apiextensions

package
v0.30.0-rc.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 27, 2024 License: Apache-2.0 Imports: 5 Imported by: 823

Documentation

Overview

Package apiextensions is the internal version of the API.

Index

Constants

View Source
const CustomResourceCleanupFinalizer = "customresourcecleanup.apiextensions.k8s.io"

CustomResourceCleanupFinalizer is the name of the finalizer which will delete instances of a CustomResourceDefinition

View Source
const GroupName = "apiextensions.k8s.io"

Variables

View Source
var (
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	AddToScheme   = SchemeBuilder.AddToScheme
)
View Source
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}

SchemeGroupVersion is group version used to register these objects

Functions

func CRDHasFinalizer

func CRDHasFinalizer(crd *CustomResourceDefinition, needle string) bool

CRDHasFinalizer returns true if the finalizer is in the list.

func CRDRemoveFinalizer

func CRDRemoveFinalizer(crd *CustomResourceDefinition, needle string)

CRDRemoveFinalizer removes the finalizer if present.

func GetCRDStorageVersion

func GetCRDStorageVersion(crd *CustomResourceDefinition) (string, error)

GetCRDStorageVersion returns the storage version for given CRD.

func HasPerVersionColumns

func HasPerVersionColumns(versions []CustomResourceDefinitionVersion) bool

HasPerVersionColumns returns true if a CRD uses per-version columns.

func HasPerVersionSchema

func HasPerVersionSchema(versions []CustomResourceDefinitionVersion) bool

HasPerVersionSchema returns true if a CRD uses per-version schema.

func HasPerVersionSubresources

func HasPerVersionSubresources(versions []CustomResourceDefinitionVersion) bool

HasPerVersionSubresources returns true if a CRD uses per-version subresources.

func HasServedCRDVersion

func HasServedCRDVersion(crd *CustomResourceDefinition, version string) bool

HasServedCRDVersion returns true if the given version is in the list of CRD's versions and the Served flag is set.

func HasVersionServed

func HasVersionServed(crd *CustomResourceDefinition, version string) bool

HasVersionServed returns true if given CRD has given version served.

func IsCRDConditionEquivalent

func IsCRDConditionEquivalent(lhs, rhs *CustomResourceDefinitionCondition) bool

IsCRDConditionEquivalent returns true if the lhs and rhs are equivalent except for times.

func IsCRDConditionFalse

func IsCRDConditionFalse(crd *CustomResourceDefinition, conditionType CustomResourceDefinitionConditionType) bool

IsCRDConditionFalse indicates if the condition is present and false.

func IsCRDConditionPresentAndEqual

func IsCRDConditionPresentAndEqual(crd *CustomResourceDefinition, conditionType CustomResourceDefinitionConditionType, status ConditionStatus) bool

IsCRDConditionPresentAndEqual indicates if the condition is present and equal to the given status.

func IsCRDConditionTrue

func IsCRDConditionTrue(crd *CustomResourceDefinition, conditionType CustomResourceDefinitionConditionType) bool

IsCRDConditionTrue indicates if the condition is present and strictly true.

func IsStoredVersion

func IsStoredVersion(crd *CustomResourceDefinition, version string) bool

IsStoredVersion returns whether the given version is the storage version of the CRD.

func Kind

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func RemoveCRDCondition

func RemoveCRDCondition(crd *CustomResourceDefinition, conditionType CustomResourceDefinitionConditionType)

RemoveCRDCondition removes the status condition.

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns back a Group qualified GroupResource

func SetCRDCondition

func SetCRDCondition(crd *CustomResourceDefinition, newCondition CustomResourceDefinitionCondition)

SetCRDCondition sets the status condition. It either overwrites the existing one or creates a new one.

Types

type ConditionStatus

type ConditionStatus string
const (
	ConditionTrue    ConditionStatus = "True"
	ConditionFalse   ConditionStatus = "False"
	ConditionUnknown ConditionStatus = "Unknown"
)

These are valid condition statuses. "ConditionTrue" means a resource is in the condition. "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes can't decide if a resource is in the condition or not. In the future, we could add other intermediate conditions, e.g. ConditionDegraded.

type ConversionStrategyType

type ConversionStrategyType string

ConversionStrategyType describes different conversion types.

const (
	// NoneConverter is a converter that only sets apiversion of the CR and leave everything else unchanged.
	NoneConverter ConversionStrategyType = "None"
	// WebhookConverter is a converter that calls to an external webhook to convert the CR.
	WebhookConverter ConversionStrategyType = "Webhook"
)

type CustomResourceColumnDefinition

type CustomResourceColumnDefinition struct {
	// name is a human readable name for the column.
	Name string
	// type is an OpenAPI type definition for this column.
	// See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.
	Type string
	// format is an optional OpenAPI type definition for this column. The 'name' format is applied
	// to the primary identifier column to assist in clients identifying column is the resource name.
	// See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.
	Format string
	// description is a human readable description of this column.
	Description string
	// priority is an integer defining the relative importance of this column compared to others. Lower
	// numbers are considered higher priority. Columns that may be omitted in limited space scenarios
	// should be given a higher priority.
	Priority int32

	// JSONPath is a simple JSON path, i.e. without array notation.
	JSONPath string
}

CustomResourceColumnDefinition specifies a column for server side printing.

func GetColumnsForVersion

func GetColumnsForVersion(crd *CustomResourceDefinition, version string) ([]CustomResourceColumnDefinition, error)

GetColumnsForVersion returns the columns for given version or nil. NOTE: the newly logically-defaulted columns is not pointing to the original CRD object. One cannot mutate the original CRD columns using the logically-defaulted columns. Please iterate through the original CRD object instead.

func (*CustomResourceColumnDefinition) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceColumnDefinition.

func (*CustomResourceColumnDefinition) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomResourceConversion

type CustomResourceConversion struct {
	// `strategy` specifies the conversion strategy. Allowed values are:
	// - `None`: The converter only change the apiVersion and would not touch any other field in the CR.
	// - `Webhook`: API Server will call to an external webhook to do the conversion. Additional information
	//   is needed for this option. This requires spec.preserveUnknownFields to be false.
	Strategy ConversionStrategyType

	// `webhookClientConfig` is the instructions for how to call the webhook if strategy is `Webhook`.
	WebhookClientConfig *WebhookClientConfig

	// ConversionReviewVersions is an ordered list of preferred `ConversionReview`
	// versions the Webhook expects. API server will try to use first version in
	// the list which it supports. If none of the versions specified in this list
	// supported by API server, conversion will fail for this object.
	// If a persisted Webhook configuration specifies allowed versions and does not
	// include any versions known to the API Server, calls to the webhook will fail.
	// +optional
	ConversionReviewVersions []string
}

CustomResourceConversion describes how to convert different versions of a CR.

func (*CustomResourceConversion) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceConversion.

func (*CustomResourceConversion) DeepCopyInto

func (in *CustomResourceConversion) DeepCopyInto(out *CustomResourceConversion)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomResourceDefinition

type CustomResourceDefinition struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	// Spec describes how the user wants the resources to appear
	Spec CustomResourceDefinitionSpec
	// Status indicates the actual state of the CustomResourceDefinition
	Status CustomResourceDefinitionStatus
}

CustomResourceDefinition represents a resource that should be exposed on the API server. Its name MUST be in the format <.spec.name>.<.spec.group>.

func (*CustomResourceDefinition) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceDefinition.

func (*CustomResourceDefinition) DeepCopyInto

func (in *CustomResourceDefinition) DeepCopyInto(out *CustomResourceDefinition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CustomResourceDefinition) DeepCopyObject

func (in *CustomResourceDefinition) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CustomResourceDefinitionCondition

type CustomResourceDefinitionCondition struct {
	// Type is the type of the condition. Types include Established, NamesAccepted and Terminating.
	Type CustomResourceDefinitionConditionType
	// Status is the status of the condition.
	// Can be True, False, Unknown.
	Status ConditionStatus
	// Last time the condition transitioned from one status to another.
	// +optional
	LastTransitionTime metav1.Time
	// Unique, one-word, CamelCase reason for the condition's last transition.
	// +optional
	Reason string
	// Human-readable message indicating details about last transition.
	// +optional
	Message string
}

CustomResourceDefinitionCondition contains details for the current condition of this pod.

func FindCRDCondition

FindCRDCondition returns the condition you're looking for or nil.

func (*CustomResourceDefinitionCondition) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceDefinitionCondition.

func (*CustomResourceDefinitionCondition) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomResourceDefinitionConditionType

type CustomResourceDefinitionConditionType string

CustomResourceDefinitionConditionType is a valid value for CustomResourceDefinitionCondition.Type

const (
	// Established means that the resource has become active. A resource is established when all names are
	// accepted without a conflict for the first time. A resource stays established until deleted, even during
	// a later NamesAccepted due to changed names. Note that not all names can be changed.
	Established CustomResourceDefinitionConditionType = "Established"
	// NamesAccepted means the names chosen for this CustomResourceDefinition do not conflict with others in
	// the group and are therefore accepted.
	NamesAccepted CustomResourceDefinitionConditionType = "NamesAccepted"
	// NonStructuralSchema means that one or more OpenAPI schema is not structural.
	//
	// A schema is structural if it specifies types for all values, with the only exceptions of those with
	// - x-kubernetes-int-or-string: true — for fields which can be integer or string
	// - x-kubernetes-preserve-unknown-fields: true — for raw, unspecified JSON values
	// and there is no type, additionalProperties, default, nullable or x-kubernetes-* vendor extenions
	// specified under allOf, anyOf, oneOf or not.
	//
	// Non-structural schemas will not be allowed anymore in v1 API groups. Moreover, new features will not be
	// available for non-structural CRDs:
	// - pruning
	// - defaulting
	// - read-only
	// - OpenAPI publishing
	// - webhook conversion
	NonStructuralSchema CustomResourceDefinitionConditionType = "NonStructuralSchema"
	// Terminating means that the CustomResourceDefinition has been deleted and is cleaning up.
	Terminating CustomResourceDefinitionConditionType = "Terminating"
	// KubernetesAPIApprovalPolicyConformant indicates that an API in *.k8s.io or *.kubernetes.io is or is not approved.  For CRDs
	// outside those groups, this condition will not be set.  For CRDs inside those groups, the condition will
	// be true if .metadata.annotations["api-approved.kubernetes.io"] is set to a URL, otherwise it will be false.
	// See https://github.com/kubernetes/enhancements/pull/1111 for more details.
	KubernetesAPIApprovalPolicyConformant CustomResourceDefinitionConditionType = "KubernetesAPIApprovalPolicyConformant"
)

type CustomResourceDefinitionList

type CustomResourceDefinitionList struct {
	metav1.TypeMeta
	metav1.ListMeta

	// Items individual CustomResourceDefinitions
	Items []CustomResourceDefinition
}

CustomResourceDefinitionList is a list of CustomResourceDefinition objects.

func (*CustomResourceDefinitionList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceDefinitionList.

func (*CustomResourceDefinitionList) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CustomResourceDefinitionList) DeepCopyObject

func (in *CustomResourceDefinitionList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CustomResourceDefinitionNames

type CustomResourceDefinitionNames struct {
	// Plural is the plural name of the resource to serve.  It must match the name of the CustomResourceDefinition-registration
	// too: plural.group and it must be all lowercase.
	Plural string
	// Singular is the singular name of the resource.  It must be all lowercase  Defaults to lowercased <kind>
	Singular string
	// ShortNames are short names for the resource.  It must be all lowercase.
	ShortNames []string
	// Kind is the serialized kind of the resource.  It is normally CamelCase and singular.
	Kind string
	// ListKind is the serialized kind of the list for this resource.  Defaults to <kind>List.
	ListKind string
	// Categories is a list of grouped resources custom resources belong to (e.g. 'all')
	// +optional
	Categories []string
}

CustomResourceDefinitionNames indicates the names to serve this CustomResourceDefinition

func (*CustomResourceDefinitionNames) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceDefinitionNames.

func (*CustomResourceDefinitionNames) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomResourceDefinitionSpec

type CustomResourceDefinitionSpec struct {
	// Group is the group this resource belongs in
	Group string
	// Version is the version this resource belongs in
	// Should be always first item in Versions field if provided.
	// Optional, but at least one of Version or Versions must be set.
	// Deprecated: Please use `Versions`.
	Version string
	// Names are the names used to describe this custom resource
	Names CustomResourceDefinitionNames
	// Scope indicates whether this resource is cluster or namespace scoped.  Default is namespaced
	Scope ResourceScope
	// Validation describes the validation methods for CustomResources
	// Optional, the global validation schema for all versions.
	// Top-level and per-version schemas are mutually exclusive.
	// +optional
	Validation *CustomResourceValidation
	// Subresources describes the subresources for CustomResource
	// Optional, the global subresources for all versions.
	// Top-level and per-version subresources are mutually exclusive.
	// +optional
	Subresources *CustomResourceSubresources
	// Versions is the list of all supported versions for this resource.
	// If Version field is provided, this field is optional.
	// Validation: All versions must use the same validation schema for now. i.e., top
	// level Validation field is applied to all of these versions.
	// Order: The version name will be used to compute the order.
	// If the version string is "kube-like", it will sort above non "kube-like" version strings, which are ordered
	// lexicographically. "Kube-like" versions start with a "v", then are followed by a number (the major version),
	// then optionally the string "alpha" or "beta" and another number (the minor version). These are sorted first
	// by GA > beta > alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing
	// major version, then minor version. An example sorted list of versions:
	// v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.
	Versions []CustomResourceDefinitionVersion
	// AdditionalPrinterColumns are additional columns shown e.g. in kubectl next to the name. Defaults to a created-at column.
	// Optional, the global columns for all versions.
	// Top-level and per-version columns are mutually exclusive.
	// +optional
	AdditionalPrinterColumns []CustomResourceColumnDefinition
	// selectableFields specifies paths to fields that may be used as field selectors.
	// A maximum of 8 selectable fields are allowed.
	// See https://kubernetes.io/docs/concepts/overview/working-with-objects/field-selectors
	// Top-level and per-version columns are mutually exclusive.
	// +optional
	SelectableFields []SelectableField

	// `conversion` defines conversion settings for the CRD.
	Conversion *CustomResourceConversion

	// preserveUnknownFields disables pruning of object fields which are not
	// specified in the OpenAPI schema. apiVersion, kind, metadata and known
	// fields inside metadata are always preserved.
	// Defaults to true in v1beta and will default to false in v1.
	PreserveUnknownFields *bool
}

CustomResourceDefinitionSpec describes how a user wants their resource to appear

func (*CustomResourceDefinitionSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceDefinitionSpec.

func (*CustomResourceDefinitionSpec) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomResourceDefinitionStatus

type CustomResourceDefinitionStatus struct {
	// Conditions indicate state for particular aspects of a CustomResourceDefinition
	// +listType=map
	// +listMapKey=type
	Conditions []CustomResourceDefinitionCondition

	// AcceptedNames are the names that are actually being used to serve discovery
	// They may be different than the names in spec.
	AcceptedNames CustomResourceDefinitionNames

	// StoredVersions are all versions of CustomResources that were ever persisted. Tracking these
	// versions allows a migration path for stored versions in etcd. The field is mutable
	// so the migration controller can first finish a migration to another version (i.e.
	// that no old objects are left in the storage), and then remove the rest of the
	// versions from this list.
	// None of the versions in this list can be removed from the spec.Versions field.
	StoredVersions []string
}

CustomResourceDefinitionStatus indicates the state of the CustomResourceDefinition

func (*CustomResourceDefinitionStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceDefinitionStatus.

func (*CustomResourceDefinitionStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomResourceDefinitionVersion

type CustomResourceDefinitionVersion struct {
	// Name is the version name, e.g. “v1”, “v2beta1”, etc.
	Name string
	// Served is a flag enabling/disabling this version from being served via REST APIs
	Served bool
	// Storage flags the version as storage version. There must be exactly one flagged
	// as storage version.
	Storage bool
	// deprecated indicates this version of the custom resource API is deprecated.
	// When set to true, API requests to this version receive a warning header in the server response.
	// Defaults to false.
	Deprecated bool
	// deprecationWarning overrides the default warning returned to API clients.
	// May only be set when `deprecated` is true.
	// The default warning indicates this version is deprecated and recommends use
	// of the newest served version of equal or greater stability, if one exists.
	DeprecationWarning *string
	// Schema describes the schema for CustomResource used in validation, pruning, and defaulting.
	// Top-level and per-version schemas are mutually exclusive.
	// Per-version schemas must not all be set to identical values (top-level validation schema should be used instead)
	// This field is alpha-level and is only honored by servers that enable the CustomResourceWebhookConversion feature.
	// +optional
	Schema *CustomResourceValidation
	// Subresources describes the subresources for CustomResource
	// Top-level and per-version subresources are mutually exclusive.
	// Per-version subresources must not all be set to identical values (top-level subresources should be used instead)
	// This field is alpha-level and is only honored by servers that enable the CustomResourceWebhookConversion feature.
	// +optional
	Subresources *CustomResourceSubresources
	// AdditionalPrinterColumns are additional columns shown e.g. in kubectl next to the name. Defaults to a created-at column.
	// Top-level and per-version columns are mutually exclusive.
	// Per-version columns must not all be set to identical values (top-level columns should be used instead)
	// This field is alpha-level and is only honored by servers that enable the CustomResourceWebhookConversion feature.
	// NOTE: CRDs created prior to 1.13 populated the top-level additionalPrinterColumns field by default. To apply an
	// update that changes to per-version additionalPrinterColumns, the top-level additionalPrinterColumns field must
	// be explicitly set to null
	// +optional
	AdditionalPrinterColumns []CustomResourceColumnDefinition

	// selectableFields specifies paths to fields that may be used as field selectors.
	// A maximum of 8 selectable fields are allowed.
	// See https://kubernetes.io/docs/concepts/overview/working-with-objects/field-selectors
	// +optional
	SelectableFields []SelectableField
}

CustomResourceDefinitionVersion describes a version for CRD.

func (*CustomResourceDefinitionVersion) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceDefinitionVersion.

func (*CustomResourceDefinitionVersion) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomResourceSubresourceScale

type CustomResourceSubresourceScale struct {
	// SpecReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Spec.Replicas.
	// Only JSON paths without the array notation are allowed.
	// Must be a JSON Path under .spec.
	// If there is no value under the given path in the CustomResource, the /scale subresource will return an error on GET.
	SpecReplicasPath string
	// StatusReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Replicas.
	// Only JSON paths without the array notation are allowed.
	// Must be a JSON Path under .status.
	// If there is no value under the given path in the CustomResource, the status replica value in the /scale subresource
	// will default to 0.
	StatusReplicasPath string
	// LabelSelectorPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Selector.
	// Only JSON paths without the array notation are allowed.
	// Must be a JSON Path under .status or .spec.
	// Must be set to work with HPA.
	// The field pointed by this JSON path must be a string field (not a complex selector struct)
	// which contains a serialized label selector in string form.
	// More info: https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions#scale-subresource
	// If there is no value under the given path in the CustomResource, the status label selector value in the /scale
	// subresource will default to the empty string.
	// +optional
	LabelSelectorPath *string
}

CustomResourceSubresourceScale defines how to serve the scale subresource for CustomResources.

func (*CustomResourceSubresourceScale) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceSubresourceScale.

func (*CustomResourceSubresourceScale) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomResourceSubresourceStatus

type CustomResourceSubresourceStatus struct{}

CustomResourceSubresourceStatus defines how to serve the status subresource for CustomResources. Status is represented by the `.status` JSON path inside of a CustomResource. When set, * exposes a /status subresource for the custom resource * PUT requests to the /status subresource take a custom resource object, and ignore changes to anything except the status stanza * PUT/POST/PATCH requests to the custom resource ignore changes to the status stanza

func (*CustomResourceSubresourceStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceSubresourceStatus.

func (*CustomResourceSubresourceStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomResourceSubresources

type CustomResourceSubresources struct {
	// Status denotes the status subresource for CustomResources
	Status *CustomResourceSubresourceStatus
	// Scale denotes the scale subresource for CustomResources
	Scale *CustomResourceSubresourceScale
}

CustomResourceSubresources defines the status and scale subresources for CustomResources.

func GetSubresourcesForVersion

func GetSubresourcesForVersion(crd *CustomResourceDefinition, version string) (*CustomResourceSubresources, error)

GetSubresourcesForVersion returns the subresources for given version or nil.

func (*CustomResourceSubresources) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceSubresources.

func (*CustomResourceSubresources) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomResourceValidation

type CustomResourceValidation struct {
	// OpenAPIV3Schema is the OpenAPI v3 schema to be validated against.
	OpenAPIV3Schema *JSONSchemaProps
}

CustomResourceValidation is a list of validation methods for CustomResources.

func GetSchemaForVersion

func GetSchemaForVersion(crd *CustomResourceDefinition, version string) (*CustomResourceValidation, error)

GetSchemaForVersion returns the validation schema for the given version or nil.

func (*CustomResourceValidation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceValidation.

func (*CustomResourceValidation) DeepCopyInto

func (in *CustomResourceValidation) DeepCopyInto(out *CustomResourceValidation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalDocumentation

type ExternalDocumentation struct {
	Description string
	URL         string
}

ExternalDocumentation allows referencing an external resource for extended documentation.

func (*ExternalDocumentation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalDocumentation.

func (*ExternalDocumentation) DeepCopyInto

func (in *ExternalDocumentation) DeepCopyInto(out *ExternalDocumentation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FieldValueErrorReason added in v0.28.0

type FieldValueErrorReason string

FieldValueErrorReason is a machine-readable value providing more detail about why a field failed the validation. +enum

const (
	// FieldValueRequired is used to report required values that are not
	// provided (e.g. empty strings, null values, or empty arrays).
	FieldValueRequired FieldValueErrorReason = "FieldValueRequired"
	// FieldValueDuplicate is used to report collisions of values that must be
	// unique (e.g. unique IDs).
	FieldValueDuplicate FieldValueErrorReason = "FieldValueDuplicate"
	// FieldValueInvalid is used to report malformed values (e.g. failed regex
	// match, too long, out of bounds).
	FieldValueInvalid FieldValueErrorReason = "FieldValueInvalid"
	// FieldValueForbidden is used to report valid (as per formatting rules)
	// values which would be accepted under some conditions, but which are not
	// permitted by the current conditions (such as security policy).
	FieldValueForbidden FieldValueErrorReason = "FieldValueForbidden"
)

type JSON

type JSON interface{}

JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.

type JSONSchemaDefinitions

type JSONSchemaDefinitions map[string]JSONSchemaProps

JSONSchemaDefinitions contains the models explicitly defined in this spec.

func (JSONSchemaDefinitions) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JSONSchemaDefinitions.

func (JSONSchemaDefinitions) DeepCopyInto

func (in JSONSchemaDefinitions) DeepCopyInto(out *JSONSchemaDefinitions)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type JSONSchemaDependencies

type JSONSchemaDependencies map[string]JSONSchemaPropsOrStringArray

JSONSchemaDependencies represent a dependencies property.

func (JSONSchemaDependencies) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JSONSchemaDependencies.

func (JSONSchemaDependencies) DeepCopyInto

func (in JSONSchemaDependencies) DeepCopyInto(out *JSONSchemaDependencies)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type JSONSchemaProps

type JSONSchemaProps struct {
	ID                   string
	Schema               JSONSchemaURL
	Ref                  *string
	Description          string
	Type                 string
	Nullable             bool
	Format               string
	Title                string
	Default              *JSON
	Maximum              *float64
	ExclusiveMaximum     bool
	Minimum              *float64
	ExclusiveMinimum     bool
	MaxLength            *int64
	MinLength            *int64
	Pattern              string
	MaxItems             *int64
	MinItems             *int64
	UniqueItems          bool
	MultipleOf           *float64
	Enum                 []JSON
	MaxProperties        *int64
	MinProperties        *int64
	Required             []string
	Items                *JSONSchemaPropsOrArray
	AllOf                []JSONSchemaProps
	OneOf                []JSONSchemaProps
	AnyOf                []JSONSchemaProps
	Not                  *JSONSchemaProps
	Properties           map[string]JSONSchemaProps
	AdditionalProperties *JSONSchemaPropsOrBool
	PatternProperties    map[string]JSONSchemaProps
	Dependencies         JSONSchemaDependencies
	AdditionalItems      *JSONSchemaPropsOrBool
	Definitions          JSONSchemaDefinitions
	ExternalDocs         *ExternalDocumentation
	Example              *JSON

	// x-kubernetes-preserve-unknown-fields stops the API server
	// decoding step from pruning fields which are not specified
	// in the validation schema. This affects fields recursively,
	// but switches back to normal pruning behaviour if nested
	// properties or additionalProperties are specified in the schema.
	// This can either be true or undefined. False is forbidden.
	XPreserveUnknownFields *bool

	// x-kubernetes-embedded-resource defines that the value is an
	// embedded Kubernetes runtime.Object, with TypeMeta and
	// ObjectMeta. The type must be object. It is allowed to further
	// restrict the embedded object. Both ObjectMeta and TypeMeta
	// are validated automatically. x-kubernetes-preserve-unknown-fields
	// must be true.
	XEmbeddedResource bool

	// x-kubernetes-int-or-string specifies that this value is
	// either an integer or a string. If this is true, an empty
	// type is allowed and type as child of anyOf is permitted
	// if following one of the following patterns:
	//
	// 1) anyOf:
	//    - type: integer
	//    - type: string
	// 2) allOf:
	//    - anyOf:
	//      - type: integer
	//      - type: string
	//    - ... zero or more
	XIntOrString bool

	// x-kubernetes-list-map-keys annotates an array with the x-kubernetes-list-type `map` by specifying the keys used
	// as the index of the map.
	//
	// This tag MUST only be used on lists that have the "x-kubernetes-list-type"
	// extension set to "map". Also, the values specified for this attribute must
	// be a scalar typed field of the child structure (no nesting is supported).
	XListMapKeys []string

	// x-kubernetes-list-type annotates an array to further describe its topology.
	// This extension must only be used on lists and may have 3 possible values:
	//
	// 1) `atomic`: the list is treated as a single entity, like a scalar.
	//      Atomic lists will be entirely replaced when updated. This extension
	//      may be used on any type of list (struct, scalar, ...).
	// 2) `set`:
	//      Sets are lists that must not have multiple items with the same value. Each
	//      value must be a scalar, an object with x-kubernetes-map-type `atomic` or an
	//      array with x-kubernetes-list-type `atomic`.
	// 3) `map`:
	//      These lists are like maps in that their elements have a non-index key
	//      used to identify them. Order is preserved upon merge. The map tag
	//      must only be used on a list with elements of type object.
	XListType *string

	// x-kubernetes-map-type annotates an object to further describe its topology.
	// This extension must only be used when type is object and may have 2 possible values:
	//
	// 1) `granular`:
	//      These maps are actual maps (key-value pairs) and each fields are independent
	//      from each other (they can each be manipulated by separate actors). This is
	//      the default behaviour for all maps.
	// 2) `atomic`: the list is treated as a single entity, like a scalar.
	//      Atomic maps will be entirely replaced when updated.
	// +optional
	XMapType *string

	// x-kubernetes-validations -kubernetes-validations describes a list of validation rules written in the CEL expression language.
	// This field is an alpha-level. Using this field requires the feature gate `CustomResourceValidationExpressions` to be enabled.
	// +patchMergeKey=rule
	// +patchStrategy=merge
	// +listType=map
	// +listMapKey=rule
	XValidations ValidationRules
}

JSONSchemaProps is a JSON-Schema following Specification Draft 4 (http://json-schema.org/).

func (*JSONSchemaProps) DeepCopy

func (in *JSONSchemaProps) DeepCopy() *JSONSchemaProps

TODO: Update this after a tag is created for interface fields in DeepCopy

func (*JSONSchemaProps) DeepCopyInto

func (in *JSONSchemaProps) DeepCopyInto(out *JSONSchemaProps)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type JSONSchemaPropsOrArray

type JSONSchemaPropsOrArray struct {
	Schema      *JSONSchemaProps
	JSONSchemas []JSONSchemaProps
}

JSONSchemaPropsOrArray represents a value that can either be a JSONSchemaProps or an array of JSONSchemaProps. Mainly here for serialization purposes.

func (*JSONSchemaPropsOrArray) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JSONSchemaPropsOrArray.

func (*JSONSchemaPropsOrArray) DeepCopyInto

func (in *JSONSchemaPropsOrArray) DeepCopyInto(out *JSONSchemaPropsOrArray)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type JSONSchemaPropsOrBool

type JSONSchemaPropsOrBool struct {
	Allows bool
	Schema *JSONSchemaProps
}

JSONSchemaPropsOrBool represents JSONSchemaProps or a boolean value. Defaults to true for the boolean property.

func (*JSONSchemaPropsOrBool) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JSONSchemaPropsOrBool.

func (*JSONSchemaPropsOrBool) DeepCopyInto

func (in *JSONSchemaPropsOrBool) DeepCopyInto(out *JSONSchemaPropsOrBool)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type JSONSchemaPropsOrStringArray

type JSONSchemaPropsOrStringArray struct {
	Schema   *JSONSchemaProps
	Property []string
}

JSONSchemaPropsOrStringArray represents a JSONSchemaProps or a string array.

func (*JSONSchemaPropsOrStringArray) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JSONSchemaPropsOrStringArray.

func (*JSONSchemaPropsOrStringArray) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type JSONSchemaURL

type JSONSchemaURL string

JSONSchemaURL represents a schema url.

type ResourceScope

type ResourceScope string

ResourceScope is an enum defining the different scopes available to a custom resource

const (
	ClusterScoped   ResourceScope = "Cluster"
	NamespaceScoped ResourceScope = "Namespaced"
)

type SelectableField added in v0.30.0

type SelectableField struct {
	// jsonPath is a simple JSON path which is evaluated against each custom resource to produce a
	// field selector value.
	// Only JSON paths without the array notation are allowed.
	// Must point to a field of type string, boolean or integer. Types with enum values
	// and strings with formats are allowed.
	// If jsonPath refers to absent field in a resource, the jsonPath evaluates to an empty string.
	// Must not point to metdata fields.
	// Required.
	JSONPath string
}

SelectableField specifies the JSON path of a field that may be used with field selectors.

func (*SelectableField) DeepCopy added in v0.30.0

func (in *SelectableField) DeepCopy() *SelectableField

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SelectableField.

func (*SelectableField) DeepCopyInto added in v0.30.0

func (in *SelectableField) DeepCopyInto(out *SelectableField)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ServiceReference

type ServiceReference struct {
	// `namespace` is the namespace of the service.
	// Required
	Namespace string
	// `name` is the name of the service.
	// Required
	Name string

	// `path` is an optional URL path which will be sent in any request to
	// this service.
	// +optional
	Path *string

	// If specified, the port on the service that hosting webhook.
	// `port` should be a valid port number (1-65535, inclusive).
	// +optional
	Port int32
}

ServiceReference holds a reference to Service.legacy.k8s.io

func (*ServiceReference) DeepCopy

func (in *ServiceReference) DeepCopy() *ServiceReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceReference.

func (*ServiceReference) DeepCopyInto

func (in *ServiceReference) DeepCopyInto(out *ServiceReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ValidationRule added in v0.23.0

type ValidationRule struct {
	// Rule represents the expression which will be evaluated by CEL.
	// ref: https://github.com/google/cel-spec
	// The Rule is scoped to the location of the x-kubernetes-validations extension in the schema.
	// The `self` variable in the CEL expression is bound to the scoped value.
	// Example:
	// - Rule scoped to the root of a resource with a status subresource: {"rule": "self.status.actual <= self.spec.maxDesired"}
	//
	// If the Rule is scoped to an object with properties, the accessible properties of the object are field selectable
	// via `self.field` and field presence can be checked via `has(self.field)`. Null valued fields are treated as
	// absent fields in CEL expressions.
	// If the Rule is scoped to an object with additionalProperties (i.e. a map) the value of the map
	// are accessible via `self[mapKey]`, map containment can be checked via `mapKey in self` and all entries of the map
	// are accessible via CEL macros and functions such as `self.all(...)`.
	// If the Rule is scoped to an array, the elements of the array are accessible via `self[i]` and also by macros and
	// functions.
	// If the Rule is scoped to a scalar, `self` is bound to the scalar value.
	// Examples:
	// - Rule scoped to a map of objects: {"rule": "self.components['Widget'].priority < 10"}
	// - Rule scoped to a list of integers: {"rule": "self.values.all(value, value >= 0 && value < 100)"}
	// - Rule scoped to a string value: {"rule": "self.startsWith('kube')"}
	//
	// The `apiVersion`, `kind`, `metadata.name` and `metadata.generateName` are always accessible from the root of the
	// object and from any x-kubernetes-embedded-resource annotated objects. No other metadata properties are accessible.
	//
	// Unknown data preserved in custom resources via x-kubernetes-preserve-unknown-fields is not accessible in CEL
	// expressions. This includes:
	// - Unknown field values that are preserved by object schemas with x-kubernetes-preserve-unknown-fields.
	// - Object properties where the property schema is of an "unknown type". An "unknown type" is recursively defined as:
	//   - A schema with no type and x-kubernetes-preserve-unknown-fields set to true
	//   - An array where the items schema is of an "unknown type"
	//   - An object where the additionalProperties schema is of an "unknown type"
	//
	// Only property names of the form `[a-zA-Z_.-/][a-zA-Z0-9_.-/]*` are accessible.
	// Accessible property names are escaped according to the following rules when accessed in the expression:
	// - '__' escapes to '__underscores__'
	// - '.' escapes to '__dot__'
	// - '-' escapes to '__dash__'
	// - '/' escapes to '__slash__'
	// - Property names that exactly match a CEL RESERVED keyword escape to '__{keyword}__'. The keywords are:
	//	  "true", "false", "null", "in", "as", "break", "const", "continue", "else", "for", "function", "if",
	//	  "import", "let", "loop", "package", "namespace", "return".
	// Examples:
	//   - Rule accessing a property named "namespace": {"rule": "self.__namespace__ > 0"}
	//   - Rule accessing a property named "x-prop": {"rule": "self.x__dash__prop > 0"}
	//   - Rule accessing a property named "redact__d": {"rule": "self.redact__underscores__d > 0"}
	//
	// Equality on arrays with x-kubernetes-list-type of 'set' or 'map' ignores element order, i.e. [1, 2] == [2, 1].
	// Concatenation on arrays with x-kubernetes-list-type use the semantics of the list type:
	//   - 'set': `X + Y` performs a union where the array positions of all elements in `X` are preserved and
	//     non-intersecting elements in `Y` are appended, retaining their partial order.
	//   - 'map': `X + Y` performs a merge where the array positions of all keys in `X` are preserved but the values
	//     are overwritten by values in `Y` when the key sets of `X` and `Y` intersect. Elements in `Y` with
	//     non-intersecting keys are appended, retaining their partial order.
	//
	// If `rule` makes use of the `oldSelf` variable it is implicitly a
	// `transition rule`.
	//
	// By default, the `oldSelf` variable is the same type as `self`.
	// When `optionalOldSelf` is true, the `oldSelf` variable is a CEL optional
	//  variable whose value() is the same type as `self`.
	// See the documentation for the `optionalOldSelf` field for details.
	//
	// Transition rules by default are applied only on UPDATE requests and are
	// skipped if an old value could not be found. You can opt a transition
	// rule into unconditional evaluation by setting `optionalOldSelf` to true.
	//
	Rule string
	// Message represents the message displayed when validation fails. The message is required if the Rule contains
	// line breaks. The message must not contain line breaks.
	// If unset, the message is "failed rule: {Rule}".
	// e.g. "must be a URL with the host matching spec.host"
	Message string
	// MessageExpression declares a CEL expression that evaluates to the validation failure message that is returned when this rule fails.
	// Since messageExpression is used as a failure message, it must evaluate to a string.
	// If both message and messageExpression are present on a rule, then messageExpression will be used if validation
	// fails. If messageExpression results in a runtime error, the runtime error is logged, and the validation failure message is produced
	// as if the messageExpression field were unset. If messageExpression evaluates to an empty string, a string with only spaces, or a string
	// that contains line breaks, then the validation failure message will also be produced as if the messageExpression field were unset, and
	// the fact that messageExpression produced an empty string/string with only spaces/string with line breaks will be logged.
	// messageExpression has access to all the same variables as the rule; the only difference is the return type.
	// Example:
	// "x must be less than max ("+string(self.max)+")"
	// +optional
	MessageExpression string
	// reason provides a machine-readable validation failure reason that is returned to the caller when a request fails this validation rule.
	// The HTTP status code returned to the caller will match the reason of the reason of the first failed validation rule.
	// The currently supported reasons are: "FieldValueInvalid", "FieldValueForbidden", "FieldValueRequired", "FieldValueDuplicate".
	// If not set, default to use "FieldValueInvalid".
	// All future added reasons must be accepted by clients when reading this value and unknown reasons should be treated as FieldValueInvalid.
	// +optional
	Reason *FieldValueErrorReason
	// fieldPath represents the field path returned when the validation fails.
	// It must be a relative JSON path (i.e. with array notation) scoped to the location of this x-kubernetes-validations extension in the schema and refer to an existing field.
	// e.g. when validation checks if a specific attribute `foo` under a map `testMap`, the fieldPath could be set to `.testMap.foo`
	// If the validation checks two lists must have unique attributes, the fieldPath could be set to either of the list: e.g. `.testList`
	// It does not support list numeric index.
	// It supports child operation to refer to an existing field currently. Refer to [JSONPath support in Kubernetes](https://kubernetes.io/docs/reference/kubectl/jsonpath/) for more info.
	// Numeric index of array is not supported.
	// For field name which contains special characters, use `['specialName']` to refer the field name.
	// e.g. for attribute `foo.34$` appears in a list `testList`, the fieldPath could be set to `.testList['foo.34$']`
	// +optional
	FieldPath string

	// optionalOldSelf is used to opt a transition rule into evaluation
	// even when the object is first created, or if the old object is
	// missing the value.
	//
	// When enabled `oldSelf` will be a CEL optional whose value will be
	// `None` if there is no old value, or when the object is initially created.
	//
	// You may check for presence of oldSelf using `oldSelf.hasValue()` and
	// unwrap it after checking using `oldSelf.value()`. Check the CEL
	// documentation for Optional types for more information:
	// https://pkg.go.dev/github.com/google/cel-go/cel#OptionalTypes
	//
	// May not be set unless `oldSelf` is used in `rule`.
	//
	// +featureGate=CRDValidationRatcheting
	// +optional
	OptionalOldSelf *bool
}

ValidationRule describes a validation rule written in the CEL expression language.

func (*ValidationRule) DeepCopy added in v0.23.0

func (in *ValidationRule) DeepCopy() *ValidationRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValidationRule.

func (*ValidationRule) DeepCopyInto added in v0.23.0

func (in *ValidationRule) DeepCopyInto(out *ValidationRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ValidationRules added in v0.23.0

type ValidationRules []ValidationRule

ValidationRules describes a list of validation rules written in the CEL expression language.

func (ValidationRules) DeepCopy added in v0.23.0

func (in ValidationRules) DeepCopy() ValidationRules

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValidationRules.

func (ValidationRules) DeepCopyInto added in v0.23.0

func (in ValidationRules) DeepCopyInto(out *ValidationRules)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WebhookClientConfig

type WebhookClientConfig struct {
	// `url` gives the location of the webhook, in standard URL form
	// (`scheme://host:port/path`). Exactly one of `url` or `service`
	// must be specified.
	//
	// The `host` should not refer to a service running in the cluster; use
	// the `service` field instead. The host might be resolved via external
	// DNS in some apiservers (e.g., `kube-apiserver` cannot resolve
	// in-cluster DNS as that would be a layering violation). `host` may
	// also be an IP address.
	//
	// Please note that using `localhost` or `127.0.0.1` as a `host` is
	// risky unless you take great care to run this webhook on all hosts
	// which run an apiserver which might need to make calls to this
	// webhook. Such installs are likely to be non-portable, i.e., not easy
	// to turn up in a new cluster.
	//
	// The scheme must be "https"; the URL must begin with "https://".
	//
	// A path is optional, and if present may be any string permissible in
	// a URL. You may use the path to pass an arbitrary string to the
	// webhook, for example, a cluster identifier.
	//
	// Attempting to use a user or basic auth e.g. "user:password@" is not
	// allowed. Fragments ("#...") and query parameters ("?...") are not
	// allowed, either.
	//
	// +optional
	URL *string

	// `service` is a reference to the service for this webhook. Either
	// `service` or `url` must be specified.
	//
	// If the webhook is running within the cluster, then you should use `service`.
	//
	// +optional
	Service *ServiceReference

	// `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate.
	// If unspecified, system trust roots on the apiserver are used.
	// +optional
	CABundle []byte
}

WebhookClientConfig contains the information to make a TLS connection with the webhook. It has the same field as admissionregistration.internal.WebhookClientConfig.

func (*WebhookClientConfig) DeepCopy

func (in *WebhookClientConfig) DeepCopy() *WebhookClientConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookClientConfig.

func (*WebhookClientConfig) DeepCopyInto

func (in *WebhookClientConfig) DeepCopyInto(out *WebhookClientConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Directories

Path Synopsis
Package v1 is the v1 version of the API.
Package v1 is the v1 version of the API.
Package v1beta1 is the v1beta1 version of the API.
Package v1beta1 is the v1beta1 version of the API.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL