(out *BucketList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*BucketList) DeepCopyObject

func (in *BucketList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type BucketSTSSpec added in v1.4.0

type BucketSTSSpec struct {
	// Provider of the Security Token Service.
	// +kubebuilder:validation:Enum=aws;ldap
	// +required
	Provider string `json:"provider"`

	// Endpoint is the HTTP/S endpoint of the Security Token Service from
	// where temporary credentials will be fetched.
	// +required
	// +kubebuilder:validation:Pattern="^(http|https)://.*$"
	Endpoint string `json:"endpoint"`

	// SecretRef specifies the Secret containing authentication credentials
	// for the STS endpoint. This Secret must contain the fields `username`
	// and `password` and is supported only for the `ldap` provider.
	// +optional
	SecretRef *meta.LocalObjectReference `json:"secretRef,omitempty"`

	// CertSecretRef can be given the name of a Secret containing
	// either or both of
	//
	// - a PEM-encoded client certificate (`tls.crt`) and private
	// key (`tls.key`);
	// - a PEM-encoded CA certificate (`ca.crt`)
	//
	// and whichever are supplied, will be used for connecting to the
	// STS endpoint. The client cert and key are useful if you are
	// authenticating with a certificate; the CA cert is useful if
	// you are using a self-signed server certificate. The Secret must
	// be of type `Opaque` or `kubernetes.io/tls`.
	//
	// This field is only supported for the `ldap` provider.
	// +optional
	CertSecretRef *meta.LocalObjectReference `json:"certSecretRef,omitempty"`
}

BucketSTSSpec specifies the required configuration to use a Security Token Service for fetching temporary credentials to authenticate in a Bucket provider.

func (*BucketSTSSpec) DeepCopy added in v1.4.0

func (in *BucketSTSSpec) DeepCopy() *BucketSTSSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketSTSSpec.

func (*BucketSTSSpec) DeepCopyInto added in v1.4.0

func (in *BucketSTSSpec) DeepCopyInto(out *BucketSTSSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BucketSpec

type BucketSpec struct {
	// Provider of the object storage bucket.
	// Defaults to 'generic', which expects an S3 (API) compatible object
	// storage.
	// +kubebuilder:validation:Enum=generic;aws;gcp;azure
	// +kubebuilder:default:=generic
	// +optional
	Provider string `json:"provider,omitempty"`

	// BucketName is the name of the object storage bucket.
	// +required
	BucketName string `json:"bucketName"`

	// Endpoint is the object storage address the BucketName is located at.
	// +required
	Endpoint string `json:"endpoint"`

	// STS specifies the required configuration to use a Security Token
	// Service for fetching temporary credentials to authenticate in a
	// Bucket provider.
	//
	// This field is only supported for the `aws` and `generic` providers.
	// +optional
	STS *BucketSTSSpec `json:"sts,omitempty"`

	// Insecure allows connecting to a non-TLS HTTP Endpoint.
	// +optional
	Insecure bool `json:"insecure,omitempty"`

	// Region of the Endpoint where the BucketName is located in.
	// +optional
	Region string `json:"region,omitempty"`

	// Prefix to use for server-side filtering of files in the Bucket.
	// +optional
	Prefix string `json:"prefix,omitempty"`

	// SecretRef specifies the Secret containing authentication credentials
	// for the Bucket.
	// +optional
	SecretRef *meta.LocalObjectReference `json:"secretRef,omitempty"`

	// CertSecretRef can be given the name of a Secret containing
	// either or both of
	//
	// - a PEM-encoded client certificate (`tls.crt`) and private
	// key (`tls.key`);
	// - a PEM-encoded CA certificate (`ca.crt`)
	//
	// and whichever are supplied, will be used for connecting to the
	// bucket. The client cert and key are useful if you are
	// authenticating with a certificate; the CA cert is useful if
	// you are using a self-signed server certificate. The Secret must
	// be of type `Opaque` or `kubernetes.io/tls`.
	//
	// This field is only supported for the `generic` provider.
	// +optional
	CertSecretRef *meta.LocalObjectReference `json:"certSecretRef,omitempty"`

	// ProxySecretRef specifies the Secret containing the proxy configuration
	// to use while communicating with the Bucket server.
	// +optional
	ProxySecretRef *meta.LocalObjectReference `json:"proxySecretRef,omitempty"`

	// Interval at which the Bucket Endpoint is checked for updates.
	// This interval is approximate and may be subject to jitter to ensure
	// efficient use of resources.
	// +kubebuilder:validation:Type=string
	// +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
	// +required
	Interval metav1.Duration `json:"interval"`

	// Timeout for fetch operations, defaults to 60s.
	// +kubebuilder:default="60s"
	// +kubebuilder:validation:Type=string
	// +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
	// +optional
	Timeout *metav1.Duration `json:"timeout,omitempty"`

	// Ignore overrides the set of excluded patterns in the .sourceignore format
	// (which is the same as .gitignore). If not provided, a default will be used,
	// consult the documentation for your version to find out what those are.
	// +optional
	Ignore *string `json:"ignore,omitempty"`

	// Suspend tells the controller to suspend the reconciliation of this
	// Bucket.
	// +optional
	Suspend bool `json:"suspend,omitempty"`

	// AccessFrom specifies an Access Control List for allowing cross-namespace
	// references to this object.
	// NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
	// +optional
	AccessFrom *acl.AccessFrom `json:"accessFrom,omitempty"`
}

BucketSpec specifies the required configuration to produce an Artifact for an object storage bucket. +kubebuilder:validation:XValidation:rule="self.provider == 'aws' || self.provider == 'generic' || !has(self.sts)", message="STS configuration is only supported for the 'aws' and 'generic' Bucket providers" +kubebuilder:validation:XValidation:rule="self.provider != 'aws' || !has(self.sts) || self.sts.provider == 'aws'", message="'aws' is the only supported STS provider for the 'aws' Bucket provider" +kubebuilder:validation:XValidation:rule="self.provider != 'generic' || !has(self.sts) || self.sts.provider == 'ldap'", message="'ldap' is the only supported STS provider for the 'generic' Bucket provider" +kubebuilder:validation:XValidation:rule="!has(self.sts) || self.sts.provider != 'aws' || !has(self.sts.secretRef)", message="spec.sts.secretRef is not required for the 'aws' STS provider" +kubebuilder:validation:XValidation:rule="!has(self.sts) || self.sts.provider != 'aws' || !has(self.sts.certSecretRef)", message="spec.sts.certSecretRef is not required for the 'aws' STS provider"

func (*BucketSpec) DeepCopy

func (in *BucketSpec) DeepCopy() *BucketSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketSpec.

func (*BucketSpec) DeepCopyInto

func (in *BucketSpec) DeepCopyInto(out *BucketSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BucketStatus

type BucketStatus struct {
	// ObservedGeneration is the last observed generation of the Bucket object.
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty"`

	// Conditions holds the conditions for the Bucket.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`

	// URL is the dynamic fetch link for the latest Artifact.
	// It is provided on a "best effort" basis, and using the precise
	// BucketStatus.Artifact data is recommended.
	// +optional
	URL string `json:"url,omitempty"`

	// Artifact represents the last successful Bucket reconciliation.
	// +optional
	Artifact *apiv1.Artifact `json:"artifact,omitempty"`

	// ObservedIgnore is the observed exclusion patterns used for constructing
	// the source artifact.
	// +optional
	ObservedIgnore *string `json:"observedIgnore,omitempty"`

	meta.ReconcileRequestStatus `json:",inline"`
}

BucketStatus records the observed state of a Bucket.

func (*BucketStatus) DeepCopy

func (in *BucketStatus) DeepCopy() *BucketStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketStatus.

func (*BucketStatus) DeepCopyInto

func (in *BucketStatus) DeepCopyInto(out *BucketStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GitRepository

type GitRepository struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec GitRepositorySpec `json:"spec,omitempty"`
	// +kubebuilder:default={"observedGeneration":-1}
	Status GitRepositoryStatus `json:"status,omitempty"`
}

GitRepository is the Schema for the gitrepositories API.

func (*GitRepository) DeepCopy

func (in *GitRepository) DeepCopy() *GitRepository

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepository.

func (*GitRepository) DeepCopyInto

func (in *GitRepository) DeepCopyInto(out *GitRepository)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*GitRepository) DeepCopyObject

func (in *GitRepository) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*GitRepository) GetArtifact

func (in *GitRepository) GetArtifact() *apiv1.Artifact

GetArtifact returns the latest Artifact from the GitRepository if present in the status sub-resource.

func (GitRepository) GetConditions

func (in GitRepository) GetConditions() []metav1.Condition

GetConditions returns the status conditions of the object.

func (GitRepository) GetRequeueAfter

func (in GitRepository) GetRequeueAfter() time.Duration

GetRequeueAfter returns the duration after which the GitRepository must be reconciled again.

func (*GitRepository) SetConditions

func (in *GitRepository) SetConditions(conditions []metav1.Condition)

SetConditions sets the status conditions on the object.

type GitRepositoryInclude

type GitRepositoryInclude struct {
	// GitRepositoryRef specifies the GitRepository which Artifact contents
	// must be included.
	GitRepositoryRef meta.LocalObjectReference `json:"repository"`

	// FromPath specifies the path to copy contents from, defaults to the root
	// of the Artifact.
	// +optional
	FromPath string `json:"fromPath"`

	// ToPath specifies the path to copy contents to, defaults to the name of
	// the GitRepositoryRef.
	// +optional
	ToPath string `json:"toPath"`
}

GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents must be included, and where they should be placed.

func (*GitRepositoryInclude) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepositoryInclude.

func (*GitRepositoryInclude) DeepCopyInto

func (in *GitRepositoryInclude) DeepCopyInto(out *GitRepositoryInclude)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*GitRepositoryInclude) GetFromPath

func (in *GitRepositoryInclude) GetFromPath() string

GetFromPath returns the specified FromPath.

func (*GitRepositoryInclude) GetToPath

func (in *GitRepositoryInclude) GetToPath() string

GetToPath returns the specified ToPath, falling back to the name of the GitRepositoryRef.

type GitRepositoryList

type GitRepositoryList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []GitRepository `json:"items"`
}

GitRepositoryList contains a list of GitRepository objects. +kubebuilder:object:root=true

func (*GitRepositoryList) DeepCopy

func (in *GitRepositoryList) DeepCopy() *GitRepositoryList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepositoryList.

func (*GitRepositoryList) DeepCopyInto

func (in *GitRepositoryList) DeepCopyInto(out *GitRepositoryList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*GitRepositoryList) DeepCopyObject

func (in *GitRepositoryList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type GitRepositoryRef

type GitRepositoryRef struct {
	// Branch to check out, defaults to 'master' if no other field is defined.
	// +optional
	Branch string `json:"branch,omitempty"`

	// Tag to check out, takes precedence over Branch.
	// +optional
	Tag string `json:"tag,omitempty"`

	// SemVer tag expression to check out, takes precedence over Tag.
	// +optional
	SemVer string `json:"semver,omitempty"`

	// Name of the reference to check out; takes precedence over Branch, Tag and SemVer.
	//
	// It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description
	// Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head"
	// +optional
	Name string `json:"name,omitempty"`

	// Commit SHA to check out, takes precedence over all reference fields.
	//
	// This can be combined with Branch to shallow clone the branch, in which
	// the commit is expected to exist.
	// +optional
	Commit string `json:"commit,omitempty"`
}

GitRepositoryRef specifies the Git reference to resolve and checkout.

func (*GitRepositoryRef) DeepCopy

func (in *GitRepositoryRef) DeepCopy() *GitRepositoryRef

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepositoryRef.

func (*GitRepositoryRef) DeepCopyInto

func (in *GitRepositoryRef) DeepCopyInto(out *GitRepositoryRef)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GitRepositorySpec

type GitRepositorySpec struct {
	// URL specifies the Git repository URL, it can be an HTTP/S or SSH address.
	// +kubebuilder:validation:Pattern="^(http|https|ssh)://.*$"
	// +required
	URL string `json:"url"`

	// SecretRef specifies the Secret containing authentication credentials for
	// the GitRepository.
	// For HTTPS repositories the Secret must contain 'username' and 'password'
	// fields for basic auth or 'bearerToken' field for token auth.
	// For SSH repositories the Secret must contain 'identity'
	// and 'known_hosts' fields.
	// +optional
	SecretRef *meta.LocalObjectReference `json:"secretRef,omitempty"`

	// Interval at which to check the GitRepository for updates.
	// +kubebuilder:validation:Type=string
	// +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
	// +required
	Interval metav1.Duration `json:"interval"`

	// Timeout for Git operations like cloning, defaults to 60s.
	// +kubebuilder:default="60s"
	// +kubebuilder:validation:Type=string
	// +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
	// +optional
	Timeout *metav1.Duration `json:"timeout,omitempty"`

	// Reference specifies the Git reference to resolve and monitor for
	// changes, defaults to the 'master' branch.
	// +optional
	Reference *GitRepositoryRef `json:"ref,omitempty"`

	// Verification specifies the configuration to verify the Git commit
	// signature(s).
	// +optional
	Verification *GitRepositoryVerification `json:"verify,omitempty"`

	// Ignore overrides the set of excluded patterns in the .sourceignore format
	// (which is the same as .gitignore). If not provided, a default will be used,
	// consult the documentation for your version to find out what those are.
	// +optional
	Ignore *string `json:"ignore,omitempty"`

	// Suspend tells the controller to suspend the reconciliation of this
	// GitRepository.
	// +optional
	Suspend bool `json:"suspend,omitempty"`

	// GitImplementation specifies which Git client library implementation to
	// use. Defaults to 'go-git', valid values are ('go-git', 'libgit2').
	// Deprecated: gitImplementation is deprecated now that 'go-git' is the
	// only supported implementation.
	// +kubebuilder:validation:Enum=go-git;libgit2
	// +kubebuilder:default:=go-git
	// +optional
	GitImplementation string `json:"gitImplementation,omitempty"`

	// RecurseSubmodules enables the initialization of all submodules within
	// the GitRepository as cloned from the URL, using their default settings.
	// +optional
	RecurseSubmodules bool `json:"recurseSubmodules,omitempty"`

	// Include specifies a list of GitRepository resources which Artifacts
	// should be included in the Artifact produced for this GitRepository.
	Include []GitRepositoryInclude `json:"include,omitempty"`

	// AccessFrom specifies an Access Control List for allowing cross-namespace
	// references to this object.
	// NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
	// +optional
	AccessFrom *acl.AccessFrom `json:"accessFrom,omitempty"`
}

GitRepositorySpec specifies the required configuration to produce an Artifact for a Git repository.

func (*GitRepositorySpec) DeepCopy

func (in *GitRepositorySpec) DeepCopy() *GitRepositorySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepositorySpec.

func (*GitRepositorySpec) DeepCopyInto

func (in *GitRepositorySpec) DeepCopyInto(out *GitRepositorySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GitRepositoryStatus

type GitRepositoryStatus struct {
	// ObservedGeneration is the last observed generation of the GitRepository
	// object.
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty"`

	// Conditions holds the conditions for the GitRepository.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`

	// URL is the dynamic fetch link for the latest Artifact.
	// It is provided on a "best effort" basis, and using the precise
	// GitRepositoryStatus.Artifact data is recommended.
	// +optional
	URL string `json:"url,omitempty"`

	// Artifact represents the last successful GitRepository reconciliation.
	// +optional
	Artifact *apiv1.Artifact `json:"artifact,omitempty"`

	// IncludedArtifacts contains a list of the last successfully included
	// Artifacts as instructed by GitRepositorySpec.Include.
	// +optional
	IncludedArtifacts []*apiv1.Artifact `json:"includedArtifacts,omitempty"`

	// ContentConfigChecksum is a checksum of all the configurations related to
	// the content of the source artifact:
	//  - .spec.ignore
	//  - .spec.recurseSubmodules
	//  - .spec.included and the checksum of the included artifacts
	// observed in .status.observedGeneration version of the object. This can
	// be used to determine if the content of the included repository has
	// changed.
	// It has the format of `<algo>:<checksum>`, for example: `sha256:<checksum>`.
	//
	// Deprecated: Replaced with explicit fields for observed artifact content
	// config in the status.
	// +optional
	ContentConfigChecksum string `json:"contentConfigChecksum,omitempty"`

	// ObservedIgnore is the observed exclusion patterns used for constructing
	// the source artifact.
	// +optional
	ObservedIgnore *string `json:"observedIgnore,omitempty"`

	// ObservedRecurseSubmodules is the observed resource submodules
	// configuration used to produce the current Artifact.
	// +optional
	ObservedRecurseSubmodules bool `json:"observedRecurseSubmodules,omitempty"`

	// ObservedInclude is the observed list of GitRepository resources used to
	// to produce the current Artifact.
	// +optional
	ObservedInclude []GitRepositoryInclude `json:"observedInclude,omitempty"`

	meta.ReconcileRequestStatus `json:",inline"`
}

GitRepositoryStatus records the observed state of a Git repository.

func (*GitRepositoryStatus) DeepCopy

func (in *GitRepositoryStatus) DeepCopy() *GitRepositoryStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepositoryStatus.

func (*GitRepositoryStatus) DeepCopyInto

func (in *GitRepositoryStatus) DeepCopyInto(out *GitRepositoryStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GitRepositoryVerification

type GitRepositoryVerification struct {
	// Mode specifies what Git object should be verified, currently ('head').
	// +kubebuilder:validation:Enum=head
	Mode string `json:"mode"`

	// SecretRef specifies the Secret containing the public keys of trusted Git
	// authors.
	SecretRef meta.LocalObjectReference `json:"secretRef"`
}

GitRepositoryVerification specifies the Git commit signature verification strategy.

func (*GitRepositoryVerification) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepositoryVerification.

func (*GitRepositoryVerification) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HelmChart

type HelmChart struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec HelmChartSpec `json:"spec,omitempty"`
	// +kubebuilder:default={"observedGeneration":-1}
	Status HelmChartStatus `json:"status,omitempty"`
}

HelmChart is the Schema for the helmcharts API.

func (*HelmChart) DeepCopy

func (in *HelmChart) DeepCopy() *HelmChart

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmChart.

func (*HelmChart) DeepCopyInto

func (in *HelmChart) DeepCopyInto(out *HelmChart)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*HelmChart) DeepCopyObject

func (in *HelmChart) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*HelmChart) GetArtifact

func (in *HelmChart) GetArtifact() *apiv1.Artifact

GetArtifact returns the latest artifact from the source if present in the status sub-resource.

func (HelmChart) GetConditions

func (in HelmChart) GetConditions() []metav1.Condition

GetConditions returns the status conditions of the object.

func (HelmChart) GetRequeueAfter

func (in HelmChart) GetRequeueAfter() time.Duration

GetRequeueAfter returns the duration after which the source must be reconciled again.

func (*HelmChart) GetValuesFiles

func (in *HelmChart) GetValuesFiles() []string

GetValuesFiles returns a merged list of HelmChartSpec.ValuesFiles.

func (*HelmChart) SetConditions

func (in *HelmChart) SetConditions(conditions []metav1.Condition)

SetConditions sets the status conditions on the object.

type HelmChartList

type HelmChartList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []HelmChart `json:"items"`
}

HelmChartList contains a list of HelmChart objects. +kubebuilder:object:root=true

func (*HelmChartList) DeepCopy

func (in *HelmChartList) DeepCopy() *HelmChartList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmChartList.

func (*HelmChartList) DeepCopyInto

func (in *HelmChartList) DeepCopyInto(out *HelmChartList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*HelmChartList) DeepCopyObject

func (in *HelmChartList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type HelmChartSpec

type HelmChartSpec struct {
	// Chart is the name or path the Helm chart is available at in the
	// SourceRef.
	// +required
	Chart string `json:"chart"`

	// Version is the chart version semver expression, ignored for charts from
	// GitRepository and Bucket sources. Defaults to latest when omitted.
	// +kubebuilder:default:=*
	// +optional
	Version string `json:"version,omitempty"`

	// SourceRef is the reference to the Source the chart is available at.
	// +required
	SourceRef LocalHelmChartSourceReference `json:"sourceRef"`

	// Interval at which the HelmChart SourceRef is checked for updates.
	// This interval is approximate and may be subject to jitter to ensure
	// efficient use of resources.
	// +kubebuilder:validation:Type=string
	// +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
	// +required
	Interval metav1.Duration `json:"interval"`

	// ReconcileStrategy determines what enables the creation of a new artifact.
	// Valid values are ('ChartVersion', 'Revision').
	// See the documentation of the values for an explanation on their behavior.
	// Defaults to ChartVersion when omitted.
	// +kubebuilder:validation:Enum=ChartVersion;Revision
	// +kubebuilder:default:=ChartVersion
	// +optional
	ReconcileStrategy string `json:"reconcileStrategy,omitempty"`

	// ValuesFiles is an alternative list of values files to use as the chart
	// values (values.yaml is not included by default), expected to be a
	// relative path in the SourceRef.
	// Values files are merged in the order of this list with the last file
	// overriding the first. Ignored when omitted.
	// +optional
	ValuesFiles []string `json:"valuesFiles,omitempty"`

	// ValuesFile is an alternative values file to use as the default chart
	// values, expected to be a relative path in the SourceRef. Deprecated in
	// favor of ValuesFiles, for backwards compatibility the file specified here
	// is merged before the ValuesFiles items. Ignored when omitted.
	// +optional
	// +deprecated
	ValuesFile string `json:"valuesFile,omitempty"`

	// IgnoreMissingValuesFiles controls whether to silently ignore missing values
	// files rather than failing.
	// +optional
	IgnoreMissingValuesFiles bool `json:"ignoreMissingValuesFiles,omitempty"`

	// Suspend tells the controller to suspend the reconciliation of this
	// source.
	// +optional
	Suspend bool `json:"suspend,omitempty"`

	// AccessFrom specifies an Access Control List for allowing cross-namespace
	// references to this object.
	// NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
	// +optional
	AccessFrom *acl.AccessFrom `json:"accessFrom,omitempty"`

	// Verify contains the secret name containing the trusted public keys
	// used to verify the signature and specifies which provider to use to check
	// whether OCI image is authentic.
	// This field is only supported when using HelmRepository source with spec.type 'oci'.
	// Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified.
	// +optional
	Verify *apiv1.OCIRepositoryVerification `json:"verify,omitempty"`
}

HelmChartSpec specifies the desired state of a Helm chart.

func (*HelmChartSpec) DeepCopy

func (in *HelmChartSpec) DeepCopy() *HelmChartSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmChartSpec.

func (*HelmChartSpec) DeepCopyInto

func (in *HelmChartSpec) DeepCopyInto(out *HelmChartSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HelmChartStatus

type HelmChartStatus struct {
	// ObservedGeneration is the last observed generation of the HelmChart
	// object.
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty"`

	// ObservedSourceArtifactRevision is the last observed Artifact.Revision
	// of the HelmChartSpec.SourceRef.
	// +optional
	ObservedSourceArtifactRevision string `json:"observedSourceArtifactRevision,omitempty"`

	// ObservedChartName is the last observed chart name as specified by the
	// resolved chart reference.
	// +optional
	ObservedChartName string `json:"observedChartName,omitempty"`

	// ObservedValuesFiles are the observed value files of the last successful
	// reconciliation.
	// It matches the chart in the last successfully reconciled artifact.
	// +optional
	ObservedValuesFiles []string `json:"observedValuesFiles,omitempty"`

	// Conditions holds the conditions for the HelmChart.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`

	// URL is the dynamic fetch link for the latest Artifact.
	// It is provided on a "best effort" basis, and using the precise
	// BucketStatus.Artifact data is recommended.
	// +optional
	URL string `json:"url,omitempty"`

	// Artifact represents the output of the last successful reconciliation.
	// +optional
	Artifact *apiv1.Artifact `json:"artifact,omitempty"`

	meta.ReconcileRequestStatus `json:",inline"`
}

HelmChartStatus records the observed state of the HelmChart.

func (*HelmChartStatus) DeepCopy

func (in *HelmChartStatus) DeepCopy() *HelmChartStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmChartStatus.

func (*HelmChartStatus) DeepCopyInto

func (in *HelmChartStatus) DeepCopyInto(out *HelmChartStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HelmRepository

type HelmRepository struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec HelmRepositorySpec `json:"spec,omitempty"`
	// +kubebuilder:default={"observedGeneration":-1}
	Status HelmRepositoryStatus `json:"status,omitempty"`
}

HelmRepository is the Schema for the helmrepositories API.

func (*HelmRepository) DeepCopy

func (in *HelmRepository) DeepCopy() *HelmRepository

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmRepository.

func (*HelmRepository) DeepCopyInto

func (in *HelmRepository) DeepCopyInto(out *HelmRepository)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*HelmRepository) DeepCopyObject

func (in *HelmRepository) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*HelmRepository) GetArtifact

func (in *HelmRepository) GetArtifact() *apiv1.Artifact

GetArtifact returns the latest artifact from the source if present in the status sub-resource.

func (HelmRepository) GetConditions

func (in HelmRepository) GetConditions() []metav1.Condition

GetConditions returns the status conditions of the object.

func (HelmRepository) GetRequeueAfter

func (in HelmRepository) GetRequeueAfter() time.Duration

GetRequeueAfter returns the duration after which the source must be reconciled again.

func (HelmRepository) GetTimeout added in v1.2.0

func (in HelmRepository) GetTimeout() time.Duration

GetTimeout returns the timeout duration used for various operations related to this HelmRepository.

func (*HelmRepository) SetConditions

func (in *HelmRepository) SetConditions(conditions []metav1.Condition)

SetConditions sets the status conditions on the object.

type HelmRepositoryList

type HelmRepositoryList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []HelmRepository `json:"items"`
}

HelmRepositoryList contains a list of HelmRepository objects. +kubebuilder:object:root=true

func (*HelmRepositoryList) DeepCopy

func (in *HelmRepositoryList) DeepCopy() *HelmRepositoryList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmRepositoryList.

func (*HelmRepositoryList) DeepCopyInto

func (in *HelmRepositoryList) DeepCopyInto(out *HelmRepositoryList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*HelmRepositoryList) DeepCopyObject

func (in *HelmRepositoryList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type HelmRepositorySpec

type HelmRepositorySpec struct {
	// URL of the Helm repository, a valid URL contains at least a protocol and
	// host.
	// +kubebuilder:validation:Pattern="^(http|https|oci)://.*$"
	// +required
	URL string `json:"url"`

	// SecretRef specifies the Secret containing authentication credentials
	// for the HelmRepository.
	// For HTTP/S basic auth the secret must contain 'username' and 'password'
	// fields.
	// Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile'
	// keys is deprecated. Please use `.spec.certSecretRef` instead.
	// +optional
	SecretRef *meta.LocalObjectReference `json:"secretRef,omitempty"`

	// CertSecretRef can be given the name of a Secret containing
	// either or both of
	//
	// - a PEM-encoded client certificate (`tls.crt`) and private
	// key (`tls.key`);
	// - a PEM-encoded CA certificate (`ca.crt`)
	//
	// and whichever are supplied, will be used for connecting to the
	// registry. The client cert and key are useful if you are
	// authenticating with a certificate; the CA cert is useful if
	// you are using a self-signed server certificate. The Secret must
	// be of type `Opaque` or `kubernetes.io/tls`.
	//
	// It takes precedence over the values specified in the Secret referred
	// to by `.spec.secretRef`.
	// +optional
	CertSecretRef *meta.LocalObjectReference `json:"certSecretRef,omitempty"`

	// PassCredentials allows the credentials from the SecretRef to be passed
	// on to a host that does not match the host as defined in URL.
	// This may be required if the host of the advertised chart URLs in the
	// index differ from the defined URL.
	// Enabling this should be done with caution, as it can potentially result
	// in credentials getting stolen in a MITM-attack.
	// +optional
	PassCredentials bool `json:"passCredentials,omitempty"`

	// Interval at which the HelmRepository URL is checked for updates.
	// This interval is approximate and may be subject to jitter to ensure
	// efficient use of resources.
	// +kubebuilder:validation:Type=string
	// +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
	// +optional
	Interval metav1.Duration `json:"interval,omitempty"`

	// Insecure allows connecting to a non-TLS HTTP container registry.
	// This field is only taken into account if the .spec.type field is set to 'oci'.
	// +optional
	Insecure bool `json:"insecure,omitempty"`

	// Timeout is used for the index fetch operation for an HTTPS helm repository,
	// and for remote OCI Repository operations like pulling for an OCI helm
	// chart by the associated HelmChart.
	// Its default value is 60s.
	// +kubebuilder:validation:Type=string
	// +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
	// +optional
	Timeout *metav1.Duration `json:"timeout,omitempty"`

	// Suspend tells the controller to suspend the reconciliation of this
	// HelmRepository.
	// +optional
	Suspend bool `json:"suspend,omitempty"`

	// AccessFrom specifies an Access Control List for allowing cross-namespace
	// references to this object.
	// NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
	// +optional
	AccessFrom *acl.AccessFrom `json:"accessFrom,omitempty"`

	// Type of the HelmRepository.
	// When this field is set to  "oci", the URL field value must be prefixed with "oci://".
	// +kubebuilder:validation:Enum=default;oci
	// +optional
	Type string `json:"type,omitempty"`

	// Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
	// This field is optional, and only taken into account if the .spec.type field is set to 'oci'.
	// When not specified, defaults to 'generic'.
	// +kubebuilder:validation:Enum=generic;aws;azure;gcp
	// +kubebuilder:default:=generic
	// +optional
	Provider string `json:"provider,omitempty"`
}

HelmRepositorySpec specifies the required configuration to produce an Artifact for a Helm repository index YAML.

func (*HelmRepositorySpec) DeepCopy

func (in *HelmRepositorySpec) DeepCopy() *HelmRepositorySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmRepositorySpec.

func (*HelmRepositorySpec) DeepCopyInto

func (in *HelmRepositorySpec) DeepCopyInto(out *HelmRepositorySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HelmRepositoryStatus

type HelmRepositoryStatus struct {
	// ObservedGeneration is the last observed generation of the HelmRepository
	// object.
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty"`

	// Conditions holds the conditions for the HelmRepository.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`

	// URL is the dynamic fetch link for the latest Artifact.
	// It is provided on a "best effort" basis, and using the precise
	// HelmRepositoryStatus.Artifact data is recommended.
	// +optional
	URL string `json:"url,omitempty"`

	// Artifact represents the last successful HelmRepository reconciliation.
	// +optional
	Artifact *apiv1.Artifact `json:"artifact,omitempty"`

	meta.ReconcileRequestStatus `json:",inline"`
}

HelmRepositoryStatus records the observed state of the HelmRepository.

func (*HelmRepositoryStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmRepositoryStatus.

func (*HelmRepositoryStatus) DeepCopyInto

func (in *HelmRepositoryStatus) DeepCopyInto(out *HelmRepositoryStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LocalHelmChartSourceReference

type LocalHelmChartSourceReference struct {
	// APIVersion of the referent.
	// +optional
	APIVersion string `json:"apiVersion,omitempty"`

	// Kind of the referent, valid values are ('HelmRepository', 'GitRepository',
	// 'Bucket').
	// +kubebuilder:validation:Enum=HelmRepository;GitRepository;Bucket
	// +required
	Kind string `json:"kind"`

	// Name of the referent.
	// +required
	Name string `json:"name"`
}

LocalHelmChartSourceReference contains enough information to let you locate the typed referenced object at namespace level.

func (*LocalHelmChartSourceReference) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalHelmChartSourceReference.

func (*LocalHelmChartSourceReference) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OCILayerSelector added in v0.28.0

type OCILayerSelector struct {
	// MediaType specifies the OCI media type of the layer
	// which should be extracted from the OCI Artifact. The
	// first layer matching this type is selected.
	// +optional
	MediaType string `json:"mediaType,omitempty"`

	// Operation specifies how the selected layer should be processed.
	// By default, the layer compressed content is extracted to storage.
	// When the operation is set to 'copy', the layer compressed content
	// is persisted to storage as it is.
	// +kubebuilder:validation:Enum=extract;copy
	// +optional
	Operation string `json:"operation,omitempty"`
}

OCILayerSelector specifies which layer should be extracted from an OCI Artifact

func (*OCILayerSelector) DeepCopy added in v0.28.0

func (in *OCILayerSelector) DeepCopy() *OCILayerSelector

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OCILayerSelector.

func (*OCILayerSelector) DeepCopyInto added in v0.28.0

func (in *OCILayerSelector) DeepCopyInto(out *OCILayerSelector)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OCIRepository added in v0.26.0

type OCIRepository struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec OCIRepositorySpec `json:"spec,omitempty"`
	// +kubebuilder:default={"observedGeneration":-1}
	Status OCIRepositoryStatus `json:"status,omitempty"`
}

OCIRepository is the Schema for the ocirepositories API

func (*OCIRepository) DeepCopy added in v0.26.0

func (in *OCIRepository) DeepCopy() *OCIRepository

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OCIRepository.

func (*OCIRepository) DeepCopyInto added in v0.26.0

func (in *OCIRepository) DeepCopyInto(out *OCIRepository)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OCIRepository) DeepCopyObject added in v0.26.0

func (in *OCIRepository) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*OCIRepository) GetArtifact added in v0.26.0

func (in *OCIRepository) GetArtifact() *apiv1.Artifact

GetArtifact returns the latest Artifact from the OCIRepository if present in the status sub-resource.

func (OCIRepository) GetConditions added in v0.26.0

func (in OCIRepository) GetConditions() []metav1.Condition

GetConditions returns the status conditions of the object.

func (*OCIRepository) GetLayerMediaType added in v0.28.0

func (in *OCIRepository) GetLayerMediaType() string

GetLayerMediaType returns the media type layer selector if found in spec.

func (*OCIRepository) GetLayerOperation added in v0.30.0

func (in *OCIRepository) GetLayerOperation() string

GetLayerOperation returns the layer selector operation (defaults to extract).

func (OCIRepository) GetRequeueAfter added in v0.26.0

func (in OCIRepository) GetRequeueAfter() time.Duration

GetRequeueAfter returns the duration after which the OCIRepository must be reconciled again.

func (*OCIRepository) SetConditions added in v0.26.0

func (in *OCIRepository) SetConditions(conditions []metav1.Condition)

SetConditions sets the status conditions on the object.

type OCIRepositoryList added in v0.26.0

type OCIRepositoryList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []OCIRepository `json:"items"`
}

OCIRepositoryList contains a list of OCIRepository +kubebuilder:object:root=true

func (*OCIRepositoryList) DeepCopy added in v0.26.0

func (in *OCIRepositoryList) DeepCopy() *OCIRepositoryList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OCIRepositoryList.

func (*OCIRepositoryList) DeepCopyInto added in v0.26.0

func (in *OCIRepositoryList) DeepCopyInto(out *OCIRepositoryList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OCIRepositoryList) DeepCopyObject added in v0.26.0

func (in *OCIRepositoryList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OCIRepositoryRef added in v0.26.0

type OCIRepositoryRef struct {
	// Digest is the image digest to pull, takes precedence over SemVer.
	// The value should be in the format 'sha256:<HASH>'.
	// +optional
	Digest string `json:"digest,omitempty"`

	// SemVer is the range of tags to pull selecting the latest within
	// the range, takes precedence over Tag.
	// +optional
	SemVer string `json:"semver,omitempty"`

	// SemverFilter is a regex pattern to filter the tags within the SemVer range.
	// +optional
	SemverFilter string `json:"semverFilter,omitempty"`

	// Tag is the image tag to pull, defaults to latest.
	// +optional
	Tag string `json:"tag,omitempty"`
}

OCIRepositoryRef defines the image reference for the OCIRepository's URL

func (*OCIRepositoryRef) DeepCopy added in v0.26.0

func (in *OCIRepositoryRef) DeepCopy() *OCIRepositoryRef

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OCIRepositoryRef.

func (*OCIRepositoryRef) DeepCopyInto added in v0.26.0

func (in *OCIRepositoryRef) DeepCopyInto(out *OCIRepositoryRef)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OCIRepositorySpec added in v0.26.0

type OCIRepositorySpec struct {
	// URL is a reference to an OCI artifact repository hosted
	// on a remote container registry.
	// +kubebuilder:validation:Pattern="^oci://.*$"
	// +required
	URL string `json:"url"`

	// The OCI reference to pull and monitor for changes,
	// defaults to the latest tag.
	// +optional
	Reference *OCIRepositoryRef `json:"ref,omitempty"`

	// LayerSelector specifies which layer should be extracted from the OCI artifact.
	// When not specified, the first layer found in the artifact is selected.
	// +optional
	LayerSelector *OCILayerSelector `json:"layerSelector,omitempty"`

	// The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
	// When not specified, defaults to 'generic'.
	// +kubebuilder:validation:Enum=generic;aws;azure;gcp
	// +kubebuilder:default:=generic
	// +optional
	Provider string `json:"provider,omitempty"`

	// SecretRef contains the secret name containing the registry login
	// credentials to resolve image metadata.
	// The secret must be of type kubernetes.io/dockerconfigjson.
	// +optional
	SecretRef *meta.LocalObjectReference `json:"secretRef,omitempty"`

	// Verify contains the secret name containing the trusted public keys
	// used to verify the signature and specifies which provider to use to check
	// whether OCI image is authentic.
	// +optional
	Verify *apiv1.OCIRepositoryVerification `json:"verify,omitempty"`

	// ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate
	// the image pull if the service account has attached pull secrets. For more information:
	// https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account
	// +optional
	ServiceAccountName string `json:"serviceAccountName,omitempty"`

	// CertSecretRef can be given the name of a Secret containing
	// either or both of
	//
	// - a PEM-encoded client certificate (`tls.crt`) and private
	// key (`tls.key`);
	// - a PEM-encoded CA certificate (`ca.crt`)
	//
	// and whichever are supplied, will be used for connecting to the
	// registry. The client cert and key are useful if you are
	// authenticating with a certificate; the CA cert is useful if
	// you are using a self-signed server certificate. The Secret must
	// be of type `Opaque` or `kubernetes.io/tls`.
	//
	// Note: Support for the `caFile`, `certFile` and `keyFile` keys have
	// been deprecated.
	// +optional
	CertSecretRef *meta.LocalObjectReference `json:"certSecretRef,omitempty"`

	// ProxySecretRef specifies the Secret containing the proxy configuration
	// to use while communicating with the container registry.
	// +optional
	ProxySecretRef *meta.LocalObjectReference `json:"proxySecretRef,omitempty"`

	// Interval at which the OCIRepository URL is checked for updates.
	// This interval is approximate and may be subject to jitter to ensure
	// efficient use of resources.
	// +kubebuilder:validation:Type=string
	// +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
	// +required
	Interval metav1.Duration `json:"interval"`

	// The timeout for remote OCI Repository operations like pulling, defaults to 60s.
	// +kubebuilder:default="60s"
	// +kubebuilder:validation:Type=string
	// +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
	// +optional
	Timeout *metav1.Duration `json:"timeout,omitempty"`

	// Ignore overrides the set of excluded patterns in the .sourceignore format
	// (which is the same as .gitignore). If not provided, a default will be used,
	// consult the documentation for your version to find out what those are.
	// +optional
	Ignore *string `json:"ignore,omitempty"`

	// Insecure allows connecting to a non-TLS HTTP container registry.
	// +optional
	Insecure bool `json:"insecure,omitempty"`

	// This flag tells the controller to suspend the reconciliation of this source.
	// +optional
	Suspend bool `json:"suspend,omitempty"`
}

OCIRepositorySpec defines the desired state of OCIRepository

func (*OCIRepositorySpec) DeepCopy added in v0.26.0

func (in *OCIRepositorySpec) DeepCopy() *OCIRepositorySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OCIRepositorySpec.

func (*OCIRepositorySpec) DeepCopyInto added in v0.26.0

func (in *OCIRepositorySpec) DeepCopyInto(out *OCIRepositorySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OCIRepositoryStatus added in v0.26.0

type OCIRepositoryStatus struct {
	// ObservedGeneration is the last observed generation.
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty"`

	// Conditions holds the conditions for the OCIRepository.
	// +optional
	Conditions []metav1.Condition `json:"conditions,omitempty"`

	// URL is the download link for the artifact output of the last OCI Repository sync.
	// +optional
	URL string `json:"url,omitempty"`

	// Artifact represents the output of the last successful OCI Repository sync.
	// +optional
	Artifact *apiv1.Artifact `json:"artifact,omitempty"`

	// ContentConfigChecksum is a checksum of all the configurations related to
	// the content of the source artifact:
	//  - .spec.ignore
	//  - .spec.layerSelector
	// observed in .status.observedGeneration version of the object. This can
	// be used to determine if the content configuration has changed and the
	// artifact needs to be rebuilt.
	// It has the format of `<algo>:<checksum>`, for example: `sha256:<checksum>`.
	//
	// Deprecated: Replaced with explicit fields for observed artifact content
	// config in the status.
	// +optional
	ContentConfigChecksum string `json:"contentConfigChecksum,omitempty"`

	// ObservedIgnore is the observed exclusion patterns used for constructing
	// the source artifact.
	// +optional
	ObservedIgnore *string `json:"observedIgnore,omitempty"`

	// ObservedLayerSelector is the observed layer selector used for constructing
	// the source artifact.
	// +optional
	ObservedLayerSelector *OCILayerSelector `json:"observedLayerSelector,omitempty"`

	meta.ReconcileRequestStatus `json:",inline"`
}

OCIRepositoryStatus defines the observed state of OCIRepository

func (*OCIRepositoryStatus) DeepCopy added in v0.26.0

func (in *OCIRepositoryStatus) DeepCopy() *OCIRepositoryStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OCIRepositoryStatus.

func (*OCIRepositoryStatus) DeepCopyInto added in v0.26.0

func (in *OCIRepositoryStatus) DeepCopyInto(out *OCIRepositoryStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Source deprecated

type Source interface {
	runtime.Object
	// GetRequeueAfter returns the duration after which the source must be
	// reconciled again.
	GetRequeueAfter() time.Duration
	// GetArtifact returns the latest artifact from the source if present in
	// the status sub-resource.
	GetArtifact() *Artifact
}

Source interface must be supported by all API types. Source is the interface that provides generic access to the Artifact and interval. It must be supported by all kinds of the source.toolkit.fluxcd.io API group.

Deprecated: use the Source interface from api/v1 instead. This type will be removed in a future release.

+k8s:deepcopy-gen=false

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL