{ "description": "RadixApplication describes an application", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Specification for an application.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/", "properties": { "build": { "description": "Build contains configuration used by pipeline jobs.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#build", "properties": { "secrets": { "description": "Defines a list of secrets that will be passed as ARGs when building Dockerfile.\nThe secrets can also be accessed in sub-pipelines.", "items": { "type": "string" }, "type": "array" }, "subPipeline": { "description": "SubPipeline common configuration for all environments.", "properties": { "identity": { "description": "Configuration for workload identity (federated credentials).\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#identity", "properties": { "azure": { "description": "Azure identity configuration", "properties": { "clientId": { "description": "Defines the Client ID for a user defined managed identity or application ID for an application registration.", "type": "string" } }, "required": [ "clientId" ], "type": "object" } }, "type": "object" }, "variables": { "additionalProperties": { "type": "string" }, "description": "Defines variables, that will be available in sub-pipelines.", "type": "object" } }, "type": "object" }, "useBuildCache": { "description": "Defaults to true and requires useBuildKit to have an effect.\nNote: All layers will be cached and can be available for other Radix Apps. Do not add secrets to a Dockerfile layer.", "type": "boolean" }, "useBuildKit": { "description": "Enables BuildKit when building Dockerfile.\nMore info about BuildKit: https://docs.docker.com/build/buildkit/", "type": "boolean" }, "variables": { "additionalProperties": { "type": "string" }, "description": "Defines variables that will be available in sub-pipelines.", "type": "object" } }, "type": "object" }, "components": { "description": "List of component specification for the application.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#components", "items": { "description": "RadixComponent defines a component.", "properties": { "alwaysPullImageOnDeploy": { "description": "Forces check/pull of images using static tags, e.g. myimage:latest, when deploying using deploy-only.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#alwayspullimageondeploy", "type": "boolean" }, "authentication": { "description": "Configuration for TLS client certificate or OAuth2 authentication.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#authentication", "properties": { "clientCertificate": { "description": "Configuration for TLS client certificate authentication.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#clientcertificate", "properties": { "passCertificateToUpstream": { "description": "Pass client certificate to backend in header ssl-client-cert.\nThis setting has no effect if verification is set to off.", "type": "boolean" }, "verification": { "description": "Defines how the client certificate shall be verified.", "enum": [ "on", "off", "optional", "optional_no_ca" ], "type": "string" } }, "type": "object" }, "oauth2": { "description": "Configuration for OAuth2 authentication.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#oauth2", "properties": { "clientId": { "description": "Client ID of the application.", "type": "string" }, "cookie": { "description": "Session cookie settings.", "properties": { "expire": { "description": "Defines the expire timeframe for the session cookie.", "type": "string" }, "name": { "description": "Defines the name of the OAuth session cookie.", "type": "string" }, "refresh": { "description": "The interval between cookie refreshes.\nThe value must be a shorter timeframe than values set in Expire.", "type": "string" }, "sameSite": { "description": "Defines the samesite cookie attribute", "enum": [ "strict", "lax", "none", "" ], "type": "string" } }, "type": "object" }, "cookieStore": { "description": "Settings for the cookie that stores session data when SessionStoreType is cookie.", "properties": { "minimal": { "description": "Strips OAuth tokens from cookies if they are not needed.\nCookie.Refresh must be 0, and both SetXAuthRequestHeaders and SetAuthorizationHeader must be false if this setting is true.", "type": "boolean" } }, "type": "object" }, "loginUrl": { "description": "Defines the authentication endpoint of the identity provider.\nMust be set if OIDC.SkipDiscovery is true", "type": "string" }, "oidc": { "description": "OIDC settings.", "properties": { "insecureSkipVerifyNonce": { "description": "Skip verifying the OIDC ID Token's nonce claim", "type": "boolean" }, "issuerUrl": { "description": "Defines the OIDC issuer URL.", "type": "string" }, "jwksUrl": { "description": "Defines the OIDC JWKS URL for token verification.\nRequired if OIDC discovery is disabled.", "type": "string" }, "skipDiscovery": { "description": "Defines if OIDC endpoint discovery should be bypassed.\nLoginURL, RedeemURL, JWKSURL must be configured if discovery is disabled.", "type": "boolean" } }, "type": "object" }, "proxyPrefix": { "description": "Defines the url root path that OAuth Proxy should be nested under.", "type": "string" }, "redeemUrl": { "description": "Defines the endpoint to redeem the authorization code received from the OAuth code flow.\nMust be set if OIDC.SkipDiscovery is true", "type": "string" }, "redisStore": { "description": "Settings for Redis store when SessionStoreType is redis.", "properties": { "connectionUrl": { "description": "Defines the URL for the Redis server.", "type": "string" } }, "required": [ "connectionUrl" ], "type": "object" }, "scope": { "description": "Requested scopes.", "type": "string" }, "sessionStoreType": { "description": "Defines where to store session data.", "enum": [ "cookie", "redis", "" ], "type": "string" }, "setAuthorizationHeader": { "description": "Defines if the IDToken received by the OAuth Proxy should be added to the Authorization header.", "type": "boolean" }, "setXAuthRequestHeaders": { "description": "Defines if claims from the access token is added to the X-Auth-Request-User, X-Auth-Request-Groups,\nX-Auth-Request-Email and X-Auth-Request-Preferred-Username request headers.\nThe access token is passed in the X-Auth-Request-Access-Token header.", "type": "boolean" } }, "type": "object" } }, "type": "object" }, "dockerfileName": { "description": "Name of the Dockerfile that builds the component.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#dockerfilename", "type": "string" }, "enabled": { "description": "Controls if the component shall be deployed.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#enabled", "type": "boolean" }, "environmentConfig": { "description": "Configure environment specific settings for the component.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#environmentconfig", "items": { "description": "RadixEnvironmentConfig defines environment specific settings for component.", "properties": { "alwaysPullImageOnDeploy": { "description": "Forces check/pull of images using static tags, e.g. myimage:latest, when deploying using deploy-only.", "type": "boolean" }, "authentication": { "description": "Environment specific configuration for TLS client certificate or OAuth2 authentication.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#authentication", "properties": { "clientCertificate": { "description": "Configuration for TLS client certificate authentication.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#clientcertificate", "properties": { "passCertificateToUpstream": { "description": "Pass client certificate to backend in header ssl-client-cert.\nThis setting has no effect if verification is set to off.", "type": "boolean" }, "verification": { "description": "Defines how the client certificate shall be verified.", "enum": [ "on", "off", "optional", "optional_no_ca" ], "type": "string" } }, "type": "object" }, "oauth2": { "description": "Configuration for OAuth2 authentication.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#oauth2", "properties": { "clientId": { "description": "Client ID of the application.", "type": "string" }, "cookie": { "description": "Session cookie settings.", "properties": { "expire": { "description": "Defines the expire timeframe for the session cookie.", "type": "string" }, "name": { "description": "Defines the name of the OAuth session cookie.", "type": "string" }, "refresh": { "description": "The interval between cookie refreshes.\nThe value must be a shorter timeframe than values set in Expire.", "type": "string" }, "sameSite": { "description": "Defines the samesite cookie attribute", "enum": [ "strict", "lax", "none", "" ], "type": "string" } }, "type": "object" }, "cookieStore": { "description": "Settings for the cookie that stores session data when SessionStoreType is cookie.", "properties": { "minimal": { "description": "Strips OAuth tokens from cookies if they are not needed.\nCookie.Refresh must be 0, and both SetXAuthRequestHeaders and SetAuthorizationHeader must be false if this setting is true.", "type": "boolean" } }, "type": "object" }, "loginUrl": { "description": "Defines the authentication endpoint of the identity provider.\nMust be set if OIDC.SkipDiscovery is true", "type": "string" }, "oidc": { "description": "OIDC settings.", "properties": { "insecureSkipVerifyNonce": { "description": "Skip verifying the OIDC ID Token's nonce claim", "type": "boolean" }, "issuerUrl": { "description": "Defines the OIDC issuer URL.", "type": "string" }, "jwksUrl": { "description": "Defines the OIDC JWKS URL for token verification.\nRequired if OIDC discovery is disabled.", "type": "string" }, "skipDiscovery": { "description": "Defines if OIDC endpoint discovery should be bypassed.\nLoginURL, RedeemURL, JWKSURL must be configured if discovery is disabled.", "type": "boolean" } }, "type": "object" }, "proxyPrefix": { "description": "Defines the url root path that OAuth Proxy should be nested under.", "type": "string" }, "redeemUrl": { "description": "Defines the endpoint to redeem the authorization code received from the OAuth code flow.\nMust be set if OIDC.SkipDiscovery is true", "type": "string" }, "redisStore": { "description": "Settings for Redis store when SessionStoreType is redis.", "properties": { "connectionUrl": { "description": "Defines the URL for the Redis server.", "type": "string" } }, "required": [ "connectionUrl" ], "type": "object" }, "scope": { "description": "Requested scopes.", "type": "string" }, "sessionStoreType": { "description": "Defines where to store session data.", "enum": [ "cookie", "redis", "" ], "type": "string" }, "setAuthorizationHeader": { "description": "Defines if the IDToken received by the OAuth Proxy should be added to the Authorization header.", "type": "boolean" }, "setXAuthRequestHeaders": { "description": "Defines if claims from the access token is added to the X-Auth-Request-User, X-Auth-Request-Groups,\nX-Auth-Request-Email and X-Auth-Request-Preferred-Username request headers.\nThe access token is passed in the X-Auth-Request-Access-Token header.", "type": "boolean" } }, "type": "object" } }, "type": "object" }, "dockerfileName": { "description": "Name of the Dockerfile that builds the component.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#dockerfilename", "type": "string" }, "enabled": { "description": "Controls if the component shall be deployed to this environment.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#enabled", "type": "boolean" }, "environment": { "description": "Name of the environment which the settings applies to.", "maxLength": 63, "minLength": 1, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" }, "horizontalScaling": { "description": "Configuration for automatic horizontal scaling of replicas.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#horizontalscaling", "properties": { "maxReplicas": { "description": "Defines the maximum number of replicas.", "format": "int32", "minimum": 1, "type": "integer" }, "minReplicas": { "description": "Defines the minimum number of replicas.", "format": "int32", "minimum": 0, "type": "integer" }, "resources": { "description": "Defines the resource usage parameters for the horizontal pod autoscaler.", "properties": { "cpu": { "description": "Defines the CPU usage parameters for the horizontal pod autoscaler.", "properties": { "averageUtilization": { "description": "Defines the resource usage which triggers scaling for the horizontal pod autoscaler.", "format": "int32", "minimum": 1, "type": "integer" } }, "required": [ "averageUtilization" ], "type": "object" }, "memory": { "description": "Defines the memory usage parameters for the horizontal pod autoscaler.", "properties": { "averageUtilization": { "description": "Defines the resource usage which triggers scaling for the horizontal pod autoscaler.", "format": "int32", "minimum": 1, "type": "integer" } }, "required": [ "averageUtilization" ], "type": "object" } }, "type": "object" } }, "required": [ "maxReplicas" ], "type": "object" }, "identity": { "description": "Environment specific configuration for workload identity (federated credentials).\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#identity", "properties": { "azure": { "description": "Azure identity configuration", "properties": { "clientId": { "description": "Defines the Client ID for a user defined managed identity or application ID for an application registration.", "type": "string" } }, "required": [ "clientId" ], "type": "object" } }, "type": "object" }, "image": { "description": "Name of an existing container image to use when running the component.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#image", "type": "string" }, "imageTagName": { "description": "The imageTagName allows for flexible configuration of fixed images,\nbuilt outside of Radix, to be configured with separate tag for each environment.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#imagetagname", "type": "string" }, "monitoring": { "description": "Enabled or disables collection of custom Prometheus metrics.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#monitoring", "type": "boolean" }, "node": { "description": "Environment specific GPU requirements for the component.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#node", "properties": { "gpu": { "description": "Defines rules for allowed GPU types.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#gpu", "type": "string" }, "gpuCount": { "description": "Defines minimum number of required GPUs.", "type": "string" } }, "type": "object" }, "readOnlyFileSystem": { "description": "Controls if the filesystem shall be read-only.", "type": "boolean" }, "replicas": { "description": "Number of desired replicas.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#replicas", "minimum": 0, "type": "integer" }, "resources": { "description": "Environment specific configuration for CPU and memory resources.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#resources", "properties": { "limits": { "additionalProperties": { "type": "string" }, "description": "Limits describes the maximum amount of compute resources allowed.", "type": "object" }, "requests": { "additionalProperties": { "type": "string" }, "description": "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if\nthat is explicitly specified, otherwise to an implementation-defined value.", "type": "object" } }, "type": "object" }, "secretRefs": { "description": "Environment specific configuration for external secret stores, like Azure KeyVault.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#secretrefs", "properties": { "azureKeyVaults": { "description": "List of Azure Key Vaults to get secrets from.", "items": { "description": "RadixAzureKeyVault defines an Azure keyvault.", "properties": { "items": { "description": "List of keyvault items (secrets, keys and certificates).", "items": { "description": "RadixAzureKeyVaultItem defines Azure Key Vault setting: secrets, keys, certificates", "properties": { "alias": { "description": "Alias overrides the default file name used when mounting the secret, key or certificate.", "minLength": 1, "type": "string" }, "encoding": { "description": "Encoding defines the encoding of a keyvault item when stored in the container.\nSetting encoding to base64 and format to pfx will fetch and write the base64 decoded pfx binary.", "enum": [ "base64" ], "type": "string" }, "envVar": { "description": "Defines the name of the environment variable that will contain the value of the secret, key or certificate.", "type": "string" }, "format": { "description": "Defines the format of the keyvault item.\npfx is only supported with type secret and PKCS12 or ECC certificate.\nDefault format for certificates is pem.", "enum": [ "pem", "pfx" ], "type": "string" }, "k8sSecretType": { "description": "K8sSecretType defines the type of Kubernetes secret the keyvault item will be stored in.\nopaque corresponds to \"Opaque\" and \"kubernetes.io/tls\" secret types: https://kubernetes.io/docs/concepts/configuration/secret/#secret-types", "enum": [ "opaque", "tls" ], "type": "string" }, "name": { "description": "Name of a secret, key or certificate in the keyvault.", "maxLength": 127, "minLength": 1, "type": "string" }, "type": { "description": "Type of item in the keyvault referenced by the name.", "enum": [ "secret", "key", "cert" ], "type": "string" }, "version": { "description": "Defines that a specific version of a keyvault item should be loaded.\nThe latest version is loaded when this field is not set.", "type": "string" } }, "required": [ "name" ], "type": "object" }, "minItems": 1, "type": "array" }, "name": { "description": "Name of the Azure keyvault.", "maxLength": 24, "minLength": 3, "type": "string" }, "path": { "description": "Path where secrets from the keyvault is mounted.", "minLength": 1, "type": "string" }, "useAzureIdentity": { "description": "UseAzureIdentity defines that credentials for accessing Azure Key Vault will be acquired using Azure Workload Identity instead of using a ClientID and Secret.", "type": "boolean" } }, "required": [ "items", "name" ], "type": "object" }, "type": "array" } }, "type": "object" }, "src": { "description": "Path to the Dockerfile that builds the component.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#src", "type": "string" }, "variables": { "additionalProperties": { "type": "string" }, "description": "Environment specific environment variables.\nVariable names defined here have precedence over variables defined on component level.", "type": "object" }, "volumeMounts": { "description": "Configuration for mounting cloud storage into the component.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#volumemounts", "items": { "description": "RadixVolumeMount defines an external storage resource.", "properties": { "accessMode": { "description": "Access mode from a container to an external storage. ReadOnlyMany (default), ReadWriteOnce, ReadWriteMany.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "enum": [ "ReadOnlyMany", "ReadWriteOnce", "ReadWriteMany", "" ], "type": "string" }, "azureFile": { "description": "AzureFile settings for Azure File CSI driver", "properties": { "accessMode": { "description": "Access mode from a container to an external storage. ReadOnlyMany (default), ReadWriteOnce, ReadWriteMany.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "ReadOnlyMany", "ReadWriteOnce", "ReadWriteMany", "" ], "type": "string" }, "bindingMode": { "description": "Binding mode from a container to an external storage. Immediate (default), WaitForFirstConsumer.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "Immediate", "WaitForFirstConsumer", "" ], "type": "string" }, "gid": { "description": "GID defines the group ID (number) which will be set as owner of the mounted volume.", "type": "string" }, "requestsStorage": { "description": "Requested size (opens new window)of allocated mounted volume. Default value is set to \"1Mi\" (1 megabyte). Current version of the driver does not affect mounted volume size\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/#create-a-persistentvolumeclaim", "type": "string" }, "share": { "description": "Share. Name of the file share in the external storage resource.", "type": "string" }, "skuName": { "description": "SKU Type of Azure storage.\nMore info: https://learn.microsoft.com/en-us/rest/api/storagerp/srp_sku_types", "type": "string" }, "uid": { "description": "UID defines the user ID (number) which will be set as owner of the mounted volume.", "type": "string" } }, "type": "object" }, "bindingMode": { "description": "Binding mode from a container to an external storage. Immediate (default), WaitForFirstConsumer.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "enum": [ "Immediate", "WaitForFirstConsumer", "" ], "type": "string" }, "blobFuse2": { "description": "BlobFuse2 settings for Azure Storage FUSE CSI driver", "properties": { "accessMode": { "description": "Access mode from a container to an external storage. ReadOnlyMany (default), ReadWriteOnce, ReadWriteMany.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "ReadOnlyMany", "ReadWriteOnce", "ReadWriteMany", "" ], "type": "string" }, "bindingMode": { "description": "Binding mode from a container to an external storage. Immediate (default), WaitForFirstConsumer.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "Immediate", "WaitForFirstConsumer", "" ], "type": "string" }, "container": { "description": "Container. Name of the container in the external storage resource.", "type": "string" }, "gid": { "description": "GID defines the group ID (number) which will be set as owner of the mounted volume.", "type": "string" }, "protocol": { "description": "Holds protocols of BlobFuse2 Azure Storage FUSE driver. Default is fuse2.", "enum": [ "fuse2", "nfs", "" ], "type": "string" }, "requestsStorage": { "description": "Requested size (opens new window)of allocated mounted volume. Default value is set to \"1Mi\" (1 megabyte). Current version of the driver does not affect mounted volume size\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/#create-a-persistentvolumeclaim", "type": "string" }, "skuName": { "description": "SKU Type of Azure storage.\nMore info: https://learn.microsoft.com/en-us/rest/api/storagerp/srp_sku_types", "enum": [ "Standard_LRS", "Premium_LRS", "Standard_GRS", "Standard_RAGRS", "" ], "type": "string" }, "streaming": { "description": "Configure Streaming mode. Used for blobfuse2.\nMore info: https://github.com/Azure/azure-storage-fuse/blob/main/STREAMING.md", "properties": { "blockSize": { "description": "Optional. The size of each block to be cached in memory (in MB).", "format": "int64", "minimum": 1, "type": "integer" }, "bufferSize": { "description": "Optional. The size of each buffer to be cached in memory (in MB).", "format": "int64", "minimum": 1, "type": "integer" }, "enabled": { "description": "Enable streaming mode. Default true.", "type": "boolean" }, "maxBlocksPerFile": { "description": "Optional. The maximum number of blocks to be cached in memory.", "format": "int64", "minimum": 1, "type": "integer" }, "maxBuffers": { "description": "Optional. The total number of buffers to be cached in memory (in MB).", "format": "int64", "minimum": 1, "type": "integer" }, "streamCache": { "description": "Optional. Limit total amount of data being cached in memory to conserve memory footprint of blobfuse (in MB).", "format": "int64", "minimum": 1, "type": "integer" } }, "type": "object" }, "uid": { "description": "UID defines the user ID (number) which will be set as owner of the mounted volume.", "type": "string" }, "useAdls": { "description": "Enables blobfuse to access Azure DataLake storage account. When set to false, blobfuse will access Azure Block Blob storage account, hierarchical file system is not supported.\nDefault false. This must be turned on when HNS enabled account is mounted.", "type": "boolean" } }, "required": [ "container" ], "type": "object" }, "container": { "description": "Deprecated. Only required by the deprecated type: blob.", "type": "string" }, "emptyDir": { "description": "EmptyDir settings for EmptyDir volume", "properties": { "sizeLimit": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "description": "SizeLimit defines the size of the emptyDir volume", "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true } }, "required": [ "sizeLimit" ], "type": "object" }, "gid": { "description": "GID defines the group ID (number) which will be set as owner of the mounted volume.\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "name": { "description": "User-defined name of the volume mount.\nMust be unique for the component.", "maxLength": 40, "minLength": 1, "type": "string" }, "path": { "description": "Path defines in which directory the external storage is mounted.", "minLength": 1, "type": "string" }, "requestsStorage": { "description": "TODO: describe\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "skuName": { "description": "TODO: describe\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "storage": { "description": "Storage defines the name of the container in the external storage resource.\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "type": { "description": "Type defines the storage type.\nDeprecated, use BlobFuse2 or AzureFile instead.", "enum": [ "blob", "azure-blob", "azure-file", "" ], "type": "string" }, "uid": { "description": "UID defines the user ID (number) which will be set as owner of the mounted volume.\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" } }, "required": [ "name", "path" ], "type": "object" }, "type": "array" } }, "required": [ "environment" ], "type": "object" }, "type": "array", "x-kubernetes-list-map-keys": [ "environment" ], "x-kubernetes-list-type": "map" }, "horizontalScaling": { "description": "Configuration for automatic horizontal scaling of replicas.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#horizontalscaling", "properties": { "maxReplicas": { "description": "Defines the maximum number of replicas.", "format": "int32", "minimum": 1, "type": "integer" }, "minReplicas": { "description": "Defines the minimum number of replicas.", "format": "int32", "minimum": 0, "type": "integer" }, "resources": { "description": "Defines the resource usage parameters for the horizontal pod autoscaler.", "properties": { "cpu": { "description": "Defines the CPU usage parameters for the horizontal pod autoscaler.", "properties": { "averageUtilization": { "description": "Defines the resource usage which triggers scaling for the horizontal pod autoscaler.", "format": "int32", "minimum": 1, "type": "integer" } }, "required": [ "averageUtilization" ], "type": "object" }, "memory": { "description": "Defines the memory usage parameters for the horizontal pod autoscaler.", "properties": { "averageUtilization": { "description": "Defines the resource usage which triggers scaling for the horizontal pod autoscaler.", "format": "int32", "minimum": 1, "type": "integer" } }, "required": [ "averageUtilization" ], "type": "object" } }, "type": "object" } }, "required": [ "maxReplicas" ], "type": "object" }, "identity": { "description": "Configuration for workload identity (federated credentials).\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#identity", "properties": { "azure": { "description": "Azure identity configuration", "properties": { "clientId": { "description": "Defines the Client ID for a user defined managed identity or application ID for an application registration.", "type": "string" } }, "required": [ "clientId" ], "type": "object" } }, "type": "object" }, "image": { "description": "Name of an existing container image to use when running the component.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#image", "type": "string" }, "imageTagName": { "description": "The imageTagName allows for flexible configuration of fixed images,\nbuilt outside of Radix, it can be also configured with separate tag for each environment.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#imagetagname", "type": "string" }, "ingressConfiguration": { "description": "Additional configuration settings for ingress traffic.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#ingressconfiguration", "items": { "type": "string" }, "type": "array" }, "monitoring": { "description": "Enabled or disables collection of custom Prometheus metrics.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#monitoring", "type": "boolean" }, "monitoringConfig": { "description": "Configures the monitoring endpoint exposed by the component.\nThis endpoint is used by Prometheus to collect custom metrics.\nenvironmentConfig.monitoring must be set to true to enable collection of metrics for an environment.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#monitoringconfig", "properties": { "path": { "description": "Defines the path where metrics is served.", "type": "string" }, "portName": { "description": "Defines which port in the ports list where metrics is served.", "maxLength": 15, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" } }, "type": "object" }, "name": { "description": "Name of the component.", "maxLength": 253, "minLength": 1, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" }, "node": { "description": "Defines GPU requirements for the component.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#node", "properties": { "gpu": { "description": "Defines rules for allowed GPU types.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#gpu", "type": "string" }, "gpuCount": { "description": "Defines minimum number of required GPUs.", "type": "string" } }, "type": "object" }, "ports": { "description": "List of ports that the component bind to.", "items": { "description": "ComponentPort defines a named port.", "properties": { "name": { "description": "Name of the port.", "maxLength": 15, "minLength": 1, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" }, "port": { "description": "Port number.", "format": "int32", "maximum": 65535, "minimum": 1024, "type": "integer" } }, "required": [ "name", "port" ], "type": "object" }, "type": "array", "x-kubernetes-list-map-keys": [ "name" ], "x-kubernetes-list-type": "map" }, "public": { "description": "Deprecated, use publicPort instead.", "type": "boolean" }, "publicPort": { "description": "Defines which port (name) from the ports list that shall be accessible from the internet.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#publicport", "maxLength": 15, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" }, "readOnlyFileSystem": { "description": "Controls if the filesystem shall be read-only.", "type": "boolean" }, "resources": { "description": "Configures CPU and memory resources for the component.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#resources-common", "properties": { "limits": { "additionalProperties": { "type": "string" }, "description": "Limits describes the maximum amount of compute resources allowed.", "type": "object" }, "requests": { "additionalProperties": { "type": "string" }, "description": "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if\nthat is explicitly specified, otherwise to an implementation-defined value.", "type": "object" } }, "type": "object" }, "secretRefs": { "description": "Configuration for external secret stores, like Azure KeyVault.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#secretrefs", "properties": { "azureKeyVaults": { "description": "List of Azure Key Vaults to get secrets from.", "items": { "description": "RadixAzureKeyVault defines an Azure keyvault.", "properties": { "items": { "description": "List of keyvault items (secrets, keys and certificates).", "items": { "description": "RadixAzureKeyVaultItem defines Azure Key Vault setting: secrets, keys, certificates", "properties": { "alias": { "description": "Alias overrides the default file name used when mounting the secret, key or certificate.", "minLength": 1, "type": "string" }, "encoding": { "description": "Encoding defines the encoding of a keyvault item when stored in the container.\nSetting encoding to base64 and format to pfx will fetch and write the base64 decoded pfx binary.", "enum": [ "base64" ], "type": "string" }, "envVar": { "description": "Defines the name of the environment variable that will contain the value of the secret, key or certificate.", "type": "string" }, "format": { "description": "Defines the format of the keyvault item.\npfx is only supported with type secret and PKCS12 or ECC certificate.\nDefault format for certificates is pem.", "enum": [ "pem", "pfx" ], "type": "string" }, "k8sSecretType": { "description": "K8sSecretType defines the type of Kubernetes secret the keyvault item will be stored in.\nopaque corresponds to \"Opaque\" and \"kubernetes.io/tls\" secret types: https://kubernetes.io/docs/concepts/configuration/secret/#secret-types", "enum": [ "opaque", "tls" ], "type": "string" }, "name": { "description": "Name of a secret, key or certificate in the keyvault.", "maxLength": 127, "minLength": 1, "type": "string" }, "type": { "description": "Type of item in the keyvault referenced by the name.", "enum": [ "secret", "key", "cert" ], "type": "string" }, "version": { "description": "Defines that a specific version of a keyvault item should be loaded.\nThe latest version is loaded when this field is not set.", "type": "string" } }, "required": [ "name" ], "type": "object" }, "minItems": 1, "type": "array" }, "name": { "description": "Name of the Azure keyvault.", "maxLength": 24, "minLength": 3, "type": "string" }, "path": { "description": "Path where secrets from the keyvault is mounted.", "minLength": 1, "type": "string" }, "useAzureIdentity": { "description": "UseAzureIdentity defines that credentials for accessing Azure Key Vault will be acquired using Azure Workload Identity instead of using a ClientID and Secret.", "type": "boolean" } }, "required": [ "items", "name" ], "type": "object" }, "type": "array" } }, "type": "object" }, "secrets": { "description": "List of secret environment variable names.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#secrets", "items": { "type": "string" }, "type": "array" }, "src": { "description": "Path to the Dockerfile that builds the component.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#src", "type": "string" }, "variables": { "additionalProperties": { "type": "string" }, "description": "List of environment variables and values.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#variables-common", "type": "object" }, "volumeMounts": { "description": "Configuration for mounting cloud storage into the component.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#volumemounts", "items": { "description": "RadixVolumeMount defines an external storage resource.", "properties": { "accessMode": { "description": "Access mode from a container to an external storage. ReadOnlyMany (default), ReadWriteOnce, ReadWriteMany.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "enum": [ "ReadOnlyMany", "ReadWriteOnce", "ReadWriteMany", "" ], "type": "string" }, "azureFile": { "description": "AzureFile settings for Azure File CSI driver", "properties": { "accessMode": { "description": "Access mode from a container to an external storage. ReadOnlyMany (default), ReadWriteOnce, ReadWriteMany.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "ReadOnlyMany", "ReadWriteOnce", "ReadWriteMany", "" ], "type": "string" }, "bindingMode": { "description": "Binding mode from a container to an external storage. Immediate (default), WaitForFirstConsumer.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "Immediate", "WaitForFirstConsumer", "" ], "type": "string" }, "gid": { "description": "GID defines the group ID (number) which will be set as owner of the mounted volume.", "type": "string" }, "requestsStorage": { "description": "Requested size (opens new window)of allocated mounted volume. Default value is set to \"1Mi\" (1 megabyte). Current version of the driver does not affect mounted volume size\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/#create-a-persistentvolumeclaim", "type": "string" }, "share": { "description": "Share. Name of the file share in the external storage resource.", "type": "string" }, "skuName": { "description": "SKU Type of Azure storage.\nMore info: https://learn.microsoft.com/en-us/rest/api/storagerp/srp_sku_types", "type": "string" }, "uid": { "description": "UID defines the user ID (number) which will be set as owner of the mounted volume.", "type": "string" } }, "type": "object" }, "bindingMode": { "description": "Binding mode from a container to an external storage. Immediate (default), WaitForFirstConsumer.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "enum": [ "Immediate", "WaitForFirstConsumer", "" ], "type": "string" }, "blobFuse2": { "description": "BlobFuse2 settings for Azure Storage FUSE CSI driver", "properties": { "accessMode": { "description": "Access mode from a container to an external storage. ReadOnlyMany (default), ReadWriteOnce, ReadWriteMany.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "ReadOnlyMany", "ReadWriteOnce", "ReadWriteMany", "" ], "type": "string" }, "bindingMode": { "description": "Binding mode from a container to an external storage. Immediate (default), WaitForFirstConsumer.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "Immediate", "WaitForFirstConsumer", "" ], "type": "string" }, "container": { "description": "Container. Name of the container in the external storage resource.", "type": "string" }, "gid": { "description": "GID defines the group ID (number) which will be set as owner of the mounted volume.", "type": "string" }, "protocol": { "description": "Holds protocols of BlobFuse2 Azure Storage FUSE driver. Default is fuse2.", "enum": [ "fuse2", "nfs", "" ], "type": "string" }, "requestsStorage": { "description": "Requested size (opens new window)of allocated mounted volume. Default value is set to \"1Mi\" (1 megabyte). Current version of the driver does not affect mounted volume size\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/#create-a-persistentvolumeclaim", "type": "string" }, "skuName": { "description": "SKU Type of Azure storage.\nMore info: https://learn.microsoft.com/en-us/rest/api/storagerp/srp_sku_types", "enum": [ "Standard_LRS", "Premium_LRS", "Standard_GRS", "Standard_RAGRS", "" ], "type": "string" }, "streaming": { "description": "Configure Streaming mode. Used for blobfuse2.\nMore info: https://github.com/Azure/azure-storage-fuse/blob/main/STREAMING.md", "properties": { "blockSize": { "description": "Optional. The size of each block to be cached in memory (in MB).", "format": "int64", "minimum": 1, "type": "integer" }, "bufferSize": { "description": "Optional. The size of each buffer to be cached in memory (in MB).", "format": "int64", "minimum": 1, "type": "integer" }, "enabled": { "description": "Enable streaming mode. Default true.", "type": "boolean" }, "maxBlocksPerFile": { "description": "Optional. The maximum number of blocks to be cached in memory.", "format": "int64", "minimum": 1, "type": "integer" }, "maxBuffers": { "description": "Optional. The total number of buffers to be cached in memory (in MB).", "format": "int64", "minimum": 1, "type": "integer" }, "streamCache": { "description": "Optional. Limit total amount of data being cached in memory to conserve memory footprint of blobfuse (in MB).", "format": "int64", "minimum": 1, "type": "integer" } }, "type": "object" }, "uid": { "description": "UID defines the user ID (number) which will be set as owner of the mounted volume.", "type": "string" }, "useAdls": { "description": "Enables blobfuse to access Azure DataLake storage account. When set to false, blobfuse will access Azure Block Blob storage account, hierarchical file system is not supported.\nDefault false. This must be turned on when HNS enabled account is mounted.", "type": "boolean" } }, "required": [ "container" ], "type": "object" }, "container": { "description": "Deprecated. Only required by the deprecated type: blob.", "type": "string" }, "emptyDir": { "description": "EmptyDir settings for EmptyDir volume", "properties": { "sizeLimit": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "description": "SizeLimit defines the size of the emptyDir volume", "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true } }, "required": [ "sizeLimit" ], "type": "object" }, "gid": { "description": "GID defines the group ID (number) which will be set as owner of the mounted volume.\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "name": { "description": "User-defined name of the volume mount.\nMust be unique for the component.", "maxLength": 40, "minLength": 1, "type": "string" }, "path": { "description": "Path defines in which directory the external storage is mounted.", "minLength": 1, "type": "string" }, "requestsStorage": { "description": "TODO: describe\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "skuName": { "description": "TODO: describe\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "storage": { "description": "Storage defines the name of the container in the external storage resource.\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "type": { "description": "Type defines the storage type.\nDeprecated, use BlobFuse2 or AzureFile instead.", "enum": [ "blob", "azure-blob", "azure-file", "" ], "type": "string" }, "uid": { "description": "UID defines the user ID (number) which will be set as owner of the mounted volume.\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" } }, "required": [ "name", "path" ], "type": "object" }, "type": "array" } }, "required": [ "name" ], "type": "object" }, "type": "array", "x-kubernetes-list-map-keys": [ "name" ], "x-kubernetes-list-type": "map" }, "dnsAlias": { "description": "List of DNS names and which component and environment incoming requests shall be routed to.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#dnsalias", "items": { "description": "DNSAlias defines mapping between an DNS alias and a component and environment.", "properties": { "alias": { "description": "Alias name, e.g. my-app, which will prefix full internal alias my-app.radix.equinor.com", "maxLength": 63, "minLength": 1, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" }, "component": { "description": "Name of the component that shall receive the incoming requests.", "maxLength": 63, "minLength": 1, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" }, "environment": { "description": "Name of the environment for the component.", "maxLength": 63, "minLength": 1, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" } }, "required": [ "alias", "component", "environment" ], "type": "object" }, "type": "array", "x-kubernetes-list-map-keys": [ "alias" ], "x-kubernetes-list-type": "map" }, "dnsAppAlias": { "description": "Configure a component and environment to be linked to the app alias DNS record.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#dnsappalias", "properties": { "component": { "description": "Name of the component that shall receive the incoming requests.", "maxLength": 63, "minLength": 1, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" }, "environment": { "description": "Name of the environment for the component.", "maxLength": 63, "minLength": 1, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" } }, "type": "object" }, "dnsExternalAlias": { "description": "List of external DNS names and which component and environment incoming requests shall be routed to.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#dnsexternalalias", "items": { "description": "ExternalAlias defines mapping between an external DNS name and a component and environment.", "properties": { "alias": { "description": "DNS name, e.g. myapp.example.com.", "maxLength": 255, "minLength": 4, "pattern": "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9])$", "type": "string" }, "component": { "description": "Name of the component that shall receive the incoming requests.", "maxLength": 63, "minLength": 1, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" }, "environment": { "description": "Name of the environment for the component.", "maxLength": 63, "minLength": 1, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" }, "useCertificateAutomation": { "default": false, "description": "Enable automatic issuing and renewal of TLS certificate", "type": "boolean" } }, "required": [ "alias", "component", "environment" ], "type": "object" }, "type": "array", "x-kubernetes-list-map-keys": [ "alias" ], "x-kubernetes-list-type": "map" }, "environments": { "description": "List of environments belonging to the application.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#environments", "items": { "description": "Environment contains environment specific configuration.", "properties": { "build": { "description": "Build configuration for the environment.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#build-2", "properties": { "from": { "description": "Name of the Github branch to build from", "maxLength": 255, "minLength": 1, "type": "string" }, "variables": { "additionalProperties": { "type": "string" }, "description": "Defines variables that will be available in sub-pipelines", "type": "object" } }, "type": "object" }, "egress": { "description": "Configure egress traffic rules for components and jobs.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#egress", "properties": { "allowRadix": { "description": "Allow or deny outgoing traffic to the public IP of the Radix cluster.", "type": "boolean" }, "rules": { "description": "Defines a list of egress rules.", "items": { "description": "EgressRule defines an egress rule.", "properties": { "destinations": { "description": "List of allowed destinations.\nEach destination must be a valid IPv4 CIDR.", "items": { "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", "type": "string" }, "minItems": 1, "type": "array" }, "ports": { "description": "List of allowed ports.", "items": { "description": "EgressPort defines a port in context of EgressRule.", "properties": { "port": { "description": "Port number.", "format": "int32", "maximum": 65535, "minimum": 1, "type": "integer" }, "protocol": { "description": "Protocol.", "enum": [ "TCP", "UDP" ], "type": "string" } }, "required": [ "port", "protocol" ], "type": "object" }, "minItems": 1, "type": "array" } }, "required": [ "destinations", "ports" ], "type": "object" }, "maxItems": 1000, "type": "array" } }, "type": "object" }, "name": { "description": "Name of the environment.", "maxLength": 63, "minLength": 1, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" }, "subPipeline": { "description": "SubPipeline configuration.", "properties": { "identity": { "description": "Configuration for workload identity (federated credentials).\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#identity", "properties": { "azure": { "description": "Azure identity configuration", "properties": { "clientId": { "description": "Defines the Client ID for a user defined managed identity or application ID for an application registration.", "type": "string" } }, "required": [ "clientId" ], "type": "object" } }, "type": "object" }, "variables": { "additionalProperties": { "type": "string" }, "description": "Defines variables, that will be available in sub-pipelines.", "type": "object" } }, "type": "object" } }, "required": [ "name" ], "type": "object" }, "minItems": 1, "type": "array", "x-kubernetes-list-map-keys": [ "name" ], "x-kubernetes-list-type": "map" }, "jobs": { "description": "List of job specification for the application.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#jobs", "items": { "description": "RadixJobComponent defines a single job component within a RadixApplication\nThe job component is used by the radix-job-scheduler to create Kubernetes Job objects", "properties": { "backoffLimit": { "description": "Specifies the number of retries before marking this job failed.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#backofflimit", "format": "int32", "minimum": 0, "type": "integer" }, "dockerfileName": { "description": "Name of the Dockerfile that builds the job.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#dockerfilename-2", "type": "string" }, "enabled": { "description": "Controls if the job shall be deployed.", "type": "boolean" }, "environmentConfig": { "description": "Configure environment specific settings for the job.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#environmentconfig-2", "items": { "description": "RadixJobComponentEnvironmentConfig defines environment specific settings\nfor a single job component within a RadixApplication", "properties": { "backoffLimit": { "description": "Environment specific value for the number of retries before marking this job failed.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#backofflimit-2", "format": "int32", "minimum": 0, "type": "integer" }, "dockerfileName": { "description": "Name of the Dockerfile that builds the component.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#dockerfilename", "type": "string" }, "enabled": { "description": "Controls if the job shall be deployed to this environment.", "type": "boolean" }, "environment": { "description": "Name of the environment which the settings applies to.", "maxLength": 63, "minLength": 1, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" }, "identity": { "description": "Environment specific configuration for workload identity (federated credentials).\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#identity-2", "properties": { "azure": { "description": "Azure identity configuration", "properties": { "clientId": { "description": "Defines the Client ID for a user defined managed identity or application ID for an application registration.", "type": "string" } }, "required": [ "clientId" ], "type": "object" } }, "type": "object" }, "image": { "description": "Name of an existing container image to use when running the job.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#image-2", "type": "string" }, "imageTagName": { "description": "The imageTagName allows for flexible configuration of fixed images,\nbuilt outside of Radix, to be configured with separate tag for each environment.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#imagetagname-2", "type": "string" }, "monitoring": { "description": "Enabled or disables collection of custom Prometheus metrics.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#monitoring-2", "type": "boolean" }, "node": { "description": "Environment specific GPU requirements for the job.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#node", "properties": { "gpu": { "description": "Defines rules for allowed GPU types.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#gpu", "type": "string" }, "gpuCount": { "description": "Defines minimum number of required GPUs.", "type": "string" } }, "type": "object" }, "notifications": { "description": "Notifications about batch or job status changes", "properties": { "webhook": { "description": "Webhook is a URL for notification about internal events or changes. The URL should be of a Radix component or job-component, with not public port.", "maxLength": 253, "minLength": 1, "type": "string" } }, "type": "object" }, "readOnlyFileSystem": { "description": "Controls if the filesystem shall be read-only.", "type": "boolean" }, "resources": { "description": "Environment specific configuration for CPU and memory resources.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#resources-3", "properties": { "limits": { "additionalProperties": { "type": "string" }, "description": "Limits describes the maximum amount of compute resources allowed.", "type": "object" }, "requests": { "additionalProperties": { "type": "string" }, "description": "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if\nthat is explicitly specified, otherwise to an implementation-defined value.", "type": "object" } }, "type": "object" }, "secretRefs": { "description": "Environment specific configuration for external secret stores, like Azure KeyVault.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#secretrefs", "properties": { "azureKeyVaults": { "description": "List of Azure Key Vaults to get secrets from.", "items": { "description": "RadixAzureKeyVault defines an Azure keyvault.", "properties": { "items": { "description": "List of keyvault items (secrets, keys and certificates).", "items": { "description": "RadixAzureKeyVaultItem defines Azure Key Vault setting: secrets, keys, certificates", "properties": { "alias": { "description": "Alias overrides the default file name used when mounting the secret, key or certificate.", "minLength": 1, "type": "string" }, "encoding": { "description": "Encoding defines the encoding of a keyvault item when stored in the container.\nSetting encoding to base64 and format to pfx will fetch and write the base64 decoded pfx binary.", "enum": [ "base64" ], "type": "string" }, "envVar": { "description": "Defines the name of the environment variable that will contain the value of the secret, key or certificate.", "type": "string" }, "format": { "description": "Defines the format of the keyvault item.\npfx is only supported with type secret and PKCS12 or ECC certificate.\nDefault format for certificates is pem.", "enum": [ "pem", "pfx" ], "type": "string" }, "k8sSecretType": { "description": "K8sSecretType defines the type of Kubernetes secret the keyvault item will be stored in.\nopaque corresponds to \"Opaque\" and \"kubernetes.io/tls\" secret types: https://kubernetes.io/docs/concepts/configuration/secret/#secret-types", "enum": [ "opaque", "tls" ], "type": "string" }, "name": { "description": "Name of a secret, key or certificate in the keyvault.", "maxLength": 127, "minLength": 1, "type": "string" }, "type": { "description": "Type of item in the keyvault referenced by the name.", "enum": [ "secret", "key", "cert" ], "type": "string" }, "version": { "description": "Defines that a specific version of a keyvault item should be loaded.\nThe latest version is loaded when this field is not set.", "type": "string" } }, "required": [ "name" ], "type": "object" }, "minItems": 1, "type": "array" }, "name": { "description": "Name of the Azure keyvault.", "maxLength": 24, "minLength": 3, "type": "string" }, "path": { "description": "Path where secrets from the keyvault is mounted.", "minLength": 1, "type": "string" }, "useAzureIdentity": { "description": "UseAzureIdentity defines that credentials for accessing Azure Key Vault will be acquired using Azure Workload Identity instead of using a ClientID and Secret.", "type": "boolean" } }, "required": [ "items", "name" ], "type": "object" }, "type": "array" } }, "type": "object" }, "src": { "description": "Path to the Dockerfile that builds the component.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#src", "type": "string" }, "timeLimitSeconds": { "description": "Environment specific value for the maximum number of seconds the job can run.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#timelimitseconds-2", "format": "int64", "type": "integer" }, "variables": { "additionalProperties": { "type": "string" }, "description": "Environment specific environment variables.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#variables-2", "type": "object" }, "volumeMounts": { "description": "Configuration for mounting cloud storage into the job.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#volumemounts-2", "items": { "description": "RadixVolumeMount defines an external storage resource.", "properties": { "accessMode": { "description": "Access mode from a container to an external storage. ReadOnlyMany (default), ReadWriteOnce, ReadWriteMany.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "enum": [ "ReadOnlyMany", "ReadWriteOnce", "ReadWriteMany", "" ], "type": "string" }, "azureFile": { "description": "AzureFile settings for Azure File CSI driver", "properties": { "accessMode": { "description": "Access mode from a container to an external storage. ReadOnlyMany (default), ReadWriteOnce, ReadWriteMany.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "ReadOnlyMany", "ReadWriteOnce", "ReadWriteMany", "" ], "type": "string" }, "bindingMode": { "description": "Binding mode from a container to an external storage. Immediate (default), WaitForFirstConsumer.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "Immediate", "WaitForFirstConsumer", "" ], "type": "string" }, "gid": { "description": "GID defines the group ID (number) which will be set as owner of the mounted volume.", "type": "string" }, "requestsStorage": { "description": "Requested size (opens new window)of allocated mounted volume. Default value is set to \"1Mi\" (1 megabyte). Current version of the driver does not affect mounted volume size\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/#create-a-persistentvolumeclaim", "type": "string" }, "share": { "description": "Share. Name of the file share in the external storage resource.", "type": "string" }, "skuName": { "description": "SKU Type of Azure storage.\nMore info: https://learn.microsoft.com/en-us/rest/api/storagerp/srp_sku_types", "type": "string" }, "uid": { "description": "UID defines the user ID (number) which will be set as owner of the mounted volume.", "type": "string" } }, "type": "object" }, "bindingMode": { "description": "Binding mode from a container to an external storage. Immediate (default), WaitForFirstConsumer.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "enum": [ "Immediate", "WaitForFirstConsumer", "" ], "type": "string" }, "blobFuse2": { "description": "BlobFuse2 settings for Azure Storage FUSE CSI driver", "properties": { "accessMode": { "description": "Access mode from a container to an external storage. ReadOnlyMany (default), ReadWriteOnce, ReadWriteMany.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "ReadOnlyMany", "ReadWriteOnce", "ReadWriteMany", "" ], "type": "string" }, "bindingMode": { "description": "Binding mode from a container to an external storage. Immediate (default), WaitForFirstConsumer.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "Immediate", "WaitForFirstConsumer", "" ], "type": "string" }, "container": { "description": "Container. Name of the container in the external storage resource.", "type": "string" }, "gid": { "description": "GID defines the group ID (number) which will be set as owner of the mounted volume.", "type": "string" }, "protocol": { "description": "Holds protocols of BlobFuse2 Azure Storage FUSE driver. Default is fuse2.", "enum": [ "fuse2", "nfs", "" ], "type": "string" }, "requestsStorage": { "description": "Requested size (opens new window)of allocated mounted volume. Default value is set to \"1Mi\" (1 megabyte). Current version of the driver does not affect mounted volume size\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/#create-a-persistentvolumeclaim", "type": "string" }, "skuName": { "description": "SKU Type of Azure storage.\nMore info: https://learn.microsoft.com/en-us/rest/api/storagerp/srp_sku_types", "enum": [ "Standard_LRS", "Premium_LRS", "Standard_GRS", "Standard_RAGRS", "" ], "type": "string" }, "streaming": { "description": "Configure Streaming mode. Used for blobfuse2.\nMore info: https://github.com/Azure/azure-storage-fuse/blob/main/STREAMING.md", "properties": { "blockSize": { "description": "Optional. The size of each block to be cached in memory (in MB).", "format": "int64", "minimum": 1, "type": "integer" }, "bufferSize": { "description": "Optional. The size of each buffer to be cached in memory (in MB).", "format": "int64", "minimum": 1, "type": "integer" }, "enabled": { "description": "Enable streaming mode. Default true.", "type": "boolean" }, "maxBlocksPerFile": { "description": "Optional. The maximum number of blocks to be cached in memory.", "format": "int64", "minimum": 1, "type": "integer" }, "maxBuffers": { "description": "Optional. The total number of buffers to be cached in memory (in MB).", "format": "int64", "minimum": 1, "type": "integer" }, "streamCache": { "description": "Optional. Limit total amount of data being cached in memory to conserve memory footprint of blobfuse (in MB).", "format": "int64", "minimum": 1, "type": "integer" } }, "type": "object" }, "uid": { "description": "UID defines the user ID (number) which will be set as owner of the mounted volume.", "type": "string" }, "useAdls": { "description": "Enables blobfuse to access Azure DataLake storage account. When set to false, blobfuse will access Azure Block Blob storage account, hierarchical file system is not supported.\nDefault false. This must be turned on when HNS enabled account is mounted.", "type": "boolean" } }, "required": [ "container" ], "type": "object" }, "container": { "description": "Deprecated. Only required by the deprecated type: blob.", "type": "string" }, "emptyDir": { "description": "EmptyDir settings for EmptyDir volume", "properties": { "sizeLimit": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "description": "SizeLimit defines the size of the emptyDir volume", "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true } }, "required": [ "sizeLimit" ], "type": "object" }, "gid": { "description": "GID defines the group ID (number) which will be set as owner of the mounted volume.\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "name": { "description": "User-defined name of the volume mount.\nMust be unique for the component.", "maxLength": 40, "minLength": 1, "type": "string" }, "path": { "description": "Path defines in which directory the external storage is mounted.", "minLength": 1, "type": "string" }, "requestsStorage": { "description": "TODO: describe\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "skuName": { "description": "TODO: describe\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "storage": { "description": "Storage defines the name of the container in the external storage resource.\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "type": { "description": "Type defines the storage type.\nDeprecated, use BlobFuse2 or AzureFile instead.", "enum": [ "blob", "azure-blob", "azure-file", "" ], "type": "string" }, "uid": { "description": "UID defines the user ID (number) which will be set as owner of the mounted volume.\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" } }, "required": [ "name", "path" ], "type": "object" }, "type": "array" } }, "required": [ "environment" ], "type": "object" }, "type": "array", "x-kubernetes-list-map-keys": [ "environment" ], "x-kubernetes-list-type": "map" }, "identity": { "description": "Configuration for workload identity (federated credentials).\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#identity-2", "properties": { "azure": { "description": "Azure identity configuration", "properties": { "clientId": { "description": "Defines the Client ID for a user defined managed identity or application ID for an application registration.", "type": "string" } }, "required": [ "clientId" ], "type": "object" } }, "type": "object" }, "image": { "description": "Name of an existing container image to use when running the job.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#image-2", "type": "string" }, "imageTagName": { "description": "The imageTagName allows for flexible configuration of fixed images,\nbuilt outside of Radix, it can be also configured with separate tag for each environment.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#imagetagname", "type": "string" }, "monitoring": { "description": "Enabled or disables collection of custom Prometheus metrics.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#monitoring", "type": "boolean" }, "monitoringConfig": { "description": "Configures the monitoring endpoint exposed by the job.\nThis endpoint is used by Prometheus to collect custom metrics.\nenvironmentConfig.monitoring must be set to true to enable collection of metrics for an environment.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#monitoringconfig-2", "properties": { "path": { "description": "Defines the path where metrics is served.", "type": "string" }, "portName": { "description": "Defines which port in the ports list where metrics is served.", "maxLength": 15, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" } }, "type": "object" }, "name": { "description": "Name of the environment which the settings applies to.", "maxLength": 253, "minLength": 1, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" }, "node": { "description": "Defines GPU requirements for the job.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#node", "properties": { "gpu": { "description": "Defines rules for allowed GPU types.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#gpu", "type": "string" }, "gpuCount": { "description": "Defines minimum number of required GPUs.", "type": "string" } }, "type": "object" }, "notifications": { "description": "Notifications about batch or job status changes", "properties": { "webhook": { "description": "Webhook is a URL for notification about internal events or changes. The URL should be of a Radix component or job-component, with not public port.", "maxLength": 253, "minLength": 1, "type": "string" } }, "type": "object" }, "payload": { "description": "Defines the path where the job payload is mounted.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#payload", "properties": { "path": { "description": "Path to the folder where payload is mounted", "minLength": 1, "type": "string" } }, "required": [ "path" ], "type": "object" }, "ports": { "description": "List of ports that the job binds to.", "items": { "description": "ComponentPort defines a named port.", "properties": { "name": { "description": "Name of the port.", "maxLength": 15, "minLength": 1, "pattern": "^(([a-z0-9][-a-z0-9]*)?[a-z0-9])?$", "type": "string" }, "port": { "description": "Port number.", "format": "int32", "maximum": 65535, "minimum": 1024, "type": "integer" } }, "required": [ "name", "port" ], "type": "object" }, "type": "array", "x-kubernetes-list-map-keys": [ "name" ], "x-kubernetes-list-type": "map" }, "readOnlyFileSystem": { "description": "Controls if the filesystem shall be read-only.", "type": "boolean" }, "resources": { "description": "Configures CPU and memory resources for the job.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#resources-common-2", "properties": { "limits": { "additionalProperties": { "type": "string" }, "description": "Limits describes the maximum amount of compute resources allowed.", "type": "object" }, "requests": { "additionalProperties": { "type": "string" }, "description": "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if\nthat is explicitly specified, otherwise to an implementation-defined value.", "type": "object" } }, "type": "object" }, "schedulerPort": { "description": "Defines the port number that the job-scheduler API server will listen to.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#schedulerport", "format": "int32", "maximum": 65535, "minimum": 1024, "type": "integer" }, "secretRefs": { "description": "Configuration for external secret stores, like Azure KeyVault.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#secretrefs", "properties": { "azureKeyVaults": { "description": "List of Azure Key Vaults to get secrets from.", "items": { "description": "RadixAzureKeyVault defines an Azure keyvault.", "properties": { "items": { "description": "List of keyvault items (secrets, keys and certificates).", "items": { "description": "RadixAzureKeyVaultItem defines Azure Key Vault setting: secrets, keys, certificates", "properties": { "alias": { "description": "Alias overrides the default file name used when mounting the secret, key or certificate.", "minLength": 1, "type": "string" }, "encoding": { "description": "Encoding defines the encoding of a keyvault item when stored in the container.\nSetting encoding to base64 and format to pfx will fetch and write the base64 decoded pfx binary.", "enum": [ "base64" ], "type": "string" }, "envVar": { "description": "Defines the name of the environment variable that will contain the value of the secret, key or certificate.", "type": "string" }, "format": { "description": "Defines the format of the keyvault item.\npfx is only supported with type secret and PKCS12 or ECC certificate.\nDefault format for certificates is pem.", "enum": [ "pem", "pfx" ], "type": "string" }, "k8sSecretType": { "description": "K8sSecretType defines the type of Kubernetes secret the keyvault item will be stored in.\nopaque corresponds to \"Opaque\" and \"kubernetes.io/tls\" secret types: https://kubernetes.io/docs/concepts/configuration/secret/#secret-types", "enum": [ "opaque", "tls" ], "type": "string" }, "name": { "description": "Name of a secret, key or certificate in the keyvault.", "maxLength": 127, "minLength": 1, "type": "string" }, "type": { "description": "Type of item in the keyvault referenced by the name.", "enum": [ "secret", "key", "cert" ], "type": "string" }, "version": { "description": "Defines that a specific version of a keyvault item should be loaded.\nThe latest version is loaded when this field is not set.", "type": "string" } }, "required": [ "name" ], "type": "object" }, "minItems": 1, "type": "array" }, "name": { "description": "Name of the Azure keyvault.", "maxLength": 24, "minLength": 3, "type": "string" }, "path": { "description": "Path where secrets from the keyvault is mounted.", "minLength": 1, "type": "string" }, "useAzureIdentity": { "description": "UseAzureIdentity defines that credentials for accessing Azure Key Vault will be acquired using Azure Workload Identity instead of using a ClientID and Secret.", "type": "boolean" } }, "required": [ "items", "name" ], "type": "object" }, "type": "array" } }, "type": "object" }, "secrets": { "description": "List of secret environment variable names.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#secrets-2", "items": { "type": "string" }, "type": "array" }, "src": { "description": "Path to the Dockerfile that builds the job.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#src-2", "type": "string" }, "timeLimitSeconds": { "description": "The maximum number of seconds the job can run.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#timelimitseconds", "format": "int64", "type": "integer" }, "variables": { "additionalProperties": { "type": "string" }, "description": "List of environment variables and values.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#variables-common-2", "type": "object" }, "volumeMounts": { "description": "Configuration for mounting cloud storage into the component.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#volumemounts", "items": { "description": "RadixVolumeMount defines an external storage resource.", "properties": { "accessMode": { "description": "Access mode from a container to an external storage. ReadOnlyMany (default), ReadWriteOnce, ReadWriteMany.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "enum": [ "ReadOnlyMany", "ReadWriteOnce", "ReadWriteMany", "" ], "type": "string" }, "azureFile": { "description": "AzureFile settings for Azure File CSI driver", "properties": { "accessMode": { "description": "Access mode from a container to an external storage. ReadOnlyMany (default), ReadWriteOnce, ReadWriteMany.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "ReadOnlyMany", "ReadWriteOnce", "ReadWriteMany", "" ], "type": "string" }, "bindingMode": { "description": "Binding mode from a container to an external storage. Immediate (default), WaitForFirstConsumer.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "Immediate", "WaitForFirstConsumer", "" ], "type": "string" }, "gid": { "description": "GID defines the group ID (number) which will be set as owner of the mounted volume.", "type": "string" }, "requestsStorage": { "description": "Requested size (opens new window)of allocated mounted volume. Default value is set to \"1Mi\" (1 megabyte). Current version of the driver does not affect mounted volume size\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/#create-a-persistentvolumeclaim", "type": "string" }, "share": { "description": "Share. Name of the file share in the external storage resource.", "type": "string" }, "skuName": { "description": "SKU Type of Azure storage.\nMore info: https://learn.microsoft.com/en-us/rest/api/storagerp/srp_sku_types", "type": "string" }, "uid": { "description": "UID defines the user ID (number) which will be set as owner of the mounted volume.", "type": "string" } }, "type": "object" }, "bindingMode": { "description": "Binding mode from a container to an external storage. Immediate (default), WaitForFirstConsumer.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "enum": [ "Immediate", "WaitForFirstConsumer", "" ], "type": "string" }, "blobFuse2": { "description": "BlobFuse2 settings for Azure Storage FUSE CSI driver", "properties": { "accessMode": { "description": "Access mode from a container to an external storage. ReadOnlyMany (default), ReadWriteOnce, ReadWriteMany.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "ReadOnlyMany", "ReadWriteOnce", "ReadWriteMany", "" ], "type": "string" }, "bindingMode": { "description": "Binding mode from a container to an external storage. Immediate (default), WaitForFirstConsumer.\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/", "enum": [ "Immediate", "WaitForFirstConsumer", "" ], "type": "string" }, "container": { "description": "Container. Name of the container in the external storage resource.", "type": "string" }, "gid": { "description": "GID defines the group ID (number) which will be set as owner of the mounted volume.", "type": "string" }, "protocol": { "description": "Holds protocols of BlobFuse2 Azure Storage FUSE driver. Default is fuse2.", "enum": [ "fuse2", "nfs", "" ], "type": "string" }, "requestsStorage": { "description": "Requested size (opens new window)of allocated mounted volume. Default value is set to \"1Mi\" (1 megabyte). Current version of the driver does not affect mounted volume size\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/#create-a-persistentvolumeclaim", "type": "string" }, "skuName": { "description": "SKU Type of Azure storage.\nMore info: https://learn.microsoft.com/en-us/rest/api/storagerp/srp_sku_types", "enum": [ "Standard_LRS", "Premium_LRS", "Standard_GRS", "Standard_RAGRS", "" ], "type": "string" }, "streaming": { "description": "Configure Streaming mode. Used for blobfuse2.\nMore info: https://github.com/Azure/azure-storage-fuse/blob/main/STREAMING.md", "properties": { "blockSize": { "description": "Optional. The size of each block to be cached in memory (in MB).", "format": "int64", "minimum": 1, "type": "integer" }, "bufferSize": { "description": "Optional. The size of each buffer to be cached in memory (in MB).", "format": "int64", "minimum": 1, "type": "integer" }, "enabled": { "description": "Enable streaming mode. Default true.", "type": "boolean" }, "maxBlocksPerFile": { "description": "Optional. The maximum number of blocks to be cached in memory.", "format": "int64", "minimum": 1, "type": "integer" }, "maxBuffers": { "description": "Optional. The total number of buffers to be cached in memory (in MB).", "format": "int64", "minimum": 1, "type": "integer" }, "streamCache": { "description": "Optional. Limit total amount of data being cached in memory to conserve memory footprint of blobfuse (in MB).", "format": "int64", "minimum": 1, "type": "integer" } }, "type": "object" }, "uid": { "description": "UID defines the user ID (number) which will be set as owner of the mounted volume.", "type": "string" }, "useAdls": { "description": "Enables blobfuse to access Azure DataLake storage account. When set to false, blobfuse will access Azure Block Blob storage account, hierarchical file system is not supported.\nDefault false. This must be turned on when HNS enabled account is mounted.", "type": "boolean" } }, "required": [ "container" ], "type": "object" }, "container": { "description": "Deprecated. Only required by the deprecated type: blob.", "type": "string" }, "emptyDir": { "description": "EmptyDir settings for EmptyDir volume", "properties": { "sizeLimit": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "description": "SizeLimit defines the size of the emptyDir volume", "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true } }, "required": [ "sizeLimit" ], "type": "object" }, "gid": { "description": "GID defines the group ID (number) which will be set as owner of the mounted volume.\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "name": { "description": "User-defined name of the volume mount.\nMust be unique for the component.", "maxLength": 40, "minLength": 1, "type": "string" }, "path": { "description": "Path defines in which directory the external storage is mounted.", "minLength": 1, "type": "string" }, "requestsStorage": { "description": "TODO: describe\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "skuName": { "description": "TODO: describe\nMore info: https://www.radix.equinor.com/guides/volume-mounts/optional-settings/\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "storage": { "description": "Storage defines the name of the container in the external storage resource.\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" }, "type": { "description": "Type defines the storage type.\nDeprecated, use BlobFuse2 or AzureFile instead.", "enum": [ "blob", "azure-blob", "azure-file", "" ], "type": "string" }, "uid": { "description": "UID defines the user ID (number) which will be set as owner of the mounted volume.\nDeprecated, use BlobFuse2 or AzureFile instead.", "type": "string" } }, "required": [ "name", "path" ], "type": "object" }, "type": "array" } }, "required": [ "name" ], "type": "object" }, "type": "array", "x-kubernetes-list-map-keys": [ "name" ], "x-kubernetes-list-type": "map" }, "privateImageHubs": { "additionalProperties": { "description": "RadixPrivateImageHubCredential contains credentials to use when pulling images\nfrom a protected container registry.", "properties": { "email": { "description": "The email address linked to the username.", "type": "string" }, "username": { "description": "Username with permission to pull images.\nThe password is set in Radix Web Console.", "minLength": 1, "type": "string" } }, "required": [ "username" ], "type": "object" }, "description": "Defines protected container registries used by components or jobs.\nMore info: https://www.radix.equinor.com/references/reference-radix-config/#privateimagehubs", "type": "object" } }, "required": [ "environments" ], "type": "object" } }, "required": [ "metadata", "spec" ], "type": "object" }