Documentation ¶
Overview ¶
Package v1 contains API Schema definitions for the source v1 API group +kubebuilder:object:generate=true +groupName=source.toolkit.fluxcd.io
Index ¶
- Constants
- Variables
- func ArtifactDir(kind, namespace, name string) string
- func ArtifactPath(kind, namespace, name, filename string) string
- type Artifact
- type Bucket
- func (in *Bucket) DeepCopy() *Bucket
- func (in *Bucket) DeepCopyInto(out *Bucket)
- func (in *Bucket) DeepCopyObject() runtime.Object
- func (in *Bucket) GetArtifact() *Artifact
- func (in *Bucket) GetConditions() []metav1.Condition
- func (in *Bucket) GetRequeueAfter() time.Duration
- func (in *Bucket) SetConditions(conditions []metav1.Condition)
- type BucketList
- type BucketSTSSpec
- type BucketSpec
- type BucketStatus
- type GitRepository
- func (in *GitRepository) DeepCopy() *GitRepository
- func (in *GitRepository) DeepCopyInto(out *GitRepository)
- func (in *GitRepository) DeepCopyObject() runtime.Object
- func (in *GitRepository) GetArtifact() *Artifact
- func (in GitRepository) GetConditions() []metav1.Condition
- func (in GitRepository) GetRequeueAfter() time.Duration
- func (in *GitRepository) SetConditions(conditions []metav1.Condition)
- type GitRepositoryInclude
- type GitRepositoryList
- type GitRepositoryRef
- type GitRepositorySpec
- type GitRepositoryStatus
- type GitRepositoryVerification
- func (in *GitRepositoryVerification) DeepCopy() *GitRepositoryVerification
- func (in *GitRepositoryVerification) DeepCopyInto(out *GitRepositoryVerification)
- func (v *GitRepositoryVerification) GetMode() GitVerificationMode
- func (v *GitRepositoryVerification) VerifyHEAD() bool
- func (v *GitRepositoryVerification) VerifyTag() bool
- type GitVerificationMode
- type HelmChart
- func (in *HelmChart) DeepCopy() *HelmChart
- func (in *HelmChart) DeepCopyInto(out *HelmChart)
- func (in *HelmChart) DeepCopyObject() runtime.Object
- func (in *HelmChart) GetArtifact() *Artifact
- func (in HelmChart) GetConditions() []metav1.Condition
- func (in HelmChart) GetRequeueAfter() time.Duration
- func (in *HelmChart) GetValuesFiles() []string
- func (in *HelmChart) SetConditions(conditions []metav1.Condition)
- type HelmChartList
- type HelmChartSpec
- type HelmChartStatus
- type HelmRepository
- func (in *HelmRepository) DeepCopy() *HelmRepository
- func (in *HelmRepository) DeepCopyInto(out *HelmRepository)
- func (in *HelmRepository) DeepCopyObject() runtime.Object
- func (in *HelmRepository) GetArtifact() *Artifact
- func (in HelmRepository) GetConditions() []metav1.Condition
- func (in HelmRepository) GetRequeueAfter() time.Duration
- func (in HelmRepository) GetTimeout() time.Duration
- func (in *HelmRepository) SetConditions(conditions []metav1.Condition)
- type HelmRepositoryList
- type HelmRepositorySpec
- type HelmRepositoryStatus
- type LocalHelmChartSourceReference
- type OCIRepositoryVerification
- type OIDCIdentityMatch
- type Source
Constants ¶
const ( // BucketProviderGeneric for any S3 API compatible storage Bucket. BucketProviderGeneric string = "generic" // BucketProviderAmazon for an AWS S3 object storage Bucket. // Provides support for retrieving credentials from the AWS EC2 service. BucketProviderAmazon string = "aws" // BucketProviderGoogle for a Google Cloud Storage Bucket. // Provides support for authentication using a workload identity. BucketProviderGoogle string = "gcp" // BucketProviderAzure for an Azure Blob Storage Bucket. // Provides support for authentication using a Service Principal, // Managed Identity or Shared Key. BucketProviderAzure string = "azure" )
const ( // BucketOperationSucceededReason signals that the Bucket listing and fetch // operations succeeded. BucketOperationSucceededReason string = "BucketOperationSucceeded" // BucketOperationFailedReason signals that the Bucket listing or fetch // operations failed. BucketOperationFailedReason string = "BucketOperationFailed" )
const ( // ArtifactInStorageCondition indicates the availability of the Artifact in // the storage. // If True, the Artifact is stored successfully. // This Condition is only present on the resource if the Artifact is // successfully stored. ArtifactInStorageCondition string = "ArtifactInStorage" // ArtifactOutdatedCondition indicates the current Artifact of the Source // is outdated. // This is a "negative polarity" or "abnormal-true" type, and is only // present on the resource if it is True. ArtifactOutdatedCondition string = "ArtifactOutdated" // SourceVerifiedCondition indicates the integrity verification of the // Source. // If True, the integrity check succeeded. If False, it failed. // This Condition is only present on the resource if the integrity check // is enabled. SourceVerifiedCondition string = "SourceVerified" // FetchFailedCondition indicates a transient or persistent fetch failure // of an upstream Source. // If True, observations on the upstream Source revision may be impossible, // and the Artifact available for the Source may be outdated. // This is a "negative polarity" or "abnormal-true" type, and is only // present on the resource if it is True. FetchFailedCondition string = "FetchFailed" // BuildFailedCondition indicates a transient or persistent build failure // of a Source's Artifact. // If True, the Source can be in an ArtifactOutdatedCondition. // This is a "negative polarity" or "abnormal-true" type, and is only // present on the resource if it is True. BuildFailedCondition string = "BuildFailed" // StorageOperationFailedCondition indicates a transient or persistent // failure related to storage. If True, the reconciliation failed while // performing some filesystem operation. // This is a "negative polarity" or "abnormal-true" type, and is only // present on the resource if it is True. StorageOperationFailedCondition string = "StorageOperationFailed" )
const ( // URLInvalidReason signals that a given Source has an invalid URL. URLInvalidReason string = "URLInvalid" // AuthenticationFailedReason signals that a Secret does not have the // required fields, or the provided credentials do not match. AuthenticationFailedReason string = "AuthenticationFailed" // VerificationError signals that the Source's verification // check failed. VerificationError string = "VerificationError" // DirCreationFailedReason signals a failure caused by a directory creation // operation. DirCreationFailedReason string = "DirectoryCreationFailed" // StatOperationFailedReason signals a failure caused by a stat operation on // a path. StatOperationFailedReason string = "StatOperationFailed" // ReadOperationFailedReason signals a failure caused by a read operation. ReadOperationFailedReason string = "ReadOperationFailed" // AcquireLockFailedReason signals a failure in acquiring lock. AcquireLockFailedReason string = "AcquireLockFailed" // InvalidPathReason signals a failure caused by an invalid path. InvalidPathReason string = "InvalidPath" // ArchiveOperationFailedReason signals a failure in archive operation. ArchiveOperationFailedReason string = "ArchiveOperationFailed" // SymlinkUpdateFailedReason signals a failure in updating a symlink. SymlinkUpdateFailedReason string = "SymlinkUpdateFailed" // ArtifactUpToDateReason signals that an existing Artifact is up-to-date // with the Source. ArtifactUpToDateReason string = "ArtifactUpToDate" // CacheOperationFailedReason signals a failure in cache operation. CacheOperationFailedReason string = "CacheOperationFailed" // PatchOperationFailedReason signals a failure in patching a kubernetes API // object. PatchOperationFailedReason string = "PatchOperationFailed" // InvalidSTSConfigurationReason signals that the STS configurtion is invalid. InvalidSTSConfigurationReason string = "InvalidSTSConfiguration" )
Reasons are provided as utility, and not part of the declarative API.
const ( // GitRepositoryKind is the string representation of a GitRepository. GitRepositoryKind = "GitRepository" // GitProviderGeneric provides support for authentication using // credentials specified in secretRef. GitProviderGeneric string = "generic" // GitProviderAzure provides support for authentication to azure // repositories using Managed Identity. GitProviderAzure string = "azure" )
const ( // GitOperationSucceedReason signals that a Git operation (e.g. clone, // checkout, etc.) succeeded. GitOperationSucceedReason string = "GitOperationSucceeded" // GitOperationFailedReason signals that a Git operation (e.g. clone, // checkout, etc.) failed. GitOperationFailedReason string = "GitOperationFailed" )
const ( // ReconcileStrategyChartVersion reconciles when the version of the Helm chart is different. ReconcileStrategyChartVersion string = "ChartVersion" // ReconcileStrategyRevision reconciles when the Revision of the source is different. ReconcileStrategyRevision string = "Revision" )
const ( // ChartPullSucceededReason signals that the pull of the Helm chart // succeeded. ChartPullSucceededReason string = "ChartPullSucceeded" // ChartPackageSucceededReason signals that the package of the Helm // chart succeeded. ChartPackageSucceededReason string = "ChartPackageSucceeded" )
const ( // HelmRepositoryKind is the string representation of a HelmRepository. HelmRepositoryKind = "HelmRepository" // HelmRepositoryURLIndexKey is the key used for indexing HelmRepository // objects by their HelmRepositorySpec.URL. HelmRepositoryURLIndexKey = ".metadata.helmRepositoryURL" // HelmRepositoryTypeDefault is the default HelmRepository type. // It is used when no type is specified and corresponds to a Helm repository. HelmRepositoryTypeDefault = "default" // HelmRepositoryTypeOCI is the type for an OCI repository. HelmRepositoryTypeOCI = "oci" )
const ( // STSProviderAmazon represents the AWS provider for Security Token Service. // Provides support for fetching temporary credentials from an AWS STS endpoint. STSProviderAmazon string = "aws" // STSProviderLDAP represents the LDAP provider for Security Token Service. // Provides support for fetching temporary credentials from an LDAP endpoint. STSProviderLDAP string = "ldap" )
const (
// BucketKind is the string representation of a Bucket.
BucketKind = "Bucket"
)
const HelmChartKind = "HelmChart"
HelmChartKind is the string representation of a HelmChart.
const ( // available. For example, because it does not exist, or does not have an // Artifact. // This is a "negative polarity" or "abnormal-true" type, and is only // present on the resource if it is True. IncludeUnavailableCondition string = "IncludeUnavailable" )
const ( // IndexationFailedReason signals that the HelmRepository index fetch // failed. IndexationFailedReason string = "IndexationFailed" )
const SourceFinalizer = "finalizers.fluxcd.io"
const ( // SourceIndexKey is the key used for indexing objects based on their // referenced Source. SourceIndexKey string = ".metadata.source" )
Variables ¶
var ( // GroupVersion is group version used to register these objects. GroupVersion = schema.GroupVersion{Group: "source.toolkit.fluxcd.io", Version: "v1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme. SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
Functions ¶
func ArtifactDir ¶
ArtifactDir returns the artifact dir path in the form of '<kind>/<namespace>/<name>'.
func ArtifactPath ¶
ArtifactPath returns the artifact path in the form of '<kind>/<namespace>/name>/<filename>'.
Types ¶
type Artifact ¶
type Artifact struct { // Path is the relative file path of the Artifact. It can be used to locate // the file in the root of the Artifact storage on the local file system of // the controller managing the Source. // +required Path string `json:"path"` // URL is the HTTP address of the Artifact as exposed by the controller // managing the Source. It can be used to retrieve the Artifact for // consumption, e.g. by another controller applying the Artifact contents. // +required URL string `json:"url"` // Revision is a human-readable identifier traceable in the origin source // system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. // +required Revision string `json:"revision"` // Digest is the digest of the file in the form of '<algorithm>:<checksum>'. // +optional // +kubebuilder:validation:Pattern="^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$" Digest string `json:"digest,omitempty"` // LastUpdateTime is the timestamp corresponding to the last update of the // Artifact. // +required LastUpdateTime metav1.Time `json:"lastUpdateTime"` // Size is the number of bytes in the file. // +optional Size *int64 `json:"size,omitempty"` // Metadata holds upstream information such as OCI annotations. // +optional Metadata map[string]string `json:"metadata,omitempty"` }
Artifact represents the output of a Source reconciliation.
func (*Artifact) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Artifact.
func (*Artifact) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Artifact) HasDigest ¶
HasDigest returns if the given digest matches the current Digest of the Artifact.
func (*Artifact) HasRevision ¶
HasRevision returns if the given revision matches the current Revision of the Artifact.
type Bucket ¶ added in v1.4.0
type Bucket struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec BucketSpec `json:"spec,omitempty"` // +kubebuilder:default={"observedGeneration":-1} Status BucketStatus `json:"status,omitempty"` }
Bucket is the Schema for the buckets API.
func (*Bucket) DeepCopy ¶ added in v1.4.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Bucket.
func (*Bucket) DeepCopyInto ¶ added in v1.4.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Bucket) DeepCopyObject ¶ added in v1.4.0
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*Bucket) GetArtifact ¶ added in v1.4.0
GetArtifact returns the latest artifact from the source if present in the status sub-resource.
func (*Bucket) GetConditions ¶ added in v1.4.0
GetConditions returns the status conditions of the object.
func (*Bucket) GetRequeueAfter ¶ added in v1.4.0
GetRequeueAfter returns the duration after which the source must be reconciled again.
func (*Bucket) SetConditions ¶ added in v1.4.0
SetConditions sets the status conditions on the object.
type BucketList ¶ added in v1.4.0
type BucketList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []Bucket `json:"items"` }
BucketList contains a list of Bucket objects. +kubebuilder:object:root=true
func (*BucketList) DeepCopy ¶ added in v1.4.0
func (in *BucketList) DeepCopy() *BucketList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketList.
func (*BucketList) DeepCopyInto ¶ added in v1.4.0
func (in *BucketList) DeepCopyInto(out *BucketList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*BucketList) DeepCopyObject ¶ added in v1.4.0
func (in *BucketList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type BucketSTSSpec ¶ added in v1.4.0
type BucketSTSSpec struct { // Provider of the Security Token Service. // +kubebuilder:validation:Enum=aws;ldap // +required Provider string `json:"provider"` // Endpoint is the HTTP/S endpoint of the Security Token Service from // where temporary credentials will be fetched. // +required // +kubebuilder:validation:Pattern="^(http|https)://.*$" Endpoint string `json:"endpoint"` // SecretRef specifies the Secret containing authentication credentials // for the STS endpoint. This Secret must contain the fields `username` // and `password` and is supported only for the `ldap` provider. // +optional SecretRef *meta.LocalObjectReference `json:"secretRef,omitempty"` // CertSecretRef can be given the name of a Secret containing // either or both of // // - a PEM-encoded client certificate (`tls.crt`) and private // key (`tls.key`); // - a PEM-encoded CA certificate (`ca.crt`) // // and whichever are supplied, will be used for connecting to the // STS endpoint. The client cert and key are useful if you are // authenticating with a certificate; the CA cert is useful if // you are using a self-signed server certificate. The Secret must // be of type `Opaque` or `kubernetes.io/tls`. // // This field is only supported for the `ldap` provider. // +optional CertSecretRef *meta.LocalObjectReference `json:"certSecretRef,omitempty"` }
BucketSTSSpec specifies the required configuration to use a Security Token Service for fetching temporary credentials to authenticate in a Bucket provider.
func (*BucketSTSSpec) DeepCopy ¶ added in v1.4.0
func (in *BucketSTSSpec) DeepCopy() *BucketSTSSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketSTSSpec.
func (*BucketSTSSpec) DeepCopyInto ¶ added in v1.4.0
func (in *BucketSTSSpec) DeepCopyInto(out *BucketSTSSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type BucketSpec ¶ added in v1.4.0
type BucketSpec struct { // Provider of the object storage bucket. // Defaults to 'generic', which expects an S3 (API) compatible object // storage. // +kubebuilder:validation:Enum=generic;aws;gcp;azure // +kubebuilder:default:=generic // +optional Provider string `json:"provider,omitempty"` // BucketName is the name of the object storage bucket. // +required BucketName string `json:"bucketName"` // Endpoint is the object storage address the BucketName is located at. // +required Endpoint string `json:"endpoint"` // STS specifies the required configuration to use a Security Token // Service for fetching temporary credentials to authenticate in a // Bucket provider. // // This field is only supported for the `aws` and `generic` providers. // +optional STS *BucketSTSSpec `json:"sts,omitempty"` // Insecure allows connecting to a non-TLS HTTP Endpoint. // +optional Insecure bool `json:"insecure,omitempty"` // Region of the Endpoint where the BucketName is located in. // +optional Region string `json:"region,omitempty"` // Prefix to use for server-side filtering of files in the Bucket. // +optional Prefix string `json:"prefix,omitempty"` // SecretRef specifies the Secret containing authentication credentials // for the Bucket. // +optional SecretRef *meta.LocalObjectReference `json:"secretRef,omitempty"` // CertSecretRef can be given the name of a Secret containing // either or both of // // - a PEM-encoded client certificate (`tls.crt`) and private // key (`tls.key`); // - a PEM-encoded CA certificate (`ca.crt`) // // and whichever are supplied, will be used for connecting to the // bucket. The client cert and key are useful if you are // authenticating with a certificate; the CA cert is useful if // you are using a self-signed server certificate. The Secret must // be of type `Opaque` or `kubernetes.io/tls`. // // This field is only supported for the `generic` provider. // +optional CertSecretRef *meta.LocalObjectReference `json:"certSecretRef,omitempty"` // ProxySecretRef specifies the Secret containing the proxy configuration // to use while communicating with the Bucket server. // +optional ProxySecretRef *meta.LocalObjectReference `json:"proxySecretRef,omitempty"` // Interval at which the Bucket Endpoint is checked for updates. // This interval is approximate and may be subject to jitter to ensure // efficient use of resources. // +kubebuilder:validation:Type=string // +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$" // +required Interval metav1.Duration `json:"interval"` // Timeout for fetch operations, defaults to 60s. // +kubebuilder:default="60s" // +kubebuilder:validation:Type=string // +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m))+$" // +optional Timeout *metav1.Duration `json:"timeout,omitempty"` // Ignore overrides the set of excluded patterns in the .sourceignore format // (which is the same as .gitignore). If not provided, a default will be used, // consult the documentation for your version to find out what those are. // +optional Ignore *string `json:"ignore,omitempty"` // Suspend tells the controller to suspend the reconciliation of this // Bucket. // +optional Suspend bool `json:"suspend,omitempty"` }
BucketSpec specifies the required configuration to produce an Artifact for an object storage bucket. +kubebuilder:validation:XValidation:rule="self.provider == 'aws' || self.provider == 'generic' || !has(self.sts)", message="STS configuration is only supported for the 'aws' and 'generic' Bucket providers" +kubebuilder:validation:XValidation:rule="self.provider != 'aws' || !has(self.sts) || self.sts.provider == 'aws'", message="'aws' is the only supported STS provider for the 'aws' Bucket provider" +kubebuilder:validation:XValidation:rule="self.provider != 'generic' || !has(self.sts) || self.sts.provider == 'ldap'", message="'ldap' is the only supported STS provider for the 'generic' Bucket provider" +kubebuilder:validation:XValidation:rule="!has(self.sts) || self.sts.provider != 'aws' || !has(self.sts.secretRef)", message="spec.sts.secretRef is not required for the 'aws' STS provider" +kubebuilder:validation:XValidation:rule="!has(self.sts) || self.sts.provider != 'aws' || !has(self.sts.certSecretRef)", message="spec.sts.certSecretRef is not required for the 'aws' STS provider"
func (*BucketSpec) DeepCopy ¶ added in v1.4.0
func (in *BucketSpec) DeepCopy() *BucketSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketSpec.
func (*BucketSpec) DeepCopyInto ¶ added in v1.4.0
func (in *BucketSpec) DeepCopyInto(out *BucketSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type BucketStatus ¶ added in v1.4.0
type BucketStatus struct { // ObservedGeneration is the last observed generation of the Bucket object. // +optional ObservedGeneration int64 `json:"observedGeneration,omitempty"` // Conditions holds the conditions for the Bucket. // +optional Conditions []metav1.Condition `json:"conditions,omitempty"` // URL is the dynamic fetch link for the latest Artifact. // It is provided on a "best effort" basis, and using the precise // BucketStatus.Artifact data is recommended. // +optional URL string `json:"url,omitempty"` // Artifact represents the last successful Bucket reconciliation. // +optional Artifact *Artifact `json:"artifact,omitempty"` // ObservedIgnore is the observed exclusion patterns used for constructing // the source artifact. // +optional ObservedIgnore *string `json:"observedIgnore,omitempty"` meta.ReconcileRequestStatus `json:",inline"` }
BucketStatus records the observed state of a Bucket.
func (*BucketStatus) DeepCopy ¶ added in v1.4.0
func (in *BucketStatus) DeepCopy() *BucketStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketStatus.
func (*BucketStatus) DeepCopyInto ¶ added in v1.4.0
func (in *BucketStatus) DeepCopyInto(out *BucketStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GitRepository ¶
type GitRepository struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec GitRepositorySpec `json:"spec,omitempty"` // +kubebuilder:default={"observedGeneration":-1} Status GitRepositoryStatus `json:"status,omitempty"` }
GitRepository is the Schema for the gitrepositories API.
func (*GitRepository) DeepCopy ¶
func (in *GitRepository) DeepCopy() *GitRepository
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepository.
func (*GitRepository) DeepCopyInto ¶
func (in *GitRepository) DeepCopyInto(out *GitRepository)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GitRepository) DeepCopyObject ¶
func (in *GitRepository) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*GitRepository) GetArtifact ¶
func (in *GitRepository) GetArtifact() *Artifact
GetArtifact returns the latest Artifact from the GitRepository if present in the status sub-resource.
func (GitRepository) GetConditions ¶
func (in GitRepository) GetConditions() []metav1.Condition
GetConditions returns the status conditions of the object.
func (GitRepository) GetRequeueAfter ¶
func (in GitRepository) GetRequeueAfter() time.Duration
GetRequeueAfter returns the duration after which the GitRepository must be reconciled again.
func (*GitRepository) SetConditions ¶
func (in *GitRepository) SetConditions(conditions []metav1.Condition)
SetConditions sets the status conditions on the object.
type GitRepositoryInclude ¶
type GitRepositoryInclude struct { // GitRepositoryRef specifies the GitRepository which Artifact contents // must be included. // +required GitRepositoryRef meta.LocalObjectReference `json:"repository"` // FromPath specifies the path to copy contents from, defaults to the root // of the Artifact. // +optional FromPath string `json:"fromPath,omitempty"` // ToPath specifies the path to copy contents to, defaults to the name of // the GitRepositoryRef. // +optional ToPath string `json:"toPath,omitempty"` }
GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents must be included, and where they should be placed.
func (*GitRepositoryInclude) DeepCopy ¶
func (in *GitRepositoryInclude) DeepCopy() *GitRepositoryInclude
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepositoryInclude.
func (*GitRepositoryInclude) DeepCopyInto ¶
func (in *GitRepositoryInclude) DeepCopyInto(out *GitRepositoryInclude)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GitRepositoryInclude) GetFromPath ¶
func (in *GitRepositoryInclude) GetFromPath() string
GetFromPath returns the specified FromPath.
func (*GitRepositoryInclude) GetToPath ¶
func (in *GitRepositoryInclude) GetToPath() string
GetToPath returns the specified ToPath, falling back to the name of the GitRepositoryRef.
type GitRepositoryList ¶
type GitRepositoryList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []GitRepository `json:"items"` }
GitRepositoryList contains a list of GitRepository objects. +kubebuilder:object:root=true
func (*GitRepositoryList) DeepCopy ¶
func (in *GitRepositoryList) DeepCopy() *GitRepositoryList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepositoryList.
func (*GitRepositoryList) DeepCopyInto ¶
func (in *GitRepositoryList) DeepCopyInto(out *GitRepositoryList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GitRepositoryList) DeepCopyObject ¶
func (in *GitRepositoryList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type GitRepositoryRef ¶
type GitRepositoryRef struct { // Branch to check out, defaults to 'master' if no other field is defined. // +optional Branch string `json:"branch,omitempty"` // Tag to check out, takes precedence over Branch. // +optional Tag string `json:"tag,omitempty"` // SemVer tag expression to check out, takes precedence over Tag. // +optional SemVer string `json:"semver,omitempty"` // Name of the reference to check out; takes precedence over Branch, Tag and SemVer. // // It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description // Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" // +optional Name string `json:"name,omitempty"` // Commit SHA to check out, takes precedence over all reference fields. // // This can be combined with Branch to shallow clone the branch, in which // the commit is expected to exist. // +optional Commit string `json:"commit,omitempty"` }
GitRepositoryRef specifies the Git reference to resolve and checkout.
func (*GitRepositoryRef) DeepCopy ¶
func (in *GitRepositoryRef) DeepCopy() *GitRepositoryRef
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepositoryRef.
func (*GitRepositoryRef) DeepCopyInto ¶
func (in *GitRepositoryRef) DeepCopyInto(out *GitRepositoryRef)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GitRepositorySpec ¶
type GitRepositorySpec struct { // URL specifies the Git repository URL, it can be an HTTP/S or SSH address. // +kubebuilder:validation:Pattern="^(http|https|ssh)://.*$" // +required URL string `json:"url"` // SecretRef specifies the Secret containing authentication credentials for // the GitRepository. // For HTTPS repositories the Secret must contain 'username' and 'password' // fields for basic auth or 'bearerToken' field for token auth. // For SSH repositories the Secret must contain 'identity' // and 'known_hosts' fields. // +optional SecretRef *meta.LocalObjectReference `json:"secretRef,omitempty"` // Provider used for authentication, can be 'azure', 'generic'. // When not specified, defaults to 'generic'. // +kubebuilder:validation:Enum=generic;azure // +kubebuilder:default:=generic // +optional Provider string `json:"provider,omitempty"` // Interval at which the GitRepository URL is checked for updates. // This interval is approximate and may be subject to jitter to ensure // efficient use of resources. // +kubebuilder:validation:Type=string // +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$" // +required Interval metav1.Duration `json:"interval"` // Timeout for Git operations like cloning, defaults to 60s. // +kubebuilder:default="60s" // +kubebuilder:validation:Type=string // +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m))+$" // +optional Timeout *metav1.Duration `json:"timeout,omitempty"` // Reference specifies the Git reference to resolve and monitor for // changes, defaults to the 'master' branch. // +optional Reference *GitRepositoryRef `json:"ref,omitempty"` // Verification specifies the configuration to verify the Git commit // signature(s). // +optional Verification *GitRepositoryVerification `json:"verify,omitempty"` // ProxySecretRef specifies the Secret containing the proxy configuration // to use while communicating with the Git server. // +optional ProxySecretRef *meta.LocalObjectReference `json:"proxySecretRef,omitempty"` // Ignore overrides the set of excluded patterns in the .sourceignore format // (which is the same as .gitignore). If not provided, a default will be used, // consult the documentation for your version to find out what those are. // +optional Ignore *string `json:"ignore,omitempty"` // Suspend tells the controller to suspend the reconciliation of this // GitRepository. // +optional Suspend bool `json:"suspend,omitempty"` // RecurseSubmodules enables the initialization of all submodules within // the GitRepository as cloned from the URL, using their default settings. // +optional RecurseSubmodules bool `json:"recurseSubmodules,omitempty"` // Include specifies a list of GitRepository resources which Artifacts // should be included in the Artifact produced for this GitRepository. // +optional Include []GitRepositoryInclude `json:"include,omitempty"` }
GitRepositorySpec specifies the required configuration to produce an Artifact for a Git repository.
func (*GitRepositorySpec) DeepCopy ¶
func (in *GitRepositorySpec) DeepCopy() *GitRepositorySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepositorySpec.
func (*GitRepositorySpec) DeepCopyInto ¶
func (in *GitRepositorySpec) DeepCopyInto(out *GitRepositorySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GitRepositoryStatus ¶
type GitRepositoryStatus struct { // ObservedGeneration is the last observed generation of the GitRepository // object. // +optional ObservedGeneration int64 `json:"observedGeneration,omitempty"` // Conditions holds the conditions for the GitRepository. // +optional Conditions []metav1.Condition `json:"conditions,omitempty"` // Artifact represents the last successful GitRepository reconciliation. // +optional Artifact *Artifact `json:"artifact,omitempty"` // IncludedArtifacts contains a list of the last successfully included // Artifacts as instructed by GitRepositorySpec.Include. // +optional IncludedArtifacts []*Artifact `json:"includedArtifacts,omitempty"` // ObservedIgnore is the observed exclusion patterns used for constructing // the source artifact. // +optional ObservedIgnore *string `json:"observedIgnore,omitempty"` // ObservedRecurseSubmodules is the observed resource submodules // configuration used to produce the current Artifact. // +optional ObservedRecurseSubmodules bool `json:"observedRecurseSubmodules,omitempty"` // ObservedInclude is the observed list of GitRepository resources used to // produce the current Artifact. // +optional ObservedInclude []GitRepositoryInclude `json:"observedInclude,omitempty"` // SourceVerificationMode is the last used verification mode indicating // which Git object(s) have been verified. // +optional SourceVerificationMode *GitVerificationMode `json:"sourceVerificationMode,omitempty"` meta.ReconcileRequestStatus `json:",inline"` }
GitRepositoryStatus records the observed state of a Git repository.
func (*GitRepositoryStatus) DeepCopy ¶
func (in *GitRepositoryStatus) DeepCopy() *GitRepositoryStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepositoryStatus.
func (*GitRepositoryStatus) DeepCopyInto ¶
func (in *GitRepositoryStatus) DeepCopyInto(out *GitRepositoryStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GitRepositoryVerification ¶
type GitRepositoryVerification struct { // Mode specifies which Git object(s) should be verified. // // The variants "head" and "HEAD" both imply the same thing, i.e. verify // the commit that the HEAD of the Git repository points to. The variant // "head" solely exists to ensure backwards compatibility. // +kubebuilder:validation:Enum=head;HEAD;Tag;TagAndHEAD // +optional // +kubebuilder:default:=HEAD Mode GitVerificationMode `json:"mode,omitempty"` // SecretRef specifies the Secret containing the public keys of trusted Git // authors. // +required SecretRef meta.LocalObjectReference `json:"secretRef"` }
GitRepositoryVerification specifies the Git commit signature verification strategy.
func (*GitRepositoryVerification) DeepCopy ¶
func (in *GitRepositoryVerification) DeepCopy() *GitRepositoryVerification
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitRepositoryVerification.
func (*GitRepositoryVerification) DeepCopyInto ¶
func (in *GitRepositoryVerification) DeepCopyInto(out *GitRepositoryVerification)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GitRepositoryVerification) GetMode ¶ added in v1.1.0
func (v *GitRepositoryVerification) GetMode() GitVerificationMode
GetMode returns the declared GitVerificationMode, or a ModeGitHEAD default.
func (*GitRepositoryVerification) VerifyHEAD ¶ added in v1.1.0
func (v *GitRepositoryVerification) VerifyHEAD() bool
VerifyHEAD returns if the configured mode instructs verification of the Git HEAD.
func (*GitRepositoryVerification) VerifyTag ¶ added in v1.1.0
func (v *GitRepositoryVerification) VerifyTag() bool
VerifyTag returns if the configured mode instructs verification of the Git tag.
type GitVerificationMode ¶ added in v1.1.0
type GitVerificationMode string
GitVerificationMode specifies the verification mode for a Git repository.
const ( // ModeGitHEAD implies that the HEAD of the Git repository (after it has been // checked out to the required commit) should be verified. ModeGitHEAD GitVerificationMode = "HEAD" // ModeGitTag implies that the tag object specified in the checkout configuration // should be verified. ModeGitTag GitVerificationMode = "Tag" // ModeGitTagAndHEAD implies that both the tag object and the commit it points // to should be verified. ModeGitTagAndHEAD GitVerificationMode = "TagAndHEAD" )
func (GitVerificationMode) Valid ¶ added in v1.1.0
func (m GitVerificationMode) Valid() bool
Valid checks the validity of the Git verification mode.
type HelmChart ¶ added in v1.3.0
type HelmChart struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec HelmChartSpec `json:"spec,omitempty"` // +kubebuilder:default={"observedGeneration":-1} Status HelmChartStatus `json:"status,omitempty"` }
HelmChart is the Schema for the helmcharts API.
func (*HelmChart) DeepCopy ¶ added in v1.3.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmChart.
func (*HelmChart) DeepCopyInto ¶ added in v1.3.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*HelmChart) DeepCopyObject ¶ added in v1.3.0
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*HelmChart) GetArtifact ¶ added in v1.3.0
GetArtifact returns the latest artifact from the source if present in the status sub-resource.
func (HelmChart) GetConditions ¶ added in v1.3.0
GetConditions returns the status conditions of the object.
func (HelmChart) GetRequeueAfter ¶ added in v1.3.0
GetRequeueAfter returns the duration after which the source must be reconciled again.
func (*HelmChart) GetValuesFiles ¶ added in v1.3.0
GetValuesFiles returns a merged list of HelmChartSpec.ValuesFiles.
func (*HelmChart) SetConditions ¶ added in v1.3.0
SetConditions sets the status conditions on the object.
type HelmChartList ¶ added in v1.3.0
type HelmChartList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []HelmChart `json:"items"` }
HelmChartList contains a list of HelmChart objects. +kubebuilder:object:root=true
func (*HelmChartList) DeepCopy ¶ added in v1.3.0
func (in *HelmChartList) DeepCopy() *HelmChartList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmChartList.
func (*HelmChartList) DeepCopyInto ¶ added in v1.3.0
func (in *HelmChartList) DeepCopyInto(out *HelmChartList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*HelmChartList) DeepCopyObject ¶ added in v1.3.0
func (in *HelmChartList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type HelmChartSpec ¶ added in v1.3.0
type HelmChartSpec struct { // Chart is the name or path the Helm chart is available at in the // SourceRef. // +required Chart string `json:"chart"` // Version is the chart version semver expression, ignored for charts from // GitRepository and Bucket sources. Defaults to latest when omitted. // +kubebuilder:default:=* // +optional Version string `json:"version,omitempty"` // SourceRef is the reference to the Source the chart is available at. // +required SourceRef LocalHelmChartSourceReference `json:"sourceRef"` // Interval at which the HelmChart SourceRef is checked for updates. // This interval is approximate and may be subject to jitter to ensure // efficient use of resources. // +kubebuilder:validation:Type=string // +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$" // +required Interval metav1.Duration `json:"interval"` // ReconcileStrategy determines what enables the creation of a new artifact. // Valid values are ('ChartVersion', 'Revision'). // See the documentation of the values for an explanation on their behavior. // Defaults to ChartVersion when omitted. // +kubebuilder:validation:Enum=ChartVersion;Revision // +kubebuilder:default:=ChartVersion // +optional ReconcileStrategy string `json:"reconcileStrategy,omitempty"` // ValuesFiles is an alternative list of values files to use as the chart // values (values.yaml is not included by default), expected to be a // relative path in the SourceRef. // Values files are merged in the order of this list with the last file // overriding the first. Ignored when omitted. // +optional ValuesFiles []string `json:"valuesFiles,omitempty"` // IgnoreMissingValuesFiles controls whether to silently ignore missing values // files rather than failing. // +optional IgnoreMissingValuesFiles bool `json:"ignoreMissingValuesFiles,omitempty"` // Suspend tells the controller to suspend the reconciliation of this // source. // +optional Suspend bool `json:"suspend,omitempty"` // Verify contains the secret name containing the trusted public keys // used to verify the signature and specifies which provider to use to check // whether OCI image is authentic. // This field is only supported when using HelmRepository source with spec.type 'oci'. // Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. // +optional Verify *OCIRepositoryVerification `json:"verify,omitempty"` }
HelmChartSpec specifies the desired state of a Helm chart.
func (*HelmChartSpec) DeepCopy ¶ added in v1.3.0
func (in *HelmChartSpec) DeepCopy() *HelmChartSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmChartSpec.
func (*HelmChartSpec) DeepCopyInto ¶ added in v1.3.0
func (in *HelmChartSpec) DeepCopyInto(out *HelmChartSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type HelmChartStatus ¶ added in v1.3.0
type HelmChartStatus struct { // ObservedGeneration is the last observed generation of the HelmChart // object. // +optional ObservedGeneration int64 `json:"observedGeneration,omitempty"` // ObservedSourceArtifactRevision is the last observed Artifact.Revision // of the HelmChartSpec.SourceRef. // +optional ObservedSourceArtifactRevision string `json:"observedSourceArtifactRevision,omitempty"` // ObservedChartName is the last observed chart name as specified by the // resolved chart reference. // +optional ObservedChartName string `json:"observedChartName,omitempty"` // ObservedValuesFiles are the observed value files of the last successful // reconciliation. // It matches the chart in the last successfully reconciled artifact. // +optional ObservedValuesFiles []string `json:"observedValuesFiles,omitempty"` // Conditions holds the conditions for the HelmChart. // +optional Conditions []metav1.Condition `json:"conditions,omitempty"` // URL is the dynamic fetch link for the latest Artifact. // It is provided on a "best effort" basis, and using the precise // BucketStatus.Artifact data is recommended. // +optional URL string `json:"url,omitempty"` // Artifact represents the output of the last successful reconciliation. // +optional Artifact *Artifact `json:"artifact,omitempty"` meta.ReconcileRequestStatus `json:",inline"` }
HelmChartStatus records the observed state of the HelmChart.
func (*HelmChartStatus) DeepCopy ¶ added in v1.3.0
func (in *HelmChartStatus) DeepCopy() *HelmChartStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmChartStatus.
func (*HelmChartStatus) DeepCopyInto ¶ added in v1.3.0
func (in *HelmChartStatus) DeepCopyInto(out *HelmChartStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type HelmRepository ¶ added in v1.3.0
type HelmRepository struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec HelmRepositorySpec `json:"spec,omitempty"` // +kubebuilder:default={"observedGeneration":-1} Status HelmRepositoryStatus `json:"status,omitempty"` }
HelmRepository is the Schema for the helmrepositories API.
func (*HelmRepository) DeepCopy ¶ added in v1.3.0
func (in *HelmRepository) DeepCopy() *HelmRepository
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmRepository.
func (*HelmRepository) DeepCopyInto ¶ added in v1.3.0
func (in *HelmRepository) DeepCopyInto(out *HelmRepository)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*HelmRepository) DeepCopyObject ¶ added in v1.3.0
func (in *HelmRepository) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*HelmRepository) GetArtifact ¶ added in v1.3.0
func (in *HelmRepository) GetArtifact() *Artifact
GetArtifact returns the latest artifact from the source if present in the status sub-resource.
func (HelmRepository) GetConditions ¶ added in v1.3.0
func (in HelmRepository) GetConditions() []metav1.Condition
GetConditions returns the status conditions of the object.
func (HelmRepository) GetRequeueAfter ¶ added in v1.3.0
func (in HelmRepository) GetRequeueAfter() time.Duration
GetRequeueAfter returns the duration after which the source must be reconciled again.
func (HelmRepository) GetTimeout ¶ added in v1.3.0
func (in HelmRepository) GetTimeout() time.Duration
GetTimeout returns the timeout duration used for various operations related to this HelmRepository.
func (*HelmRepository) SetConditions ¶ added in v1.3.0
func (in *HelmRepository) SetConditions(conditions []metav1.Condition)
SetConditions sets the status conditions on the object.
type HelmRepositoryList ¶ added in v1.3.0
type HelmRepositoryList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []HelmRepository `json:"items"` }
HelmRepositoryList contains a list of HelmRepository objects. +kubebuilder:object:root=true
func (*HelmRepositoryList) DeepCopy ¶ added in v1.3.0
func (in *HelmRepositoryList) DeepCopy() *HelmRepositoryList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmRepositoryList.
func (*HelmRepositoryList) DeepCopyInto ¶ added in v1.3.0
func (in *HelmRepositoryList) DeepCopyInto(out *HelmRepositoryList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*HelmRepositoryList) DeepCopyObject ¶ added in v1.3.0
func (in *HelmRepositoryList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type HelmRepositorySpec ¶ added in v1.3.0
type HelmRepositorySpec struct { // URL of the Helm repository, a valid URL contains at least a protocol and // host. // +kubebuilder:validation:Pattern="^(http|https|oci)://.*$" // +required URL string `json:"url"` // SecretRef specifies the Secret containing authentication credentials // for the HelmRepository. // For HTTP/S basic auth the secret must contain 'username' and 'password' // fields. // Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' // keys is deprecated. Please use `.spec.certSecretRef` instead. // +optional SecretRef *meta.LocalObjectReference `json:"secretRef,omitempty"` // CertSecretRef can be given the name of a Secret containing // either or both of // // - a PEM-encoded client certificate (`tls.crt`) and private // key (`tls.key`); // - a PEM-encoded CA certificate (`ca.crt`) // // and whichever are supplied, will be used for connecting to the // registry. The client cert and key are useful if you are // authenticating with a certificate; the CA cert is useful if // you are using a self-signed server certificate. The Secret must // be of type `Opaque` or `kubernetes.io/tls`. // // It takes precedence over the values specified in the Secret referred // to by `.spec.secretRef`. // +optional CertSecretRef *meta.LocalObjectReference `json:"certSecretRef,omitempty"` // PassCredentials allows the credentials from the SecretRef to be passed // on to a host that does not match the host as defined in URL. // This may be required if the host of the advertised chart URLs in the // index differ from the defined URL. // Enabling this should be done with caution, as it can potentially result // in credentials getting stolen in a MITM-attack. // +optional PassCredentials bool `json:"passCredentials,omitempty"` // Interval at which the HelmRepository URL is checked for updates. // This interval is approximate and may be subject to jitter to ensure // efficient use of resources. // +kubebuilder:validation:Type=string // +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$" // +optional Interval metav1.Duration `json:"interval,omitempty"` // Insecure allows connecting to a non-TLS HTTP container registry. // This field is only taken into account if the .spec.type field is set to 'oci'. // +optional Insecure bool `json:"insecure,omitempty"` // Timeout is used for the index fetch operation for an HTTPS helm repository, // and for remote OCI Repository operations like pulling for an OCI helm // chart by the associated HelmChart. // Its default value is 60s. // +kubebuilder:validation:Type=string // +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m))+$" // +optional Timeout *metav1.Duration `json:"timeout,omitempty"` // Suspend tells the controller to suspend the reconciliation of this // HelmRepository. // +optional Suspend bool `json:"suspend,omitempty"` // AccessFrom specifies an Access Control List for allowing cross-namespace // references to this object. // NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 // +optional AccessFrom *acl.AccessFrom `json:"accessFrom,omitempty"` // Type of the HelmRepository. // When this field is set to "oci", the URL field value must be prefixed with "oci://". // +kubebuilder:validation:Enum=default;oci // +optional Type string `json:"type,omitempty"` // Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. // This field is optional, and only taken into account if the .spec.type field is set to 'oci'. // When not specified, defaults to 'generic'. // +kubebuilder:validation:Enum=generic;aws;azure;gcp // +kubebuilder:default:=generic // +optional Provider string `json:"provider,omitempty"` }
HelmRepositorySpec specifies the required configuration to produce an Artifact for a Helm repository index YAML.
func (*HelmRepositorySpec) DeepCopy ¶ added in v1.3.0
func (in *HelmRepositorySpec) DeepCopy() *HelmRepositorySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmRepositorySpec.
func (*HelmRepositorySpec) DeepCopyInto ¶ added in v1.3.0
func (in *HelmRepositorySpec) DeepCopyInto(out *HelmRepositorySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type HelmRepositoryStatus ¶ added in v1.3.0
type HelmRepositoryStatus struct { // ObservedGeneration is the last observed generation of the HelmRepository // object. // +optional ObservedGeneration int64 `json:"observedGeneration,omitempty"` // Conditions holds the conditions for the HelmRepository. // +optional Conditions []metav1.Condition `json:"conditions,omitempty"` // URL is the dynamic fetch link for the latest Artifact. // It is provided on a "best effort" basis, and using the precise // HelmRepositoryStatus.Artifact data is recommended. // +optional URL string `json:"url,omitempty"` // Artifact represents the last successful HelmRepository reconciliation. // +optional Artifact *Artifact `json:"artifact,omitempty"` meta.ReconcileRequestStatus `json:",inline"` }
HelmRepositoryStatus records the observed state of the HelmRepository.
func (*HelmRepositoryStatus) DeepCopy ¶ added in v1.3.0
func (in *HelmRepositoryStatus) DeepCopy() *HelmRepositoryStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmRepositoryStatus.
func (*HelmRepositoryStatus) DeepCopyInto ¶ added in v1.3.0
func (in *HelmRepositoryStatus) DeepCopyInto(out *HelmRepositoryStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LocalHelmChartSourceReference ¶ added in v1.3.0
type LocalHelmChartSourceReference struct { // APIVersion of the referent. // +optional APIVersion string `json:"apiVersion,omitempty"` // Kind of the referent, valid values are ('HelmRepository', 'GitRepository', // 'Bucket'). // +kubebuilder:validation:Enum=HelmRepository;GitRepository;Bucket // +required Kind string `json:"kind"` // Name of the referent. // +required Name string `json:"name"` }
LocalHelmChartSourceReference contains enough information to let you locate the typed referenced object at namespace level.
func (*LocalHelmChartSourceReference) DeepCopy ¶ added in v1.3.0
func (in *LocalHelmChartSourceReference) DeepCopy() *LocalHelmChartSourceReference
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalHelmChartSourceReference.
func (*LocalHelmChartSourceReference) DeepCopyInto ¶ added in v1.3.0
func (in *LocalHelmChartSourceReference) DeepCopyInto(out *LocalHelmChartSourceReference)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OCIRepositoryVerification ¶ added in v1.3.0
type OCIRepositoryVerification struct { // Provider specifies the technology used to sign the OCI Artifact. // +kubebuilder:validation:Enum=cosign;notation // +kubebuilder:default:=cosign Provider string `json:"provider"` // SecretRef specifies the Kubernetes Secret containing the // trusted public keys. // +optional SecretRef *meta.LocalObjectReference `json:"secretRef,omitempty"` // MatchOIDCIdentity specifies the identity matching criteria to use // while verifying an OCI artifact which was signed using Cosign keyless // signing. The artifact's identity is deemed to be verified if any of the // specified matchers match against the identity. // +optional MatchOIDCIdentity []OIDCIdentityMatch `json:"matchOIDCIdentity,omitempty"` }
OCIRepositoryVerification verifies the authenticity of an OCI Artifact
func (*OCIRepositoryVerification) DeepCopy ¶ added in v1.3.0
func (in *OCIRepositoryVerification) DeepCopy() *OCIRepositoryVerification
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OCIRepositoryVerification.
func (*OCIRepositoryVerification) DeepCopyInto ¶ added in v1.3.0
func (in *OCIRepositoryVerification) DeepCopyInto(out *OCIRepositoryVerification)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OIDCIdentityMatch ¶ added in v1.3.0
type OIDCIdentityMatch struct { // Issuer specifies the regex pattern to match against to verify // the OIDC issuer in the Fulcio certificate. The pattern must be a // valid Go regular expression. // +required Issuer string `json:"issuer"` // Subject specifies the regex pattern to match against to verify // the identity subject in the Fulcio certificate. The pattern must // be a valid Go regular expression. // +required Subject string `json:"subject"` }
OIDCIdentityMatch specifies options for verifying the certificate identity, i.e. the issuer and the subject of the certificate.
func (*OIDCIdentityMatch) DeepCopy ¶ added in v1.3.0
func (in *OIDCIdentityMatch) DeepCopy() *OIDCIdentityMatch
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityMatch.
func (*OIDCIdentityMatch) DeepCopyInto ¶ added in v1.3.0
func (in *OIDCIdentityMatch) DeepCopyInto(out *OIDCIdentityMatch)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Source ¶
type Source interface { runtime.Object // GetRequeueAfter returns the duration after which the source must be // reconciled again. GetRequeueAfter() time.Duration // GetArtifact returns the latest artifact from the source if present in // the status sub-resource. GetArtifact() *Artifact }
Source interface must be supported by all API types. Source is the interface that provides generic access to the Artifact and interval. It must be supported by all kinds of the source.toolkit.fluxcd.io API group.
+k8s:deepcopy-gen=false