[ { "name": "istio", "documentation": "https://kyma-project.io/#/istio/user/00-overview/README", "repository": "https://github.com/kyma-project/istio.git", "managedResources": [ "/apis/extensions.istio.io/v1alpha1/wasmplugins", "/apis/install.istio.io/v1alpha1/istiooperators", "/apis/networking.istio.io/v1alpha3/destinationrules", "/apis/networking.istio.io/v1alpha3/envoyfilters", "/apis/networking.istio.io/v1alpha3/gateways", "/apis/networking.istio.io/v1alpha3/serviceentries", "/apis/networking.istio.io/v1alpha3/sidecars", "/apis/networking.istio.io/v1alpha3/virtualservices", "/apis/networking.istio.io/v1alpha3/workloadentries", "/apis/networking.istio.io/v1alpha3/workloadgroups", "/apis/networking.istio.io/v1beta1/destinationrules", "/apis/networking.istio.io/v1beta1/gateways", "/apis/networking.istio.io/v1beta1/proxyconfigs", "/apis/networking.istio.io/v1beta1/serviceentries", "/apis/networking.istio.io/v1beta1/sidecars", "/apis/networking.istio.io/v1beta1/virtualservices", "/apis/networking.istio.io/v1beta1/workloadentries", "/apis/networking.istio.io/v1beta1/workloadgroups", "/apis/operator.kyma-project.io/v1alpha1/istios", "/apis/operator.kyma-project.io/v1alpha2/istios", "/apis/security.istio.io/v1/authorizationpolicies", "/apis/security.istio.io/v1/requestauthentications", "/apis/security.istio.io/v1beta1/authorizationpolicies", "/apis/security.istio.io/v1beta1/peerauthentications", "/apis/security.istio.io/v1beta1/requestauthentications", "/apis/telemetry.istio.io/v1alpha1/telemetries" ], "manageable": true, "latestGithubRelease": { "repository": "kyma-project/istio", "deploymentYaml": "istio-manager.yaml", "crYaml": "istio-default-cr.yaml" }, "versions": [ { "version": "1.7.0", "channels": [ "fast", "regular" ], "documentation": "https://kyma-project.io/#/istio/user/README", "repository": "https://github.com/kyma-project/istio.git", "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/istio-controller-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/istio-manager:1.7.0", "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "kyma-project.io/module": "istio" }, "name": "istios.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "Istio", "listKind": "IstioList", "plural": "istios", "singular": "istio" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.state", "name": "State", "type": "string" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "Contains Istio CR specification and current status.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired specification for installing or updating Istio.", "properties": { "components": { "properties": { "cni": { "description": "Cni defines component configuration for Istio CNI DaemonSet", "properties": { "k8s": { "description": "CniK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "affinity": { "description": "Affinity is a group of affinity scheduling rules.", "properties": { "nodeAffinity": { "description": "Describes node affinity scheduling rules for the pod.", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", "properties": { "preference": { "description": "A node selector term, associated with the corresponding weight.", "properties": { "matchExpressions": { "description": "A list of node selector requirements by node's labels.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchFields": { "description": "A list of node selector requirements by node's fields.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "weight": { "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "preference", "weight" ], "type": "object" }, "type": "array" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node.", "properties": { "nodeSelectorTerms": { "description": "Required. A list of node selector terms. The terms are ORed.", "items": { "description": "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", "properties": { "matchExpressions": { "description": "A list of node selector requirements by node's labels.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchFields": { "description": "A list of node selector requirements by node's fields.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "type": "array" } }, "required": [ "nodeSelectorTerms" ], "type": "object", "x-kubernetes-map-type": "atomic" } }, "type": "object" }, "podAffinity": { "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { "podAffinityTerm": { "description": "Required. A pod affinity term, associated with the corresponding weight.", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "weight": { "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "podAffinityTerm", "weight" ], "type": "object" }, "type": "array" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", "items": { "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "type": "array" } }, "type": "object" }, "podAntiAffinity": { "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { "podAffinityTerm": { "description": "Required. A pod affinity term, associated with the corresponding weight.", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "weight": { "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "podAffinityTerm", "weight" ], "type": "object" }, "type": "array" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", "items": { "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "type": "array" } }, "type": "object" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "ingressGateway": { "description": "IngressGateway defines component configurations for Istio Ingress Gateway", "properties": { "k8s": { "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "hpaSpec": { "description": "HPASpec defines configuration for HorizontalPodAutoscaler", "properties": { "maxReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" }, "minReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" }, "strategy": { "description": "Strategy defines rolling update strategy", "properties": { "rollingUpdate": { "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", "properties": { "maxSurge": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^[0-9]+%?$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] }, "maxUnavailable": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] } }, "type": "object" } }, "required": [ "rollingUpdate" ], "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "pilot": { "description": "Pilot defines component configuration for Istiod", "properties": { "k8s": { "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "hpaSpec": { "description": "HPASpec defines configuration for HorizontalPodAutoscaler", "properties": { "maxReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" }, "minReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" }, "strategy": { "description": "Strategy defines rolling update strategy", "properties": { "rollingUpdate": { "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", "properties": { "maxSurge": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^[0-9]+%?$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] }, "maxUnavailable": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] } }, "type": "object" } }, "required": [ "rollingUpdate" ], "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "proxy": { "description": "Proxy defines component configuration for Istio proxy sidecar", "properties": { "k8s": { "description": "ProxyK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" } }, "type": "object" }, "config": { "description": "Config is the configuration for the Istio installation.", "properties": { "authorizers": { "description": "Defines a list of external authorization providers.", "items": { "properties": { "headers": { "description": "Specifies headers to be included, added or forwarded during authorization.", "properties": { "inCheck": { "description": "Defines headers to be included or added in check authorization request.", "properties": { "add": { "additionalProperties": { "type": "string" }, "description": "Set of additional fixed headers that should be included in the authorization request sent to the authorization service.\nThe Key is the header name and value is the header value.\nNote that client request of the same key or headers specified in `Include` will be overridden.", "type": "object" }, "include": { "description": "List of client request headers that should be included in the authorization request sent to the authorization service.\nNote that in addition to the headers specified here, the following headers are included by default:\n1. *Host*, *Method*, *Path* and *Content-Length* are automatically sent.\n2. *Content-Length* will be set to 0, and the request will not have a message body. However, the authorization request can include the buffered client request body (controlled by include_request_body_in_check setting), consequently the value of Content-Length of the authorization request reflects the size of its payload size.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "toDownstream": { "description": "Defines headers to be forwarded to the downstream.", "properties": { "onAllow": { "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original response will not be modified and forwarded to downstream as-is.\nNote, any existing headers will be overridden.", "items": { "type": "string" }, "type": "array" }, "onDeny": { "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is not allowed (HTTP code other than 200).\nIf not specified, all the authorization response headers, except *Authority (Host)* will be in the response to the downstream.\nWhen a header is included in this list, *Path*, *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added.\nNote, the body from the authorization service is always included in the response to downstream.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "toUpstream": { "description": "Defines headers to be forwarded to the upstream.", "properties": { "onAllow": { "description": "List of headers from the authorization service that should be added or overridden in the original request and forwarded to the upstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original request will not be modified and forwarded to backend as-is.\nNote, any existing headers will be overridden.", "items": { "type": "string" }, "type": "array" } }, "type": "object" } }, "type": "object" }, "name": { "description": "A unique name identifying the extension authorization provider.", "type": "string" }, "port": { "description": "Specifies the port of the service.", "format": "int32", "type": "integer" }, "service": { "description": "Specifies the service that implements the Envoy ext_authz HTTP authorization service.\nThe format is \"[/]\".\nThe specification of \"\"\nis required only when it is insufficient to unambiguously resolve a service in the service registry.\nThe \"\" is a fully qualified host name of a service defined by the Kubernetes service or ServiceEntry.\nThe recommended format is \"[/]\"\nExample: \"my-ext-authz.foo.svc.cluster.local\" or \"bar/my-ext-authz\".", "type": "string" } }, "required": [ "name", "port", "service" ], "type": "object" }, "type": "array" }, "gatewayExternalTrafficPolicy": { "description": "Defines the external traffic policy for the Istio Ingress Gateway Service. Valid configurations are \"Local\" or \"Cluster\". The external traffic policy set to \"Local\" preserves the client IP in the request, but also introduces the risk of unbalanced traffic distribution.\nWARNING: Switching `externalTrafficPolicy` may result in a temporal increase in request delay. Make sure that this is acceptable.", "enum": [ "Local", "Cluster" ], "type": "string" }, "numTrustedProxies": { "description": "Defines the number of trusted proxies deployed in front of the Istio gateway proxy.", "maximum": 4294967295, "minimum": 0, "type": "integer" } }, "type": "object" } }, "type": "object" }, "status": { "description": "IstioStatus defines the observed state of IstioCR.", "properties": { "conditions": { "description": " Conditions associated with IstioStatus.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "description": { "description": "Description of Istio status", "type": "string" }, "state": { "description": "State signifies current state of CustomObject. Value\ncan be one of (\"Ready\", \"Processing\", \"Error\", \"Deleting\", \"Warning\").", "enum": [ "Processing", "Deleting", "Ready", "Error", "Warning" ], "type": "string" } }, "required": [ "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": false, "subresources": { "status": {} } }, { "additionalPrinterColumns": [ { "jsonPath": ".status.state", "name": "State", "type": "string" } ], "name": "v1alpha2", "schema": { "openAPIV3Schema": { "description": "Contains Istio CR specification and current status.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "IstioSpec describes the desired specification for installing or updating Istio.", "properties": { "compatibilityMode": { "type": "boolean" }, "components": { "properties": { "cni": { "description": "Cni defines component configuration for Istio CNI DaemonSet", "properties": { "k8s": { "description": "CniK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "affinity": { "description": "Affinity is a group of affinity scheduling rules.", "properties": { "nodeAffinity": { "description": "Describes node affinity scheduling rules for the pod.", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", "properties": { "preference": { "description": "A node selector term, associated with the corresponding weight.", "properties": { "matchExpressions": { "description": "A list of node selector requirements by node's labels.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchFields": { "description": "A list of node selector requirements by node's fields.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "weight": { "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "preference", "weight" ], "type": "object" }, "type": "array" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node.", "properties": { "nodeSelectorTerms": { "description": "Required. A list of node selector terms. The terms are ORed.", "items": { "description": "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", "properties": { "matchExpressions": { "description": "A list of node selector requirements by node's labels.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchFields": { "description": "A list of node selector requirements by node's fields.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "type": "array" } }, "required": [ "nodeSelectorTerms" ], "type": "object", "x-kubernetes-map-type": "atomic" } }, "type": "object" }, "podAffinity": { "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { "podAffinityTerm": { "description": "Required. A pod affinity term, associated with the corresponding weight.", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "weight": { "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "podAffinityTerm", "weight" ], "type": "object" }, "type": "array" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", "items": { "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "type": "array" } }, "type": "object" }, "podAntiAffinity": { "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { "podAffinityTerm": { "description": "Required. A pod affinity term, associated with the corresponding weight.", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "weight": { "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "podAffinityTerm", "weight" ], "type": "object" }, "type": "array" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", "items": { "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "type": "array" } }, "type": "object" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "ingressGateway": { "description": "IngressGateway defines component configurations for Istio Ingress Gateway", "properties": { "k8s": { "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "hpaSpec": { "description": "HPASpec defines configuration for HorizontalPodAutoscaler", "properties": { "maxReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" }, "minReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" }, "strategy": { "description": "Strategy defines rolling update strategy", "properties": { "rollingUpdate": { "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", "properties": { "maxSurge": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^[0-9]+%?$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] }, "maxUnavailable": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] } }, "type": "object" } }, "required": [ "rollingUpdate" ], "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "pilot": { "description": "Pilot defines component configuration for Istiod", "properties": { "k8s": { "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "hpaSpec": { "description": "HPASpec defines configuration for HorizontalPodAutoscaler", "properties": { "maxReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" }, "minReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" }, "strategy": { "description": "Strategy defines rolling update strategy", "properties": { "rollingUpdate": { "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", "properties": { "maxSurge": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^[0-9]+%?$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] }, "maxUnavailable": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] } }, "type": "object" } }, "required": [ "rollingUpdate" ], "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "proxy": { "description": "Proxy defines component configuration for Istio proxy sidecar", "properties": { "k8s": { "description": "ProxyK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" } }, "type": "object" }, "config": { "description": "Config is the configuration for the Istio installation.", "properties": { "authorizers": { "description": "Defines a list of external authorization providers.", "items": { "properties": { "headers": { "description": "Specifies headers to be included, added or forwarded during authorization.", "properties": { "inCheck": { "description": "Defines headers to be included or added in check authorization request.", "properties": { "add": { "additionalProperties": { "type": "string" }, "description": "Set of additional fixed headers that should be included in the authorization request sent to the authorization service.\nThe Key is the header name and value is the header value.\nNote that client request of the same key or headers specified in `Include` will be overridden.", "type": "object" }, "include": { "description": "List of client request headers that should be included in the authorization request sent to the authorization service.\nNote that in addition to the headers specified here, the following headers are included by default:\n1. *Host*, *Method*, *Path* and *Content-Length* are automatically sent.\n2. *Content-Length* will be set to 0, and the request will not have a message body. However, the authorization request can include the buffered client request body (controlled by include_request_body_in_check setting), consequently the value of Content-Length of the authorization request reflects the size of its payload size.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "toDownstream": { "description": "Defines headers to be forwarded to the downstream.", "properties": { "onAllow": { "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original response will not be modified and forwarded to downstream as-is.\nNote, any existing headers will be overridden.", "items": { "type": "string" }, "type": "array" }, "onDeny": { "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is not allowed (HTTP code other than 200).\nIf not specified, all the authorization response headers, except *Authority (Host)* will be in the response to the downstream.\nWhen a header is included in this list, *Path*, *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added.\nNote, the body from the authorization service is always included in the response to downstream.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "toUpstream": { "description": "Defines headers to be forwarded to the upstream.", "properties": { "onAllow": { "description": "List of headers from the authorization service that should be added or overridden in the original request and forwarded to the upstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original request will not be modified and forwarded to backend as-is.\nNote, any existing headers will be overridden.", "items": { "type": "string" }, "type": "array" } }, "type": "object" } }, "type": "object" }, "name": { "description": "A unique name identifying the extension authorization provider.", "type": "string" }, "port": { "description": "Specifies the port of the service.", "format": "int32", "type": "integer" }, "service": { "description": "Specifies the service that implements the Envoy ext_authz HTTP authorization service.\nThe format is \"[/]\".\nThe specification of \"\"\nis required only when it is insufficient to unambiguously resolve a service in the service registry.\nThe \"\" is a fully qualified host name of a service defined by the Kubernetes service or ServiceEntry.\nThe recommended format is \"[/]\"\nExample: \"my-ext-authz.foo.svc.cluster.local\" or \"bar/my-ext-authz\".", "type": "string" } }, "required": [ "name", "port", "service" ], "type": "object" }, "type": "array" }, "gatewayExternalTrafficPolicy": { "description": "Defines the external traffic policy for the Istio Ingress Gateway Service. Valid configurations are \"Local\" or \"Cluster\". The external traffic policy set to \"Local\" preserves the client IP in the request, but also introduces the risk of unbalanced traffic distribution.\nWARNING: Switching `externalTrafficPolicy` may result in a temporal increase in request delay. Make sure that this is acceptable.", "enum": [ "Local", "Cluster" ], "type": "string" }, "numTrustedProxies": { "description": "Defines the number of trusted proxies deployed in front of the Istio gateway proxy.", "maximum": 4294967295, "minimum": 0, "type": "integer" } }, "type": "object" }, "experimental": { "properties": { "pilot": { "properties": { "enableAlphaGatewayAPI": { "type": "boolean" }, "enableMultiNetworkDiscoverGatewayAPI": { "type": "boolean" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "status": { "description": "IstioStatus defines the observed state of IstioCR.", "properties": { "conditions": { "description": " Conditions associated with IstioStatus.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "description": { "description": "Description of Istio status", "type": "string" }, "state": { "description": "State signifies the current state of CustomObject. Value\ncan be one of (\"Ready\", \"Processing\", \"Error\", \"Deleting\", \"Warning\").", "enum": [ "Processing", "Deleting", "Ready", "Error", "Warning" ], "type": "string" } }, "required": [ "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "kyma-project.io/module": "istio" }, "name": "istio-controller-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "kyma-project.io/module": "istio" }, "name": "istio-leader-election-role", "namespace": "kyma-system" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "creationTimestamp": null, "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "kyma-project.io/module": "istio" }, "name": "istio-manager-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "namespaces" ], "verbs": [ "create", "get", "patch", "update" ] }, { "apiGroups": [ "" ], "resources": [ "nodes" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "istios" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "istios/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "istios/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "authentication.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "config.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "install.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "networking.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "telemetry.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "extensions.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "mutatingwebhookconfigurations", "validatingwebhookconfigurations" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions.apiextensions.k8s.io", "customresourcedefinitions" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps", "extensions" ], "resources": [ "daemonsets", "deployments", "deployments/finalizers", "replicasets", "statefulsets" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "autoscaling" ], "resources": [ "horizontalpodautoscalers" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "monitoring.coreos.com" ], "resources": [ "servicemonitors" ], "verbs": [ "get", "create", "update" ] }, { "apiGroups": [ "policy" ], "resources": [ "poddisruptionbudgets" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings", "roles", "rolebindings" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterroles" ], "verbs": [ "*" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "create", "update", "patch" ] }, { "apiGroups": [ "" ], "resources": [ "configmaps", "endpoints", "events", "namespaces", "pods", "pods/proxy", "pods/portforward", "persistentvolumeclaims", "secrets", "services", "serviceaccounts", "resourcequotas" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "kyma-project.io/module": "istio" }, "name": "istio-leader-election-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "istio-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "istio-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "kyma-project.io/module": "istio" }, "name": "istio-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "istio-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "istio-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.selector.matchLabels)", "details": "header:\n - source: spec.action\n name: spec.action\n - source: spec.provider\n widget: Labels\n name: spec.provider\nresourceGraph:\n colorVariant: 3\n dataSources:\n - source: podSelector\nbody:\n - widget: Table\n name: spec.rules\n source: spec.rules\n showHeader: false\n visibility: $exists($value)\n collapsibleTitle: '\"Rule #\" & $string($index + 1) & (\" \" & $join($keys($item), \" \"))'\n collapsible:\n - source: $item.from\n widget: Table\n name: spec.rules.from\n disablePadding: true\n showHeader: false\n visibility: $exists($value)\n collapsibleTitle: '\"From #\" & $string($index + 1) & (\" \" & $join($keys($item.source), \" \"))'\n collapsible:\n - source: source\n widget: Panel\n name: spec.rules.from.source\n children:\n - source: principals\n name: spec.rules.from.source.principals\n widget: JoinedArray\n visibility: $exists($value)\n - source: notPrincipals\n name: spec.rules.from.source.notPrincipals\n widget: Labels\n visibility: $exists($value)\n - source: requestPrincipals\n name: spec.rules.from.source.requestPrincipals\n widget: Labels\n visibility: $exists($value)\n - source: notRequestPrincipals\n name: spec.rules.from.source.notRequestPrincipals\n widget: Labels\n visibility: $exists($value)\n - source: namespaces\n name: spec.rules.from.source.namespaces\n widget: Labels\n visibility: $exists($value)\n - source: notNamespaces\n name: spec.rules.from.source.notNamespaces\n widget: Labels\n visibility: $exists($value)\n - source: ipBlocks\n name: spec.rules.from.source.ipBlocks\n widget: Labels\n visibility: $exists($value)\n - source: notIpBlocks\n name: spec.rules.from.source.notIpBlocks\n widget: Labels\n visibility: $exists($value)\n - source: remoteIpBlocks\n name: spec.rules.from.source.remoteIpBlocks\n widget: Labels\n visibility: $exists($value)\n - source: notRemoteIpBlocks\n name: spec.rules.from.source.notRemoteIpBlocks\n widget: Labels\n visibility: $exists($value)\n - source: $item.to\n widget: Table\n name: spec.rules.to\n disablePadding: true\n showHeader: false\n visibility: $exists($value)\n collapsibleTitle: '\"To #\" & $string($index + 1) & (\" \" & $join($keys($item.operation), \" \"))'\n collapsible:\n - source: operation\n widget: Panel\n name: spec.rules.to.operation\n children:\n - source: Hosts\n name: spec.rules.to.operation.hosts\n widget: Labels\n visibility: $exists($value)\n - source: notHosts\n name: spec.rules.to.operation.notHosts\n widget: Labels\n visibility: $exists($value)\n - source: ports\n name: spec.rules.to.operation.ports\n widget: Labels\n visibility: $exists($value)\n - source: notPorts\n name: spec.rules.to.operation.notPorts\n widget: Labels\n visibility: $exists($value)\n - source: methods\n name: spec.rules.to.operation.methods\n widget: Labels\n visibility: $exists($value)\n - source: notMethods\n name: spec.rules.to.operation.notMethods\n widget: Labels\n visibility: $exists($value)\n - source: paths\n name: spec.rules.to.operation.paths\n widget: Labels\n visibility: $exists($value)\n - source: notPaths\n name: spec.rules.to.operation.notPaths\n widget: Labels\n visibility: $exists($value)\n - source: when\n widget: Table\n name: spec.rules.when\n visibility: $exists($value)\n children:\n - source: key\n name: spec.rules.when.key\n visibility: $exists($value)\n - source: values\n name: spec.rules.when.values\n widget: JoinedArray\n separator: break\n visibility: $exists($value)\n - source: notValues\n name: spec.rules.when.notValues\n widget: JoinedArray\n separator: break\n visibility: $exists($value)\n - widget: Panel\n name: spec.selector.matchLabels\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n visibility: $exists($root.spec.selector.matchLabels) and $boolean($root.spec.selector.matchLabels)\n - source: spec.selector\n widget: Panel\n name: selector.matchesAllPods\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.selector.matchLabels\n widget: Labels\n name: spec.selector.matchLabels\n visibility: $exists($value) and $boolean($value)\n", "form": "- path: spec.selector.matchLabels\n widget: KeyValuePair\n defaultExpanded: true\n- path: spec.action\n placeholder: placeholders.dropdown\n simple: true\n description: description.action\n- path: spec.provider\n widget: FormGroup\n children:\n - path: name\n- path: spec.rules\n widget: GenericList\n simple: true\n children:\n - path: '[].from'\n simple: true\n widget: GenericList\n children:\n - path: '[].source'\n simple: true\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: principals\n simple: true\n widget: SimpleList\n description: description.rules.from.principals\n children:\n - path: '[]'\n simple: true\n - path: notPrincipals\n simple: true\n widget: SimpleList\n description: description.rules.from.notPrincipals\n children:\n - path: '[]'\n simple: true\n - path: requestPrincipals\n simple: true\n widget: SimpleList\n description: description.rules.from.requestPrincipals\n children:\n - path: '[]'\n simple: true\n - path: notRequestPrincipals\n simple: true\n widget: SimpleList\n description: description.rules.from.notRequestPrincipals\n children:\n - path: '[]'\n simple: true\n - path: namespaces\n simple: true\n widget: SimpleList\n description: description.rules.from.namespaces\n children:\n - path: '[]'\n simple: true\n - path: notNamespaces\n simple: true\n widget: SimpleList\n description: description.rules.from.notNamespaces\n children:\n - path: '[]'\n simple: true\n - path: ipBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.ipBlocks\n children:\n - path: '[]'\n simple: true\n - path: notIpBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.notIpBlocks\n children:\n - path: '[]'\n simple: true\n - path: remoteIpBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.remoteIpBlocks\n children:\n - path: '[]'\n simple: true\n - path: notRemoteIpBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.notRemoteIpBlocks\n children:\n - path: '[]'\n simple: true\n - path: '[].to'\n simple: true\n widget: GenericList\n children:\n - path: '[].operation'\n simple: true\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: hosts\n simple: true\n widget: SimpleList\n description: description.rules.to.hosts\n children:\n - path: '[]'\n simple: true\n - path: notHosts\n simple: true\n widget: SimpleList\n description: description.rules.to.notHosts\n children:\n - path: '[]'\n simple: true\n - path: ports\n simple: true\n widget: SimpleList\n description: description.rules.to.ports\n children:\n - path: '[]'\n simple: true\n - path: notPorts\n simple: true\n widget: SimpleList\n description: description.rules.to.notPorts\n children:\n - path: '[]'\n simple: true\n - path: methods\n simple: true\n widget: SimpleList\n description: description.rules.to.methods\n children:\n - path: '[]'\n simple: true\n - path: notMethods\n simple: true\n widget: SimpleList\n description: description.rules.to.notMethods\n children:\n - path: '[]'\n simple: true\n - path: paths\n simple: true\n widget: SimpleList\n description: description.rules.to.paths\n children:\n - path: '[]'\n simple: true\n - path: notPaths\n simple: true\n widget: SimpleList\n description: description.rules.to.notPaths\n children:\n - path: '[]'\n simple: true\n - path: '[].when'\n simple: true\n widget: GenericList\n children:\n - path: '[].key'\n simple: true\n widget: Text\n description: description.rules.when.key\n - path: '[].values'\n simple: true\n widget: SimpleList\n description: description.rules.when.values\n children:\n - path: '[]'\n simple: true\n - path: '[].notValues'\n simple: true\n widget: SimpleList\n description: description.rules.when.notValues\n children:\n - path: '[]'\n simple: true\n", "general": "resource:\n kind: AuthorizationPolicy\n group: security.istio.io\n version: v1beta1\nname: Authorization Policies\ncategory: Istio\nurlPath: authorizationpolicies\nscope: namespace\ndescription: >-\n {{[Istio Authorization\n Policy](https://istio.io/latest/docs/reference/config/security/authorization-policy/)}}\n allows for workload access management in the mesh.", "list": "- name: action\n source: spec.action", "translations": "en:\n description.action: Optional. The action to take if the request is matched with the rules. Default is ALLOW if not specified.\n description.rules.from.principals: Optional. A list of peer identities derived from the peer certificate. The peer identity is in the format of ' /ns/ /sa/ ', for example, 'cluster.local/ns/default/sa/productpage'. If not set, any principal is allowed.\n description.rules.from.notPrincipals: Optional. A list of negative match of peer identities.\n description.rules.from.requestPrincipals: Optional. A list of request identities derived from the JWT. The request identity is in the format of '/', for example, 'example.com/sub-1'. If not set, any request principal is allowed.\n description.rules.from.notRequestPrincipals: Optional. A list of negative match of request identities.\n description.rules.from.namespaces: Optional. A list of namespaces derived from the peer certificate. If not set, any namespace is allowed.\n description.rules.from.notNamespaces: Optional. A list of negative match of namespaces.\n description.rules.from.ipBlocks: Optional. A list of IP blocks, populated from the source address of the IP packet. Single IP (e.g. '1.2.3.4') and CIDR (e.g. '1.2.3.0/24') are supported. If not set, any IP is allowed.\n description.rules.from.notIpBlocks: Optional. A list of negative match of IP blocks.\n description.rules.from.remoteIpBlocks: Optional. A list of IP blocks, populated from X-Forwarded-For header or proxy protocol. To make use of this field, you must configure the numTrustedProxies field of the gatewayTopology under the meshConfig when you install Istio or using an annotation on the ingress gateway. If not set, any IP is allowed.\n description.rules.from.notRemoteIpBlocks: Optional. A list of negative match of remote IP blocks.\n description.rules.to.hosts: Optional. A list of hosts as specified in the HTTP request. The match is case-insensitive. If not set, any host is allowed. Must be used only with HTTP.\n description.rules.to.notHosts: Optional. A list of negative match of hosts as specified in the HTTP request. The match is case-insensitive.\n description.rules.to.ports: Optional. A list of ports as specified in the connection. If not set, any port is allowed.\n description.rules.to.notPorts: Optional. A list of negative match of ports as specified in the connection.\n description.rules.to.methods: Optional. A list of methods as specified in the HTTP request. If not set, any method is allowed. Must be used only with HTTP.\n description.rules.to.notMethods: Optional. A list of negative match of methods as specified in the HTTP request.\n description.rules.to.paths: Optional. A list of paths as specified in the HTTP request. If not set, any path is allowed. Must be used only with HTTP.\n description.rules.to.notPaths: Optional. A list of negative match of paths.\n description.rules.when.key: The name of an Istio attribute.\n description.rules.when.values: Optional. A list of allowed values for the attribute. At least one of values or notValues must be set.\n description.rules.when.notValues: Optional. A list of negative match of values for the attribute. At least one of values or notValues must be set.\n placeholders.dropdown: Type or choose an option.\n spec.action: Action\n spec.provider: Provider\n spec.rules: Rules\n spec.rules.from: From\n spec.rules.from.source: Source\n spec.rules.from.source.principals: Principals\n spec.rules.from.source.notPrincipals: NotPrincipals\n spec.rules.from.source.requestPrincipals: RequestPrincipals\n spec.rules.from.source.notRequestPrincipals: NotRequestPrincipals\n spec.rules.from.source.namespaces: Namespaces\n spec.rules.from.source.notNamespaces: NotNamespaces\n spec.rules.from.source.ipBlocks: IpBlocks\n spec.rules.from.source.notIpBlocks: NotIpBlocks\n spec.rules.from.source.remoteIpBlocks: RemoteIpBlocks\n spec.rules.from.source.notRemoteIpBlocks: NotRemoteIpBlocks\n spec.rules.to: To\n spec.rules.to.operation: Operation\n spec.rules.to.operation.hosts: Hosts\n spec.rules.to.operation.notHosts: NotHosts\n spec.rules.to.operation.ports: Ports\n spec.rules.to.operation.notPorts: NotPorts\n spec.rules.to.operation.methods: Methods\n spec.rules.to.operation.notMethods: NotMethods\n spec.rules.to.operation.paths: Paths\n spec.rules.to.operation.notPaths: NotPaths\n spec.rules.when: When\n spec.rules.when.key: Key\n spec.rules.when.values: Values\n spec.rules.when.notValues: NotValues\n spec.selector.matchLabels: Selector\n selector.matchesAllPods: Matches all Pods in the Namespace\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-authorizationpolicies-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header: []\nbody:\n - name: References\n widget: Panel\n children:\n - source: spec.host\n name: Host\n - source: spec.exportTo\n widget: Labels\n name: Export To\n visibility: $exists($value)\n - source: spec.workloadSelector.matchLabels\n widget: Labels\n name: Workload Selector Match Labels\n visibility: $exists($value)\n - source: spec.trafficPolicy\n name: Traffic Policy\n disablePadding: true\n visibility: $exists($value)\n widget: Panel\n children:\n - source: loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: portLevelSettings\n name: portLevelSettings\n widget: Table\n disablePadding: true\n children:\n - source: $item.port.number\n name: port\n visibility: $exists($value)\n collapsible:\n - source: $item.loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: $item.connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: $item.outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: $item.tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: $item.tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n - source: tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n - source: spec.subsets\n name: Subsets\n widget: Table\n disablePadding: true\n visibility: $exists($value)\n children:\n - source: $item.name\n name: Name\n - source: $item.labels\n name: Labels\n widget: Labels\n collapsible:\n - source: $item.trafficPolicy\n name: Traffic Policy\n disablePadding: true\n visibility: $exists($value)\n widget: Panel\n children:\n - source: loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: portLevelSettings\n name: portLevelSettings\n widget: Table\n disablePadding: true\n children:\n - source: $item.port.number\n name: port\n visibility: $exists($value)\n collapsible:\n - source: $item.loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: $item.connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: $item.outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: $item.tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: $item.tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n - source: tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n", "form": "- simple: true\n path: spec.host\n name: Host\n required: true\n- widget: FormGroup\n path: spec.trafficPolicy\n name: Traffic Policy\n children:\n - widget: FormGroup\n path: loadBalancer\n name: Load Balancer\n children:\n - var: mainloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $mainloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $mainloadBalancerSelector = 'consistentHash'\n children:\n - var: mainconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: $mainconsistentHashSelector = 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $mainconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $mainconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: $mainconsistentHashSelector= 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: mainLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $mainLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $mainLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $mainLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: connectionPool\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: outlierDetection\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: tls\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: portLevelSettings\n name: Port Level Settings\n widget: GenericList\n children:\n - path: '[].port.number'\n name: Port Number\n - widget: FormGroup\n path: '[].loadBalancer'\n name: Load Balancer\n children:\n - var: portLevelloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $portLevelloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $portLevelloadBalancerSelector = 'consistentHash'\n children:\n - var: portLevelconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: $portLevelconsistentHashSelector = 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $portLevelconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $portLevelconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: $portLevelconsistentHashSelector= 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: portLevelLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $portLevelLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $portLevelLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $portLevelLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: '[].connectionPool'\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: '[].outlierDetection'\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: '[].tls'\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: tunnel\n name: Tunnel\n widget: FormGroup\n children:\n - path: protocol\n name: Protocol\n - path: targetHost\n name: Target Host\n - path: targetPort\n name: Target Port\n- path: spec.subsets\n name: Subsets\n widget: GenericList\n children:\n - path: '[].name'\n name: Name\n - path: '[].labels'\n name: Labels\n widget: KeyValuePair\n - path: '[].trafficPolicy'\n name: Traffic Policy\n children:\n - widget: FormGroup\n path: loadBalancer\n name: Load Balancer\n children:\n - var: subsetsloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $subsetsloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $subsetsloadBalancerSelector = 'consistentHash'\n children:\n - var: subsetsconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: $subsetsconsistentHashSelector = 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $subsetsconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $subsetsconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: $subsetsconsistentHashSelector= 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: subsetsLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $subsetsLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $subsetsLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $subsetsLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: connectionPool\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: outlierDetection\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: tls\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: portLevelSettings\n name: Port Level Settings\n widget: GenericList\n children:\n - path: '[].port.number'\n name: Port Number\n - widget: FormGroup\n path: '[].loadBalancer'\n name: Load Balancer\n children:\n - var: subsetPortLevelloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $subsetPortLevelloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $subsetPortLevelloadBalancerSelector = 'consistentHash'\n children:\n - var: subsetPortLevelconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: >-\n $subsetPortLevelconsistentHashSelector =\n 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $subsetPortLevelconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $subsetPortLevelconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: >-\n $subsetPortLevelconsistentHashSelector=\n 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: subsetPortLevelLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $subsetPortLevelLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $subsetPortLevelLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $subsetPortLevelLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: '[].connectionPool'\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: '[].outlierDetection'\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: '[].tls'\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: tunnel\n name: Tunnel\n widget: FormGroup\n children:\n - path: protocol\n name: Protocol\n - path: targetHost\n name: Target Host\n - path: targetPort\n name: Target Port\n- path: spec.exportTo\n name: Export To\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.workloadSelector.matchLabels\n defaultExpanded: true\n name: Workload Selector Match Labels\n widget: KeyValuePair\n", "general": "resource:\n kind: DestinationRule\n group: networking.istio.io\n version: v1beta1\nname: Destination Rules\ncategory: Istio\nurlPath: destinationrules\nscope: namespace\ndescription: resource.description", "list": "- source: spec.host\n name: Host", "translations": "en:\n metadata.annotations: Annotations\n metadata.labels: Labels\n metadata.creationTimestamp: Created at\n resource.description: >-\n {{[Destination\n Rule](https://istio.io/latest/docs/reference/config/networking/destination-rule)}}\n specifies rules that apply to traffic intended for a service after routing.\n References: References\n probes: Probes\n Export To: Export To\n Workload Selector Match Labels: Workload Selector Match Labels\n Traffic Policy: Traffic Policy\n Interval: Interval\n Name: Name\n time: Time\n interval: Interval\n Host: Host\n Connection Pool: Connection Pool\n TCP Keep Alive: TCP Keep Alive\n Probes: Probes\n Time: Time\n TCP: TCP\n HTTP: HTTP\n HTTP1 Max Pending Requests: HTTP1 Max Pending Requests\n Max Connections: Max Connections\n Connect Timeout: Connect Timeout\n HTTP2 Max Requests: HTTP2 Max Requests\n Max Requests Per Connection: Max Requests Per Connection\n Max Retries: Max Retries\n Idle Timeout: Idle Timeout\n H2 Upgrade Policy: H2 Upgrade Policy\n Use Client Protocol: Use Client Protocol\n Locality LB Settings: Locality LB Settings\n Enabled: Enabled\n Distribute: Distribute\n From: From\n To: To\n Failover: Failover\n Failover Priority: Failover Priority\n HTTP Cookie: HTTP Cookie\n Path: Path\n TTL: TTL\n Consistent Hash: Consistent Hash\n HTTP Header Name: HTTP Header Name\n Use Source IP: Use Source IP\n HTTP Query Parameter Name: HTTP Query Parameter Name\n Minimum Ring Size: Minimum Ring Size\n Load Balancer: Load Balancer\n Simple: Simple\n Warmup Duration Secs: Warmup Duration Secs\n ChooseConsistentHashSelector: Select Hash Type\n ChooseLoadBalancerSelector: Select Balancer Type\n ChooseLbSelector: Select LB Settings\n Split External Local Origin Errors: Split External Local Origin Errors\n Consecutive Local Origin Failures: Consecutive Local Origin Failures\n Consecutive Gateway Errors: Consecutive Gateway Errors\n Consecutive 5xx Errors: Consecutive 5xx Errors\n Base Ejection Time: Base Ejection Time\n Max Ejection Percent: Max Ejection Percent\n Min Health Percent: Min Health Percent\n Port Level Settings: Port Level Settings\n Port Number: Port Number\n TLS: TLS\n Mode: Mode\n Client Certificate: Client Certificate\n Private Key: Private Key\n CA Certificates: CA Certificates\n Credential Name: Credential Name\n Subject Alt Names: Subject Alt Names\n SNI: SNI\n Insecure Skip Verify: Insecure Skip Verify\n Tunnel: Tunnel\n Protocol: Protocol\n Target Host: Target Host\n Target Port: Target Port\n Subsets: Subsets\n Labels: Labels\n consistentHash: Consistent Hash\n simple: Simple\n failover: Failover\n distribute: Distribute\n\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-destinationrules-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n namespace: null\n filter: $matchByLabelSelector($item, $root.spec.selector)\nrelatedVirtualServices:\n resource:\n kind: VirtualService\n group: networking.istio.io\n version: v1beta1\n namespace: null\n filter: >-\n $filter($item.spec.gateways, function($g){$contains($g,'/') ?\n ($substringBefore($g,'/') = $root.metadata.namespace and $substringAfter($g,\n '/') = $root.metadata.name) : ($substringBefore($g, '.') =\n $root.metadata.name and $substringBefore($substringAfter($g, '.'), '.') =\n $root.metadata.namespace) })", "details": "header:\n - source: spec.selector\n widget: Labels\n name: spec.selector\nbody:\n - widget: Table\n source: spec.servers\n name: spec.servers\n children:\n - source: port.name\n name: spec.servers.port.name\n - widget: JoinedArray\n separator: break\n source: hosts\n name: spec.servers.hosts\n - source: port.number\n name: spec.servers.port.number\n - source: port.protocol\n name: spec.servers.port.protocol\n - source: tls.mode\n name: spec.servers.tls.mode\n - widget: ResourceLink\n source: tls.credentialName\n name: spec.servers.tls.credentialName\n resource:\n name: tls.credentialName\n namespace: '\"istio-system\"'\n kind: '\"Secret\"'\n - widget: Panel\n name: spec.selector\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n visibility: $exists($root.spec.selector) and $boolean($root.spec.selector)\n - source: spec.selector\n widget: Panel\n name: selector.matchesAllPods\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.selector\n widget: Labels\n name: spec.selector\n visibility: $exists($value) and $boolean($value)\nresourceGraph:\n depth: 1\n colorVariant: 1\n dataSources:\n - source: relatedVirtualServices", "form": "- path: spec.selector\n widget: KeyValuePair\n simple: true\n required: true\n defaultExpanded: true\n- path: spec.servers\n widget: GenericList\n simple: true\n required: true\n children:\n - widget: FormGroup\n simple: true\n path: '[].port'\n defaultExpanded: true\n children:\n - path: number\n simple: true\n required: true\n inputInfo: inputInfo.spec.servers.port.number\n - path: name\n widget: Name\n inputInfo: null\n simple: true\n required: true\n - path: protocol\n simple: true\n enum:\n - HTTP\n - HTTPS\n - HTTP2\n - GRPC\n - GRPC-WEB\n - MONGO\n - REDIS\n - MYSQL\n - TCP\n required: true\n placeholder: placeholders.dropdown\n - widget: FormGroup\n simple: true\n path: '[].tls'\n visibility: $item.port.protocol = 'HTTP' or $item.port.protocol = 'HTTPS'\n children:\n - path: httpsRedirect\n simple: true\n visibility: $item.port.protocol = 'HTTP'\n - path: mode\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n required: true\n placeholder: placeholders.dropdown\n - path: credentialName\n simple: true\n widget: Resource\n resource:\n kind: Secret\n version: v1\n namespace: istio-system\n scope: namespace\n filter: >-\n $item.type = 'kubernetes.io/tls' or ($item.type = 'Opaque' and\n $contains($item.data, 'key') and $contains($item.data, 'cert'))\n visibility: $item.port.protocol = 'HTTPS'\n - path: serverCertificate\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: placeholders.serverCertificate\n - path: privateKey\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: placeholders.privateKey\n - path: caCertificates\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: placeholders.caCertificates\n - simple: true\n widget: Alert\n type: warning\n alert: '\"alert.tls.https\"'\n visibility: $item.port.protocol = 'HTTPS'\n - widget: SimpleList\n path: '[].hosts'\n required: true\n simple: true\n placeholder: placeholders.hosts\n children:\n - path: '[]'\n simple: true", "general": "resource:\n kind: Gateway\n group: networking.istio.io\n version: v1beta1\nurlPath: gateways\ncategory: Istio\nname: Gateways\nscope: namespace\ndescription: >-\n {{[Gateways](https://istio.io/latest/docs/reference/config/networking/gateway/)}}\n describes a load balancer that operates at the edge of the mesh and receives\n incoming or outgoing HTTP/TCP connections.", "list": "- name: spec.selector\n source: spec.selector\n widget: Labels", "presets": "- name: Default Gateway\n default: true\n value:\n spec:\n selector:\n istio: ingressgateway\n- name: Ingress Gateway\n value:\n metadata:\n name: httpbin-gateway\n labels:\n app.kubernetes.io/name: httpbin-gateway\n spec:\n selector:\n istio: ingressgateway\n servers:\n - port:\n number: 443\n name: https\n protocol: HTTPS\n tls:\n mode: SIMPLE\n credentialName: ''\n hosts: []", "translations": "en:\n alert.tls.https: TLS Server of mode SIMPLE or MUTUAL needs either credential name, or private key and server certificate pair.\n spec.selector: Selector\n spec.gateways: Gateways\n spec.servers: Servers\n spec.servers.port: Port\n spec.servers.port.name: Port Name\n spec.servers.port.protocol: Protocol\n spec.servers.port.targetPort: Target Port\n spec.servers.port.number: Port Number\n spec.servers.tls: TLS\n spec.servers.tls.mode: TLS Mode\n spec.servers.tls.httpsRedirect: HTTP Redirect\n spec.servers.tls.credentialName: Credential Name\n spec.servers.tls.serverCertificate: Server Certificate\n spec.servers.tls.privateKey: Private Key\n spec.servers.tls.caCertificates: CA Certificate\n spec.servers.hosts: Hosts\n selector.matchesAllPods: Matches all Pods in the Namespace\n placeholders.dropdown: Type or choose an option\n placeholders.serverCertificate: Enter the certificate path\n placeholders.privateKey: Enter the private key path\n placeholders.caCertificates: Enter the CA certificates path\n placeholders.hosts: For example, *.api.mydomain.com\n inputInfo.spec.servers.port.number: Must be a on-negative number." }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-gateways-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.selector.matchLabels)", "details": "body:\n - source: spec.jwtRules\n name: spec.jwtRules\n showHeader: false\n widget: Table\n collapsibleTitle: '\"Issuer \" & $item.issuer'\n collapsible:\n - source: issuer\n name: spec.jwtRules.issuer\n widget: Text\n - source: jwksUri\n name: spec.jwtRules.jwksUri\n widget: Text\n - source: audiences\n name: spec.jwtRules.audiences\n widget: JoinedArray\n - source: fromParams\n name: spec.jwtRules.fromParams\n widget: JoinedArray\n - source: fromCookies\n name: spec.jwtRules.fromCookies\n widget: JoinedArray\n - source: fromHeaders\n name: spec.jwtRules.fromHeaders\n widget: Table\n showHeader: false\n collapsibleTitle: '\"Header \" & $item.name'\n collapsible:\n - source: name\n name: spec.jwtRules.fromHeaders.name\n widget: Text\n - source: prefix\n name: spec.jwtRules.fromHeaders.prefix\n widget: Text\n - widget: Panel\n name: spec.selector.matchLabels\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n visibility: $exists($root.spec.selector.matchLabels) and $boolean($root.spec.selector.matchLabels)\n - source: spec.selector\n widget: Panel\n name: selector.matchesAllPods\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.selector.matchLabels\n widget: Labels\n name: spec.selector.matchLabels\n visibility: $exists($value) and $boolean($value)\n", "form": "- path: spec.selector.matchLabels\n widget: KeyValuePair\n defaultExpanded: true\n- path: spec.jwtRules\n name: spec.jwtRules\n widget: GenericList\n simple: true\n children:\n - path: '[].issuer'\n - path: '[].jwksUri'\n name: spec.jwtRules.jwksUri\n - path: '[].audiences'\n widget: SimpleList\n children:\n - path: '[]'\n - path: '[].fromParams'\n widget: SimpleList\n children:\n - path: '[]'\n - path: '[].fromCookies'\n widget: SimpleList\n children:\n - path: '[]'\n - path: '[].fromHeaders'\n simple: true\n widget: GenericList\n children:\n - path: '[].name'\n - path: '[].prefix'", "general": "resource:\n kind: RequestAuthentication\n group: security.istio.io\n version: v1beta1\nurlPath: requestauthentications\ncategory: Istio\nname: Request Authentications\nscope: namespace\ndescription: >-\n {{[Istio Request Authentication](https://istio.io/latest/docs/reference/config/security/request_authentication)}}\n defines what request authentication methods are supported by a workload.\n\n", "translations": "en:\n spec.jwtRules: JWT Rules\n spec.jwtRules.issuer: Issuer\n spec.jwtRules.jwksUri: JWKS URI\n spec.jwtRules.jwks: JWKS\n spec.jwtRules.audiences: Audiences\n spec.jwtRules.fromParams: From Params\n spec.jwtRules.fromCookies: From Cookies\n spec.jwtRules.fromHeaders: From Headers\n spec.jwtRules.fromHeaders.name: Name\n spec.jwtRules.fromHeaders.prefix: Prefix\n spec.selector.matchLabels: Selector\n selector.matchesAllPods: Matches all Pods in the Namespace" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-requestauthentications-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.workloadSelector.labels)\n", "details": "header:\n - source: spec.location\n name: spec.location\n - source: spec.resolution\n name: spec.resolution\nresourceGraph:\n colorVariant: 2\n dataSources:\n - source: podSelector\nbody:\n - name: configuration\n widget: Panel\n source: spec\n visibility: >-\n $boolean($exists($value.hosts) or $exists($value.addresses) or\n $exists($value.subjectAltNames))\n children:\n - name: spec.hosts\n source: hosts\n widget: JoinedArray\n visibility: $exists($value)\n - name: spec.addresses\n source: addresses\n widget: JoinedArray\n visibility: $exists($value)\n - name: spec.exportTo\n source: exportTo\n widget: Labels\n placeholder: Exported to all Namespaces\n - name: spec.subjectAltNames\n source: subjectAltNames\n widget: JoinedArray\n visibility: $exists($value)\n - name: spec.ports\n widget: Table\n source: spec.ports\n visibility: $exists($value)\n children:\n - name: spec.ports.number\n source: number\n sort: true\n - name: spec.ports.protocol\n source: protocol\n sort: true\n - name: spec.ports.name\n source: name\n sort: true\n - name: spec.ports.targetPort\n source: targetPort\n sort: true\n - name: spec.endpoints\n widget: Table\n source: spec.endpoints\n visibility: $exists($value)\n children:\n - name: spec.endpoints.address\n source: address\n sort: true\n - name: spec.endpoints.ports\n source: ports\n widget: Labels\n - name: spec.endpoints.labels\n source: labels\n widget: Labels\n - name: spec.endpoints.network\n source: network\n sort: true\n - name: spec.endpoints.weight\n source: weight\n - name: spec.endpoints.serviceAccount\n source: serviceAccount\n - name: spec.workloadSelector\n widget: Panel\n source: spec.workloadSelector.labels\n visibility: $exists($value)\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n header:\n - widget: Labels\n source: spec.workloadSelector.labels\n visibility: $exists($value)", "form": "- path: spec.hosts\n name: spec.hosts\n widget: SimpleList\n simple: true\n required: true\n children:\n - path: '[]'\n simple: true\n- path: spec.addresses\n name: spec.addresses\n widget: SimpleList\n placeholder: placeholders.addreses\n children:\n - path: '[]'\n- path: spec.ports\n name: Ports\n widget: GenericList\n children:\n - path: '[].number'\n name: spec.ports.number\n required: true\n - path: '[].protocol'\n name: spec.ports.protocol\n required: true\n placeholder: placeholders.dropdown\n enum:\n - HTTP\n - HTTPS\n - GRPC\n - HTTP2\n - MONGO\n - TCP\n - TLS\n - path: '[].name'\n name: spec.ports.name\n required: true\n - path: '[].targetPort'\n name: spec.ports.targetPort\n- path: spec.location\n name: spec.location\n placeholder: placeholders.dropdown\n- path: spec.resolution\n name: spec.resolution\n placeholder: placeholders.dropdown\n- path: spec.endpoints\n name: spec.endpoints\n widget: GenericList\n children:\n - path: '[].address'\n name: spec.endpoints.address\n - path: '[].ports'\n name: spec.endpoints.ports\n widget: KeyValuePair\n value:\n type: number\n - path: '[].labels'\n name: spec.endpoints.labels\n widget: KeyValuePair\n - path: '[].network'\n name: spec.endpoints.network\n - path: '[].locality'\n name: spec.endpoints.locality\n - path: '[].weight'\n name: spec.endpoints.weight\n - path: '[].serviceAccount'\n name: spec.endpoints.serviceAccount\n- path: spec.workloadSelector.labels\n name: spec.workloadSelector\n widget: KeyValuePair\n defaultExpanded: true\n- path: spec.exportTo\n name: spec.exportTo\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.subjectAltNames\n name: spec.subjectAltNames\n widget: SimpleList\n children:\n - path: '[]'", "general": "resource:\n kind: ServiceEntry\n group: networking.istio.io\n version: v1beta1\nurlPath: serviceentries\ncategory: Istio\nname: Service Entries\nscope: namespace\ndescription: >-\n {{[ServiceEntry](https://istio.io/latest/docs/reference/config/networking/service-entry/)}}\n allows for adding more entries to the internal service registry of Istio.", "list": "- source: spec.location\n name: spec.location\n sort: true\n- source: spec.resolution\n name: spec.resolution\n sort: true", "translations": "en:\n configuration: Configuration\n spec.hosts: Hosts\n spec.addresses: Addresses\n spec.ports: Ports\n spec.ports.number: Number\n spec.ports.protocol: Protocol\n spec.ports.name: Name\n spec.ports.targetPort: Target Port\n spec.location: Location\n spec.resolution: Resolution\n spec.endpoints: Endpoints\n spec.endpoints.address: Address\n spec.endpoints.ports: Ports\n spec.endpoints.labels: Labels\n spec.endpoints.network: Network\n spec.endpoints.locality: Locality\n spec.endpoints.weight: Weight\n spec.endpoints.serviceAccount: Service Account\n spec.workloadSelector: Workload Selector\n spec.exportTo: Export To\n spec.subjectAltNames: Subject Alt Names\n placeholders.dropdown: Type or choose an option\n placeholders.addreses: For example, 127.0.0.1" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-serviceentries-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.workloadSelector.labels)", "details": "header:\n - name: Outbound Traffic Policy Mode\n source: spec.outboundTrafficPolicy.mode\nbody:\n - widget: Table\n source: spec.egress\n name: Egress\n visibility: $exists($value)\n children:\n - source: port\n name: Port\n widget: Panel\n visibility: $exists($value)\n children:\n - source: number\n name: Number\n - source: name\n name: Name\n - source: protocol\n name: Protocol\n - source: targetPoint\n name: Target Point\n - source: bind\n name: Bind\n - source: captureMode\n name: Capture Mode\n - source: hosts\n name: Hosts\n widget: Labels\n - widget: Table\n source: spec.ingress\n name: Ingress\n visibility: $exists($value)\n children:\n - source: port\n name: Port\n widget: Panel\n visibility: $exists($value)\n children:\n - source: number\n name: Number\n - source: name\n name: Name\n - source: protocol\n name: Protocol\n - source: targetPoint\n name: Target Point\n - source: $parent.tls.mode\n name: TLS Mode\n - source: bind\n name: Bind\n - source: captureMode\n name: Capture Mode\n - source: defaultEndpoint\n name: Default Endpoint\n widget: Labels\n - widget: Panel\n name: Workload Selector\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n isCompact: true\n visibility: $exists($root.spec.workloadSelector.labels) and $boolean($root.spec.workloadSelector.labels)\n - source: spec.workloadSelector.labels\n widget: Panel\n name: Matches all Pods in the Namespace\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.workloadSelector.labels\n widget: Labels\n name: Workload Selector\n visibility: $exists($value) and $boolean($value)\nresourceGraph:\n depth: 1\n colorVariant: 1\n dataSources:\n - source: podSelector", "form": "- path: spec.workloadSelector.labels\n name: Workload Selector\n widget: KeyValuePair\n- widget: FormGroup\n path: spec.egress[].port\n simple: true\n children:\n - path: number\n simple: true\n placeholder: Enter the port number\n - path: name\n widget: Name\n inputInfo: null\n simple: true\n - path: protocol\n simple: true\n enum:\n - HTTP\n - HTTPS\n - HTTP2\n - GRPC\n - MONGO\n - TCP\n - TLS\n placeholder: Type or choose an option\n- path: spec.egress[].bind\n placeholder: Enter the IPv4 or IPv6\n simple: true\n- path: spec.egress[].captureMode\n simple: true\n enum:\n - DEFAULT\n - IPTABLES\n - NONE\n placeholder: Type or choose an option\n- widget: SimpleList\n path: spec.egress[].hosts\n required: true\n simple: true\n placeholder: For example, *.api.mydomain.com\n children:\n - path: '[]'\n simple: true\n- widget: FormGroup\n path: spec.ingress[].port\n required: true\n simple: true\n children:\n - path: number\n simple: true\n required: true\n placeholder: Enter the port number\n - path: name\n widget: Name\n inputInfo: null\n simple: true\n required: true\n - path: protocol\n simple: true\n enum:\n - HTTP\n - HTTPS\n - HTTP2\n - GRPC\n - MONGO\n - TCP\n - TLS\n required: true\n placeholder: Type or choose an option\n- path: spec.ingress[].bind\n placeholder: Enter the IPv4 or IPv6\n simple: true\n- path: spec.ingress[].captureMode\n enum:\n - DEFAULT\n - IPTABLES\n - NONE\n simple: true\n placeholder: Type or choose an option\n- path: spec.ingress[].defaultEndpoint\n placeholder: For example, 127.0.0.1:PORT\n required: true\n simple: true\n- widget: FormGroup\n simple: true\n path: spec.ingress[].tls\n name: TLS\n visibility: $item.port.protocol = 'HTTPS'\n children:\n - path: mode\n name: TLS Mode\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n required: true\n placeholder: Type or choose an option\n - path: serverCertificate\n name: Server Certificate\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: Enter the certificate path\n - path: privateKey\n name: Private Key\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: Enter the private key path\n - path: caCertificates\n name: CA Certificate\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: Enter the CA certificates path\n- widget: FormGroup\n path: spec.outboundTrafficPolicy\n name: Outbound Traffic Policy\n children:\n - path: mode\n name: Outbound Traffic Policy Mode\n enum:\n - REGISTRY_ONLY\n - ALLOW_ANY\n placeholder: Type or choose an option", "general": "resource:\n kind: Sidecar\n group: networking.istio.io\n version: v1beta1\nurlPath: sidecars\ncategory: Istio\nname: Sidecars\nscope: namespace\ndescription: >-\n {{[Sidecar](https://istio.io/latest/docs/reference/config/networking/sidecar/)}}\n manages the incoming and outgoing communication in a workload it is attached\n to.", "list": "- source: spec.outboundTrafficPolicy.mode\n name: Outbound Traffic Policy Mode\n- source: spec.workloadSelector.labels\n name: Workload Selector Labels\n widget: Labels" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-sidecars-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "body: \n - name: Configuration\n widget: Panel\n source: spec\n children:\n - name: AccessLogging\n source: accessLogging\n widget: Table\n visibility: $exists($value)\n collapsible:\n - name: Filter\n source: filter\n widget: Panel\n visibility: $exists($value)\n children:\n - name: Expression\n source: expression\n widget: Labels\n - name: Match\n source: match\n widget: Panel\n visibility: $exists($value)\n children:\n - name: Mode\n source: mode\n widget: Labels\n - name: Tracing\n source: tracing\n widget: Table\n visibility: $exists($value)\n collapsible:\n - name: RandomSamplingPercentage\n source: randomSamplingPercentage\n widget: Text\n visibility: $exists($value)\n - name: Providers\n source: providers\n widget: Panel\n visibility: $exists($value)\n children:\n - source: name\n widget: Text\n name: Name\n \n", "form": "- path: spec.accessLogging\n widget: GenericList\n simple: true\n name: Access logging configuration\n children:\n - path: '[]'\n children:\n - path: match.mode\n simple: true\n name: Access logging match mode\n - path: filter.expression\n simple: true\n name: Access logging filter expression\n- path: spec.tracing\n simple: true\n widget: GenericList\n name: Tracing configuration\n children:\n - path: '[]'\n children:\n - path: providers\n simple: true\n widget: GenericList\n children:\n - path: '[]'\n children:\n - path: name\n simple: true\n name: Tracing provider name\n - path: randomSamplingPercentage\n type: number\n name: Tracing random sampling percentage\n", "general": "resource:\n kind: Telemetry\n group: telemetry.istio.io\n version: v1alpha1\nurlPath: istiotelemetries\ncategory: Istio\nname: Telemetries\nscope: namespace\ndescription: >-\n {{[Telemetry](https://istio.io/latest/docs/reference/config/telemetry)}}\n defines how the telemetry is generated for workloads within a mesh.\n\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-telemetries-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n- name: Ready\n source: status.state\n widget: Badge\n description: status.description\n highlights:\n positive:\n - 'Ready'\n negative:\n - 'Error'\n critical:\n - 'Warning'\nbody:\n- widget: Panel\n name: Configuration\n children:\n - source: spec.config.gatewayExternalTrafficPolicy\n name: config.gatewayExternalTrafficPolicy\n visibility: '$exists($value)'\n - source: spec.config.numTrustedProxies\n name: config.numTrustedProxies\n placeholder: '1'\n - source: spec.compatibilityMode\n name: compatibilityMode\n placeholder: 'false'\n\n - name: config.authorizers\n widget: Table\n source: spec.config.authorizers\n visibility: $exists($value)\n collapsibleTitle: \"$item.name\"\n collapsible:\n - name: config.authorizers.headers.inCheck.add\n # For some reason $each doesn't return an array that works with JoinedArray widget, when we have only one element. So in this case we return an Array with one element.\n source: '$count($keys(headers.inCheck.add)) = 1 ? $each(headers.inCheck.add, function($v, $k) {[$k & \":\" & $v]}) : $each(headers.inCheck.add, function($v, $k) {$k & \":\" & $v})'\n widget: JoinedArray\n - name: config.authorizers.headers.inCheck.include\n source: headers.inCheck.include\n widget: JoinedArray\n - name: config.authorizers.headers.toUpstream.onAllow\n source: headers.toUpstream.onAllow\n widget: JoinedArray\n - name: config.authorizers.headers.toDownstream.onAllow\n source: headers.toDownstream.onAllow\n widget: JoinedArray\n - name: config.authorizers.headers.toDownstream.onDeny\n source: headers.toDownstream.onDeny\n widget: JoinedArray\n children:\n - name: config.authorizers.service\n source: service\n - name: config.authorizers.port\n source: port\n\n - widget: Panel\n name: Pilot\n visibility: '$exists(spec.components.pilot.k8s.hpaSpec.minReplicas) or $exists(spec.components.pilot.k8s.hpaSpec.maxReplicas) or $exists(spec.components.pilot.k8s.strategy.rollingUpdate.maxSurge) or $exists(spec.components.pilot.k8s.strategy.rollingUpdate.maxUnavailable) or $exists(spec.components.pilot.k8s.resources.limits.cpu) or $exists(spec.components.pilot.k8s.resources.limits.memory) or $exists(spec.components.pilot.k8s.resources.requests.cpu) or $exists(spec.components.pilot.k8s.resources.requests.memory)'\n children:\n - source: spec.components.pilot.k8s.hpaSpec.minReplicas\n name: k8s.hpaSpec.minReplicas\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.hpaSpec.maxReplicas\n name: k8s.hpaSpec.maxReplicas\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.strategy.rollingUpdate.maxSurge\n name: k8s.strategy.rollingUpdate.maxSurge\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.strategy.rollingUpdate.maxUnavailable\n name: k8s.strategy.rollingUpdate.maxUnavailable\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n\n - widget: Panel\n name: Ingress Gateway\n visibility: '$exists(spec.components.ingressGateway.k8s.hpaSpec.minReplicas) or $exists(spec.components.ingressGateway.k8s.hpaSpec.maxReplicas) or $exists(spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxSurge) or $exists(spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxUnavailable) or $exists(spec.components.ingressGateway.k8s.resources.limits.cpu) or $exists(spec.components.ingressGateway.k8s.resources.limits.memory) or $exists(spec.components.ingressGateway.k8s.resources.requests.cpu) or $exists(spec.components.ingressGateway.k8s.resources.requests.memory)'\n children:\n - source: spec.components.ingressGateway.k8s.hpaSpec.minReplicas\n name: k8s.hpaSpec.minReplicas\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.hpaSpec.maxReplicas\n name: k8s.hpaSpec.maxReplicas\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxSurge\n name: k8s.strategy.rollingUpdate.maxSurge\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxUnavailable\n name: k8s.strategy.rollingUpdate.maxUnavailable\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n\n - widget: Panel\n name: CNI\n visibility: '$exists(spec.components.cni.k8s.resources.limits.cpu) or $exists(spec.components.cni.k8s.resources.limits.memory) or $exists(spec.components.cni.k8s.resources.requests.cpu) or $exists(spec.components.cni.k8s.resources.requests.memory) or $exists(spec.components.cni.k8s.affinity)'\n children:\n - source: spec.components.cni.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.affinity\n name: k8s.affinity\n widget: CodeViewer\n description: \"Kubernetes documentation for {{[Affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity)}}\"\n language: \"'yaml'\"\n visibility: '$exists($value)'\n\n - widget: Panel\n name: Proxy\n visibility: '$exists(spec.components.proxy.k8s.resources.limits.cpu) or $exists(spec.components.proxy.k8s.resources.limits.memory) or $exists(spec.components.proxy.k8s.resources.requests.cpu) or $exists(spec.components.proxy.k8s.resources.requests.memory)'\n children:\n - source: spec.components.proxy.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.proxy.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.proxy.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.proxy.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n\n- source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n", "form": "- path: spec\n simple: true\n name: General\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: config.gatewayExternalTrafficPolicy\n name: config.gatewayExternalTrafficPolicy\n simple: true\n description: description.externalTrafficPolicy\n value:\n type: string\n - path: config.numTrustedProxies\n simple: true\n name: config.numTrustedProxies\n value:\n type: number\n - path: compatibilityMode\n simple: true\n name: compatibilityMode\n value:\n type: bool\n- path: spec.config.authorizers\n name: config.authorizers\n widget: GenericList\n children:\n - path: '[].name'\n name: config.authorizers.name\n - path: '[].service'\n name: config.authorizers.service\n - path: '[].port'\n name: config.authorizers.port\n - path: '[].headers'\n name: config.authorizers.headers\n widget: FormGroup\n children:\n - path: 'inCheck.add'\n name: config.authorizers.headers.inCheck.add\n widget: KeyValuePair\n - path: 'inCheck.include'\n name: config.authorizers.headers.inCheck.include\n widget: SimpleList\n children:\n - path: '[]'\n - path: 'toUpstream.onAllow'\n name: config.authorizers.headers.toUpstream.onAllow\n widget: SimpleList\n children:\n - path: '[]'\n - path: 'toDownstream.onAllow'\n name: config.authorizers.headers.toDownstream.onAllow\n widget: SimpleList\n children:\n - path: '[]'\n - path: 'toDownstream.onDeny'\n name: config.authorizers.headers.toDownstream.onDeny\n widget: SimpleList\n children:\n - path: '[]'\n\n- path: spec.components\n name: Components\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: 'pilot'\n required: false\n name: Pilot\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.hpaSpec'\n name: k8s.hpaSpec\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'minReplicas'\n name: k8s.hpaSpec.minReplicas\n description: description.hpaSpec.minReplicas\n value:\n type: number\n - path: 'maxReplicas'\n name: k8s.hpaSpec.maxReplicas\n description: description.hpaSpec.maxReplicas\n value:\n type: number\n - path: 'k8s.strategy.rollingUpdate'\n required: false\n name: k8s.strategy.rollingUpdate\n widget: FormGroup\n defaultExpanded: false\n type: object\n properties:\n maxSurge:\n type: string\n maxUnavailable:\n type: string\n children:\n - path: 'maxSurge'\n name: k8s.strategy.rollingUpdate.maxSurge\n description: description.rollingUpdate.maxSurge\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'maxUnavailable'\n name: k8s.strategy.rollingUpdate.maxUnavailable\n description: description.rollingUpdate.maxUnvailable\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n - path: 'ingressGateway'\n required: false\n name: Ingress Gateway\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.hpaSpec'\n name: k8s.hpaSpec\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'minReplicas'\n name: k8s.hpaSpec.minReplicas\n description: description.hpaSpec.minReplicas\n value:\n type: number\n - path: 'maxReplicas'\n name: k8s.hpaSpec.maxReplicas\n description: description.hpaSpec.maxReplicas\n value:\n type: number\n - path: 'k8s.strategy.rollingUpdate'\n required: false\n name: k8s.strategy.rollingUpdate\n widget: FormGroup\n defaultExpanded: false\n type: object\n properties:\n maxSurge:\n type: string\n maxUnavailable:\n type: string\n children:\n - path: 'maxSurge'\n name: k8s.strategy.rollingUpdate.maxSurge\n description: description.rollingUpdate.maxSurge\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'maxUnavailable'\n name: k8s.strategy.rollingUpdate.maxUnavailable\n description: description.rollingUpdate.maxUnvailable\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n - path: 'cni'\n required: false\n name: CNI\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.affinity'\n widget: CodeEditor\n description: k8s.affinity\n language: \"'yaml'\"\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n - path: 'proxy'\n required: false\n name: Proxy\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n", "general": "resource:\n kind: Istio\n group: operator.kyma-project.io\n version: v1alpha2\nurlPath: istios\ncategory: Kyma\nname: Istio\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableDelete: true\ndescription: >-\n {{[Istio custom resource ](https://kyma-project.io/#/istio/user/04-00-istio-custom-resource)}}\n configures the Istio module.", "list": "- name: Ready\n source: status.state\n widget: Badge\n description: status.description\n highlights:\n positive:\n - 'Ready'\n negative:\n - 'Error'\n critical:\n - 'Warning'\n", "translations": "en:\n compatibilityMode: Compatibility Mode\n config.numTrustedProxies: Number of trusted proxies\n\n config.authorizers: Authorizers\n config.authorizers.name: Name\n config.authorizers.service: Service\n config.authorizers.port: Port\n config.authorizers.headers: Headers\n config.authorizers.headers.inCheck.include: Forward To Authorization Request\n config.authorizers.headers.inCheck.add: Add To Authorization Request\n config.authorizers.headers.toUpstream.onAllow: Forward To Upstream\n config.authorizers.headers.toDownstream.onAllow: Forward To Downstream On Allow\n config.authorizers.headers.toDownstream.onDeny: Forward To Downstream On Deny\n config.gatewayExternalTrafficPolicy: Gateway external traffic policy\n\n k8s.hpaSpec: Horizontal Pod Autoscaler\n k8s.hpaSpec.minReplicas: Minimum number of replicas\n k8s.hpaSpec.maxReplicas: Maximum number of replicas\n k8s.strategy.rollingUpdate: Rolling update strategy\n k8s.strategy.rollingUpdate.maxSurge: Maximum surge\n k8s.strategy.rollingUpdate.maxUnavailable: Maximum unavailable\n k8s.resources.cpu: CPU\n k8s.resources.memory: Memory\n k8s.resources.limits.cpu: CPU limits\n k8s.resources.limits.memory: Memory limits\n k8s.resources.requests.cpu: CPU requests\n k8s.resources.requests.memory: Memory requests\n k8s.affinity: Affinity (YAML)\n description.hpaSpec.minReplicas: Minimum number of replicas for this deployment\n description.hpaSpec.maxReplicas: Maximum number of replicas for this deployment\n description.rollingUpdate.maxSurge: Maximum number of Pods, or the percentage of Pods that can be created on top during an update\n description.rollingUpdate.maxUnvailable: Maximum number of Pods, or the percentage of Pods that can be unavailable during an update\n description.limits.cpu: Total CPU limits of all Pods that are in a non-terminal state must not exceed this value\n description.limits.memory: Total memory limits of all Pods that are in a non-terminal state must not exceed this value\n description.requests.cpu: Total CPU requests of all Pods that are in a non-terminal state must not exceed this value\n description.requests.memory: Total memory requests of all Pods that are in a non-terminal state must not exceed this value\n description.externalTrafficPolicy: Specifies externalTrafficPolicy for the Istio Ingress Gateway Service\n description.compatibilityMode: Sets Istio compatibility version the last minor version.\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "dataSources": "relatedGateways:\n resource:\n kind: Gateway\n group: networking.istio.io\n version: v1beta1\n namespace: null\n filter: >-\n $filter($root.spec.gateways, function($g){$contains($g,'/') ?\n ($substringBefore($g,'/') = $item.metadata.namespace and $substringAfter($g,\n '/') = $item.metadata.name) : ($substringBefore($g, '.') =\n $item.metadata.name and $substringBefore($substringAfter($g, '.'), '.') =\n $item.metadata.namespace) })\nrelatedServices:\n resource:\n kind: Service\n version: v1\n namespace: null\n filter: >-\n $filter($root.spec.http.route, function($r) { $filter($r.destination.host,\n function($h){($substringBefore($h, '.') = $item.metadata.name) and\n ($split($substringAfter($h, '.'),'.')[0] = $item.metadata.namespace)} ) })", "details": "resourceGraph:\n dataSources:\n - source: relatedGateways\n - source: relatedServices\nbody:\n - widget: Table\n source: spec.gateways[]\n name: gateways\n visibility: $exists($value)\n children:\n - source: $item\n name: t-name\n widget: ResourceLink\n resource:\n kind: '\"Gateway\"'\n name: >-\n $contains($item,'/') ? $substringAfter($item, '/') :\n $substringBefore($item, '.')\n namespace: >-\n $contains($item,'/') ? $substringBefore($item, '/'):\n $substringBefore($substringAfter($item, '.'), '.')\n - name: summary\n widget: Panel\n source: spec\n visibility: $boolean($exists($value.exportTo) or $exists($value.hosts))\n children:\n - name: exportTo\n source: exportTo\n widget: Labels\n visibility: $exists($value)\n - name: hosts\n source: hosts\n widget: JoinedArray\n visibility: $exists($value)\n - widget: Table\n source: spec.http\n name: http\n visibility: $exists($value)\n children:\n - source: name\n name: t-name\n - source: timeout\n name: timeout\n - source: mirrorPercentage.value\n name: mirrorPercentage\n collapsible:\n - source: match\n name: matches\n widget: Table\n visibility: $exists($value)\n children:\n - source: name\n name: t-name\n - source: uri\n name: uri\n widget: Labels\n - source: scheme\n name: scheme\n widget: Labels\n - source: method\n name: method\n widget: Labels\n - source: authority\n name: authority\n widget: Labels\n - source: headers\n name: headers\n - source: port\n name: port\n - source: sourceLabels\n name: sourceLabels\n widget: Labels\n - source: gateways\n name: gateways\n widget: JoinedArray\n - source: queryParams\n name: queryParams\n - source: ignoreUriCase\n name: ignoreUriCase\n - source: withoutHeaders\n name: withoutHeaders\n - source: sourceNamespace\n name: sourceNamespace\n - source: statPrefix\n name: statPrefix\n - source: route\n name: routes\n widget: Table\n visibility: $exists($value)\n children:\n - source: destination\n name: destination\n widget: Panel\n visibility: $exists($value)\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port.number\n - source: weight\n name: weight\n - source: headers\n name: headers\n widget: Panel\n visibility: $exists($value)\n children:\n - source: request\n name: request\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - source: response\n name: response\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - source: redirect\n name: redirect\n widget: Panel\n visibility: $exists($value)\n children:\n - source: uri\n name: uri\n - source: authority\n name: authority\n - source: port\n name: port\n - source: derivePort\n name: derivePort\n widget: Labels\n - source: scheme\n name: scheme\n - source: redirectCode\n name: redirectCode\n - source: directResponse\n name: directResponse\n widget: Panel\n visibility: $exists($value)\n children:\n - source: status\n name: status\n - source: body\n name: body\n widget: Panel\n visibility: $exists($value)\n children:\n - source: string\n name: string\n - source: bytes\n name: bytes\n - source: delegate\n name: delegate\n widget: Panel\n visibility: $exists($value)\n children:\n - source: name\n name: t-name\n - source: namespace\n name: namespace\n - source: rewrite\n name: rewrite\n widget: Panel\n visibility: $exists($value)\n children:\n - source: uri\n name: uri\n - source: authority\n name: authority\n - source: retries\n name: retries\n widget: Panel\n visibility: $exists($value)\n children:\n - source: attempts\n name: attempts\n - source: perTryTimeout\n name: perTryTimeout\n - source: retryOn\n name: retryOn\n - source: retryRemoteLocalities\n name: retryRemoteLocalities\n - source: fault\n name: fault\n widget: Panel\n visibility: $exists($value)\n children:\n - source: delay\n name: delay\n widget: Panel\n visibility: $exists($value)\n children:\n - source: fixedDelay\n name: fixedDelay\n - source: percentage.value\n name: percentage.value\n - source: percent\n name: percent\n - source: abort\n name: Abort\n widget: Panel\n visibility: $exists($value)\n children:\n - source: httpStatus\n name: httpStatus\n - source: percentage.value\n name: percentage.value\n - source: mirror\n name: Mirror\n widget: Panel\n visibility: $exists($value)\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port.number\n - source: corsPolicy\n name: corsPolicy\n widget: Panel\n visibility: $exists($value)\n children:\n - source: allowOrigins\n name: allowOrigins\n - source: allowMethods\n name: allowMethods\n widget: JoinedArray\n - source: allowHeaders\n name: allowHeaders\n widget: JoinedArray\n - source: exposeHeaders\n name: exposeHeaders\n widget: JoinedArray\n - source: maxAge\n name: maxAge\n - source: allowCredentials\n name: allowCredentials\n - source: headers\n name: headers\n widget: Panel\n visibility: $exists($value)\n children:\n - source: request\n name: request\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - source: response\n name: response\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - widget: Table\n source: spec.tcp\n name: tcp\n visibility: $exists($value)\n children:\n - source: match\n name: matches\n widget: Table\n visibility: $exists($value)\n children:\n - source: destinationSubnets\n name: destinationSubnets\n widget: JoinedArray\n - source: port\n name: port\n - source: sourceLabels\n name: sourceLabels\n widget: Labels\n - source: gateways\n name: gateways\n widget: JoinedArray\n - source: sourceNamespace\n name: sourceNamespace\n collapsible:\n - source: route\n name: routes\n widget: Table\n visibility: $exists($value)\n children:\n - source: destination\n name: destination\n widget: Panel\n visibility: $exists($value)\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port\n - source: weight\n name: weight\n - widget: Table\n source: spec.tls\n name: tls\n visibility: $exists($value)\n children:\n - source: match\n name: matches\n widget: Table\n visibility: $exists($value)\n children:\n - source: sniHosts\n name: sniHosts\n widget: JoinedArray\n - source: destinationSubnets\n name: destinationSubnets\n widget: JoinedArray\n - source: port\n name: port\n - source: sourceLabels\n name: sourceLabels\n widget: Labels\n - source: gateways\n name: gateways\n widget: JoinedArray\n - source: sourceNamespace\n name: sourceNamespace\n collapsible:\n - source: route\n name: routes\n widget: Table\n visibility: $exists($value)\n children:\n - source: destination\n name: destination\n widget: Panel\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port.number\n - source: weight\n name: weight", "form": "- path: spec.tls\n widget: GenericList\n name: tls\n children:\n - path: '[].match'\n widget: GenericList\n name: matches\n children:\n - path: '[].sniHosts'\n widget: SimpleList\n name: sniHosts\n children:\n - path: '[]'\n - path: '[].sourceNamespace'\n name: sourceNamespace\n - path: '[].port'\n name: port\n - path: '[].destinationSubnets'\n widget: SimpleList\n name: destinationSubnets\n children:\n - path: '[]'\n - path: '[].sourceLabels'\n widget: KeyValuePair\n name: sourceLabels\n - path: '[].gateways'\n widget: SimpleList\n name: gateways\n children:\n - path: '[]'\n - path: '[].route'\n widget: GenericList\n name: routes\n children:\n - path: '[].destination'\n widget: FormGroup\n name: destination\n children:\n - path: host\n name: host\n - path: subset\n name: subset\n - path: port.number\n name: port.number\n - path: '[].weight'\n name: weight\n- path: spec.tcp\n name: tcp\n widget: GenericList\n children:\n - path: '[].match'\n name: matches\n children:\n - path: '[].sourceNamespace'\n name: sourceNamespace\n - path: '[].port'\n name: port\n - path: '[].sniHosts'\n widget: SimpleList\n name: sniHosts\n children:\n - path: '[]'\n - path: '[].destinationSubnets'\n widget: SimpleList\n name: destinationSubnets\n children:\n - path: '[]'\n - path: '[].sourceLabels'\n name: sourceLabels\n widget: KeyValuePair\n - path: '[].gateways'\n widget: SimpleList\n name: gateways\n children:\n - path: '[]'\n - path: '[].route'\n name: routes\n children:\n - path: '[].destination'\n widget: FormGroup\n name: destination\n children:\n - path: host\n name: host\n - path: subset\n name: subset\n - path: port.number\n name: port.number\n - path: '[].weight'\n name: weight\n- path: spec.http\n simple: true\n name: http\n widget: GenericList\n children:\n - path: '[].match'\n simple: true\n name: matches\n widget: GenericList\n children:\n - path: '[].name'\n simple: true\n name: t-name\n - path: '[].uri'\n simple: true\n name: uri\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].scheme'\n simple: true\n name: scheme\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].method'\n simple: true\n name: method\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].authority'\n simple: true\n name: authority\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].headers'\n simple: true\n name: headers\n defaultExpanded: true\n widget: KeyValuePair\n value:\n type: object\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].port'\n simple: true\n name: port\n - path: '[].sourceLabels'\n simple: true\n name: sourceLabels\n widget: KeyValuePair\n - path: '[].gateways'\n simple: true\n name: gateways\n widget: SimpleList\n children:\n - path: '[]'\n - path: '[].queryParams'\n simple: true\n name: queryParams\n widget: KeyValuePair\n value:\n type: object\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].ignoreUriCase'\n simple: true\n name: ignoreUriCase\n - path: '[].withoutHeaders'\n simple: true\n name: withoutHeaders\n widget: KeyValuePair\n value:\n type: object\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].sourceNamespace'\n simple: true\n name: sourceNamespace\n - path: '[].statPrefix'\n simple: true\n name: statPrefix\n - path: '[].route'\n simple: true\n name: routes\n children:\n - path: '[].destination'\n simple: true\n name: destination\n widget: FormGroup\n children:\n - path: host\n name: host\n - path: subset\n name: subset\n - path: port.number\n name: port.number\n - path: '[].weight'\n simple: true\n name: weight\n - path: '[].headers'\n simple: true\n name: headers\n widget: FormGroup\n children:\n - path: response\n simple: true\n name: response\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: request\n simple: true\n name: request\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: '[].redirect'\n simple: true\n name: redirect\n widget: FormGroup\n children:\n - path: uri\n simple: true\n name: uri\n - path: authority\n simple: true\n name: authority\n - path: port\n simple: true\n name: port\n - path: derivePort\n simple: true\n name: derivePort\n - path: scheme\n simple: true\n name: scheme\n - path: redirectCode\n simple: true\n name: redirectCode\n - path: '[].directResponse'\n simple: true\n name: directResponse\n widget: FormGroup\n children:\n - path: status\n simple: true\n name: status\n - path: body\n simple: true\n name: body\n widget: FormGroup\n children:\n - path: string\n simple: true\n name: string\n - path: bytes\n simple: true\n name: bytes\n - path: '[].delegate'\n simple: true\n name: delegate\n widget: FormGroup\n children:\n - path: name\n simple: true\n name: name\n - path: namespace\n simple: true\n name: namespace\n - path: '[].rewrite'\n simple: true\n name: rewrite\n widget: FormGroup\n children:\n - path: uri\n simple: true\n name: uri\n - path: authority\n simple: true\n name: authority\n - path: '[].timeout'\n simple: true\n name: timeout\n - path: '[].retries'\n simple: true\n name: retries\n widget: FormGroup\n children:\n - path: attempts\n simple: true\n name: attempts\n - path: perTryTimeout\n simple: true\n name: perTryTimeout\n - path: retryOn\n simple: true\n name: retryOn\n - path: retryRemoteLocalities\n simple: true\n name: retryRemoteLocalities\n - path: '[].fault'\n simple: true\n name: fault\n widget: FormGroup\n children:\n - path: delay\n simple: true\n name: delay\n widget: FormGroup\n children:\n - path: fixedDelay\n simple: true\n name: fixedDelay\n - path: percentage.value\n simple: true\n name: percentage.value\n - path: percent\n simple: true\n name: percent\n - path: abort\n simple: true\n name: abort\n widget: FormGroup\n children:\n - path: httpStatus\n simple: true\n name: httpStatus\n - path: grpcStatus\n simple: true\n name: grpcStatus\n - path: percentage.value\n simple: true\n name: percentage.value\n - path: '[].mirror'\n simple: true\n name: mirror\n widget: FormGroup\n children:\n - path: host\n simple: true\n name: host\n - path: subset\n simple: true\n name: subset\n - path: port.number\n simple: true\n name: port.number\n - path: '[].mirrorPercentage.value'\n simple: true\n name: mirrorPercentage\n - path: '[].corsPolicy'\n simple: true\n name: corsPolicy\n widget: FormGroup\n children:\n - path: allowCredentials\n simple: true\n name: allowCredentials\n type: boolean\n - path: allowMethods\n simple: true\n name: allowMethods\n widget: SimpleList\n placeholder: allowMethods.placeholder\n children:\n - path: '[]'\n simple: true\n - path: allowHeaders\n simple: true\n name: allowHeaders\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: exposeHeaders\n simple: true\n name: exposeHeaders\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: maxAge\n simple: true\n name: maxAge\n placeholder: maxAge.placeholder\n - path: '[].headers'\n simple: true\n name: headers\n widget: FormGroup\n children:\n - path: response\n simple: true\n name: response\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: request\n simple: true\n name: request\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n- path: spec.hosts\n name: hosts\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.gateways\n name: gateways\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.exportTo\n name: exportTo\n widget: SimpleList\n children:\n - path: '[]'", "general": "resource:\n kind: VirtualService\n group: networking.istio.io\n version: v1beta1\nurlPath: virtualservices\ncategory: Istio\nname: Virtual Services\nscope: namespace\ndescription: >-\n {{[VirtualService](https://istio.io/latest/docs/reference/config/networking/virtual-service/)}}\n describes a configuration that affects traffic routing. .", "list": "- name: hosts\n source: spec.hosts\n widget: JoinedArray\n- name: gateways\n source: spec.gateways\n widget: JoinedArray", "translations": "en:\n t-name: Name\n gateways: Gateways\n hosts: Hosts\n exportTo: Export to\n summary: Summary\n http: HTTP\n tls: TLS\n tcp: TCP\n mirror: Mirror\n mirrorPercentage: Mirror Percentage\n timeout: Timeout\n matches: Matches\n uri: URI\n scheme: Scheme\n method: Method\n authority: Authority\n headers: Headers\n port: Port\n sourceLabels: Source Labels\n queryParams: Query Params\n ignoreUriCase: Ignore URI Case\n withoutHeaders: Without Headers\n sourceNamespace: Source Namespace\n statPrefix: Stat Prefix\n routes: Routes\n destination: Destination\n host: Host\n subset: Subset\n port.number: Port Number\n weight: Weight\n request: Request\n response: Response\n set: Set\n add: Add\n remove: Remove\n redirect: Redirect\n derivePort: Derive Port\n redirectCode: Redirect Code\n directResponse: Direct Response\n status: Status\n body: Body\n string: String\n bytes: Bytes\n delegate: Delegate\n namespace: Namespace\n rewrite: Rewrite\n retries: Retries\n attempts: Attempts\n perTryTimeout: Per Try Timeout\n retryOn: Retry On\n retryRemoteLocalities: Retry Remote Localities\n fault: Fault\n delay: Delay\n fixedDelay: Fixed Delay\n abort: Abort\n percentage.value: Percentage Value\n percent: Percent\n httpStatus: HTTP Status\n grpcStatus: GRPC Status\n corsPolicy: CORS Policy\n allowOrigins: Allow Origins\n allowMethods: Allow Methods\n allowMethods.placeholder: For example, GET\n allowHeaders: Allow Headers\n exposeHeaders: Expose Headers\n maxAge: Max Age\n maxAge.placeholder: For example, 24h\n allowCredentials: Allow Credentials\n destinationSubnets: Destination Subnets\n sniHosts: SNI Hosts" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-virtualservices-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "labels": { "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "kyma-project.io/module": "istio" }, "name": "istio-operator-metrics", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http-metrics", "port": 8080, "targetPort": 8080 } ], "selector": { "app.kubernetes.io/component": "istio-operator.kyma-project.io", "control-plane": "controller-manager" } } }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Used for Istio components that are managed by Kyma Istio Manager and must run in the cluster.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "kyma-project.io/module": "istio" }, "name": "istio-kyma-priority" }, "value": 2100000 }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "istio-operator.kyma-project.io", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "control-plane": "controller-manager", "kyma-project.io/module": "istio" }, "name": "istio-controller-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/component": "istio-operator.kyma-project.io", "control-plane": "controller-manager" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager" }, "labels": { "app.kubernetes.io/component": "istio-operator.kyma-project.io", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0", "control-plane": "controller-manager", "kyma-project.io/module": "istio", "sidecar.istio.io/inject": "false" } }, "spec": { "containers": [ { "args": [ "--leader-elect", "--health-probe-bind-address=:8081", "--metrics-bind-address=:8080" ], "command": [ "/manager" ], "image": "europe-docker.pkg.dev/kyma-project/prod/istio-manager:1.7.0", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "1000m", "memory": "512Mi" }, "requests": { "cpu": "10m", "memory": "64Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "priorityClassName": "istio-kyma-priority", "securityContext": { "runAsNonRoot": true }, "serviceAccountName": "istio-controller-manager", "terminationGracePeriodSeconds": 10 } } } } ], "cr": { "apiVersion": "operator.kyma-project.io/v1alpha2", "kind": "Istio", "metadata": { "name": "default", "namespace": "kyma-system", "labels": { "app.kubernetes.io/name": "default" } } }, "crPath": "/apis/operator.kyma-project.io/v1alpha2/namespaces/kyma-system/istios/default", "deploymentYaml": "https://github.com/kyma-project/istio/releases/download/1.7.0/istio-manager.yaml", "crYaml": "https://github.com/kyma-project/istio/releases/download/1.7.0/istio-default-cr.yaml" }, { "version": "1.7.0-experimental", "channels": [ "experimental" ], "documentation": "https://kyma-project.io/#/istio/user/README", "repository": "https://github.com/kyma-project/istio.git", "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/istio-controller-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/istio-manager:1.7.0-experimental", "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "kyma-project.io/module": "istio" }, "name": "istios.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "Istio", "listKind": "IstioList", "plural": "istios", "singular": "istio" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.state", "name": "State", "type": "string" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "Contains Istio CR specification and current status.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired specification for installing or updating Istio.", "properties": { "components": { "properties": { "cni": { "description": "Cni defines component configuration for Istio CNI DaemonSet", "properties": { "k8s": { "description": "CniK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "affinity": { "description": "Affinity is a group of affinity scheduling rules.", "properties": { "nodeAffinity": { "description": "Describes node affinity scheduling rules for the pod.", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", "properties": { "preference": { "description": "A node selector term, associated with the corresponding weight.", "properties": { "matchExpressions": { "description": "A list of node selector requirements by node's labels.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchFields": { "description": "A list of node selector requirements by node's fields.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "weight": { "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "preference", "weight" ], "type": "object" }, "type": "array" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node.", "properties": { "nodeSelectorTerms": { "description": "Required. A list of node selector terms. The terms are ORed.", "items": { "description": "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", "properties": { "matchExpressions": { "description": "A list of node selector requirements by node's labels.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchFields": { "description": "A list of node selector requirements by node's fields.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "type": "array" } }, "required": [ "nodeSelectorTerms" ], "type": "object", "x-kubernetes-map-type": "atomic" } }, "type": "object" }, "podAffinity": { "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { "podAffinityTerm": { "description": "Required. A pod affinity term, associated with the corresponding weight.", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "weight": { "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "podAffinityTerm", "weight" ], "type": "object" }, "type": "array" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", "items": { "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "type": "array" } }, "type": "object" }, "podAntiAffinity": { "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { "podAffinityTerm": { "description": "Required. A pod affinity term, associated with the corresponding weight.", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "weight": { "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "podAffinityTerm", "weight" ], "type": "object" }, "type": "array" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", "items": { "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "type": "array" } }, "type": "object" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "ingressGateway": { "description": "IngressGateway defines component configurations for Istio Ingress Gateway", "properties": { "k8s": { "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "hpaSpec": { "description": "HPASpec defines configuration for HorizontalPodAutoscaler", "properties": { "maxReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" }, "minReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" }, "strategy": { "description": "Strategy defines rolling update strategy", "properties": { "rollingUpdate": { "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", "properties": { "maxSurge": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^[0-9]+%?$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] }, "maxUnavailable": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] } }, "type": "object" } }, "required": [ "rollingUpdate" ], "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "pilot": { "description": "Pilot defines component configuration for Istiod", "properties": { "k8s": { "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "hpaSpec": { "description": "HPASpec defines configuration for HorizontalPodAutoscaler", "properties": { "maxReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" }, "minReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" }, "strategy": { "description": "Strategy defines rolling update strategy", "properties": { "rollingUpdate": { "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", "properties": { "maxSurge": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^[0-9]+%?$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] }, "maxUnavailable": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] } }, "type": "object" } }, "required": [ "rollingUpdate" ], "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "proxy": { "description": "Proxy defines component configuration for Istio proxy sidecar", "properties": { "k8s": { "description": "ProxyK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" } }, "type": "object" }, "config": { "description": "Config is the configuration for the Istio installation.", "properties": { "authorizers": { "description": "Defines a list of external authorization providers.", "items": { "properties": { "headers": { "description": "Specifies headers to be included, added or forwarded during authorization.", "properties": { "inCheck": { "description": "Defines headers to be included or added in check authorization request.", "properties": { "add": { "additionalProperties": { "type": "string" }, "description": "Set of additional fixed headers that should be included in the authorization request sent to the authorization service.\nThe Key is the header name and value is the header value.\nNote that client request of the same key or headers specified in `Include` will be overridden.", "type": "object" }, "include": { "description": "List of client request headers that should be included in the authorization request sent to the authorization service.\nNote that in addition to the headers specified here, the following headers are included by default:\n1. *Host*, *Method*, *Path* and *Content-Length* are automatically sent.\n2. *Content-Length* will be set to 0, and the request will not have a message body. However, the authorization request can include the buffered client request body (controlled by include_request_body_in_check setting), consequently the value of Content-Length of the authorization request reflects the size of its payload size.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "toDownstream": { "description": "Defines headers to be forwarded to the downstream.", "properties": { "onAllow": { "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original response will not be modified and forwarded to downstream as-is.\nNote, any existing headers will be overridden.", "items": { "type": "string" }, "type": "array" }, "onDeny": { "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is not allowed (HTTP code other than 200).\nIf not specified, all the authorization response headers, except *Authority (Host)* will be in the response to the downstream.\nWhen a header is included in this list, *Path*, *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added.\nNote, the body from the authorization service is always included in the response to downstream.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "toUpstream": { "description": "Defines headers to be forwarded to the upstream.", "properties": { "onAllow": { "description": "List of headers from the authorization service that should be added or overridden in the original request and forwarded to the upstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original request will not be modified and forwarded to backend as-is.\nNote, any existing headers will be overridden.", "items": { "type": "string" }, "type": "array" } }, "type": "object" } }, "type": "object" }, "name": { "description": "A unique name identifying the extension authorization provider.", "type": "string" }, "port": { "description": "Specifies the port of the service.", "format": "int32", "type": "integer" }, "service": { "description": "Specifies the service that implements the Envoy ext_authz HTTP authorization service.\nThe format is \"[/]\".\nThe specification of \"\"\nis required only when it is insufficient to unambiguously resolve a service in the service registry.\nThe \"\" is a fully qualified host name of a service defined by the Kubernetes service or ServiceEntry.\nThe recommended format is \"[/]\"\nExample: \"my-ext-authz.foo.svc.cluster.local\" or \"bar/my-ext-authz\".", "type": "string" } }, "required": [ "name", "port", "service" ], "type": "object" }, "type": "array" }, "gatewayExternalTrafficPolicy": { "description": "Defines the external traffic policy for the Istio Ingress Gateway Service. Valid configurations are \"Local\" or \"Cluster\". The external traffic policy set to \"Local\" preserves the client IP in the request, but also introduces the risk of unbalanced traffic distribution.\nWARNING: Switching `externalTrafficPolicy` may result in a temporal increase in request delay. Make sure that this is acceptable.", "enum": [ "Local", "Cluster" ], "type": "string" }, "numTrustedProxies": { "description": "Defines the number of trusted proxies deployed in front of the Istio gateway proxy.", "maximum": 4294967295, "minimum": 0, "type": "integer" } }, "type": "object" } }, "type": "object" }, "status": { "description": "IstioStatus defines the observed state of IstioCR.", "properties": { "conditions": { "description": " Conditions associated with IstioStatus.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "description": { "description": "Description of Istio status", "type": "string" }, "state": { "description": "State signifies current state of CustomObject. Value\ncan be one of (\"Ready\", \"Processing\", \"Error\", \"Deleting\", \"Warning\").", "enum": [ "Processing", "Deleting", "Ready", "Error", "Warning" ], "type": "string" } }, "required": [ "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": false, "subresources": { "status": {} } }, { "additionalPrinterColumns": [ { "jsonPath": ".status.state", "name": "State", "type": "string" } ], "name": "v1alpha2", "schema": { "openAPIV3Schema": { "description": "Contains Istio CR specification and current status.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "IstioSpec describes the desired specification for installing or updating Istio.", "properties": { "compatibilityMode": { "type": "boolean" }, "components": { "properties": { "cni": { "description": "Cni defines component configuration for Istio CNI DaemonSet", "properties": { "k8s": { "description": "CniK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "affinity": { "description": "Affinity is a group of affinity scheduling rules.", "properties": { "nodeAffinity": { "description": "Describes node affinity scheduling rules for the pod.", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", "properties": { "preference": { "description": "A node selector term, associated with the corresponding weight.", "properties": { "matchExpressions": { "description": "A list of node selector requirements by node's labels.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchFields": { "description": "A list of node selector requirements by node's fields.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "weight": { "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "preference", "weight" ], "type": "object" }, "type": "array" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node.", "properties": { "nodeSelectorTerms": { "description": "Required. A list of node selector terms. The terms are ORed.", "items": { "description": "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", "properties": { "matchExpressions": { "description": "A list of node selector requirements by node's labels.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchFields": { "description": "A list of node selector requirements by node's fields.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "type": "array" } }, "required": [ "nodeSelectorTerms" ], "type": "object", "x-kubernetes-map-type": "atomic" } }, "type": "object" }, "podAffinity": { "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { "podAffinityTerm": { "description": "Required. A pod affinity term, associated with the corresponding weight.", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "weight": { "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "podAffinityTerm", "weight" ], "type": "object" }, "type": "array" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", "items": { "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "type": "array" } }, "type": "object" }, "podAntiAffinity": { "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { "podAffinityTerm": { "description": "Required. A pod affinity term, associated with the corresponding weight.", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "weight": { "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "podAffinityTerm", "weight" ], "type": "object" }, "type": "array" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", "items": { "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "type": "array" } }, "type": "object" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "ingressGateway": { "description": "IngressGateway defines component configurations for Istio Ingress Gateway", "properties": { "k8s": { "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "hpaSpec": { "description": "HPASpec defines configuration for HorizontalPodAutoscaler", "properties": { "maxReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" }, "minReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" }, "strategy": { "description": "Strategy defines rolling update strategy", "properties": { "rollingUpdate": { "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", "properties": { "maxSurge": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^[0-9]+%?$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] }, "maxUnavailable": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] } }, "type": "object" } }, "required": [ "rollingUpdate" ], "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "pilot": { "description": "Pilot defines component configuration for Istiod", "properties": { "k8s": { "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "hpaSpec": { "description": "HPASpec defines configuration for HorizontalPodAutoscaler", "properties": { "maxReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" }, "minReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" }, "strategy": { "description": "Strategy defines rolling update strategy", "properties": { "rollingUpdate": { "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", "properties": { "maxSurge": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^[0-9]+%?$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] }, "maxUnavailable": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] } }, "type": "object" } }, "required": [ "rollingUpdate" ], "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "proxy": { "description": "Proxy defines component configuration for Istio proxy sidecar", "properties": { "k8s": { "description": "ProxyK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" } }, "type": "object" }, "config": { "description": "Config is the configuration for the Istio installation.", "properties": { "authorizers": { "description": "Defines a list of external authorization providers.", "items": { "properties": { "headers": { "description": "Specifies headers to be included, added or forwarded during authorization.", "properties": { "inCheck": { "description": "Defines headers to be included or added in check authorization request.", "properties": { "add": { "additionalProperties": { "type": "string" }, "description": "Set of additional fixed headers that should be included in the authorization request sent to the authorization service.\nThe Key is the header name and value is the header value.\nNote that client request of the same key or headers specified in `Include` will be overridden.", "type": "object" }, "include": { "description": "List of client request headers that should be included in the authorization request sent to the authorization service.\nNote that in addition to the headers specified here, the following headers are included by default:\n1. *Host*, *Method*, *Path* and *Content-Length* are automatically sent.\n2. *Content-Length* will be set to 0, and the request will not have a message body. However, the authorization request can include the buffered client request body (controlled by include_request_body_in_check setting), consequently the value of Content-Length of the authorization request reflects the size of its payload size.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "toDownstream": { "description": "Defines headers to be forwarded to the downstream.", "properties": { "onAllow": { "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original response will not be modified and forwarded to downstream as-is.\nNote, any existing headers will be overridden.", "items": { "type": "string" }, "type": "array" }, "onDeny": { "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is not allowed (HTTP code other than 200).\nIf not specified, all the authorization response headers, except *Authority (Host)* will be in the response to the downstream.\nWhen a header is included in this list, *Path*, *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added.\nNote, the body from the authorization service is always included in the response to downstream.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "toUpstream": { "description": "Defines headers to be forwarded to the upstream.", "properties": { "onAllow": { "description": "List of headers from the authorization service that should be added or overridden in the original request and forwarded to the upstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original request will not be modified and forwarded to backend as-is.\nNote, any existing headers will be overridden.", "items": { "type": "string" }, "type": "array" } }, "type": "object" } }, "type": "object" }, "name": { "description": "A unique name identifying the extension authorization provider.", "type": "string" }, "port": { "description": "Specifies the port of the service.", "format": "int32", "type": "integer" }, "service": { "description": "Specifies the service that implements the Envoy ext_authz HTTP authorization service.\nThe format is \"[/]\".\nThe specification of \"\"\nis required only when it is insufficient to unambiguously resolve a service in the service registry.\nThe \"\" is a fully qualified host name of a service defined by the Kubernetes service or ServiceEntry.\nThe recommended format is \"[/]\"\nExample: \"my-ext-authz.foo.svc.cluster.local\" or \"bar/my-ext-authz\".", "type": "string" } }, "required": [ "name", "port", "service" ], "type": "object" }, "type": "array" }, "gatewayExternalTrafficPolicy": { "description": "Defines the external traffic policy for the Istio Ingress Gateway Service. Valid configurations are \"Local\" or \"Cluster\". The external traffic policy set to \"Local\" preserves the client IP in the request, but also introduces the risk of unbalanced traffic distribution.\nWARNING: Switching `externalTrafficPolicy` may result in a temporal increase in request delay. Make sure that this is acceptable.", "enum": [ "Local", "Cluster" ], "type": "string" }, "numTrustedProxies": { "description": "Defines the number of trusted proxies deployed in front of the Istio gateway proxy.", "maximum": 4294967295, "minimum": 0, "type": "integer" } }, "type": "object" }, "experimental": { "properties": { "pilot": { "properties": { "enableAlphaGatewayAPI": { "type": "boolean" }, "enableMultiNetworkDiscoverGatewayAPI": { "type": "boolean" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "status": { "description": "IstioStatus defines the observed state of IstioCR.", "properties": { "conditions": { "description": " Conditions associated with IstioStatus.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "description": { "description": "Description of Istio status", "type": "string" }, "state": { "description": "State signifies the current state of CustomObject. Value\ncan be one of (\"Ready\", \"Processing\", \"Error\", \"Deleting\", \"Warning\").", "enum": [ "Processing", "Deleting", "Ready", "Error", "Warning" ], "type": "string" } }, "required": [ "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "kyma-project.io/module": "istio" }, "name": "istio-controller-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "kyma-project.io/module": "istio" }, "name": "istio-leader-election-role", "namespace": "kyma-system" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "creationTimestamp": null, "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "kyma-project.io/module": "istio" }, "name": "istio-manager-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "namespaces" ], "verbs": [ "create", "get", "patch", "update" ] }, { "apiGroups": [ "" ], "resources": [ "nodes" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "istios" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "istios/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "istios/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "authentication.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "config.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "install.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "networking.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "telemetry.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "extensions.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "mutatingwebhookconfigurations", "validatingwebhookconfigurations" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions.apiextensions.k8s.io", "customresourcedefinitions" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps", "extensions" ], "resources": [ "daemonsets", "deployments", "deployments/finalizers", "replicasets", "statefulsets" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "autoscaling" ], "resources": [ "horizontalpodautoscalers" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "monitoring.coreos.com" ], "resources": [ "servicemonitors" ], "verbs": [ "get", "create", "update" ] }, { "apiGroups": [ "policy" ], "resources": [ "poddisruptionbudgets" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings", "roles", "rolebindings" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterroles" ], "verbs": [ "*" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "create", "update", "patch" ] }, { "apiGroups": [ "" ], "resources": [ "configmaps", "endpoints", "events", "namespaces", "pods", "pods/proxy", "pods/portforward", "persistentvolumeclaims", "secrets", "services", "serviceaccounts", "resourcequotas" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "kyma-project.io/module": "istio" }, "name": "istio-leader-election-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "istio-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "istio-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "kyma-project.io/module": "istio" }, "name": "istio-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "istio-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "istio-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.selector.matchLabels)", "details": "header:\n - source: spec.action\n name: spec.action\n - source: spec.provider\n widget: Labels\n name: spec.provider\nresourceGraph:\n colorVariant: 3\n dataSources:\n - source: podSelector\nbody:\n - widget: Table\n name: spec.rules\n source: spec.rules\n showHeader: false\n visibility: $exists($value)\n collapsibleTitle: '\"Rule #\" & $string($index + 1) & (\" \" & $join($keys($item), \" \"))'\n collapsible:\n - source: $item.from\n widget: Table\n name: spec.rules.from\n disablePadding: true\n showHeader: false\n visibility: $exists($value)\n collapsibleTitle: '\"From #\" & $string($index + 1) & (\" \" & $join($keys($item.source), \" \"))'\n collapsible:\n - source: source\n widget: Panel\n name: spec.rules.from.source\n children:\n - source: principals\n name: spec.rules.from.source.principals\n widget: JoinedArray\n visibility: $exists($value)\n - source: notPrincipals\n name: spec.rules.from.source.notPrincipals\n widget: Labels\n visibility: $exists($value)\n - source: requestPrincipals\n name: spec.rules.from.source.requestPrincipals\n widget: Labels\n visibility: $exists($value)\n - source: notRequestPrincipals\n name: spec.rules.from.source.notRequestPrincipals\n widget: Labels\n visibility: $exists($value)\n - source: namespaces\n name: spec.rules.from.source.namespaces\n widget: Labels\n visibility: $exists($value)\n - source: notNamespaces\n name: spec.rules.from.source.notNamespaces\n widget: Labels\n visibility: $exists($value)\n - source: ipBlocks\n name: spec.rules.from.source.ipBlocks\n widget: Labels\n visibility: $exists($value)\n - source: notIpBlocks\n name: spec.rules.from.source.notIpBlocks\n widget: Labels\n visibility: $exists($value)\n - source: remoteIpBlocks\n name: spec.rules.from.source.remoteIpBlocks\n widget: Labels\n visibility: $exists($value)\n - source: notRemoteIpBlocks\n name: spec.rules.from.source.notRemoteIpBlocks\n widget: Labels\n visibility: $exists($value)\n - source: $item.to\n widget: Table\n name: spec.rules.to\n disablePadding: true\n showHeader: false\n visibility: $exists($value)\n collapsibleTitle: '\"To #\" & $string($index + 1) & (\" \" & $join($keys($item.operation), \" \"))'\n collapsible:\n - source: operation\n widget: Panel\n name: spec.rules.to.operation\n children:\n - source: Hosts\n name: spec.rules.to.operation.hosts\n widget: Labels\n visibility: $exists($value)\n - source: notHosts\n name: spec.rules.to.operation.notHosts\n widget: Labels\n visibility: $exists($value)\n - source: ports\n name: spec.rules.to.operation.ports\n widget: Labels\n visibility: $exists($value)\n - source: notPorts\n name: spec.rules.to.operation.notPorts\n widget: Labels\n visibility: $exists($value)\n - source: methods\n name: spec.rules.to.operation.methods\n widget: Labels\n visibility: $exists($value)\n - source: notMethods\n name: spec.rules.to.operation.notMethods\n widget: Labels\n visibility: $exists($value)\n - source: paths\n name: spec.rules.to.operation.paths\n widget: Labels\n visibility: $exists($value)\n - source: notPaths\n name: spec.rules.to.operation.notPaths\n widget: Labels\n visibility: $exists($value)\n - source: when\n widget: Table\n name: spec.rules.when\n visibility: $exists($value)\n children:\n - source: key\n name: spec.rules.when.key\n visibility: $exists($value)\n - source: values\n name: spec.rules.when.values\n widget: JoinedArray\n separator: break\n visibility: $exists($value)\n - source: notValues\n name: spec.rules.when.notValues\n widget: JoinedArray\n separator: break\n visibility: $exists($value)\n - widget: Panel\n name: spec.selector.matchLabels\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n visibility: $exists($root.spec.selector.matchLabels) and $boolean($root.spec.selector.matchLabels)\n - source: spec.selector\n widget: Panel\n name: selector.matchesAllPods\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.selector.matchLabels\n widget: Labels\n name: spec.selector.matchLabels\n visibility: $exists($value) and $boolean($value)\n", "form": "- path: spec.selector.matchLabels\n widget: KeyValuePair\n defaultExpanded: true\n- path: spec.action\n placeholder: placeholders.dropdown\n simple: true\n description: description.action\n- path: spec.provider\n widget: FormGroup\n children:\n - path: name\n- path: spec.rules\n widget: GenericList\n simple: true\n children:\n - path: '[].from'\n simple: true\n widget: GenericList\n children:\n - path: '[].source'\n simple: true\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: principals\n simple: true\n widget: SimpleList\n description: description.rules.from.principals\n children:\n - path: '[]'\n simple: true\n - path: notPrincipals\n simple: true\n widget: SimpleList\n description: description.rules.from.notPrincipals\n children:\n - path: '[]'\n simple: true\n - path: requestPrincipals\n simple: true\n widget: SimpleList\n description: description.rules.from.requestPrincipals\n children:\n - path: '[]'\n simple: true\n - path: notRequestPrincipals\n simple: true\n widget: SimpleList\n description: description.rules.from.notRequestPrincipals\n children:\n - path: '[]'\n simple: true\n - path: namespaces\n simple: true\n widget: SimpleList\n description: description.rules.from.namespaces\n children:\n - path: '[]'\n simple: true\n - path: notNamespaces\n simple: true\n widget: SimpleList\n description: description.rules.from.notNamespaces\n children:\n - path: '[]'\n simple: true\n - path: ipBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.ipBlocks\n children:\n - path: '[]'\n simple: true\n - path: notIpBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.notIpBlocks\n children:\n - path: '[]'\n simple: true\n - path: remoteIpBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.remoteIpBlocks\n children:\n - path: '[]'\n simple: true\n - path: notRemoteIpBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.notRemoteIpBlocks\n children:\n - path: '[]'\n simple: true\n - path: '[].to'\n simple: true\n widget: GenericList\n children:\n - path: '[].operation'\n simple: true\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: hosts\n simple: true\n widget: SimpleList\n description: description.rules.to.hosts\n children:\n - path: '[]'\n simple: true\n - path: notHosts\n simple: true\n widget: SimpleList\n description: description.rules.to.notHosts\n children:\n - path: '[]'\n simple: true\n - path: ports\n simple: true\n widget: SimpleList\n description: description.rules.to.ports\n children:\n - path: '[]'\n simple: true\n - path: notPorts\n simple: true\n widget: SimpleList\n description: description.rules.to.notPorts\n children:\n - path: '[]'\n simple: true\n - path: methods\n simple: true\n widget: SimpleList\n description: description.rules.to.methods\n children:\n - path: '[]'\n simple: true\n - path: notMethods\n simple: true\n widget: SimpleList\n description: description.rules.to.notMethods\n children:\n - path: '[]'\n simple: true\n - path: paths\n simple: true\n widget: SimpleList\n description: description.rules.to.paths\n children:\n - path: '[]'\n simple: true\n - path: notPaths\n simple: true\n widget: SimpleList\n description: description.rules.to.notPaths\n children:\n - path: '[]'\n simple: true\n - path: '[].when'\n simple: true\n widget: GenericList\n children:\n - path: '[].key'\n simple: true\n widget: Text\n description: description.rules.when.key\n - path: '[].values'\n simple: true\n widget: SimpleList\n description: description.rules.when.values\n children:\n - path: '[]'\n simple: true\n - path: '[].notValues'\n simple: true\n widget: SimpleList\n description: description.rules.when.notValues\n children:\n - path: '[]'\n simple: true\n", "general": "resource:\n kind: AuthorizationPolicy\n group: security.istio.io\n version: v1beta1\nname: Authorization Policies\ncategory: Istio\nurlPath: authorizationpolicies\nscope: namespace\ndescription: >-\n {{[Istio Authorization\n Policy](https://istio.io/latest/docs/reference/config/security/authorization-policy/)}}\n allows for workload access management in the mesh.", "list": "- name: action\n source: spec.action", "translations": "en:\n description.action: Optional. The action to take if the request is matched with the rules. Default is ALLOW if not specified.\n description.rules.from.principals: Optional. A list of peer identities derived from the peer certificate. The peer identity is in the format of ' /ns/ /sa/ ', for example, 'cluster.local/ns/default/sa/productpage'. If not set, any principal is allowed.\n description.rules.from.notPrincipals: Optional. A list of negative match of peer identities.\n description.rules.from.requestPrincipals: Optional. A list of request identities derived from the JWT. The request identity is in the format of '/', for example, 'example.com/sub-1'. If not set, any request principal is allowed.\n description.rules.from.notRequestPrincipals: Optional. A list of negative match of request identities.\n description.rules.from.namespaces: Optional. A list of namespaces derived from the peer certificate. If not set, any namespace is allowed.\n description.rules.from.notNamespaces: Optional. A list of negative match of namespaces.\n description.rules.from.ipBlocks: Optional. A list of IP blocks, populated from the source address of the IP packet. Single IP (e.g. '1.2.3.4') and CIDR (e.g. '1.2.3.0/24') are supported. If not set, any IP is allowed.\n description.rules.from.notIpBlocks: Optional. A list of negative match of IP blocks.\n description.rules.from.remoteIpBlocks: Optional. A list of IP blocks, populated from X-Forwarded-For header or proxy protocol. To make use of this field, you must configure the numTrustedProxies field of the gatewayTopology under the meshConfig when you install Istio or using an annotation on the ingress gateway. If not set, any IP is allowed.\n description.rules.from.notRemoteIpBlocks: Optional. A list of negative match of remote IP blocks.\n description.rules.to.hosts: Optional. A list of hosts as specified in the HTTP request. The match is case-insensitive. If not set, any host is allowed. Must be used only with HTTP.\n description.rules.to.notHosts: Optional. A list of negative match of hosts as specified in the HTTP request. The match is case-insensitive.\n description.rules.to.ports: Optional. A list of ports as specified in the connection. If not set, any port is allowed.\n description.rules.to.notPorts: Optional. A list of negative match of ports as specified in the connection.\n description.rules.to.methods: Optional. A list of methods as specified in the HTTP request. If not set, any method is allowed. Must be used only with HTTP.\n description.rules.to.notMethods: Optional. A list of negative match of methods as specified in the HTTP request.\n description.rules.to.paths: Optional. A list of paths as specified in the HTTP request. If not set, any path is allowed. Must be used only with HTTP.\n description.rules.to.notPaths: Optional. A list of negative match of paths.\n description.rules.when.key: The name of an Istio attribute.\n description.rules.when.values: Optional. A list of allowed values for the attribute. At least one of values or notValues must be set.\n description.rules.when.notValues: Optional. A list of negative match of values for the attribute. At least one of values or notValues must be set.\n placeholders.dropdown: Type or choose an option.\n spec.action: Action\n spec.provider: Provider\n spec.rules: Rules\n spec.rules.from: From\n spec.rules.from.source: Source\n spec.rules.from.source.principals: Principals\n spec.rules.from.source.notPrincipals: NotPrincipals\n spec.rules.from.source.requestPrincipals: RequestPrincipals\n spec.rules.from.source.notRequestPrincipals: NotRequestPrincipals\n spec.rules.from.source.namespaces: Namespaces\n spec.rules.from.source.notNamespaces: NotNamespaces\n spec.rules.from.source.ipBlocks: IpBlocks\n spec.rules.from.source.notIpBlocks: NotIpBlocks\n spec.rules.from.source.remoteIpBlocks: RemoteIpBlocks\n spec.rules.from.source.notRemoteIpBlocks: NotRemoteIpBlocks\n spec.rules.to: To\n spec.rules.to.operation: Operation\n spec.rules.to.operation.hosts: Hosts\n spec.rules.to.operation.notHosts: NotHosts\n spec.rules.to.operation.ports: Ports\n spec.rules.to.operation.notPorts: NotPorts\n spec.rules.to.operation.methods: Methods\n spec.rules.to.operation.notMethods: NotMethods\n spec.rules.to.operation.paths: Paths\n spec.rules.to.operation.notPaths: NotPaths\n spec.rules.when: When\n spec.rules.when.key: Key\n spec.rules.when.values: Values\n spec.rules.when.notValues: NotValues\n spec.selector.matchLabels: Selector\n selector.matchesAllPods: Matches all Pods in the Namespace\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-authorizationpolicies-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header: []\nbody:\n - name: References\n widget: Panel\n children:\n - source: spec.host\n name: Host\n - source: spec.exportTo\n widget: Labels\n name: Export To\n visibility: $exists($value)\n - source: spec.workloadSelector.matchLabels\n widget: Labels\n name: Workload Selector Match Labels\n visibility: $exists($value)\n - source: spec.trafficPolicy\n name: Traffic Policy\n disablePadding: true\n visibility: $exists($value)\n widget: Panel\n children:\n - source: loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: portLevelSettings\n name: portLevelSettings\n widget: Table\n disablePadding: true\n children:\n - source: $item.port.number\n name: port\n visibility: $exists($value)\n collapsible:\n - source: $item.loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: $item.connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: $item.outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: $item.tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: $item.tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n - source: tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n - source: spec.subsets\n name: Subsets\n widget: Table\n disablePadding: true\n visibility: $exists($value)\n children:\n - source: $item.name\n name: Name\n - source: $item.labels\n name: Labels\n widget: Labels\n collapsible:\n - source: $item.trafficPolicy\n name: Traffic Policy\n disablePadding: true\n visibility: $exists($value)\n widget: Panel\n children:\n - source: loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: portLevelSettings\n name: portLevelSettings\n widget: Table\n disablePadding: true\n children:\n - source: $item.port.number\n name: port\n visibility: $exists($value)\n collapsible:\n - source: $item.loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: $item.connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: $item.outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: $item.tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: $item.tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n - source: tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n", "form": "- simple: true\n path: spec.host\n name: Host\n required: true\n- widget: FormGroup\n path: spec.trafficPolicy\n name: Traffic Policy\n children:\n - widget: FormGroup\n path: loadBalancer\n name: Load Balancer\n children:\n - var: mainloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $mainloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $mainloadBalancerSelector = 'consistentHash'\n children:\n - var: mainconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: $mainconsistentHashSelector = 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $mainconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $mainconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: $mainconsistentHashSelector= 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: mainLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $mainLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $mainLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $mainLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: connectionPool\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: outlierDetection\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: tls\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: portLevelSettings\n name: Port Level Settings\n widget: GenericList\n children:\n - path: '[].port.number'\n name: Port Number\n - widget: FormGroup\n path: '[].loadBalancer'\n name: Load Balancer\n children:\n - var: portLevelloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $portLevelloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $portLevelloadBalancerSelector = 'consistentHash'\n children:\n - var: portLevelconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: $portLevelconsistentHashSelector = 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $portLevelconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $portLevelconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: $portLevelconsistentHashSelector= 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: portLevelLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $portLevelLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $portLevelLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $portLevelLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: '[].connectionPool'\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: '[].outlierDetection'\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: '[].tls'\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: tunnel\n name: Tunnel\n widget: FormGroup\n children:\n - path: protocol\n name: Protocol\n - path: targetHost\n name: Target Host\n - path: targetPort\n name: Target Port\n- path: spec.subsets\n name: Subsets\n widget: GenericList\n children:\n - path: '[].name'\n name: Name\n - path: '[].labels'\n name: Labels\n widget: KeyValuePair\n - path: '[].trafficPolicy'\n name: Traffic Policy\n children:\n - widget: FormGroup\n path: loadBalancer\n name: Load Balancer\n children:\n - var: subsetsloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $subsetsloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $subsetsloadBalancerSelector = 'consistentHash'\n children:\n - var: subsetsconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: $subsetsconsistentHashSelector = 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $subsetsconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $subsetsconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: $subsetsconsistentHashSelector= 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: subsetsLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $subsetsLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $subsetsLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $subsetsLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: connectionPool\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: outlierDetection\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: tls\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: portLevelSettings\n name: Port Level Settings\n widget: GenericList\n children:\n - path: '[].port.number'\n name: Port Number\n - widget: FormGroup\n path: '[].loadBalancer'\n name: Load Balancer\n children:\n - var: subsetPortLevelloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $subsetPortLevelloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $subsetPortLevelloadBalancerSelector = 'consistentHash'\n children:\n - var: subsetPortLevelconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: >-\n $subsetPortLevelconsistentHashSelector =\n 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $subsetPortLevelconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $subsetPortLevelconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: >-\n $subsetPortLevelconsistentHashSelector=\n 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: subsetPortLevelLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $subsetPortLevelLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $subsetPortLevelLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $subsetPortLevelLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: '[].connectionPool'\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: '[].outlierDetection'\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: '[].tls'\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: tunnel\n name: Tunnel\n widget: FormGroup\n children:\n - path: protocol\n name: Protocol\n - path: targetHost\n name: Target Host\n - path: targetPort\n name: Target Port\n- path: spec.exportTo\n name: Export To\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.workloadSelector.matchLabels\n defaultExpanded: true\n name: Workload Selector Match Labels\n widget: KeyValuePair\n", "general": "resource:\n kind: DestinationRule\n group: networking.istio.io\n version: v1beta1\nname: Destination Rules\ncategory: Istio\nurlPath: destinationrules\nscope: namespace\ndescription: resource.description", "list": "- source: spec.host\n name: Host", "translations": "en:\n metadata.annotations: Annotations\n metadata.labels: Labels\n metadata.creationTimestamp: Created at\n resource.description: >-\n {{[Destination\n Rule](https://istio.io/latest/docs/reference/config/networking/destination-rule)}}\n specifies rules that apply to traffic intended for a service after routing.\n References: References\n probes: Probes\n Export To: Export To\n Workload Selector Match Labels: Workload Selector Match Labels\n Traffic Policy: Traffic Policy\n Interval: Interval\n Name: Name\n time: Time\n interval: Interval\n Host: Host\n Connection Pool: Connection Pool\n TCP Keep Alive: TCP Keep Alive\n Probes: Probes\n Time: Time\n TCP: TCP\n HTTP: HTTP\n HTTP1 Max Pending Requests: HTTP1 Max Pending Requests\n Max Connections: Max Connections\n Connect Timeout: Connect Timeout\n HTTP2 Max Requests: HTTP2 Max Requests\n Max Requests Per Connection: Max Requests Per Connection\n Max Retries: Max Retries\n Idle Timeout: Idle Timeout\n H2 Upgrade Policy: H2 Upgrade Policy\n Use Client Protocol: Use Client Protocol\n Locality LB Settings: Locality LB Settings\n Enabled: Enabled\n Distribute: Distribute\n From: From\n To: To\n Failover: Failover\n Failover Priority: Failover Priority\n HTTP Cookie: HTTP Cookie\n Path: Path\n TTL: TTL\n Consistent Hash: Consistent Hash\n HTTP Header Name: HTTP Header Name\n Use Source IP: Use Source IP\n HTTP Query Parameter Name: HTTP Query Parameter Name\n Minimum Ring Size: Minimum Ring Size\n Load Balancer: Load Balancer\n Simple: Simple\n Warmup Duration Secs: Warmup Duration Secs\n ChooseConsistentHashSelector: Select Hash Type\n ChooseLoadBalancerSelector: Select Balancer Type\n ChooseLbSelector: Select LB Settings\n Split External Local Origin Errors: Split External Local Origin Errors\n Consecutive Local Origin Failures: Consecutive Local Origin Failures\n Consecutive Gateway Errors: Consecutive Gateway Errors\n Consecutive 5xx Errors: Consecutive 5xx Errors\n Base Ejection Time: Base Ejection Time\n Max Ejection Percent: Max Ejection Percent\n Min Health Percent: Min Health Percent\n Port Level Settings: Port Level Settings\n Port Number: Port Number\n TLS: TLS\n Mode: Mode\n Client Certificate: Client Certificate\n Private Key: Private Key\n CA Certificates: CA Certificates\n Credential Name: Credential Name\n Subject Alt Names: Subject Alt Names\n SNI: SNI\n Insecure Skip Verify: Insecure Skip Verify\n Tunnel: Tunnel\n Protocol: Protocol\n Target Host: Target Host\n Target Port: Target Port\n Subsets: Subsets\n Labels: Labels\n consistentHash: Consistent Hash\n simple: Simple\n failover: Failover\n distribute: Distribute\n\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-destinationrules-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n namespace: null\n filter: $matchByLabelSelector($item, $root.spec.selector)\nrelatedVirtualServices:\n resource:\n kind: VirtualService\n group: networking.istio.io\n version: v1beta1\n namespace: null\n filter: >-\n $filter($item.spec.gateways, function($g){$contains($g,'/') ?\n ($substringBefore($g,'/') = $root.metadata.namespace and $substringAfter($g,\n '/') = $root.metadata.name) : ($substringBefore($g, '.') =\n $root.metadata.name and $substringBefore($substringAfter($g, '.'), '.') =\n $root.metadata.namespace) })", "details": "header:\n - source: spec.selector\n widget: Labels\n name: spec.selector\nbody:\n - widget: Table\n source: spec.servers\n name: spec.servers\n children:\n - source: port.name\n name: spec.servers.port.name\n - widget: JoinedArray\n separator: break\n source: hosts\n name: spec.servers.hosts\n - source: port.number\n name: spec.servers.port.number\n - source: port.protocol\n name: spec.servers.port.protocol\n - source: tls.mode\n name: spec.servers.tls.mode\n - widget: ResourceLink\n source: tls.credentialName\n name: spec.servers.tls.credentialName\n resource:\n name: tls.credentialName\n namespace: '\"istio-system\"'\n kind: '\"Secret\"'\n - widget: Panel\n name: spec.selector\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n visibility: $exists($root.spec.selector) and $boolean($root.spec.selector)\n - source: spec.selector\n widget: Panel\n name: selector.matchesAllPods\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.selector\n widget: Labels\n name: spec.selector\n visibility: $exists($value) and $boolean($value)\nresourceGraph:\n depth: 1\n colorVariant: 1\n dataSources:\n - source: relatedVirtualServices", "form": "- path: spec.selector\n widget: KeyValuePair\n simple: true\n required: true\n defaultExpanded: true\n- path: spec.servers\n widget: GenericList\n simple: true\n required: true\n children:\n - widget: FormGroup\n simple: true\n path: '[].port'\n defaultExpanded: true\n children:\n - path: number\n simple: true\n required: true\n inputInfo: inputInfo.spec.servers.port.number\n - path: name\n widget: Name\n inputInfo: null\n simple: true\n required: true\n - path: protocol\n simple: true\n enum:\n - HTTP\n - HTTPS\n - HTTP2\n - GRPC\n - GRPC-WEB\n - MONGO\n - REDIS\n - MYSQL\n - TCP\n required: true\n placeholder: placeholders.dropdown\n - widget: FormGroup\n simple: true\n path: '[].tls'\n visibility: $item.port.protocol = 'HTTP' or $item.port.protocol = 'HTTPS'\n children:\n - path: httpsRedirect\n simple: true\n visibility: $item.port.protocol = 'HTTP'\n - path: mode\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n required: true\n placeholder: placeholders.dropdown\n - path: credentialName\n simple: true\n widget: Resource\n resource:\n kind: Secret\n version: v1\n namespace: istio-system\n scope: namespace\n filter: >-\n $item.type = 'kubernetes.io/tls' or ($item.type = 'Opaque' and\n $contains($item.data, 'key') and $contains($item.data, 'cert'))\n visibility: $item.port.protocol = 'HTTPS'\n - path: serverCertificate\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: placeholders.serverCertificate\n - path: privateKey\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: placeholders.privateKey\n - path: caCertificates\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: placeholders.caCertificates\n - simple: true\n widget: Alert\n type: warning\n alert: '\"alert.tls.https\"'\n visibility: $item.port.protocol = 'HTTPS'\n - widget: SimpleList\n path: '[].hosts'\n required: true\n simple: true\n placeholder: placeholders.hosts\n children:\n - path: '[]'\n simple: true", "general": "resource:\n kind: Gateway\n group: networking.istio.io\n version: v1beta1\nurlPath: gateways\ncategory: Istio\nname: Gateways\nscope: namespace\ndescription: >-\n {{[Gateways](https://istio.io/latest/docs/reference/config/networking/gateway/)}}\n describes a load balancer that operates at the edge of the mesh and receives\n incoming or outgoing HTTP/TCP connections.", "list": "- name: spec.selector\n source: spec.selector\n widget: Labels", "presets": "- name: Default Gateway\n default: true\n value:\n spec:\n selector:\n istio: ingressgateway\n- name: Ingress Gateway\n value:\n metadata:\n name: httpbin-gateway\n labels:\n app.kubernetes.io/name: httpbin-gateway\n spec:\n selector:\n istio: ingressgateway\n servers:\n - port:\n number: 443\n name: https\n protocol: HTTPS\n tls:\n mode: SIMPLE\n credentialName: ''\n hosts: []", "translations": "en:\n alert.tls.https: TLS Server of mode SIMPLE or MUTUAL needs either credential name, or private key and server certificate pair.\n spec.selector: Selector\n spec.gateways: Gateways\n spec.servers: Servers\n spec.servers.port: Port\n spec.servers.port.name: Port Name\n spec.servers.port.protocol: Protocol\n spec.servers.port.targetPort: Target Port\n spec.servers.port.number: Port Number\n spec.servers.tls: TLS\n spec.servers.tls.mode: TLS Mode\n spec.servers.tls.httpsRedirect: HTTP Redirect\n spec.servers.tls.credentialName: Credential Name\n spec.servers.tls.serverCertificate: Server Certificate\n spec.servers.tls.privateKey: Private Key\n spec.servers.tls.caCertificates: CA Certificate\n spec.servers.hosts: Hosts\n selector.matchesAllPods: Matches all Pods in the Namespace\n placeholders.dropdown: Type or choose an option\n placeholders.serverCertificate: Enter the certificate path\n placeholders.privateKey: Enter the private key path\n placeholders.caCertificates: Enter the CA certificates path\n placeholders.hosts: For example, *.api.mydomain.com\n inputInfo.spec.servers.port.number: Must be a on-negative number." }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-gateways-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.selector.matchLabels)", "details": "body:\n - source: spec.jwtRules\n name: spec.jwtRules\n showHeader: false\n widget: Table\n collapsibleTitle: '\"Issuer \" & $item.issuer'\n collapsible:\n - source: issuer\n name: spec.jwtRules.issuer\n widget: Text\n - source: jwksUri\n name: spec.jwtRules.jwksUri\n widget: Text\n - source: audiences\n name: spec.jwtRules.audiences\n widget: JoinedArray\n - source: fromParams\n name: spec.jwtRules.fromParams\n widget: JoinedArray\n - source: fromCookies\n name: spec.jwtRules.fromCookies\n widget: JoinedArray\n - source: fromHeaders\n name: spec.jwtRules.fromHeaders\n widget: Table\n showHeader: false\n collapsibleTitle: '\"Header \" & $item.name'\n collapsible:\n - source: name\n name: spec.jwtRules.fromHeaders.name\n widget: Text\n - source: prefix\n name: spec.jwtRules.fromHeaders.prefix\n widget: Text\n - widget: Panel\n name: spec.selector.matchLabels\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n visibility: $exists($root.spec.selector.matchLabels) and $boolean($root.spec.selector.matchLabels)\n - source: spec.selector\n widget: Panel\n name: selector.matchesAllPods\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.selector.matchLabels\n widget: Labels\n name: spec.selector.matchLabels\n visibility: $exists($value) and $boolean($value)\n", "form": "- path: spec.selector.matchLabels\n widget: KeyValuePair\n defaultExpanded: true\n- path: spec.jwtRules\n name: spec.jwtRules\n widget: GenericList\n simple: true\n children:\n - path: '[].issuer'\n - path: '[].jwksUri'\n name: spec.jwtRules.jwksUri\n - path: '[].audiences'\n widget: SimpleList\n children:\n - path: '[]'\n - path: '[].fromParams'\n widget: SimpleList\n children:\n - path: '[]'\n - path: '[].fromCookies'\n widget: SimpleList\n children:\n - path: '[]'\n - path: '[].fromHeaders'\n simple: true\n widget: GenericList\n children:\n - path: '[].name'\n - path: '[].prefix'", "general": "resource:\n kind: RequestAuthentication\n group: security.istio.io\n version: v1beta1\nurlPath: requestauthentications\ncategory: Istio\nname: Request Authentications\nscope: namespace\ndescription: >-\n {{[Istio Request Authentication](https://istio.io/latest/docs/reference/config/security/request_authentication)}}\n defines what request authentication methods are supported by a workload.\n\n", "translations": "en:\n spec.jwtRules: JWT Rules\n spec.jwtRules.issuer: Issuer\n spec.jwtRules.jwksUri: JWKS URI\n spec.jwtRules.jwks: JWKS\n spec.jwtRules.audiences: Audiences\n spec.jwtRules.fromParams: From Params\n spec.jwtRules.fromCookies: From Cookies\n spec.jwtRules.fromHeaders: From Headers\n spec.jwtRules.fromHeaders.name: Name\n spec.jwtRules.fromHeaders.prefix: Prefix\n spec.selector.matchLabels: Selector\n selector.matchesAllPods: Matches all Pods in the Namespace" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-requestauthentications-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.workloadSelector.labels)\n", "details": "header:\n - source: spec.location\n name: spec.location\n - source: spec.resolution\n name: spec.resolution\nresourceGraph:\n colorVariant: 2\n dataSources:\n - source: podSelector\nbody:\n - name: configuration\n widget: Panel\n source: spec\n visibility: >-\n $boolean($exists($value.hosts) or $exists($value.addresses) or\n $exists($value.subjectAltNames))\n children:\n - name: spec.hosts\n source: hosts\n widget: JoinedArray\n visibility: $exists($value)\n - name: spec.addresses\n source: addresses\n widget: JoinedArray\n visibility: $exists($value)\n - name: spec.exportTo\n source: exportTo\n widget: Labels\n placeholder: Exported to all Namespaces\n - name: spec.subjectAltNames\n source: subjectAltNames\n widget: JoinedArray\n visibility: $exists($value)\n - name: spec.ports\n widget: Table\n source: spec.ports\n visibility: $exists($value)\n children:\n - name: spec.ports.number\n source: number\n sort: true\n - name: spec.ports.protocol\n source: protocol\n sort: true\n - name: spec.ports.name\n source: name\n sort: true\n - name: spec.ports.targetPort\n source: targetPort\n sort: true\n - name: spec.endpoints\n widget: Table\n source: spec.endpoints\n visibility: $exists($value)\n children:\n - name: spec.endpoints.address\n source: address\n sort: true\n - name: spec.endpoints.ports\n source: ports\n widget: Labels\n - name: spec.endpoints.labels\n source: labels\n widget: Labels\n - name: spec.endpoints.network\n source: network\n sort: true\n - name: spec.endpoints.weight\n source: weight\n - name: spec.endpoints.serviceAccount\n source: serviceAccount\n - name: spec.workloadSelector\n widget: Panel\n source: spec.workloadSelector.labels\n visibility: $exists($value)\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n header:\n - widget: Labels\n source: spec.workloadSelector.labels\n visibility: $exists($value)", "form": "- path: spec.hosts\n name: spec.hosts\n widget: SimpleList\n simple: true\n required: true\n children:\n - path: '[]'\n simple: true\n- path: spec.addresses\n name: spec.addresses\n widget: SimpleList\n placeholder: placeholders.addreses\n children:\n - path: '[]'\n- path: spec.ports\n name: Ports\n widget: GenericList\n children:\n - path: '[].number'\n name: spec.ports.number\n required: true\n - path: '[].protocol'\n name: spec.ports.protocol\n required: true\n placeholder: placeholders.dropdown\n enum:\n - HTTP\n - HTTPS\n - GRPC\n - HTTP2\n - MONGO\n - TCP\n - TLS\n - path: '[].name'\n name: spec.ports.name\n required: true\n - path: '[].targetPort'\n name: spec.ports.targetPort\n- path: spec.location\n name: spec.location\n placeholder: placeholders.dropdown\n- path: spec.resolution\n name: spec.resolution\n placeholder: placeholders.dropdown\n- path: spec.endpoints\n name: spec.endpoints\n widget: GenericList\n children:\n - path: '[].address'\n name: spec.endpoints.address\n - path: '[].ports'\n name: spec.endpoints.ports\n widget: KeyValuePair\n value:\n type: number\n - path: '[].labels'\n name: spec.endpoints.labels\n widget: KeyValuePair\n - path: '[].network'\n name: spec.endpoints.network\n - path: '[].locality'\n name: spec.endpoints.locality\n - path: '[].weight'\n name: spec.endpoints.weight\n - path: '[].serviceAccount'\n name: spec.endpoints.serviceAccount\n- path: spec.workloadSelector.labels\n name: spec.workloadSelector\n widget: KeyValuePair\n defaultExpanded: true\n- path: spec.exportTo\n name: spec.exportTo\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.subjectAltNames\n name: spec.subjectAltNames\n widget: SimpleList\n children:\n - path: '[]'", "general": "resource:\n kind: ServiceEntry\n group: networking.istio.io\n version: v1beta1\nurlPath: serviceentries\ncategory: Istio\nname: Service Entries\nscope: namespace\ndescription: >-\n {{[ServiceEntry](https://istio.io/latest/docs/reference/config/networking/service-entry/)}}\n allows for adding more entries to the internal service registry of Istio.", "list": "- source: spec.location\n name: spec.location\n sort: true\n- source: spec.resolution\n name: spec.resolution\n sort: true", "translations": "en:\n configuration: Configuration\n spec.hosts: Hosts\n spec.addresses: Addresses\n spec.ports: Ports\n spec.ports.number: Number\n spec.ports.protocol: Protocol\n spec.ports.name: Name\n spec.ports.targetPort: Target Port\n spec.location: Location\n spec.resolution: Resolution\n spec.endpoints: Endpoints\n spec.endpoints.address: Address\n spec.endpoints.ports: Ports\n spec.endpoints.labels: Labels\n spec.endpoints.network: Network\n spec.endpoints.locality: Locality\n spec.endpoints.weight: Weight\n spec.endpoints.serviceAccount: Service Account\n spec.workloadSelector: Workload Selector\n spec.exportTo: Export To\n spec.subjectAltNames: Subject Alt Names\n placeholders.dropdown: Type or choose an option\n placeholders.addreses: For example, 127.0.0.1" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-serviceentries-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.workloadSelector.labels)", "details": "header:\n - name: Outbound Traffic Policy Mode\n source: spec.outboundTrafficPolicy.mode\nbody:\n - widget: Table\n source: spec.egress\n name: Egress\n visibility: $exists($value)\n children:\n - source: port\n name: Port\n widget: Panel\n visibility: $exists($value)\n children:\n - source: number\n name: Number\n - source: name\n name: Name\n - source: protocol\n name: Protocol\n - source: targetPoint\n name: Target Point\n - source: bind\n name: Bind\n - source: captureMode\n name: Capture Mode\n - source: hosts\n name: Hosts\n widget: Labels\n - widget: Table\n source: spec.ingress\n name: Ingress\n visibility: $exists($value)\n children:\n - source: port\n name: Port\n widget: Panel\n visibility: $exists($value)\n children:\n - source: number\n name: Number\n - source: name\n name: Name\n - source: protocol\n name: Protocol\n - source: targetPoint\n name: Target Point\n - source: $parent.tls.mode\n name: TLS Mode\n - source: bind\n name: Bind\n - source: captureMode\n name: Capture Mode\n - source: defaultEndpoint\n name: Default Endpoint\n widget: Labels\n - widget: Panel\n name: Workload Selector\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n isCompact: true\n visibility: $exists($root.spec.workloadSelector.labels) and $boolean($root.spec.workloadSelector.labels)\n - source: spec.workloadSelector.labels\n widget: Panel\n name: Matches all Pods in the Namespace\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.workloadSelector.labels\n widget: Labels\n name: Workload Selector\n visibility: $exists($value) and $boolean($value)\nresourceGraph:\n depth: 1\n colorVariant: 1\n dataSources:\n - source: podSelector", "form": "- path: spec.workloadSelector.labels\n name: Workload Selector\n widget: KeyValuePair\n- widget: FormGroup\n path: spec.egress[].port\n simple: true\n children:\n - path: number\n simple: true\n placeholder: Enter the port number\n - path: name\n widget: Name\n inputInfo: null\n simple: true\n - path: protocol\n simple: true\n enum:\n - HTTP\n - HTTPS\n - HTTP2\n - GRPC\n - MONGO\n - TCP\n - TLS\n placeholder: Type or choose an option\n- path: spec.egress[].bind\n placeholder: Enter the IPv4 or IPv6\n simple: true\n- path: spec.egress[].captureMode\n simple: true\n enum:\n - DEFAULT\n - IPTABLES\n - NONE\n placeholder: Type or choose an option\n- widget: SimpleList\n path: spec.egress[].hosts\n required: true\n simple: true\n placeholder: For example, *.api.mydomain.com\n children:\n - path: '[]'\n simple: true\n- widget: FormGroup\n path: spec.ingress[].port\n required: true\n simple: true\n children:\n - path: number\n simple: true\n required: true\n placeholder: Enter the port number\n - path: name\n widget: Name\n inputInfo: null\n simple: true\n required: true\n - path: protocol\n simple: true\n enum:\n - HTTP\n - HTTPS\n - HTTP2\n - GRPC\n - MONGO\n - TCP\n - TLS\n required: true\n placeholder: Type or choose an option\n- path: spec.ingress[].bind\n placeholder: Enter the IPv4 or IPv6\n simple: true\n- path: spec.ingress[].captureMode\n enum:\n - DEFAULT\n - IPTABLES\n - NONE\n simple: true\n placeholder: Type or choose an option\n- path: spec.ingress[].defaultEndpoint\n placeholder: For example, 127.0.0.1:PORT\n required: true\n simple: true\n- widget: FormGroup\n simple: true\n path: spec.ingress[].tls\n name: TLS\n visibility: $item.port.protocol = 'HTTPS'\n children:\n - path: mode\n name: TLS Mode\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n required: true\n placeholder: Type or choose an option\n - path: serverCertificate\n name: Server Certificate\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: Enter the certificate path\n - path: privateKey\n name: Private Key\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: Enter the private key path\n - path: caCertificates\n name: CA Certificate\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: Enter the CA certificates path\n- widget: FormGroup\n path: spec.outboundTrafficPolicy\n name: Outbound Traffic Policy\n children:\n - path: mode\n name: Outbound Traffic Policy Mode\n enum:\n - REGISTRY_ONLY\n - ALLOW_ANY\n placeholder: Type or choose an option", "general": "resource:\n kind: Sidecar\n group: networking.istio.io\n version: v1beta1\nurlPath: sidecars\ncategory: Istio\nname: Sidecars\nscope: namespace\ndescription: >-\n {{[Sidecar](https://istio.io/latest/docs/reference/config/networking/sidecar/)}}\n manages the incoming and outgoing communication in a workload it is attached\n to.", "list": "- source: spec.outboundTrafficPolicy.mode\n name: Outbound Traffic Policy Mode\n- source: spec.workloadSelector.labels\n name: Workload Selector Labels\n widget: Labels" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-sidecars-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "body: \n - name: Configuration\n widget: Panel\n source: spec\n children:\n - name: AccessLogging\n source: accessLogging\n widget: Table\n visibility: $exists($value)\n collapsible:\n - name: Filter\n source: filter\n widget: Panel\n visibility: $exists($value)\n children:\n - name: Expression\n source: expression\n widget: Labels\n - name: Match\n source: match\n widget: Panel\n visibility: $exists($value)\n children:\n - name: Mode\n source: mode\n widget: Labels\n - name: Tracing\n source: tracing\n widget: Table\n visibility: $exists($value)\n collapsible:\n - name: RandomSamplingPercentage\n source: randomSamplingPercentage\n widget: Text\n visibility: $exists($value)\n - name: Providers\n source: providers\n widget: Panel\n visibility: $exists($value)\n children:\n - source: name\n widget: Text\n name: Name\n \n", "form": "- path: spec.accessLogging\n widget: GenericList\n simple: true\n name: Access logging configuration\n children:\n - path: '[]'\n children:\n - path: match.mode\n simple: true\n name: Access logging match mode\n - path: filter.expression\n simple: true\n name: Access logging filter expression\n- path: spec.tracing\n simple: true\n widget: GenericList\n name: Tracing configuration\n children:\n - path: '[]'\n children:\n - path: providers\n simple: true\n widget: GenericList\n children:\n - path: '[]'\n children:\n - path: name\n simple: true\n name: Tracing provider name\n - path: randomSamplingPercentage\n type: number\n name: Tracing random sampling percentage\n", "general": "resource:\n kind: Telemetry\n group: telemetry.istio.io\n version: v1alpha1\nurlPath: istiotelemetries\ncategory: Istio\nname: Telemetries\nscope: namespace\ndescription: >-\n {{[Telemetry](https://istio.io/latest/docs/reference/config/telemetry)}}\n defines how the telemetry is generated for workloads within a mesh.\n\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-telemetries-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n- name: Ready\n source: status.state\n widget: Badge\n description: status.description\n highlights:\n positive:\n - 'Ready'\n negative:\n - 'Error'\n critical:\n - 'Warning'\nbody:\n- widget: Panel\n name: Configuration\n children:\n - source: spec.config.gatewayExternalTrafficPolicy\n name: config.gatewayExternalTrafficPolicy\n visibility: '$exists($value)'\n - source: spec.config.numTrustedProxies\n name: config.numTrustedProxies\n placeholder: '1'\n - source: spec.compatibilityMode\n name: compatibilityMode\n placeholder: 'false'\n\n - name: config.authorizers\n widget: Table\n source: spec.config.authorizers\n visibility: $exists($value)\n collapsibleTitle: \"$item.name\"\n collapsible:\n - name: config.authorizers.headers.inCheck.add\n # For some reason $each doesn't return an array that works with JoinedArray widget, when we have only one element. So in this case we return an Array with one element.\n source: '$count($keys(headers.inCheck.add)) = 1 ? $each(headers.inCheck.add, function($v, $k) {[$k & \":\" & $v]}) : $each(headers.inCheck.add, function($v, $k) {$k & \":\" & $v})'\n widget: JoinedArray\n - name: config.authorizers.headers.inCheck.include\n source: headers.inCheck.include\n widget: JoinedArray\n - name: config.authorizers.headers.toUpstream.onAllow\n source: headers.toUpstream.onAllow\n widget: JoinedArray\n - name: config.authorizers.headers.toDownstream.onAllow\n source: headers.toDownstream.onAllow\n widget: JoinedArray\n - name: config.authorizers.headers.toDownstream.onDeny\n source: headers.toDownstream.onDeny\n widget: JoinedArray\n children:\n - name: config.authorizers.service\n source: service\n - name: config.authorizers.port\n source: port\n\n - widget: Panel\n name: Pilot\n visibility: '$exists(spec.components.pilot.k8s.hpaSpec.minReplicas) or $exists(spec.components.pilot.k8s.hpaSpec.maxReplicas) or $exists(spec.components.pilot.k8s.strategy.rollingUpdate.maxSurge) or $exists(spec.components.pilot.k8s.strategy.rollingUpdate.maxUnavailable) or $exists(spec.components.pilot.k8s.resources.limits.cpu) or $exists(spec.components.pilot.k8s.resources.limits.memory) or $exists(spec.components.pilot.k8s.resources.requests.cpu) or $exists(spec.components.pilot.k8s.resources.requests.memory)'\n children:\n - source: spec.components.pilot.k8s.hpaSpec.minReplicas\n name: k8s.hpaSpec.minReplicas\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.hpaSpec.maxReplicas\n name: k8s.hpaSpec.maxReplicas\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.strategy.rollingUpdate.maxSurge\n name: k8s.strategy.rollingUpdate.maxSurge\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.strategy.rollingUpdate.maxUnavailable\n name: k8s.strategy.rollingUpdate.maxUnavailable\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n\n - widget: Panel\n name: Ingress Gateway\n visibility: '$exists(spec.components.ingressGateway.k8s.hpaSpec.minReplicas) or $exists(spec.components.ingressGateway.k8s.hpaSpec.maxReplicas) or $exists(spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxSurge) or $exists(spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxUnavailable) or $exists(spec.components.ingressGateway.k8s.resources.limits.cpu) or $exists(spec.components.ingressGateway.k8s.resources.limits.memory) or $exists(spec.components.ingressGateway.k8s.resources.requests.cpu) or $exists(spec.components.ingressGateway.k8s.resources.requests.memory)'\n children:\n - source: spec.components.ingressGateway.k8s.hpaSpec.minReplicas\n name: k8s.hpaSpec.minReplicas\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.hpaSpec.maxReplicas\n name: k8s.hpaSpec.maxReplicas\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxSurge\n name: k8s.strategy.rollingUpdate.maxSurge\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxUnavailable\n name: k8s.strategy.rollingUpdate.maxUnavailable\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n\n - widget: Panel\n name: CNI\n visibility: '$exists(spec.components.cni.k8s.resources.limits.cpu) or $exists(spec.components.cni.k8s.resources.limits.memory) or $exists(spec.components.cni.k8s.resources.requests.cpu) or $exists(spec.components.cni.k8s.resources.requests.memory) or $exists(spec.components.cni.k8s.affinity)'\n children:\n - source: spec.components.cni.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.affinity\n name: k8s.affinity\n widget: CodeViewer\n description: \"Kubernetes documentation for {{[Affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity)}}\"\n language: \"'yaml'\"\n visibility: '$exists($value)'\n\n - widget: Panel\n name: Proxy\n visibility: '$exists(spec.components.proxy.k8s.resources.limits.cpu) or $exists(spec.components.proxy.k8s.resources.limits.memory) or $exists(spec.components.proxy.k8s.resources.requests.cpu) or $exists(spec.components.proxy.k8s.resources.requests.memory)'\n children:\n - source: spec.components.proxy.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.proxy.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.proxy.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.proxy.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n\n- source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n", "form": "- path: spec\n simple: true\n name: General\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: config.gatewayExternalTrafficPolicy\n name: config.gatewayExternalTrafficPolicy\n simple: true\n description: description.externalTrafficPolicy\n value:\n type: string\n - path: config.numTrustedProxies\n simple: true\n name: config.numTrustedProxies\n value:\n type: number\n - path: compatibilityMode\n simple: true\n name: compatibilityMode\n value:\n type: bool\n- path: spec.config.authorizers\n name: config.authorizers\n widget: GenericList\n children:\n - path: '[].name'\n name: config.authorizers.name\n - path: '[].service'\n name: config.authorizers.service\n - path: '[].port'\n name: config.authorizers.port\n - path: '[].headers'\n name: config.authorizers.headers\n widget: FormGroup\n children:\n - path: 'inCheck.add'\n name: config.authorizers.headers.inCheck.add\n widget: KeyValuePair\n - path: 'inCheck.include'\n name: config.authorizers.headers.inCheck.include\n widget: SimpleList\n children:\n - path: '[]'\n - path: 'toUpstream.onAllow'\n name: config.authorizers.headers.toUpstream.onAllow\n widget: SimpleList\n children:\n - path: '[]'\n - path: 'toDownstream.onAllow'\n name: config.authorizers.headers.toDownstream.onAllow\n widget: SimpleList\n children:\n - path: '[]'\n - path: 'toDownstream.onDeny'\n name: config.authorizers.headers.toDownstream.onDeny\n widget: SimpleList\n children:\n - path: '[]'\n\n- path: spec.components\n name: Components\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: 'pilot'\n required: false\n name: Pilot\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.hpaSpec'\n name: k8s.hpaSpec\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'minReplicas'\n name: k8s.hpaSpec.minReplicas\n description: description.hpaSpec.minReplicas\n value:\n type: number\n - path: 'maxReplicas'\n name: k8s.hpaSpec.maxReplicas\n description: description.hpaSpec.maxReplicas\n value:\n type: number\n - path: 'k8s.strategy.rollingUpdate'\n required: false\n name: k8s.strategy.rollingUpdate\n widget: FormGroup\n defaultExpanded: false\n type: object\n properties:\n maxSurge:\n type: string\n maxUnavailable:\n type: string\n children:\n - path: 'maxSurge'\n name: k8s.strategy.rollingUpdate.maxSurge\n description: description.rollingUpdate.maxSurge\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'maxUnavailable'\n name: k8s.strategy.rollingUpdate.maxUnavailable\n description: description.rollingUpdate.maxUnvailable\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n - path: 'ingressGateway'\n required: false\n name: Ingress Gateway\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.hpaSpec'\n name: k8s.hpaSpec\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'minReplicas'\n name: k8s.hpaSpec.minReplicas\n description: description.hpaSpec.minReplicas\n value:\n type: number\n - path: 'maxReplicas'\n name: k8s.hpaSpec.maxReplicas\n description: description.hpaSpec.maxReplicas\n value:\n type: number\n - path: 'k8s.strategy.rollingUpdate'\n required: false\n name: k8s.strategy.rollingUpdate\n widget: FormGroup\n defaultExpanded: false\n type: object\n properties:\n maxSurge:\n type: string\n maxUnavailable:\n type: string\n children:\n - path: 'maxSurge'\n name: k8s.strategy.rollingUpdate.maxSurge\n description: description.rollingUpdate.maxSurge\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'maxUnavailable'\n name: k8s.strategy.rollingUpdate.maxUnavailable\n description: description.rollingUpdate.maxUnvailable\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n - path: 'cni'\n required: false\n name: CNI\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.affinity'\n widget: CodeEditor\n description: k8s.affinity\n language: \"'yaml'\"\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n - path: 'proxy'\n required: false\n name: Proxy\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n", "general": "resource:\n kind: Istio\n group: operator.kyma-project.io\n version: v1alpha2\nurlPath: istios\ncategory: Kyma\nname: Istio\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableDelete: true\ndescription: >-\n {{[Istio custom resource ](https://kyma-project.io/#/istio/user/04-00-istio-custom-resource)}}\n configures the Istio module.", "list": "- name: Ready\n source: status.state\n widget: Badge\n description: status.description\n highlights:\n positive:\n - 'Ready'\n negative:\n - 'Error'\n critical:\n - 'Warning'\n", "translations": "en:\n compatibilityMode: Compatibility Mode\n config.numTrustedProxies: Number of trusted proxies\n\n config.authorizers: Authorizers\n config.authorizers.name: Name\n config.authorizers.service: Service\n config.authorizers.port: Port\n config.authorizers.headers: Headers\n config.authorizers.headers.inCheck.include: Forward To Authorization Request\n config.authorizers.headers.inCheck.add: Add To Authorization Request\n config.authorizers.headers.toUpstream.onAllow: Forward To Upstream\n config.authorizers.headers.toDownstream.onAllow: Forward To Downstream On Allow\n config.authorizers.headers.toDownstream.onDeny: Forward To Downstream On Deny\n config.gatewayExternalTrafficPolicy: Gateway external traffic policy\n\n k8s.hpaSpec: Horizontal Pod Autoscaler\n k8s.hpaSpec.minReplicas: Minimum number of replicas\n k8s.hpaSpec.maxReplicas: Maximum number of replicas\n k8s.strategy.rollingUpdate: Rolling update strategy\n k8s.strategy.rollingUpdate.maxSurge: Maximum surge\n k8s.strategy.rollingUpdate.maxUnavailable: Maximum unavailable\n k8s.resources.cpu: CPU\n k8s.resources.memory: Memory\n k8s.resources.limits.cpu: CPU limits\n k8s.resources.limits.memory: Memory limits\n k8s.resources.requests.cpu: CPU requests\n k8s.resources.requests.memory: Memory requests\n k8s.affinity: Affinity (YAML)\n description.hpaSpec.minReplicas: Minimum number of replicas for this deployment\n description.hpaSpec.maxReplicas: Maximum number of replicas for this deployment\n description.rollingUpdate.maxSurge: Maximum number of Pods, or the percentage of Pods that can be created on top during an update\n description.rollingUpdate.maxUnvailable: Maximum number of Pods, or the percentage of Pods that can be unavailable during an update\n description.limits.cpu: Total CPU limits of all Pods that are in a non-terminal state must not exceed this value\n description.limits.memory: Total memory limits of all Pods that are in a non-terminal state must not exceed this value\n description.requests.cpu: Total CPU requests of all Pods that are in a non-terminal state must not exceed this value\n description.requests.memory: Total memory requests of all Pods that are in a non-terminal state must not exceed this value\n description.externalTrafficPolicy: Specifies externalTrafficPolicy for the Istio Ingress Gateway Service\n description.compatibilityMode: Sets Istio compatibility version the last minor version.\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "dataSources": "relatedGateways:\n resource:\n kind: Gateway\n group: networking.istio.io\n version: v1beta1\n namespace: null\n filter: >-\n $filter($root.spec.gateways, function($g){$contains($g,'/') ?\n ($substringBefore($g,'/') = $item.metadata.namespace and $substringAfter($g,\n '/') = $item.metadata.name) : ($substringBefore($g, '.') =\n $item.metadata.name and $substringBefore($substringAfter($g, '.'), '.') =\n $item.metadata.namespace) })\nrelatedServices:\n resource:\n kind: Service\n version: v1\n namespace: null\n filter: >-\n $filter($root.spec.http.route, function($r) { $filter($r.destination.host,\n function($h){($substringBefore($h, '.') = $item.metadata.name) and\n ($split($substringAfter($h, '.'),'.')[0] = $item.metadata.namespace)} ) })", "details": "resourceGraph:\n dataSources:\n - source: relatedGateways\n - source: relatedServices\nbody:\n - widget: Table\n source: spec.gateways[]\n name: gateways\n visibility: $exists($value)\n children:\n - source: $item\n name: t-name\n widget: ResourceLink\n resource:\n kind: '\"Gateway\"'\n name: >-\n $contains($item,'/') ? $substringAfter($item, '/') :\n $substringBefore($item, '.')\n namespace: >-\n $contains($item,'/') ? $substringBefore($item, '/'):\n $substringBefore($substringAfter($item, '.'), '.')\n - name: summary\n widget: Panel\n source: spec\n visibility: $boolean($exists($value.exportTo) or $exists($value.hosts))\n children:\n - name: exportTo\n source: exportTo\n widget: Labels\n visibility: $exists($value)\n - name: hosts\n source: hosts\n widget: JoinedArray\n visibility: $exists($value)\n - widget: Table\n source: spec.http\n name: http\n visibility: $exists($value)\n children:\n - source: name\n name: t-name\n - source: timeout\n name: timeout\n - source: mirrorPercentage.value\n name: mirrorPercentage\n collapsible:\n - source: match\n name: matches\n widget: Table\n visibility: $exists($value)\n children:\n - source: name\n name: t-name\n - source: uri\n name: uri\n widget: Labels\n - source: scheme\n name: scheme\n widget: Labels\n - source: method\n name: method\n widget: Labels\n - source: authority\n name: authority\n widget: Labels\n - source: headers\n name: headers\n - source: port\n name: port\n - source: sourceLabels\n name: sourceLabels\n widget: Labels\n - source: gateways\n name: gateways\n widget: JoinedArray\n - source: queryParams\n name: queryParams\n - source: ignoreUriCase\n name: ignoreUriCase\n - source: withoutHeaders\n name: withoutHeaders\n - source: sourceNamespace\n name: sourceNamespace\n - source: statPrefix\n name: statPrefix\n - source: route\n name: routes\n widget: Table\n visibility: $exists($value)\n children:\n - source: destination\n name: destination\n widget: Panel\n visibility: $exists($value)\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port.number\n - source: weight\n name: weight\n - source: headers\n name: headers\n widget: Panel\n visibility: $exists($value)\n children:\n - source: request\n name: request\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - source: response\n name: response\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - source: redirect\n name: redirect\n widget: Panel\n visibility: $exists($value)\n children:\n - source: uri\n name: uri\n - source: authority\n name: authority\n - source: port\n name: port\n - source: derivePort\n name: derivePort\n widget: Labels\n - source: scheme\n name: scheme\n - source: redirectCode\n name: redirectCode\n - source: directResponse\n name: directResponse\n widget: Panel\n visibility: $exists($value)\n children:\n - source: status\n name: status\n - source: body\n name: body\n widget: Panel\n visibility: $exists($value)\n children:\n - source: string\n name: string\n - source: bytes\n name: bytes\n - source: delegate\n name: delegate\n widget: Panel\n visibility: $exists($value)\n children:\n - source: name\n name: t-name\n - source: namespace\n name: namespace\n - source: rewrite\n name: rewrite\n widget: Panel\n visibility: $exists($value)\n children:\n - source: uri\n name: uri\n - source: authority\n name: authority\n - source: retries\n name: retries\n widget: Panel\n visibility: $exists($value)\n children:\n - source: attempts\n name: attempts\n - source: perTryTimeout\n name: perTryTimeout\n - source: retryOn\n name: retryOn\n - source: retryRemoteLocalities\n name: retryRemoteLocalities\n - source: fault\n name: fault\n widget: Panel\n visibility: $exists($value)\n children:\n - source: delay\n name: delay\n widget: Panel\n visibility: $exists($value)\n children:\n - source: fixedDelay\n name: fixedDelay\n - source: percentage.value\n name: percentage.value\n - source: percent\n name: percent\n - source: abort\n name: Abort\n widget: Panel\n visibility: $exists($value)\n children:\n - source: httpStatus\n name: httpStatus\n - source: percentage.value\n name: percentage.value\n - source: mirror\n name: Mirror\n widget: Panel\n visibility: $exists($value)\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port.number\n - source: corsPolicy\n name: corsPolicy\n widget: Panel\n visibility: $exists($value)\n children:\n - source: allowOrigins\n name: allowOrigins\n - source: allowMethods\n name: allowMethods\n widget: JoinedArray\n - source: allowHeaders\n name: allowHeaders\n widget: JoinedArray\n - source: exposeHeaders\n name: exposeHeaders\n widget: JoinedArray\n - source: maxAge\n name: maxAge\n - source: allowCredentials\n name: allowCredentials\n - source: headers\n name: headers\n widget: Panel\n visibility: $exists($value)\n children:\n - source: request\n name: request\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - source: response\n name: response\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - widget: Table\n source: spec.tcp\n name: tcp\n visibility: $exists($value)\n children:\n - source: match\n name: matches\n widget: Table\n visibility: $exists($value)\n children:\n - source: destinationSubnets\n name: destinationSubnets\n widget: JoinedArray\n - source: port\n name: port\n - source: sourceLabels\n name: sourceLabels\n widget: Labels\n - source: gateways\n name: gateways\n widget: JoinedArray\n - source: sourceNamespace\n name: sourceNamespace\n collapsible:\n - source: route\n name: routes\n widget: Table\n visibility: $exists($value)\n children:\n - source: destination\n name: destination\n widget: Panel\n visibility: $exists($value)\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port\n - source: weight\n name: weight\n - widget: Table\n source: spec.tls\n name: tls\n visibility: $exists($value)\n children:\n - source: match\n name: matches\n widget: Table\n visibility: $exists($value)\n children:\n - source: sniHosts\n name: sniHosts\n widget: JoinedArray\n - source: destinationSubnets\n name: destinationSubnets\n widget: JoinedArray\n - source: port\n name: port\n - source: sourceLabels\n name: sourceLabels\n widget: Labels\n - source: gateways\n name: gateways\n widget: JoinedArray\n - source: sourceNamespace\n name: sourceNamespace\n collapsible:\n - source: route\n name: routes\n widget: Table\n visibility: $exists($value)\n children:\n - source: destination\n name: destination\n widget: Panel\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port.number\n - source: weight\n name: weight", "form": "- path: spec.tls\n widget: GenericList\n name: tls\n children:\n - path: '[].match'\n widget: GenericList\n name: matches\n children:\n - path: '[].sniHosts'\n widget: SimpleList\n name: sniHosts\n children:\n - path: '[]'\n - path: '[].sourceNamespace'\n name: sourceNamespace\n - path: '[].port'\n name: port\n - path: '[].destinationSubnets'\n widget: SimpleList\n name: destinationSubnets\n children:\n - path: '[]'\n - path: '[].sourceLabels'\n widget: KeyValuePair\n name: sourceLabels\n - path: '[].gateways'\n widget: SimpleList\n name: gateways\n children:\n - path: '[]'\n - path: '[].route'\n widget: GenericList\n name: routes\n children:\n - path: '[].destination'\n widget: FormGroup\n name: destination\n children:\n - path: host\n name: host\n - path: subset\n name: subset\n - path: port.number\n name: port.number\n - path: '[].weight'\n name: weight\n- path: spec.tcp\n name: tcp\n widget: GenericList\n children:\n - path: '[].match'\n name: matches\n children:\n - path: '[].sourceNamespace'\n name: sourceNamespace\n - path: '[].port'\n name: port\n - path: '[].sniHosts'\n widget: SimpleList\n name: sniHosts\n children:\n - path: '[]'\n - path: '[].destinationSubnets'\n widget: SimpleList\n name: destinationSubnets\n children:\n - path: '[]'\n - path: '[].sourceLabels'\n name: sourceLabels\n widget: KeyValuePair\n - path: '[].gateways'\n widget: SimpleList\n name: gateways\n children:\n - path: '[]'\n - path: '[].route'\n name: routes\n children:\n - path: '[].destination'\n widget: FormGroup\n name: destination\n children:\n - path: host\n name: host\n - path: subset\n name: subset\n - path: port.number\n name: port.number\n - path: '[].weight'\n name: weight\n- path: spec.http\n simple: true\n name: http\n widget: GenericList\n children:\n - path: '[].match'\n simple: true\n name: matches\n widget: GenericList\n children:\n - path: '[].name'\n simple: true\n name: t-name\n - path: '[].uri'\n simple: true\n name: uri\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].scheme'\n simple: true\n name: scheme\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].method'\n simple: true\n name: method\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].authority'\n simple: true\n name: authority\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].headers'\n simple: true\n name: headers\n defaultExpanded: true\n widget: KeyValuePair\n value:\n type: object\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].port'\n simple: true\n name: port\n - path: '[].sourceLabels'\n simple: true\n name: sourceLabels\n widget: KeyValuePair\n - path: '[].gateways'\n simple: true\n name: gateways\n widget: SimpleList\n children:\n - path: '[]'\n - path: '[].queryParams'\n simple: true\n name: queryParams\n widget: KeyValuePair\n value:\n type: object\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].ignoreUriCase'\n simple: true\n name: ignoreUriCase\n - path: '[].withoutHeaders'\n simple: true\n name: withoutHeaders\n widget: KeyValuePair\n value:\n type: object\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].sourceNamespace'\n simple: true\n name: sourceNamespace\n - path: '[].statPrefix'\n simple: true\n name: statPrefix\n - path: '[].route'\n simple: true\n name: routes\n children:\n - path: '[].destination'\n simple: true\n name: destination\n widget: FormGroup\n children:\n - path: host\n name: host\n - path: subset\n name: subset\n - path: port.number\n name: port.number\n - path: '[].weight'\n simple: true\n name: weight\n - path: '[].headers'\n simple: true\n name: headers\n widget: FormGroup\n children:\n - path: response\n simple: true\n name: response\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: request\n simple: true\n name: request\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: '[].redirect'\n simple: true\n name: redirect\n widget: FormGroup\n children:\n - path: uri\n simple: true\n name: uri\n - path: authority\n simple: true\n name: authority\n - path: port\n simple: true\n name: port\n - path: derivePort\n simple: true\n name: derivePort\n - path: scheme\n simple: true\n name: scheme\n - path: redirectCode\n simple: true\n name: redirectCode\n - path: '[].directResponse'\n simple: true\n name: directResponse\n widget: FormGroup\n children:\n - path: status\n simple: true\n name: status\n - path: body\n simple: true\n name: body\n widget: FormGroup\n children:\n - path: string\n simple: true\n name: string\n - path: bytes\n simple: true\n name: bytes\n - path: '[].delegate'\n simple: true\n name: delegate\n widget: FormGroup\n children:\n - path: name\n simple: true\n name: name\n - path: namespace\n simple: true\n name: namespace\n - path: '[].rewrite'\n simple: true\n name: rewrite\n widget: FormGroup\n children:\n - path: uri\n simple: true\n name: uri\n - path: authority\n simple: true\n name: authority\n - path: '[].timeout'\n simple: true\n name: timeout\n - path: '[].retries'\n simple: true\n name: retries\n widget: FormGroup\n children:\n - path: attempts\n simple: true\n name: attempts\n - path: perTryTimeout\n simple: true\n name: perTryTimeout\n - path: retryOn\n simple: true\n name: retryOn\n - path: retryRemoteLocalities\n simple: true\n name: retryRemoteLocalities\n - path: '[].fault'\n simple: true\n name: fault\n widget: FormGroup\n children:\n - path: delay\n simple: true\n name: delay\n widget: FormGroup\n children:\n - path: fixedDelay\n simple: true\n name: fixedDelay\n - path: percentage.value\n simple: true\n name: percentage.value\n - path: percent\n simple: true\n name: percent\n - path: abort\n simple: true\n name: abort\n widget: FormGroup\n children:\n - path: httpStatus\n simple: true\n name: httpStatus\n - path: grpcStatus\n simple: true\n name: grpcStatus\n - path: percentage.value\n simple: true\n name: percentage.value\n - path: '[].mirror'\n simple: true\n name: mirror\n widget: FormGroup\n children:\n - path: host\n simple: true\n name: host\n - path: subset\n simple: true\n name: subset\n - path: port.number\n simple: true\n name: port.number\n - path: '[].mirrorPercentage.value'\n simple: true\n name: mirrorPercentage\n - path: '[].corsPolicy'\n simple: true\n name: corsPolicy\n widget: FormGroup\n children:\n - path: allowCredentials\n simple: true\n name: allowCredentials\n type: boolean\n - path: allowMethods\n simple: true\n name: allowMethods\n widget: SimpleList\n placeholder: allowMethods.placeholder\n children:\n - path: '[]'\n simple: true\n - path: allowHeaders\n simple: true\n name: allowHeaders\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: exposeHeaders\n simple: true\n name: exposeHeaders\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: maxAge\n simple: true\n name: maxAge\n placeholder: maxAge.placeholder\n - path: '[].headers'\n simple: true\n name: headers\n widget: FormGroup\n children:\n - path: response\n simple: true\n name: response\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: request\n simple: true\n name: request\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n- path: spec.hosts\n name: hosts\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.gateways\n name: gateways\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.exportTo\n name: exportTo\n widget: SimpleList\n children:\n - path: '[]'", "general": "resource:\n kind: VirtualService\n group: networking.istio.io\n version: v1beta1\nurlPath: virtualservices\ncategory: Istio\nname: Virtual Services\nscope: namespace\ndescription: >-\n {{[VirtualService](https://istio.io/latest/docs/reference/config/networking/virtual-service/)}}\n describes a configuration that affects traffic routing. .", "list": "- name: hosts\n source: spec.hosts\n widget: JoinedArray\n- name: gateways\n source: spec.gateways\n widget: JoinedArray", "translations": "en:\n t-name: Name\n gateways: Gateways\n hosts: Hosts\n exportTo: Export to\n summary: Summary\n http: HTTP\n tls: TLS\n tcp: TCP\n mirror: Mirror\n mirrorPercentage: Mirror Percentage\n timeout: Timeout\n matches: Matches\n uri: URI\n scheme: Scheme\n method: Method\n authority: Authority\n headers: Headers\n port: Port\n sourceLabels: Source Labels\n queryParams: Query Params\n ignoreUriCase: Ignore URI Case\n withoutHeaders: Without Headers\n sourceNamespace: Source Namespace\n statPrefix: Stat Prefix\n routes: Routes\n destination: Destination\n host: Host\n subset: Subset\n port.number: Port Number\n weight: Weight\n request: Request\n response: Response\n set: Set\n add: Add\n remove: Remove\n redirect: Redirect\n derivePort: Derive Port\n redirectCode: Redirect Code\n directResponse: Direct Response\n status: Status\n body: Body\n string: String\n bytes: Bytes\n delegate: Delegate\n namespace: Namespace\n rewrite: Rewrite\n retries: Retries\n attempts: Attempts\n perTryTimeout: Per Try Timeout\n retryOn: Retry On\n retryRemoteLocalities: Retry Remote Localities\n fault: Fault\n delay: Delay\n fixedDelay: Fixed Delay\n abort: Abort\n percentage.value: Percentage Value\n percent: Percent\n httpStatus: HTTP Status\n grpcStatus: GRPC Status\n corsPolicy: CORS Policy\n allowOrigins: Allow Origins\n allowMethods: Allow Methods\n allowMethods.placeholder: For example, GET\n allowHeaders: Allow Headers\n exposeHeaders: Expose Headers\n maxAge: Max Age\n maxAge.placeholder: For example, 24h\n allowCredentials: Allow Credentials\n destinationSubnets: Destination Subnets\n sniHosts: SNI Hosts" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-virtualservices-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "labels": { "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "kyma-project.io/module": "istio" }, "name": "istio-operator-metrics", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http-metrics", "port": 8080, "targetPort": 8080 } ], "selector": { "app.kubernetes.io/component": "istio-operator.kyma-project.io", "control-plane": "controller-manager" } } }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Used for Istio components that are managed by Kyma Istio Manager and must run in the cluster.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "kyma-project.io/module": "istio" }, "name": "istio-kyma-priority" }, "value": 2100000 }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "istio-operator.kyma-project.io", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "control-plane": "controller-manager", "kyma-project.io/module": "istio" }, "name": "istio-controller-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/component": "istio-operator.kyma-project.io", "control-plane": "controller-manager" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager" }, "labels": { "app.kubernetes.io/component": "istio-operator.kyma-project.io", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.7.0-experimental", "control-plane": "controller-manager", "kyma-project.io/module": "istio", "sidecar.istio.io/inject": "false" } }, "spec": { "containers": [ { "args": [ "--leader-elect", "--health-probe-bind-address=:8081", "--metrics-bind-address=:8080" ], "command": [ "/manager" ], "image": "europe-docker.pkg.dev/kyma-project/prod/istio-manager:1.7.0-experimental", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "1000m", "memory": "512Mi" }, "requests": { "cpu": "10m", "memory": "64Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "priorityClassName": "istio-kyma-priority", "securityContext": { "runAsNonRoot": true }, "serviceAccountName": "istio-controller-manager", "terminationGracePeriodSeconds": 10 } } } } ], "cr": { "apiVersion": "operator.kyma-project.io/v1alpha2", "kind": "Istio", "metadata": { "name": "default", "namespace": "kyma-system", "labels": { "app.kubernetes.io/name": "default" } } }, "crPath": "/apis/operator.kyma-project.io/v1alpha2/namespaces/kyma-system/istios/default" }, { "version": "1.8.0", "deploymentYaml": "https://github.com/kyma-project/istio/releases/download/1.8.0/istio-manager.yaml", "crYaml": "https://github.com/kyma-project/istio/releases/download/1.8.0/istio-default-cr.yaml", "cr": { "apiVersion": "operator.kyma-project.io/v1alpha2", "kind": "Istio", "metadata": { "name": "default", "namespace": "kyma-system", "labels": { "app.kubernetes.io/name": "default" } } }, "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "kyma-project.io/module": "istio" }, "name": "istios.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "Istio", "listKind": "IstioList", "plural": "istios", "singular": "istio" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.state", "name": "State", "type": "string" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "Contains Istio CR specification and current status.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired specification for installing or updating Istio.", "properties": { "components": { "properties": { "cni": { "description": "Cni defines component configuration for Istio CNI DaemonSet", "properties": { "k8s": { "description": "CniK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "affinity": { "description": "Affinity is a group of affinity scheduling rules.", "properties": { "nodeAffinity": { "description": "Describes node affinity scheduling rules for the pod.", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", "properties": { "preference": { "description": "A node selector term, associated with the corresponding weight.", "properties": { "matchExpressions": { "description": "A list of node selector requirements by node's labels.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchFields": { "description": "A list of node selector requirements by node's fields.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "weight": { "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "preference", "weight" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node.", "properties": { "nodeSelectorTerms": { "description": "Required. A list of node selector terms. The terms are ORed.", "items": { "description": "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", "properties": { "matchExpressions": { "description": "A list of node selector requirements by node's labels.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchFields": { "description": "A list of node selector requirements by node's fields.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "nodeSelectorTerms" ], "type": "object", "x-kubernetes-map-type": "atomic" } }, "type": "object" }, "podAffinity": { "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { "podAffinityTerm": { "description": "Required. A pod affinity term, associated with the corresponding weight.", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "weight": { "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "podAffinityTerm", "weight" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", "items": { "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "type": "object" }, "podAntiAffinity": { "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { "podAffinityTerm": { "description": "Required. A pod affinity term, associated with the corresponding weight.", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "weight": { "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "podAffinityTerm", "weight" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", "items": { "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "type": "object" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "ingressGateway": { "description": "IngressGateway defines component configurations for Istio Ingress Gateway", "properties": { "k8s": { "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "hpaSpec": { "description": "HPASpec defines configuration for HorizontalPodAutoscaler", "properties": { "maxReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" }, "minReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" }, "strategy": { "description": "Strategy defines rolling update strategy", "properties": { "rollingUpdate": { "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", "properties": { "maxSurge": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^[0-9]+%?$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] }, "maxUnavailable": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] } }, "type": "object" } }, "required": [ "rollingUpdate" ], "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "pilot": { "description": "Pilot defines component configuration for Istiod", "properties": { "k8s": { "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "hpaSpec": { "description": "HPASpec defines configuration for HorizontalPodAutoscaler", "properties": { "maxReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" }, "minReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" }, "strategy": { "description": "Strategy defines rolling update strategy", "properties": { "rollingUpdate": { "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", "properties": { "maxSurge": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^[0-9]+%?$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] }, "maxUnavailable": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] } }, "type": "object" } }, "required": [ "rollingUpdate" ], "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "proxy": { "description": "Proxy defines component configuration for Istio proxy sidecar", "properties": { "k8s": { "description": "ProxyK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" } }, "type": "object" }, "config": { "description": "Config is the configuration for the Istio installation.", "properties": { "authorizers": { "description": "Defines a list of external authorization providers.", "items": { "properties": { "headers": { "description": "Specifies headers to be included, added or forwarded during authorization.", "properties": { "inCheck": { "description": "Defines headers to be included or added in check authorization request.", "properties": { "add": { "additionalProperties": { "type": "string" }, "description": "Set of additional fixed headers that should be included in the authorization request sent to the authorization service.\nThe Key is the header name and value is the header value.\nNote that client request of the same key or headers specified in `Include` will be overridden.", "type": "object" }, "include": { "description": "List of client request headers that should be included in the authorization request sent to the authorization service.\nNote that in addition to the headers specified here, the following headers are included by default:\n1. *Host*, *Method*, *Path* and *Content-Length* are automatically sent.\n2. *Content-Length* will be set to 0, and the request will not have a message body. However, the authorization request can include the buffered client request body (controlled by include_request_body_in_check setting), consequently the value of Content-Length of the authorization request reflects the size of its payload size.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "toDownstream": { "description": "Defines headers to be forwarded to the downstream.", "properties": { "onAllow": { "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original response will not be modified and forwarded to downstream as-is.\nNote, any existing headers will be overridden.", "items": { "type": "string" }, "type": "array" }, "onDeny": { "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is not allowed (HTTP code other than 200).\nIf not specified, all the authorization response headers, except *Authority (Host)* will be in the response to the downstream.\nWhen a header is included in this list, *Path*, *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added.\nNote, the body from the authorization service is always included in the response to downstream.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "toUpstream": { "description": "Defines headers to be forwarded to the upstream.", "properties": { "onAllow": { "description": "List of headers from the authorization service that should be added or overridden in the original request and forwarded to the upstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original request will not be modified and forwarded to backend as-is.\nNote, any existing headers will be overridden.", "items": { "type": "string" }, "type": "array" } }, "type": "object" } }, "type": "object" }, "name": { "description": "A unique name identifying the extension authorization provider.", "type": "string" }, "port": { "description": "Specifies the port of the service.", "format": "int32", "type": "integer" }, "service": { "description": "Specifies the service that implements the Envoy ext_authz HTTP authorization service.\nThe format is \"[/]\".\nThe specification of \"\"\nis required only when it is insufficient to unambiguously resolve a service in the service registry.\nThe \"\" is a fully qualified host name of a service defined by the Kubernetes service or ServiceEntry.\nThe recommended format is \"[/]\"\nExample: \"my-ext-authz.foo.svc.cluster.local\" or \"bar/my-ext-authz\".", "type": "string" } }, "required": [ "name", "port", "service" ], "type": "object" }, "type": "array" }, "gatewayExternalTrafficPolicy": { "description": "Defines the external traffic policy for the Istio Ingress Gateway Service. Valid configurations are \"Local\" or \"Cluster\". The external traffic policy set to \"Local\" preserves the client IP in the request, but also introduces the risk of unbalanced traffic distribution.\nWARNING: Switching `externalTrafficPolicy` may result in a temporal increase in request delay. Make sure that this is acceptable.", "enum": [ "Local", "Cluster" ], "type": "string" }, "numTrustedProxies": { "description": "Defines the number of trusted proxies deployed in front of the Istio gateway proxy.", "maximum": 4294967295, "minimum": 0, "type": "integer" } }, "type": "object" } }, "type": "object" }, "status": { "description": "IstioStatus defines the observed state of IstioCR.", "properties": { "conditions": { "description": " Conditions associated with IstioStatus.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "description": { "description": "Description of Istio status", "type": "string" }, "state": { "description": "State signifies current state of CustomObject. Value\ncan be one of (\"Ready\", \"Processing\", \"Error\", \"Deleting\", \"Warning\").", "enum": [ "Processing", "Deleting", "Ready", "Error", "Warning" ], "type": "string" } }, "required": [ "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": false, "subresources": { "status": {} } }, { "additionalPrinterColumns": [ { "jsonPath": ".status.state", "name": "State", "type": "string" } ], "name": "v1alpha2", "schema": { "openAPIV3Schema": { "description": "Contains Istio CR specification and current status.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "IstioSpec describes the desired specification for installing or updating Istio.", "properties": { "compatibilityMode": { "type": "boolean" }, "components": { "properties": { "cni": { "description": "Cni defines component configuration for Istio CNI DaemonSet", "properties": { "k8s": { "description": "CniK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "affinity": { "description": "Affinity is a group of affinity scheduling rules.", "properties": { "nodeAffinity": { "description": "Describes node affinity scheduling rules for the pod.", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", "properties": { "preference": { "description": "A node selector term, associated with the corresponding weight.", "properties": { "matchExpressions": { "description": "A list of node selector requirements by node's labels.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchFields": { "description": "A list of node selector requirements by node's fields.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "weight": { "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "preference", "weight" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node.", "properties": { "nodeSelectorTerms": { "description": "Required. A list of node selector terms. The terms are ORed.", "items": { "description": "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", "properties": { "matchExpressions": { "description": "A list of node selector requirements by node's labels.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchFields": { "description": "A list of node selector requirements by node's fields.", "items": { "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", "properties": { "key": { "description": "The label key that the selector applies to.", "type": "string" }, "operator": { "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", "type": "string" }, "values": { "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "nodeSelectorTerms" ], "type": "object", "x-kubernetes-map-type": "atomic" } }, "type": "object" }, "podAffinity": { "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { "podAffinityTerm": { "description": "Required. A pod affinity term, associated with the corresponding weight.", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "weight": { "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "podAffinityTerm", "weight" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", "items": { "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "type": "object" }, "podAntiAffinity": { "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", "properties": { "preferredDuringSchedulingIgnoredDuringExecution": { "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", "items": { "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", "properties": { "podAffinityTerm": { "description": "Required. A pod affinity term, associated with the corresponding weight.", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "weight": { "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", "format": "int32", "type": "integer" } }, "required": [ "podAffinityTerm", "weight" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "requiredDuringSchedulingIgnoredDuringExecution": { "description": "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", "items": { "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", "properties": { "labelSelector": { "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "matchLabelKeys": { "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "namespaceSelector": { "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", "properties": { "matchExpressions": { "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", "items": { "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", "properties": { "key": { "description": "key is the label key that the selector applies to.", "type": "string" }, "operator": { "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", "type": "string" }, "values": { "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "required": [ "key", "operator" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "matchLabels": { "additionalProperties": { "type": "string" }, "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", "type": "object" } }, "type": "object", "x-kubernetes-map-type": "atomic" }, "namespaces": { "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", "items": { "type": "string" }, "type": "array", "x-kubernetes-list-type": "atomic" }, "topologyKey": { "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", "type": "string" } }, "required": [ "topologyKey" ], "type": "object" }, "type": "array", "x-kubernetes-list-type": "atomic" } }, "type": "object" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "ingressGateway": { "description": "IngressGateway defines component configurations for Istio Ingress Gateway", "properties": { "k8s": { "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "hpaSpec": { "description": "HPASpec defines configuration for HorizontalPodAutoscaler", "properties": { "maxReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" }, "minReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" }, "strategy": { "description": "Strategy defines rolling update strategy", "properties": { "rollingUpdate": { "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", "properties": { "maxSurge": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^[0-9]+%?$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] }, "maxUnavailable": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] } }, "type": "object" } }, "required": [ "rollingUpdate" ], "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "pilot": { "description": "Pilot defines component configuration for Istiod", "properties": { "k8s": { "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "hpaSpec": { "description": "HPASpec defines configuration for HorizontalPodAutoscaler", "properties": { "maxReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" }, "minReplicas": { "format": "int32", "maximum": 2147483647, "minimum": 0, "type": "integer" } }, "type": "object" }, "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" }, "strategy": { "description": "Strategy defines rolling update strategy", "properties": { "rollingUpdate": { "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", "properties": { "maxSurge": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^[0-9]+%?$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] }, "maxUnavailable": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "must not be negative, more than 2147483647 or an empty string", "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" } ] } }, "type": "object" } }, "required": [ "rollingUpdate" ], "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" }, "proxy": { "description": "Proxy defines component configuration for Istio proxy sidecar", "properties": { "k8s": { "description": "ProxyK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", "properties": { "resources": { "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "properties": { "limits": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" }, "requests": { "properties": { "cpu": { "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", "type": "string" }, "memory": { "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "k8s" ], "type": "object" } }, "type": "object" }, "config": { "description": "Config is the configuration for the Istio installation.", "properties": { "authorizers": { "description": "Defines a list of external authorization providers.", "items": { "properties": { "headers": { "description": "Specifies headers to be included, added or forwarded during authorization.", "properties": { "inCheck": { "description": "Defines headers to be included or added in check authorization request.", "properties": { "add": { "additionalProperties": { "type": "string" }, "description": "Set of additional fixed headers that should be included in the authorization request sent to the authorization service.\nThe Key is the header name and value is the header value.\nNote that client request of the same key or headers specified in `Include` will be overridden.", "type": "object" }, "include": { "description": "List of client request headers that should be included in the authorization request sent to the authorization service.\nNote that in addition to the headers specified here, the following headers are included by default:\n1. *Host*, *Method*, *Path* and *Content-Length* are automatically sent.\n2. *Content-Length* will be set to 0, and the request will not have a message body. However, the authorization request can include the buffered client request body (controlled by include_request_body_in_check setting), consequently the value of Content-Length of the authorization request reflects the size of its payload size.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "toDownstream": { "description": "Defines headers to be forwarded to the downstream.", "properties": { "onAllow": { "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original response will not be modified and forwarded to downstream as-is.\nNote, any existing headers will be overridden.", "items": { "type": "string" }, "type": "array" }, "onDeny": { "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is not allowed (HTTP code other than 200).\nIf not specified, all the authorization response headers, except *Authority (Host)* will be in the response to the downstream.\nWhen a header is included in this list, *Path*, *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added.\nNote, the body from the authorization service is always included in the response to downstream.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "toUpstream": { "description": "Defines headers to be forwarded to the upstream.", "properties": { "onAllow": { "description": "List of headers from the authorization service that should be added or overridden in the original request and forwarded to the upstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original request will not be modified and forwarded to backend as-is.\nNote, any existing headers will be overridden.", "items": { "type": "string" }, "type": "array" } }, "type": "object" } }, "type": "object" }, "name": { "description": "A unique name identifying the extension authorization provider.", "type": "string" }, "port": { "description": "Specifies the port of the service.", "format": "int32", "type": "integer" }, "service": { "description": "Specifies the service that implements the Envoy ext_authz HTTP authorization service.\nThe format is \"[/]\".\nThe specification of \"\"\nis required only when it is insufficient to unambiguously resolve a service in the service registry.\nThe \"\" is a fully qualified host name of a service defined by the Kubernetes service or ServiceEntry.\nThe recommended format is \"[/]\"\nExample: \"my-ext-authz.foo.svc.cluster.local\" or \"bar/my-ext-authz\".", "type": "string" } }, "required": [ "name", "port", "service" ], "type": "object" }, "type": "array" }, "gatewayExternalTrafficPolicy": { "description": "Defines the external traffic policy for the Istio Ingress Gateway Service. Valid configurations are \"Local\" or \"Cluster\". The external traffic policy set to \"Local\" preserves the client IP in the request, but also introduces the risk of unbalanced traffic distribution.\nWARNING: Switching `externalTrafficPolicy` may result in a temporal increase in request delay. Make sure that this is acceptable.", "enum": [ "Local", "Cluster" ], "type": "string" }, "numTrustedProxies": { "description": "Defines the number of trusted proxies deployed in front of the Istio gateway proxy.", "maximum": 4294967295, "minimum": 0, "type": "integer" } }, "type": "object" }, "experimental": { "properties": { "pilot": { "properties": { "enableAlphaGatewayAPI": { "type": "boolean" }, "enableMultiNetworkDiscoverGatewayAPI": { "type": "boolean" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "status": { "description": "IstioStatus defines the observed state of IstioCR.", "properties": { "conditions": { "description": " Conditions associated with IstioStatus.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "description": { "description": "Description of Istio status", "type": "string" }, "state": { "description": "State signifies the current state of CustomObject. Value\ncan be one of (\"Ready\", \"Processing\", \"Error\", \"Deleting\", \"Warning\").", "enum": [ "Processing", "Deleting", "Ready", "Error", "Warning" ], "type": "string" } }, "required": [ "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "kyma-project.io/module": "istio" }, "name": "istio-controller-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "kyma-project.io/module": "istio" }, "name": "istio-leader-election-role", "namespace": "kyma-system" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "creationTimestamp": null, "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "kyma-project.io/module": "istio" }, "name": "istio-manager-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "namespaces" ], "verbs": [ "create", "get", "patch", "update" ] }, { "apiGroups": [ "" ], "resources": [ "nodes" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "istios" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "istios/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "istios/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "authentication.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "config.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "install.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "networking.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "telemetry.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "extensions.istio.io" ], "resources": [ "*" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "mutatingwebhookconfigurations", "validatingwebhookconfigurations" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions.apiextensions.k8s.io", "customresourcedefinitions" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps", "extensions" ], "resources": [ "daemonsets", "deployments", "deployments/finalizers", "replicasets", "statefulsets" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "autoscaling" ], "resources": [ "horizontalpodautoscalers" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "monitoring.coreos.com" ], "resources": [ "servicemonitors" ], "verbs": [ "get", "create", "update" ] }, { "apiGroups": [ "policy" ], "resources": [ "poddisruptionbudgets" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings", "roles", "rolebindings" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterroles" ], "verbs": [ "*" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "create", "update", "patch" ] }, { "apiGroups": [ "" ], "resources": [ "configmaps", "endpoints", "events", "namespaces", "pods", "pods/proxy", "pods/portforward", "persistentvolumeclaims", "secrets", "services", "serviceaccounts", "resourcequotas" ], "verbs": [ "create", "deletecollection", "delete", "get", "list", "patch", "update", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "kyma-project.io/module": "istio" }, "name": "istio-leader-election-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "istio-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "istio-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "kyma-project.io/module": "istio" }, "name": "istio-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "istio-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "istio-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.selector.matchLabels)", "details": "header:\n - source: spec.action\n name: spec.action\n - source: spec.provider\n widget: Labels\n name: spec.provider\nresourceGraph:\n colorVariant: 3\n dataSources:\n - source: podSelector\nbody:\n - widget: Table\n name: spec.rules\n source: spec.rules\n showHeader: false\n visibility: $exists($value)\n collapsibleTitle: '\"Rule #\" & $string($index + 1) & (\" \" & $join($keys($item), \" \"))'\n collapsible:\n - source: $item.from\n widget: Table\n name: spec.rules.from\n disablePadding: true\n showHeader: false\n visibility: $exists($value)\n collapsibleTitle: '\"From #\" & $string($index + 1) & (\" \" & $join($keys($item.source), \" \"))'\n collapsible:\n - source: source\n widget: Panel\n name: spec.rules.from.source\n children:\n - source: principals\n name: spec.rules.from.source.principals\n widget: JoinedArray\n visibility: $exists($value)\n - source: notPrincipals\n name: spec.rules.from.source.notPrincipals\n widget: Labels\n visibility: $exists($value)\n - source: requestPrincipals\n name: spec.rules.from.source.requestPrincipals\n widget: Labels\n visibility: $exists($value)\n - source: notRequestPrincipals\n name: spec.rules.from.source.notRequestPrincipals\n widget: Labels\n visibility: $exists($value)\n - source: namespaces\n name: spec.rules.from.source.namespaces\n widget: Labels\n visibility: $exists($value)\n - source: notNamespaces\n name: spec.rules.from.source.notNamespaces\n widget: Labels\n visibility: $exists($value)\n - source: ipBlocks\n name: spec.rules.from.source.ipBlocks\n widget: Labels\n visibility: $exists($value)\n - source: notIpBlocks\n name: spec.rules.from.source.notIpBlocks\n widget: Labels\n visibility: $exists($value)\n - source: remoteIpBlocks\n name: spec.rules.from.source.remoteIpBlocks\n widget: Labels\n visibility: $exists($value)\n - source: notRemoteIpBlocks\n name: spec.rules.from.source.notRemoteIpBlocks\n widget: Labels\n visibility: $exists($value)\n - source: $item.to\n widget: Table\n name: spec.rules.to\n disablePadding: true\n showHeader: false\n visibility: $exists($value)\n collapsibleTitle: '\"To #\" & $string($index + 1) & (\" \" & $join($keys($item.operation), \" \"))'\n collapsible:\n - source: operation\n widget: Panel\n name: spec.rules.to.operation\n children:\n - source: Hosts\n name: spec.rules.to.operation.hosts\n widget: Labels\n visibility: $exists($value)\n - source: notHosts\n name: spec.rules.to.operation.notHosts\n widget: Labels\n visibility: $exists($value)\n - source: ports\n name: spec.rules.to.operation.ports\n widget: Labels\n visibility: $exists($value)\n - source: notPorts\n name: spec.rules.to.operation.notPorts\n widget: Labels\n visibility: $exists($value)\n - source: methods\n name: spec.rules.to.operation.methods\n widget: Labels\n visibility: $exists($value)\n - source: notMethods\n name: spec.rules.to.operation.notMethods\n widget: Labels\n visibility: $exists($value)\n - source: paths\n name: spec.rules.to.operation.paths\n widget: Labels\n visibility: $exists($value)\n - source: notPaths\n name: spec.rules.to.operation.notPaths\n widget: Labels\n visibility: $exists($value)\n - source: when\n widget: Table\n name: spec.rules.when\n visibility: $exists($value)\n children:\n - source: key\n name: spec.rules.when.key\n visibility: $exists($value)\n - source: values\n name: spec.rules.when.values\n widget: JoinedArray\n separator: break\n visibility: $exists($value)\n - source: notValues\n name: spec.rules.when.notValues\n widget: JoinedArray\n separator: break\n visibility: $exists($value)\n - widget: Panel\n name: spec.selector.matchLabels\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n visibility: $exists($root.spec.selector.matchLabels) and $boolean($root.spec.selector.matchLabels)\n - source: spec.selector\n widget: Panel\n name: selector.matchesAllPods\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.selector.matchLabels\n widget: Labels\n name: spec.selector.matchLabels\n visibility: $exists($value) and $boolean($value)\n", "form": "- path: spec.selector.matchLabels\n widget: KeyValuePair\n defaultExpanded: true\n- path: spec.action\n placeholder: placeholders.dropdown\n simple: true\n description: description.action\n- path: spec.provider\n widget: FormGroup\n children:\n - path: name\n- path: spec.rules\n widget: GenericList\n simple: true\n children:\n - path: '[].from'\n simple: true\n widget: GenericList\n children:\n - path: '[].source'\n simple: true\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: principals\n simple: true\n widget: SimpleList\n description: description.rules.from.principals\n children:\n - path: '[]'\n simple: true\n - path: notPrincipals\n simple: true\n widget: SimpleList\n description: description.rules.from.notPrincipals\n children:\n - path: '[]'\n simple: true\n - path: requestPrincipals\n simple: true\n widget: SimpleList\n description: description.rules.from.requestPrincipals\n children:\n - path: '[]'\n simple: true\n - path: notRequestPrincipals\n simple: true\n widget: SimpleList\n description: description.rules.from.notRequestPrincipals\n children:\n - path: '[]'\n simple: true\n - path: namespaces\n simple: true\n widget: SimpleList\n description: description.rules.from.namespaces\n children:\n - path: '[]'\n simple: true\n - path: notNamespaces\n simple: true\n widget: SimpleList\n description: description.rules.from.notNamespaces\n children:\n - path: '[]'\n simple: true\n - path: ipBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.ipBlocks\n children:\n - path: '[]'\n simple: true\n - path: notIpBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.notIpBlocks\n children:\n - path: '[]'\n simple: true\n - path: remoteIpBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.remoteIpBlocks\n children:\n - path: '[]'\n simple: true\n - path: notRemoteIpBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.notRemoteIpBlocks\n children:\n - path: '[]'\n simple: true\n - path: '[].to'\n simple: true\n widget: GenericList\n children:\n - path: '[].operation'\n simple: true\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: hosts\n simple: true\n widget: SimpleList\n description: description.rules.to.hosts\n children:\n - path: '[]'\n simple: true\n - path: notHosts\n simple: true\n widget: SimpleList\n description: description.rules.to.notHosts\n children:\n - path: '[]'\n simple: true\n - path: ports\n simple: true\n widget: SimpleList\n description: description.rules.to.ports\n children:\n - path: '[]'\n simple: true\n - path: notPorts\n simple: true\n widget: SimpleList\n description: description.rules.to.notPorts\n children:\n - path: '[]'\n simple: true\n - path: methods\n simple: true\n widget: SimpleList\n description: description.rules.to.methods\n children:\n - path: '[]'\n simple: true\n - path: notMethods\n simple: true\n widget: SimpleList\n description: description.rules.to.notMethods\n children:\n - path: '[]'\n simple: true\n - path: paths\n simple: true\n widget: SimpleList\n description: description.rules.to.paths\n children:\n - path: '[]'\n simple: true\n - path: notPaths\n simple: true\n widget: SimpleList\n description: description.rules.to.notPaths\n children:\n - path: '[]'\n simple: true\n - path: '[].when'\n simple: true\n widget: GenericList\n children:\n - path: '[].key'\n simple: true\n widget: Text\n description: description.rules.when.key\n - path: '[].values'\n simple: true\n widget: SimpleList\n description: description.rules.when.values\n children:\n - path: '[]'\n simple: true\n - path: '[].notValues'\n simple: true\n widget: SimpleList\n description: description.rules.when.notValues\n children:\n - path: '[]'\n simple: true\n", "general": "resource:\n kind: AuthorizationPolicy\n group: security.istio.io\n version: v1beta1\nname: Authorization Policies\ncategory: Istio\nurlPath: authorizationpolicies\nscope: namespace\ndescription: >-\n {{[Istio Authorization\n Policy](https://istio.io/latest/docs/reference/config/security/authorization-policy/)}}\n allows for workload access management in the mesh.", "list": "- name: action\n source: spec.action", "translations": "en:\n description.action: Optional. The action to take if the request is matched with the rules. Default is ALLOW if not specified.\n description.rules.from.principals: Optional. A list of peer identities derived from the peer certificate. The peer identity is in the format of ' /ns/ /sa/ ', for example, 'cluster.local/ns/default/sa/productpage'. If not set, any principal is allowed.\n description.rules.from.notPrincipals: Optional. A list of negative match of peer identities.\n description.rules.from.requestPrincipals: Optional. A list of request identities derived from the JWT. The request identity is in the format of '/', for example, 'example.com/sub-1'. If not set, any request principal is allowed.\n description.rules.from.notRequestPrincipals: Optional. A list of negative match of request identities.\n description.rules.from.namespaces: Optional. A list of namespaces derived from the peer certificate. If not set, any namespace is allowed.\n description.rules.from.notNamespaces: Optional. A list of negative match of namespaces.\n description.rules.from.ipBlocks: Optional. A list of IP blocks, populated from the source address of the IP packet. Single IP (e.g. '1.2.3.4') and CIDR (e.g. '1.2.3.0/24') are supported. If not set, any IP is allowed.\n description.rules.from.notIpBlocks: Optional. A list of negative match of IP blocks.\n description.rules.from.remoteIpBlocks: Optional. A list of IP blocks, populated from X-Forwarded-For header or proxy protocol. To make use of this field, you must configure the numTrustedProxies field of the gatewayTopology under the meshConfig when you install Istio or using an annotation on the ingress gateway. If not set, any IP is allowed.\n description.rules.from.notRemoteIpBlocks: Optional. A list of negative match of remote IP blocks.\n description.rules.to.hosts: Optional. A list of hosts as specified in the HTTP request. The match is case-insensitive. If not set, any host is allowed. Must be used only with HTTP.\n description.rules.to.notHosts: Optional. A list of negative match of hosts as specified in the HTTP request. The match is case-insensitive.\n description.rules.to.ports: Optional. A list of ports as specified in the connection. If not set, any port is allowed.\n description.rules.to.notPorts: Optional. A list of negative match of ports as specified in the connection.\n description.rules.to.methods: Optional. A list of methods as specified in the HTTP request. If not set, any method is allowed. Must be used only with HTTP.\n description.rules.to.notMethods: Optional. A list of negative match of methods as specified in the HTTP request.\n description.rules.to.paths: Optional. A list of paths as specified in the HTTP request. If not set, any path is allowed. Must be used only with HTTP.\n description.rules.to.notPaths: Optional. A list of negative match of paths.\n description.rules.when.key: The name of an Istio attribute.\n description.rules.when.values: Optional. A list of allowed values for the attribute. At least one of values or notValues must be set.\n description.rules.when.notValues: Optional. A list of negative match of values for the attribute. At least one of values or notValues must be set.\n placeholders.dropdown: Type or choose an option.\n spec.action: Action\n spec.provider: Provider\n spec.rules: Rules\n spec.rules.from: From\n spec.rules.from.source: Source\n spec.rules.from.source.principals: Principals\n spec.rules.from.source.notPrincipals: NotPrincipals\n spec.rules.from.source.requestPrincipals: RequestPrincipals\n spec.rules.from.source.notRequestPrincipals: NotRequestPrincipals\n spec.rules.from.source.namespaces: Namespaces\n spec.rules.from.source.notNamespaces: NotNamespaces\n spec.rules.from.source.ipBlocks: IpBlocks\n spec.rules.from.source.notIpBlocks: NotIpBlocks\n spec.rules.from.source.remoteIpBlocks: RemoteIpBlocks\n spec.rules.from.source.notRemoteIpBlocks: NotRemoteIpBlocks\n spec.rules.to: To\n spec.rules.to.operation: Operation\n spec.rules.to.operation.hosts: Hosts\n spec.rules.to.operation.notHosts: NotHosts\n spec.rules.to.operation.ports: Ports\n spec.rules.to.operation.notPorts: NotPorts\n spec.rules.to.operation.methods: Methods\n spec.rules.to.operation.notMethods: NotMethods\n spec.rules.to.operation.paths: Paths\n spec.rules.to.operation.notPaths: NotPaths\n spec.rules.when: When\n spec.rules.when.key: Key\n spec.rules.when.values: Values\n spec.rules.when.notValues: NotValues\n spec.selector.matchLabels: Selector\n selector.matchesAllPods: Matches all Pods in the Namespace\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-authorizationpolicies-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header: []\nbody:\n - name: References\n widget: Panel\n children:\n - source: spec.host\n name: Host\n - source: spec.exportTo\n widget: Labels\n name: Export To\n visibility: $exists($value)\n - source: spec.workloadSelector.matchLabels\n widget: Labels\n name: Workload Selector Match Labels\n visibility: $exists($value)\n - source: spec.trafficPolicy\n name: Traffic Policy\n disablePadding: true\n visibility: $exists($value)\n widget: Panel\n children:\n - source: loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: portLevelSettings\n name: portLevelSettings\n widget: Table\n disablePadding: true\n children:\n - source: $item.port.number\n name: port\n visibility: $exists($value)\n collapsible:\n - source: $item.loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: $item.connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: $item.outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: $item.tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: $item.tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n - source: tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n - source: spec.subsets\n name: Subsets\n widget: Table\n disablePadding: true\n visibility: $exists($value)\n children:\n - source: $item.name\n name: Name\n - source: $item.labels\n name: Labels\n widget: Labels\n collapsible:\n - source: $item.trafficPolicy\n name: Traffic Policy\n disablePadding: true\n visibility: $exists($value)\n widget: Panel\n children:\n - source: loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: portLevelSettings\n name: portLevelSettings\n widget: Table\n disablePadding: true\n children:\n - source: $item.port.number\n name: port\n visibility: $exists($value)\n collapsible:\n - source: $item.loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: $item.connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: $item.outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: $item.tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: $item.tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n - source: tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n", "form": "- simple: true\n path: spec.host\n name: Host\n required: true\n- widget: FormGroup\n path: spec.trafficPolicy\n name: Traffic Policy\n children:\n - widget: FormGroup\n path: loadBalancer\n name: Load Balancer\n children:\n - var: mainloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $mainloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $mainloadBalancerSelector = 'consistentHash'\n children:\n - var: mainconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: $mainconsistentHashSelector = 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $mainconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $mainconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: $mainconsistentHashSelector= 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: mainLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $mainLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $mainLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $mainLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: connectionPool\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: outlierDetection\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: tls\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: portLevelSettings\n name: Port Level Settings\n widget: GenericList\n children:\n - path: '[].port.number'\n name: Port Number\n - widget: FormGroup\n path: '[].loadBalancer'\n name: Load Balancer\n children:\n - var: portLevelloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $portLevelloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $portLevelloadBalancerSelector = 'consistentHash'\n children:\n - var: portLevelconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: $portLevelconsistentHashSelector = 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $portLevelconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $portLevelconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: $portLevelconsistentHashSelector= 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: portLevelLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $portLevelLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $portLevelLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $portLevelLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: '[].connectionPool'\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: '[].outlierDetection'\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: '[].tls'\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: tunnel\n name: Tunnel\n widget: FormGroup\n children:\n - path: protocol\n name: Protocol\n - path: targetHost\n name: Target Host\n - path: targetPort\n name: Target Port\n- path: spec.subsets\n name: Subsets\n widget: GenericList\n children:\n - path: '[].name'\n name: Name\n - path: '[].labels'\n name: Labels\n widget: KeyValuePair\n - path: '[].trafficPolicy'\n name: Traffic Policy\n children:\n - widget: FormGroup\n path: loadBalancer\n name: Load Balancer\n children:\n - var: subsetsloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $subsetsloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $subsetsloadBalancerSelector = 'consistentHash'\n children:\n - var: subsetsconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: $subsetsconsistentHashSelector = 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $subsetsconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $subsetsconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: $subsetsconsistentHashSelector= 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: subsetsLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $subsetsLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $subsetsLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $subsetsLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: connectionPool\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: outlierDetection\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: tls\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: portLevelSettings\n name: Port Level Settings\n widget: GenericList\n children:\n - path: '[].port.number'\n name: Port Number\n - widget: FormGroup\n path: '[].loadBalancer'\n name: Load Balancer\n children:\n - var: subsetPortLevelloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $subsetPortLevelloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $subsetPortLevelloadBalancerSelector = 'consistentHash'\n children:\n - var: subsetPortLevelconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: >-\n $subsetPortLevelconsistentHashSelector =\n 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $subsetPortLevelconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $subsetPortLevelconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: >-\n $subsetPortLevelconsistentHashSelector=\n 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: subsetPortLevelLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $subsetPortLevelLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $subsetPortLevelLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $subsetPortLevelLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: '[].connectionPool'\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: '[].outlierDetection'\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: '[].tls'\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: tunnel\n name: Tunnel\n widget: FormGroup\n children:\n - path: protocol\n name: Protocol\n - path: targetHost\n name: Target Host\n - path: targetPort\n name: Target Port\n- path: spec.exportTo\n name: Export To\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.workloadSelector.matchLabels\n defaultExpanded: true\n name: Workload Selector Match Labels\n widget: KeyValuePair\n", "general": "resource:\n kind: DestinationRule\n group: networking.istio.io\n version: v1beta1\nname: Destination Rules\ncategory: Istio\nurlPath: destinationrules\nscope: namespace\ndescription: resource.description", "list": "- source: spec.host\n name: Host", "translations": "en:\n metadata.annotations: Annotations\n metadata.labels: Labels\n metadata.creationTimestamp: Created at\n resource.description: >-\n {{[Destination\n Rule](https://istio.io/latest/docs/reference/config/networking/destination-rule)}}\n specifies rules that apply to traffic intended for a service after routing.\n References: References\n probes: Probes\n Export To: Export To\n Workload Selector Match Labels: Workload Selector Match Labels\n Traffic Policy: Traffic Policy\n Interval: Interval\n Name: Name\n time: Time\n interval: Interval\n Host: Host\n Connection Pool: Connection Pool\n TCP Keep Alive: TCP Keep Alive\n Probes: Probes\n Time: Time\n TCP: TCP\n HTTP: HTTP\n HTTP1 Max Pending Requests: HTTP1 Max Pending Requests\n Max Connections: Max Connections\n Connect Timeout: Connect Timeout\n HTTP2 Max Requests: HTTP2 Max Requests\n Max Requests Per Connection: Max Requests Per Connection\n Max Retries: Max Retries\n Idle Timeout: Idle Timeout\n H2 Upgrade Policy: H2 Upgrade Policy\n Use Client Protocol: Use Client Protocol\n Locality LB Settings: Locality LB Settings\n Enabled: Enabled\n Distribute: Distribute\n From: From\n To: To\n Failover: Failover\n Failover Priority: Failover Priority\n HTTP Cookie: HTTP Cookie\n Path: Path\n TTL: TTL\n Consistent Hash: Consistent Hash\n HTTP Header Name: HTTP Header Name\n Use Source IP: Use Source IP\n HTTP Query Parameter Name: HTTP Query Parameter Name\n Minimum Ring Size: Minimum Ring Size\n Load Balancer: Load Balancer\n Simple: Simple\n Warmup Duration Secs: Warmup Duration Secs\n ChooseConsistentHashSelector: Select Hash Type\n ChooseLoadBalancerSelector: Select Balancer Type\n ChooseLbSelector: Select LB Settings\n Split External Local Origin Errors: Split External Local Origin Errors\n Consecutive Local Origin Failures: Consecutive Local Origin Failures\n Consecutive Gateway Errors: Consecutive Gateway Errors\n Consecutive 5xx Errors: Consecutive 5xx Errors\n Base Ejection Time: Base Ejection Time\n Max Ejection Percent: Max Ejection Percent\n Min Health Percent: Min Health Percent\n Port Level Settings: Port Level Settings\n Port Number: Port Number\n TLS: TLS\n Mode: Mode\n Client Certificate: Client Certificate\n Private Key: Private Key\n CA Certificates: CA Certificates\n Credential Name: Credential Name\n Subject Alt Names: Subject Alt Names\n SNI: SNI\n Insecure Skip Verify: Insecure Skip Verify\n Tunnel: Tunnel\n Protocol: Protocol\n Target Host: Target Host\n Target Port: Target Port\n Subsets: Subsets\n Labels: Labels\n consistentHash: Consistent Hash\n simple: Simple\n failover: Failover\n distribute: Distribute\n\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-destinationrules-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n namespace: null\n filter: $matchByLabelSelector($item, $root.spec.selector)\nrelatedVirtualServices:\n resource:\n kind: VirtualService\n group: networking.istio.io\n version: v1beta1\n namespace: null\n filter: >-\n $filter($item.spec.gateways, function($g){$contains($g,'/') ?\n ($substringBefore($g,'/') = $root.metadata.namespace and $substringAfter($g,\n '/') = $root.metadata.name) : ($substringBefore($g, '.') =\n $root.metadata.name and $substringBefore($substringAfter($g, '.'), '.') =\n $root.metadata.namespace) })", "details": "header:\n - source: spec.selector\n widget: Labels\n name: spec.selector\nbody:\n - widget: Table\n source: spec.servers\n name: spec.servers\n children:\n - source: port.name\n name: spec.servers.port.name\n - widget: JoinedArray\n separator: break\n source: hosts\n name: spec.servers.hosts\n - source: port.number\n name: spec.servers.port.number\n - source: port.protocol\n name: spec.servers.port.protocol\n - source: tls.mode\n name: spec.servers.tls.mode\n - widget: ResourceLink\n source: tls.credentialName\n name: spec.servers.tls.credentialName\n resource:\n name: tls.credentialName\n namespace: '\"istio-system\"'\n kind: '\"Secret\"'\n - widget: Panel\n name: spec.selector\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n visibility: $exists($root.spec.selector) and $boolean($root.spec.selector)\n - source: spec.selector\n widget: Panel\n name: selector.matchesAllPods\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.selector\n widget: Labels\n name: spec.selector\n visibility: $exists($value) and $boolean($value)\nresourceGraph:\n depth: 1\n colorVariant: 1\n dataSources:\n - source: relatedVirtualServices", "form": "- path: spec.selector\n widget: KeyValuePair\n simple: true\n required: true\n defaultExpanded: true\n- path: spec.servers\n widget: GenericList\n simple: true\n required: true\n children:\n - widget: FormGroup\n simple: true\n path: '[].port'\n defaultExpanded: true\n children:\n - path: number\n simple: true\n required: true\n inputInfo: inputInfo.spec.servers.port.number\n - path: name\n widget: Name\n inputInfo: null\n simple: true\n required: true\n - path: protocol\n simple: true\n enum:\n - HTTP\n - HTTPS\n - HTTP2\n - GRPC\n - GRPC-WEB\n - MONGO\n - REDIS\n - MYSQL\n - TCP\n required: true\n placeholder: placeholders.dropdown\n - widget: FormGroup\n simple: true\n path: '[].tls'\n visibility: $item.port.protocol = 'HTTP' or $item.port.protocol = 'HTTPS'\n children:\n - path: httpsRedirect\n simple: true\n visibility: $item.port.protocol = 'HTTP'\n - path: mode\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n required: true\n placeholder: placeholders.dropdown\n - path: credentialName\n simple: true\n widget: Resource\n resource:\n kind: Secret\n version: v1\n namespace: istio-system\n scope: namespace\n filter: >-\n $item.type = 'kubernetes.io/tls' or ($item.type = 'Opaque' and\n $contains($item.data, 'key') and $contains($item.data, 'cert'))\n visibility: $item.port.protocol = 'HTTPS'\n - path: serverCertificate\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: placeholders.serverCertificate\n - path: privateKey\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: placeholders.privateKey\n - path: caCertificates\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: placeholders.caCertificates\n - simple: true\n widget: Alert\n type: warning\n alert: '\"alert.tls.https\"'\n visibility: $item.port.protocol = 'HTTPS'\n - widget: SimpleList\n path: '[].hosts'\n required: true\n simple: true\n placeholder: placeholders.hosts\n children:\n - path: '[]'\n simple: true", "general": "resource:\n kind: Gateway\n group: networking.istio.io\n version: v1beta1\nurlPath: gateways\ncategory: Istio\nname: Gateways\nscope: namespace\ndescription: >-\n {{[Gateways](https://istio.io/latest/docs/reference/config/networking/gateway/)}}\n describes a load balancer that operates at the edge of the mesh and receives\n incoming or outgoing HTTP/TCP connections.", "list": "- name: spec.selector\n source: spec.selector\n widget: Labels", "presets": "- name: Default Gateway\n default: true\n value:\n spec:\n selector:\n istio: ingressgateway\n- name: Ingress Gateway\n value:\n metadata:\n name: httpbin-gateway\n labels:\n app.kubernetes.io/name: httpbin-gateway\n spec:\n selector:\n istio: ingressgateway\n servers:\n - port:\n number: 443\n name: https\n protocol: HTTPS\n tls:\n mode: SIMPLE\n credentialName: ''\n hosts: []", "translations": "en:\n alert.tls.https: TLS Server of mode SIMPLE or MUTUAL needs either credential name, or private key and server certificate pair.\n spec.selector: Selector\n spec.gateways: Gateways\n spec.servers: Servers\n spec.servers.port: Port\n spec.servers.port.name: Port Name\n spec.servers.port.protocol: Protocol\n spec.servers.port.targetPort: Target Port\n spec.servers.port.number: Port Number\n spec.servers.tls: TLS\n spec.servers.tls.mode: TLS Mode\n spec.servers.tls.httpsRedirect: HTTP Redirect\n spec.servers.tls.credentialName: Credential Name\n spec.servers.tls.serverCertificate: Server Certificate\n spec.servers.tls.privateKey: Private Key\n spec.servers.tls.caCertificates: CA Certificate\n spec.servers.hosts: Hosts\n selector.matchesAllPods: Matches all Pods in the Namespace\n placeholders.dropdown: Type or choose an option\n placeholders.serverCertificate: Enter the certificate path\n placeholders.privateKey: Enter the private key path\n placeholders.caCertificates: Enter the CA certificates path\n placeholders.hosts: For example, *.api.mydomain.com\n inputInfo.spec.servers.port.number: Must be a on-negative number." }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-gateways-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.selector.matchLabels)", "details": "body:\n - source: spec.jwtRules\n name: spec.jwtRules\n showHeader: false\n widget: Table\n collapsibleTitle: '\"Issuer \" & $item.issuer'\n collapsible:\n - source: issuer\n name: spec.jwtRules.issuer\n widget: Text\n - source: jwksUri\n name: spec.jwtRules.jwksUri\n widget: Text\n - source: audiences\n name: spec.jwtRules.audiences\n widget: JoinedArray\n - source: fromParams\n name: spec.jwtRules.fromParams\n widget: JoinedArray\n - source: fromCookies\n name: spec.jwtRules.fromCookies\n widget: JoinedArray\n - source: fromHeaders\n name: spec.jwtRules.fromHeaders\n widget: Table\n showHeader: false\n collapsibleTitle: '\"Header \" & $item.name'\n collapsible:\n - source: name\n name: spec.jwtRules.fromHeaders.name\n widget: Text\n - source: prefix\n name: spec.jwtRules.fromHeaders.prefix\n widget: Text\n - widget: Panel\n name: spec.selector.matchLabels\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n visibility: $exists($root.spec.selector.matchLabels) and $boolean($root.spec.selector.matchLabels)\n - source: spec.selector\n widget: Panel\n name: selector.matchesAllPods\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.selector.matchLabels\n widget: Labels\n name: spec.selector.matchLabels\n visibility: $exists($value) and $boolean($value)\n", "form": "- path: spec.selector.matchLabels\n widget: KeyValuePair\n defaultExpanded: true\n- path: spec.jwtRules\n name: spec.jwtRules\n widget: GenericList\n simple: true\n children:\n - path: '[].issuer'\n - path: '[].jwksUri'\n name: spec.jwtRules.jwksUri\n - path: '[].audiences'\n widget: SimpleList\n children:\n - path: '[]'\n - path: '[].fromParams'\n widget: SimpleList\n children:\n - path: '[]'\n - path: '[].fromCookies'\n widget: SimpleList\n children:\n - path: '[]'\n - path: '[].fromHeaders'\n simple: true\n widget: GenericList\n children:\n - path: '[].name'\n - path: '[].prefix'", "general": "resource:\n kind: RequestAuthentication\n group: security.istio.io\n version: v1beta1\nurlPath: requestauthentications\ncategory: Istio\nname: Request Authentications\nscope: namespace\ndescription: >-\n {{[Istio Request Authentication](https://istio.io/latest/docs/reference/config/security/request_authentication)}}\n defines what request authentication methods are supported by a workload.\n\n", "translations": "en:\n spec.jwtRules: JWT Rules\n spec.jwtRules.issuer: Issuer\n spec.jwtRules.jwksUri: JWKS URI\n spec.jwtRules.jwks: JWKS\n spec.jwtRules.audiences: Audiences\n spec.jwtRules.fromParams: From Params\n spec.jwtRules.fromCookies: From Cookies\n spec.jwtRules.fromHeaders: From Headers\n spec.jwtRules.fromHeaders.name: Name\n spec.jwtRules.fromHeaders.prefix: Prefix\n spec.selector.matchLabels: Selector\n selector.matchesAllPods: Matches all Pods in the Namespace" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-requestauthentications-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.workloadSelector.labels)\n", "details": "header:\n - source: spec.location\n name: spec.location\n - source: spec.resolution\n name: spec.resolution\nresourceGraph:\n colorVariant: 2\n dataSources:\n - source: podSelector\nbody:\n - name: configuration\n widget: Panel\n source: spec\n visibility: >-\n $boolean($exists($value.hosts) or $exists($value.addresses) or\n $exists($value.subjectAltNames))\n children:\n - name: spec.hosts\n source: hosts\n widget: JoinedArray\n visibility: $exists($value)\n - name: spec.addresses\n source: addresses\n widget: JoinedArray\n visibility: $exists($value)\n - name: spec.exportTo\n source: exportTo\n widget: Labels\n placeholder: Exported to all Namespaces\n - name: spec.subjectAltNames\n source: subjectAltNames\n widget: JoinedArray\n visibility: $exists($value)\n - name: spec.ports\n widget: Table\n source: spec.ports\n visibility: $exists($value)\n children:\n - name: spec.ports.number\n source: number\n sort: true\n - name: spec.ports.protocol\n source: protocol\n sort: true\n - name: spec.ports.name\n source: name\n sort: true\n - name: spec.ports.targetPort\n source: targetPort\n sort: true\n - name: spec.endpoints\n widget: Table\n source: spec.endpoints\n visibility: $exists($value)\n children:\n - name: spec.endpoints.address\n source: address\n sort: true\n - name: spec.endpoints.ports\n source: ports\n widget: Labels\n - name: spec.endpoints.labels\n source: labels\n widget: Labels\n - name: spec.endpoints.network\n source: network\n sort: true\n - name: spec.endpoints.weight\n source: weight\n - name: spec.endpoints.serviceAccount\n source: serviceAccount\n - name: spec.workloadSelector\n widget: Panel\n source: spec.workloadSelector.labels\n visibility: $exists($value)\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n header:\n - widget: Labels\n source: spec.workloadSelector.labels\n visibility: $exists($value)", "form": "- path: spec.hosts\n name: spec.hosts\n widget: SimpleList\n simple: true\n required: true\n children:\n - path: '[]'\n simple: true\n- path: spec.addresses\n name: spec.addresses\n widget: SimpleList\n placeholder: placeholders.addreses\n children:\n - path: '[]'\n- path: spec.ports\n name: Ports\n widget: GenericList\n children:\n - path: '[].number'\n name: spec.ports.number\n required: true\n - path: '[].protocol'\n name: spec.ports.protocol\n required: true\n placeholder: placeholders.dropdown\n enum:\n - HTTP\n - HTTPS\n - GRPC\n - HTTP2\n - MONGO\n - TCP\n - TLS\n - path: '[].name'\n name: spec.ports.name\n required: true\n - path: '[].targetPort'\n name: spec.ports.targetPort\n- path: spec.location\n name: spec.location\n placeholder: placeholders.dropdown\n- path: spec.resolution\n name: spec.resolution\n placeholder: placeholders.dropdown\n- path: spec.endpoints\n name: spec.endpoints\n widget: GenericList\n children:\n - path: '[].address'\n name: spec.endpoints.address\n - path: '[].ports'\n name: spec.endpoints.ports\n widget: KeyValuePair\n value:\n type: number\n - path: '[].labels'\n name: spec.endpoints.labels\n widget: KeyValuePair\n - path: '[].network'\n name: spec.endpoints.network\n - path: '[].locality'\n name: spec.endpoints.locality\n - path: '[].weight'\n name: spec.endpoints.weight\n - path: '[].serviceAccount'\n name: spec.endpoints.serviceAccount\n- path: spec.workloadSelector.labels\n name: spec.workloadSelector\n widget: KeyValuePair\n defaultExpanded: true\n- path: spec.exportTo\n name: spec.exportTo\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.subjectAltNames\n name: spec.subjectAltNames\n widget: SimpleList\n children:\n - path: '[]'", "general": "resource:\n kind: ServiceEntry\n group: networking.istio.io\n version: v1beta1\nurlPath: serviceentries\ncategory: Istio\nname: Service Entries\nscope: namespace\ndescription: >-\n {{[ServiceEntry](https://istio.io/latest/docs/reference/config/networking/service-entry/)}}\n allows for adding more entries to the internal service registry of Istio.", "list": "- source: spec.location\n name: spec.location\n sort: true\n- source: spec.resolution\n name: spec.resolution\n sort: true", "translations": "en:\n configuration: Configuration\n spec.hosts: Hosts\n spec.addresses: Addresses\n spec.ports: Ports\n spec.ports.number: Number\n spec.ports.protocol: Protocol\n spec.ports.name: Name\n spec.ports.targetPort: Target Port\n spec.location: Location\n spec.resolution: Resolution\n spec.endpoints: Endpoints\n spec.endpoints.address: Address\n spec.endpoints.ports: Ports\n spec.endpoints.labels: Labels\n spec.endpoints.network: Network\n spec.endpoints.locality: Locality\n spec.endpoints.weight: Weight\n spec.endpoints.serviceAccount: Service Account\n spec.workloadSelector: Workload Selector\n spec.exportTo: Export To\n spec.subjectAltNames: Subject Alt Names\n placeholders.dropdown: Type or choose an option\n placeholders.addreses: For example, 127.0.0.1" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-serviceentries-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.workloadSelector.labels)", "details": "header:\n - name: Outbound Traffic Policy Mode\n source: spec.outboundTrafficPolicy.mode\nbody:\n - widget: Table\n source: spec.egress\n name: Egress\n visibility: $exists($value)\n children:\n - source: port\n name: Port\n widget: Panel\n visibility: $exists($value)\n children:\n - source: number\n name: Number\n - source: name\n name: Name\n - source: protocol\n name: Protocol\n - source: targetPoint\n name: Target Point\n - source: bind\n name: Bind\n - source: captureMode\n name: Capture Mode\n - source: hosts\n name: Hosts\n widget: Labels\n - widget: Table\n source: spec.ingress\n name: Ingress\n visibility: $exists($value)\n children:\n - source: port\n name: Port\n widget: Panel\n visibility: $exists($value)\n children:\n - source: number\n name: Number\n - source: name\n name: Name\n - source: protocol\n name: Protocol\n - source: targetPoint\n name: Target Point\n - source: $parent.tls.mode\n name: TLS Mode\n - source: bind\n name: Bind\n - source: captureMode\n name: Capture Mode\n - source: defaultEndpoint\n name: Default Endpoint\n widget: Labels\n - widget: Panel\n name: Workload Selector\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n isCompact: true\n visibility: $exists($root.spec.workloadSelector.labels) and $boolean($root.spec.workloadSelector.labels)\n - source: spec.workloadSelector.labels\n widget: Panel\n name: Matches all Pods in the Namespace\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.workloadSelector.labels\n widget: Labels\n name: Workload Selector\n visibility: $exists($value) and $boolean($value)\nresourceGraph:\n depth: 1\n colorVariant: 1\n dataSources:\n - source: podSelector", "form": "- path: spec.workloadSelector.labels\n name: Workload Selector\n widget: KeyValuePair\n- widget: FormGroup\n path: spec.egress[].port\n simple: true\n children:\n - path: number\n simple: true\n placeholder: Enter the port number\n - path: name\n widget: Name\n inputInfo: null\n simple: true\n - path: protocol\n simple: true\n enum:\n - HTTP\n - HTTPS\n - HTTP2\n - GRPC\n - MONGO\n - TCP\n - TLS\n placeholder: Type or choose an option\n- path: spec.egress[].bind\n placeholder: Enter the IPv4 or IPv6\n simple: true\n- path: spec.egress[].captureMode\n simple: true\n enum:\n - DEFAULT\n - IPTABLES\n - NONE\n placeholder: Type or choose an option\n- widget: SimpleList\n path: spec.egress[].hosts\n required: true\n simple: true\n placeholder: For example, *.api.mydomain.com\n children:\n - path: '[]'\n simple: true\n- widget: FormGroup\n path: spec.ingress[].port\n required: true\n simple: true\n children:\n - path: number\n simple: true\n required: true\n placeholder: Enter the port number\n - path: name\n widget: Name\n inputInfo: null\n simple: true\n required: true\n - path: protocol\n simple: true\n enum:\n - HTTP\n - HTTPS\n - HTTP2\n - GRPC\n - MONGO\n - TCP\n - TLS\n required: true\n placeholder: Type or choose an option\n- path: spec.ingress[].bind\n placeholder: Enter the IPv4 or IPv6\n simple: true\n- path: spec.ingress[].captureMode\n enum:\n - DEFAULT\n - IPTABLES\n - NONE\n simple: true\n placeholder: Type or choose an option\n- path: spec.ingress[].defaultEndpoint\n placeholder: For example, 127.0.0.1:PORT\n required: true\n simple: true\n- widget: FormGroup\n simple: true\n path: spec.ingress[].tls\n name: TLS\n visibility: $item.port.protocol = 'HTTPS'\n children:\n - path: mode\n name: TLS Mode\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n required: true\n placeholder: Type or choose an option\n - path: serverCertificate\n name: Server Certificate\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: Enter the certificate path\n - path: privateKey\n name: Private Key\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: Enter the private key path\n - path: caCertificates\n name: CA Certificate\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: Enter the CA certificates path\n- widget: FormGroup\n path: spec.outboundTrafficPolicy\n name: Outbound Traffic Policy\n children:\n - path: mode\n name: Outbound Traffic Policy Mode\n enum:\n - REGISTRY_ONLY\n - ALLOW_ANY\n placeholder: Type or choose an option", "general": "resource:\n kind: Sidecar\n group: networking.istio.io\n version: v1beta1\nurlPath: sidecars\ncategory: Istio\nname: Sidecars\nscope: namespace\ndescription: >-\n {{[Sidecar](https://istio.io/latest/docs/reference/config/networking/sidecar/)}}\n manages the incoming and outgoing communication in a workload it is attached\n to.", "list": "- source: spec.outboundTrafficPolicy.mode\n name: Outbound Traffic Policy Mode\n- source: spec.workloadSelector.labels\n name: Workload Selector Labels\n widget: Labels" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-sidecars-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "body: \n - name: Configuration\n widget: Panel\n source: spec\n children:\n - name: AccessLogging\n source: accessLogging\n widget: Table\n visibility: $exists($value)\n collapsible:\n - name: Filter\n source: filter\n widget: Panel\n visibility: $exists($value)\n children:\n - name: Expression\n source: expression\n widget: Labels\n - name: Match\n source: match\n widget: Panel\n visibility: $exists($value)\n children:\n - name: Mode\n source: mode\n widget: Labels\n - name: Tracing\n source: tracing\n widget: Table\n visibility: $exists($value)\n collapsible:\n - name: RandomSamplingPercentage\n source: randomSamplingPercentage\n widget: Text\n visibility: $exists($value)\n - name: Providers\n source: providers\n widget: Panel\n visibility: $exists($value)\n children:\n - source: name\n widget: Text\n name: Name\n \n", "form": "- path: spec.accessLogging\n widget: GenericList\n simple: true\n name: Access logging configuration\n children:\n - path: '[]'\n children:\n - path: match.mode\n simple: true\n name: Access logging match mode\n - path: filter.expression\n simple: true\n name: Access logging filter expression\n- path: spec.tracing\n simple: true\n widget: GenericList\n name: Tracing configuration\n children:\n - path: '[]'\n children:\n - path: providers\n simple: true\n widget: GenericList\n children:\n - path: '[]'\n children:\n - path: name\n simple: true\n name: Tracing provider name\n - path: randomSamplingPercentage\n type: number\n name: Tracing random sampling percentage\n", "general": "resource:\n kind: Telemetry\n group: telemetry.istio.io\n version: v1alpha1\nurlPath: istiotelemetries\ncategory: Istio\nname: Telemetries\nscope: namespace\ndescription: >-\n {{[Telemetry](https://istio.io/latest/docs/reference/config/telemetry)}}\n defines how the telemetry is generated for workloads within a mesh.\n\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-telemetries-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n- name: Ready\n source: status.state\n widget: Badge\n description: status.description\n highlights:\n positive:\n - 'Ready'\n negative:\n - 'Error'\n critical:\n - 'Warning'\nbody:\n- widget: Panel\n name: Configuration\n children:\n - source: spec.config.gatewayExternalTrafficPolicy\n name: config.gatewayExternalTrafficPolicy\n visibility: '$exists($value)'\n - source: spec.config.numTrustedProxies\n name: config.numTrustedProxies\n placeholder: '1'\n - source: spec.compatibilityMode\n name: compatibilityMode\n placeholder: 'false'\n\n - name: config.authorizers\n widget: Table\n source: spec.config.authorizers\n visibility: $exists($value)\n collapsibleTitle: \"$item.name\"\n collapsible:\n - name: config.authorizers.headers.inCheck.add\n # For some reason $each doesn't return an array that works with JoinedArray widget, when we have only one element. So in this case we return an Array with one element.\n source: '$count($keys(headers.inCheck.add)) = 1 ? $each(headers.inCheck.add, function($v, $k) {[$k & \":\" & $v]}) : $each(headers.inCheck.add, function($v, $k) {$k & \":\" & $v})'\n widget: JoinedArray\n - name: config.authorizers.headers.inCheck.include\n source: headers.inCheck.include\n widget: JoinedArray\n - name: config.authorizers.headers.toUpstream.onAllow\n source: headers.toUpstream.onAllow\n widget: JoinedArray\n - name: config.authorizers.headers.toDownstream.onAllow\n source: headers.toDownstream.onAllow\n widget: JoinedArray\n - name: config.authorizers.headers.toDownstream.onDeny\n source: headers.toDownstream.onDeny\n widget: JoinedArray\n children:\n - name: config.authorizers.service\n source: service\n - name: config.authorizers.port\n source: port\n\n - widget: Panel\n name: Pilot\n visibility: '$exists(spec.components.pilot.k8s.hpaSpec.minReplicas) or $exists(spec.components.pilot.k8s.hpaSpec.maxReplicas) or $exists(spec.components.pilot.k8s.strategy.rollingUpdate.maxSurge) or $exists(spec.components.pilot.k8s.strategy.rollingUpdate.maxUnavailable) or $exists(spec.components.pilot.k8s.resources.limits.cpu) or $exists(spec.components.pilot.k8s.resources.limits.memory) or $exists(spec.components.pilot.k8s.resources.requests.cpu) or $exists(spec.components.pilot.k8s.resources.requests.memory)'\n children:\n - source: spec.components.pilot.k8s.hpaSpec.minReplicas\n name: k8s.hpaSpec.minReplicas\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.hpaSpec.maxReplicas\n name: k8s.hpaSpec.maxReplicas\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.strategy.rollingUpdate.maxSurge\n name: k8s.strategy.rollingUpdate.maxSurge\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.strategy.rollingUpdate.maxUnavailable\n name: k8s.strategy.rollingUpdate.maxUnavailable\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n\n - widget: Panel\n name: Ingress Gateway\n visibility: '$exists(spec.components.ingressGateway.k8s.hpaSpec.minReplicas) or $exists(spec.components.ingressGateway.k8s.hpaSpec.maxReplicas) or $exists(spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxSurge) or $exists(spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxUnavailable) or $exists(spec.components.ingressGateway.k8s.resources.limits.cpu) or $exists(spec.components.ingressGateway.k8s.resources.limits.memory) or $exists(spec.components.ingressGateway.k8s.resources.requests.cpu) or $exists(spec.components.ingressGateway.k8s.resources.requests.memory)'\n children:\n - source: spec.components.ingressGateway.k8s.hpaSpec.minReplicas\n name: k8s.hpaSpec.minReplicas\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.hpaSpec.maxReplicas\n name: k8s.hpaSpec.maxReplicas\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxSurge\n name: k8s.strategy.rollingUpdate.maxSurge\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxUnavailable\n name: k8s.strategy.rollingUpdate.maxUnavailable\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n\n - widget: Panel\n name: CNI\n visibility: '$exists(spec.components.cni.k8s.resources.limits.cpu) or $exists(spec.components.cni.k8s.resources.limits.memory) or $exists(spec.components.cni.k8s.resources.requests.cpu) or $exists(spec.components.cni.k8s.resources.requests.memory) or $exists(spec.components.cni.k8s.affinity)'\n children:\n - source: spec.components.cni.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.affinity\n name: k8s.affinity\n widget: CodeViewer\n description: \"Kubernetes documentation for {{[Affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity)}}\"\n language: \"'yaml'\"\n visibility: '$exists($value)'\n\n - widget: Panel\n name: Proxy\n visibility: '$exists(spec.components.proxy.k8s.resources.limits.cpu) or $exists(spec.components.proxy.k8s.resources.limits.memory) or $exists(spec.components.proxy.k8s.resources.requests.cpu) or $exists(spec.components.proxy.k8s.resources.requests.memory)'\n children:\n - source: spec.components.proxy.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.proxy.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.proxy.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.proxy.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n\n- source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n", "form": "- path: spec\n simple: true\n name: General\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: config.gatewayExternalTrafficPolicy\n name: config.gatewayExternalTrafficPolicy\n simple: true\n description: description.externalTrafficPolicy\n value:\n type: string\n - path: config.numTrustedProxies\n simple: true\n name: config.numTrustedProxies\n value:\n type: number\n - path: compatibilityMode\n simple: true\n name: compatibilityMode\n value:\n type: bool\n- path: spec.config.authorizers\n name: config.authorizers\n widget: GenericList\n children:\n - path: '[].name'\n name: config.authorizers.name\n - path: '[].service'\n name: config.authorizers.service\n - path: '[].port'\n name: config.authorizers.port\n - path: '[].headers'\n name: config.authorizers.headers\n widget: FormGroup\n children:\n - path: 'inCheck.add'\n name: config.authorizers.headers.inCheck.add\n widget: KeyValuePair\n - path: 'inCheck.include'\n name: config.authorizers.headers.inCheck.include\n widget: SimpleList\n children:\n - path: '[]'\n - path: 'toUpstream.onAllow'\n name: config.authorizers.headers.toUpstream.onAllow\n widget: SimpleList\n children:\n - path: '[]'\n - path: 'toDownstream.onAllow'\n name: config.authorizers.headers.toDownstream.onAllow\n widget: SimpleList\n children:\n - path: '[]'\n - path: 'toDownstream.onDeny'\n name: config.authorizers.headers.toDownstream.onDeny\n widget: SimpleList\n children:\n - path: '[]'\n\n- path: spec.components\n name: Components\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: 'pilot'\n required: false\n name: Pilot\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.hpaSpec'\n name: k8s.hpaSpec\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'minReplicas'\n name: k8s.hpaSpec.minReplicas\n description: description.hpaSpec.minReplicas\n value:\n type: number\n - path: 'maxReplicas'\n name: k8s.hpaSpec.maxReplicas\n description: description.hpaSpec.maxReplicas\n value:\n type: number\n - path: 'k8s.strategy.rollingUpdate'\n required: false\n name: k8s.strategy.rollingUpdate\n widget: FormGroup\n defaultExpanded: false\n type: object\n properties:\n maxSurge:\n type: string\n maxUnavailable:\n type: string\n children:\n - path: 'maxSurge'\n name: k8s.strategy.rollingUpdate.maxSurge\n description: description.rollingUpdate.maxSurge\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'maxUnavailable'\n name: k8s.strategy.rollingUpdate.maxUnavailable\n description: description.rollingUpdate.maxUnvailable\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n - path: 'ingressGateway'\n required: false\n name: Ingress Gateway\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.hpaSpec'\n name: k8s.hpaSpec\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'minReplicas'\n name: k8s.hpaSpec.minReplicas\n description: description.hpaSpec.minReplicas\n value:\n type: number\n - path: 'maxReplicas'\n name: k8s.hpaSpec.maxReplicas\n description: description.hpaSpec.maxReplicas\n value:\n type: number\n - path: 'k8s.strategy.rollingUpdate'\n required: false\n name: k8s.strategy.rollingUpdate\n widget: FormGroup\n defaultExpanded: false\n type: object\n properties:\n maxSurge:\n type: string\n maxUnavailable:\n type: string\n children:\n - path: 'maxSurge'\n name: k8s.strategy.rollingUpdate.maxSurge\n description: description.rollingUpdate.maxSurge\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'maxUnavailable'\n name: k8s.strategy.rollingUpdate.maxUnavailable\n description: description.rollingUpdate.maxUnvailable\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n - path: 'cni'\n required: false\n name: CNI\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.affinity'\n widget: CodeEditor\n description: k8s.affinity\n language: \"'yaml'\"\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n - path: 'proxy'\n required: false\n name: Proxy\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n", "general": "resource:\n kind: Istio\n group: operator.kyma-project.io\n version: v1alpha2\nurlPath: istios\ncategory: Kyma\nname: Istio\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableDelete: true\ndescription: >-\n {{[Istio custom resource ](https://kyma-project.io/#/istio/user/04-00-istio-custom-resource)}}\n configures the Istio module.", "list": "- name: Ready\n source: status.state\n widget: Badge\n description: status.description\n highlights:\n positive:\n - 'Ready'\n negative:\n - 'Error'\n critical:\n - 'Warning'\n", "translations": "en:\n compatibilityMode: Compatibility Mode\n config.numTrustedProxies: Number of trusted proxies\n\n config.authorizers: Authorizers\n config.authorizers.name: Name\n config.authorizers.service: Service\n config.authorizers.port: Port\n config.authorizers.headers: Headers\n config.authorizers.headers.inCheck.include: Forward To Authorization Request\n config.authorizers.headers.inCheck.add: Add To Authorization Request\n config.authorizers.headers.toUpstream.onAllow: Forward To Upstream\n config.authorizers.headers.toDownstream.onAllow: Forward To Downstream On Allow\n config.authorizers.headers.toDownstream.onDeny: Forward To Downstream On Deny\n config.gatewayExternalTrafficPolicy: Gateway external traffic policy\n\n k8s.hpaSpec: Horizontal Pod Autoscaler\n k8s.hpaSpec.minReplicas: Minimum number of replicas\n k8s.hpaSpec.maxReplicas: Maximum number of replicas\n k8s.strategy.rollingUpdate: Rolling update strategy\n k8s.strategy.rollingUpdate.maxSurge: Maximum surge\n k8s.strategy.rollingUpdate.maxUnavailable: Maximum unavailable\n k8s.resources.cpu: CPU\n k8s.resources.memory: Memory\n k8s.resources.limits.cpu: CPU limits\n k8s.resources.limits.memory: Memory limits\n k8s.resources.requests.cpu: CPU requests\n k8s.resources.requests.memory: Memory requests\n k8s.affinity: Affinity (YAML)\n description.hpaSpec.minReplicas: Minimum number of replicas for this deployment\n description.hpaSpec.maxReplicas: Maximum number of replicas for this deployment\n description.rollingUpdate.maxSurge: Maximum number of Pods, or the percentage of Pods that can be created on top during an update\n description.rollingUpdate.maxUnvailable: Maximum number of Pods, or the percentage of Pods that can be unavailable during an update\n description.limits.cpu: Total CPU limits of all Pods that are in a non-terminal state must not exceed this value\n description.limits.memory: Total memory limits of all Pods that are in a non-terminal state must not exceed this value\n description.requests.cpu: Total CPU requests of all Pods that are in a non-terminal state must not exceed this value\n description.requests.memory: Total memory requests of all Pods that are in a non-terminal state must not exceed this value\n description.externalTrafficPolicy: Specifies externalTrafficPolicy for the Istio Ingress Gateway Service\n description.compatibilityMode: Sets Istio compatibility version the last minor version.\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "dataSources": "relatedGateways:\n resource:\n kind: Gateway\n group: networking.istio.io\n version: v1beta1\n namespace: null\n filter: >-\n $filter($root.spec.gateways, function($g){$contains($g,'/') ?\n ($substringBefore($g,'/') = $item.metadata.namespace and $substringAfter($g,\n '/') = $item.metadata.name) : ($substringBefore($g, '.') =\n $item.metadata.name and $substringBefore($substringAfter($g, '.'), '.') =\n $item.metadata.namespace) })\nrelatedServices:\n resource:\n kind: Service\n version: v1\n namespace: null\n filter: >-\n $filter($root.spec.http.route, function($r) { $filter($r.destination.host,\n function($h){($substringBefore($h, '.') = $item.metadata.name) and\n ($split($substringAfter($h, '.'),'.')[0] = $item.metadata.namespace)} ) })", "details": "resourceGraph:\n dataSources:\n - source: relatedGateways\n - source: relatedServices\nbody:\n - widget: Table\n source: spec.gateways[]\n name: gateways\n visibility: $exists($value)\n children:\n - source: $item\n name: t-name\n widget: ResourceLink\n resource:\n kind: '\"Gateway\"'\n name: >-\n $contains($item,'/') ? $substringAfter($item, '/') :\n $substringBefore($item, '.')\n namespace: >-\n $contains($item,'/') ? $substringBefore($item, '/'):\n $substringBefore($substringAfter($item, '.'), '.')\n - name: summary\n widget: Panel\n source: spec\n visibility: $boolean($exists($value.exportTo) or $exists($value.hosts))\n children:\n - name: exportTo\n source: exportTo\n widget: Labels\n visibility: $exists($value)\n - name: hosts\n source: hosts\n widget: JoinedArray\n visibility: $exists($value)\n - widget: Table\n source: spec.http\n name: http\n visibility: $exists($value)\n children:\n - source: name\n name: t-name\n - source: timeout\n name: timeout\n - source: mirrorPercentage.value\n name: mirrorPercentage\n collapsible:\n - source: match\n name: matches\n widget: Table\n visibility: $exists($value)\n children:\n - source: name\n name: t-name\n - source: uri\n name: uri\n widget: Labels\n - source: scheme\n name: scheme\n widget: Labels\n - source: method\n name: method\n widget: Labels\n - source: authority\n name: authority\n widget: Labels\n - source: headers\n name: headers\n - source: port\n name: port\n - source: sourceLabels\n name: sourceLabels\n widget: Labels\n - source: gateways\n name: gateways\n widget: JoinedArray\n - source: queryParams\n name: queryParams\n - source: ignoreUriCase\n name: ignoreUriCase\n - source: withoutHeaders\n name: withoutHeaders\n - source: sourceNamespace\n name: sourceNamespace\n - source: statPrefix\n name: statPrefix\n - source: route\n name: routes\n widget: Table\n visibility: $exists($value)\n children:\n - source: destination\n name: destination\n widget: Panel\n visibility: $exists($value)\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port.number\n - source: weight\n name: weight\n - source: headers\n name: headers\n widget: Panel\n visibility: $exists($value)\n children:\n - source: request\n name: request\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - source: response\n name: response\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - source: redirect\n name: redirect\n widget: Panel\n visibility: $exists($value)\n children:\n - source: uri\n name: uri\n - source: authority\n name: authority\n - source: port\n name: port\n - source: derivePort\n name: derivePort\n widget: Labels\n - source: scheme\n name: scheme\n - source: redirectCode\n name: redirectCode\n - source: directResponse\n name: directResponse\n widget: Panel\n visibility: $exists($value)\n children:\n - source: status\n name: status\n - source: body\n name: body\n widget: Panel\n visibility: $exists($value)\n children:\n - source: string\n name: string\n - source: bytes\n name: bytes\n - source: delegate\n name: delegate\n widget: Panel\n visibility: $exists($value)\n children:\n - source: name\n name: t-name\n - source: namespace\n name: namespace\n - source: rewrite\n name: rewrite\n widget: Panel\n visibility: $exists($value)\n children:\n - source: uri\n name: uri\n - source: authority\n name: authority\n - source: retries\n name: retries\n widget: Panel\n visibility: $exists($value)\n children:\n - source: attempts\n name: attempts\n - source: perTryTimeout\n name: perTryTimeout\n - source: retryOn\n name: retryOn\n - source: retryRemoteLocalities\n name: retryRemoteLocalities\n - source: fault\n name: fault\n widget: Panel\n visibility: $exists($value)\n children:\n - source: delay\n name: delay\n widget: Panel\n visibility: $exists($value)\n children:\n - source: fixedDelay\n name: fixedDelay\n - source: percentage.value\n name: percentage.value\n - source: percent\n name: percent\n - source: abort\n name: Abort\n widget: Panel\n visibility: $exists($value)\n children:\n - source: httpStatus\n name: httpStatus\n - source: percentage.value\n name: percentage.value\n - source: mirror\n name: Mirror\n widget: Panel\n visibility: $exists($value)\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port.number\n - source: corsPolicy\n name: corsPolicy\n widget: Panel\n visibility: $exists($value)\n children:\n - source: allowOrigins\n name: allowOrigins\n - source: allowMethods\n name: allowMethods\n widget: JoinedArray\n - source: allowHeaders\n name: allowHeaders\n widget: JoinedArray\n - source: exposeHeaders\n name: exposeHeaders\n widget: JoinedArray\n - source: maxAge\n name: maxAge\n - source: allowCredentials\n name: allowCredentials\n - source: headers\n name: headers\n widget: Panel\n visibility: $exists($value)\n children:\n - source: request\n name: request\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - source: response\n name: response\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - widget: Table\n source: spec.tcp\n name: tcp\n visibility: $exists($value)\n children:\n - source: match\n name: matches\n widget: Table\n visibility: $exists($value)\n children:\n - source: destinationSubnets\n name: destinationSubnets\n widget: JoinedArray\n - source: port\n name: port\n - source: sourceLabels\n name: sourceLabels\n widget: Labels\n - source: gateways\n name: gateways\n widget: JoinedArray\n - source: sourceNamespace\n name: sourceNamespace\n collapsible:\n - source: route\n name: routes\n widget: Table\n visibility: $exists($value)\n children:\n - source: destination\n name: destination\n widget: Panel\n visibility: $exists($value)\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port\n - source: weight\n name: weight\n - widget: Table\n source: spec.tls\n name: tls\n visibility: $exists($value)\n children:\n - source: match\n name: matches\n widget: Table\n visibility: $exists($value)\n children:\n - source: sniHosts\n name: sniHosts\n widget: JoinedArray\n - source: destinationSubnets\n name: destinationSubnets\n widget: JoinedArray\n - source: port\n name: port\n - source: sourceLabels\n name: sourceLabels\n widget: Labels\n - source: gateways\n name: gateways\n widget: JoinedArray\n - source: sourceNamespace\n name: sourceNamespace\n collapsible:\n - source: route\n name: routes\n widget: Table\n visibility: $exists($value)\n children:\n - source: destination\n name: destination\n widget: Panel\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port.number\n - source: weight\n name: weight", "form": "- path: spec.tls\n widget: GenericList\n name: tls\n children:\n - path: '[].match'\n widget: GenericList\n name: matches\n children:\n - path: '[].sniHosts'\n widget: SimpleList\n name: sniHosts\n children:\n - path: '[]'\n - path: '[].sourceNamespace'\n name: sourceNamespace\n - path: '[].port'\n name: port\n - path: '[].destinationSubnets'\n widget: SimpleList\n name: destinationSubnets\n children:\n - path: '[]'\n - path: '[].sourceLabels'\n widget: KeyValuePair\n name: sourceLabels\n - path: '[].gateways'\n widget: SimpleList\n name: gateways\n children:\n - path: '[]'\n - path: '[].route'\n widget: GenericList\n name: routes\n children:\n - path: '[].destination'\n widget: FormGroup\n name: destination\n children:\n - path: host\n name: host\n - path: subset\n name: subset\n - path: port.number\n name: port.number\n - path: '[].weight'\n name: weight\n- path: spec.tcp\n name: tcp\n widget: GenericList\n children:\n - path: '[].match'\n name: matches\n children:\n - path: '[].sourceNamespace'\n name: sourceNamespace\n - path: '[].port'\n name: port\n - path: '[].sniHosts'\n widget: SimpleList\n name: sniHosts\n children:\n - path: '[]'\n - path: '[].destinationSubnets'\n widget: SimpleList\n name: destinationSubnets\n children:\n - path: '[]'\n - path: '[].sourceLabels'\n name: sourceLabels\n widget: KeyValuePair\n - path: '[].gateways'\n widget: SimpleList\n name: gateways\n children:\n - path: '[]'\n - path: '[].route'\n name: routes\n children:\n - path: '[].destination'\n widget: FormGroup\n name: destination\n children:\n - path: host\n name: host\n - path: subset\n name: subset\n - path: port.number\n name: port.number\n - path: '[].weight'\n name: weight\n- path: spec.http\n simple: true\n name: http\n widget: GenericList\n children:\n - path: '[].match'\n simple: true\n name: matches\n widget: GenericList\n children:\n - path: '[].name'\n simple: true\n name: t-name\n - path: '[].uri'\n simple: true\n name: uri\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].scheme'\n simple: true\n name: scheme\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].method'\n simple: true\n name: method\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].authority'\n simple: true\n name: authority\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].headers'\n simple: true\n name: headers\n defaultExpanded: true\n widget: KeyValuePair\n value:\n type: object\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].port'\n simple: true\n name: port\n - path: '[].sourceLabels'\n simple: true\n name: sourceLabels\n widget: KeyValuePair\n - path: '[].gateways'\n simple: true\n name: gateways\n widget: SimpleList\n children:\n - path: '[]'\n - path: '[].queryParams'\n simple: true\n name: queryParams\n widget: KeyValuePair\n value:\n type: object\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].ignoreUriCase'\n simple: true\n name: ignoreUriCase\n - path: '[].withoutHeaders'\n simple: true\n name: withoutHeaders\n widget: KeyValuePair\n value:\n type: object\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].sourceNamespace'\n simple: true\n name: sourceNamespace\n - path: '[].statPrefix'\n simple: true\n name: statPrefix\n - path: '[].route'\n simple: true\n name: routes\n children:\n - path: '[].destination'\n simple: true\n name: destination\n widget: FormGroup\n children:\n - path: host\n name: host\n - path: subset\n name: subset\n - path: port.number\n name: port.number\n - path: '[].weight'\n simple: true\n name: weight\n - path: '[].headers'\n simple: true\n name: headers\n widget: FormGroup\n children:\n - path: response\n simple: true\n name: response\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: request\n simple: true\n name: request\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: '[].redirect'\n simple: true\n name: redirect\n widget: FormGroup\n children:\n - path: uri\n simple: true\n name: uri\n - path: authority\n simple: true\n name: authority\n - path: port\n simple: true\n name: port\n - path: derivePort\n simple: true\n name: derivePort\n - path: scheme\n simple: true\n name: scheme\n - path: redirectCode\n simple: true\n name: redirectCode\n - path: '[].directResponse'\n simple: true\n name: directResponse\n widget: FormGroup\n children:\n - path: status\n simple: true\n name: status\n - path: body\n simple: true\n name: body\n widget: FormGroup\n children:\n - path: string\n simple: true\n name: string\n - path: bytes\n simple: true\n name: bytes\n - path: '[].delegate'\n simple: true\n name: delegate\n widget: FormGroup\n children:\n - path: name\n simple: true\n name: name\n - path: namespace\n simple: true\n name: namespace\n - path: '[].rewrite'\n simple: true\n name: rewrite\n widget: FormGroup\n children:\n - path: uri\n simple: true\n name: uri\n - path: authority\n simple: true\n name: authority\n - path: '[].timeout'\n simple: true\n name: timeout\n - path: '[].retries'\n simple: true\n name: retries\n widget: FormGroup\n children:\n - path: attempts\n simple: true\n name: attempts\n - path: perTryTimeout\n simple: true\n name: perTryTimeout\n - path: retryOn\n simple: true\n name: retryOn\n - path: retryRemoteLocalities\n simple: true\n name: retryRemoteLocalities\n - path: '[].fault'\n simple: true\n name: fault\n widget: FormGroup\n children:\n - path: delay\n simple: true\n name: delay\n widget: FormGroup\n children:\n - path: fixedDelay\n simple: true\n name: fixedDelay\n - path: percentage.value\n simple: true\n name: percentage.value\n - path: percent\n simple: true\n name: percent\n - path: abort\n simple: true\n name: abort\n widget: FormGroup\n children:\n - path: httpStatus\n simple: true\n name: httpStatus\n - path: grpcStatus\n simple: true\n name: grpcStatus\n - path: percentage.value\n simple: true\n name: percentage.value\n - path: '[].mirror'\n simple: true\n name: mirror\n widget: FormGroup\n children:\n - path: host\n simple: true\n name: host\n - path: subset\n simple: true\n name: subset\n - path: port.number\n simple: true\n name: port.number\n - path: '[].mirrorPercentage.value'\n simple: true\n name: mirrorPercentage\n - path: '[].corsPolicy'\n simple: true\n name: corsPolicy\n widget: FormGroup\n children:\n - path: allowCredentials\n simple: true\n name: allowCredentials\n type: boolean\n - path: allowMethods\n simple: true\n name: allowMethods\n widget: SimpleList\n placeholder: allowMethods.placeholder\n children:\n - path: '[]'\n simple: true\n - path: allowHeaders\n simple: true\n name: allowHeaders\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: exposeHeaders\n simple: true\n name: exposeHeaders\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: maxAge\n simple: true\n name: maxAge\n placeholder: maxAge.placeholder\n - path: '[].headers'\n simple: true\n name: headers\n widget: FormGroup\n children:\n - path: response\n simple: true\n name: response\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: request\n simple: true\n name: request\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n- path: spec.hosts\n name: hosts\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.gateways\n name: gateways\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.exportTo\n name: exportTo\n widget: SimpleList\n children:\n - path: '[]'", "general": "resource:\n kind: VirtualService\n group: networking.istio.io\n version: v1beta1\nurlPath: virtualservices\ncategory: Istio\nname: Virtual Services\nscope: namespace\ndescription: >-\n {{[VirtualService](https://istio.io/latest/docs/reference/config/networking/virtual-service/)}}\n describes a configuration that affects traffic routing. .", "list": "- name: hosts\n source: spec.hosts\n widget: JoinedArray\n- name: gateways\n source: spec.gateways\n widget: JoinedArray", "translations": "en:\n t-name: Name\n gateways: Gateways\n hosts: Hosts\n exportTo: Export to\n summary: Summary\n http: HTTP\n tls: TLS\n tcp: TCP\n mirror: Mirror\n mirrorPercentage: Mirror Percentage\n timeout: Timeout\n matches: Matches\n uri: URI\n scheme: Scheme\n method: Method\n authority: Authority\n headers: Headers\n port: Port\n sourceLabels: Source Labels\n queryParams: Query Params\n ignoreUriCase: Ignore URI Case\n withoutHeaders: Without Headers\n sourceNamespace: Source Namespace\n statPrefix: Stat Prefix\n routes: Routes\n destination: Destination\n host: Host\n subset: Subset\n port.number: Port Number\n weight: Weight\n request: Request\n response: Response\n set: Set\n add: Add\n remove: Remove\n redirect: Redirect\n derivePort: Derive Port\n redirectCode: Redirect Code\n directResponse: Direct Response\n status: Status\n body: Body\n string: String\n bytes: Bytes\n delegate: Delegate\n namespace: Namespace\n rewrite: Rewrite\n retries: Retries\n attempts: Attempts\n perTryTimeout: Per Try Timeout\n retryOn: Retry On\n retryRemoteLocalities: Retry Remote Localities\n fault: Fault\n delay: Delay\n fixedDelay: Fixed Delay\n abort: Abort\n percentage.value: Percentage Value\n percent: Percent\n httpStatus: HTTP Status\n grpcStatus: GRPC Status\n corsPolicy: CORS Policy\n allowOrigins: Allow Origins\n allowMethods: Allow Methods\n allowMethods.placeholder: For example, GET\n allowHeaders: Allow Headers\n exposeHeaders: Expose Headers\n maxAge: Max Age\n maxAge.placeholder: For example, 24h\n allowCredentials: Allow Credentials\n destinationSubnets: Destination Subnets\n sniHosts: SNI Hosts" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "istio" }, "name": "istio-virtualservices-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "labels": { "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "kyma-project.io/module": "istio" }, "name": "istio-operator-metrics", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http-metrics", "port": 8080, "targetPort": 8080 } ], "selector": { "app.kubernetes.io/component": "istio-operator.kyma-project.io", "control-plane": "controller-manager" } } }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Used for Istio components that are managed by Kyma Istio Manager and must run in the cluster.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "kyma-project.io/module": "istio" }, "name": "istio-kyma-priority" }, "value": 2100000 }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "istio-operator.kyma-project.io", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "control-plane": "controller-manager", "kyma-project.io/module": "istio" }, "name": "istio-controller-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/component": "istio-operator.kyma-project.io", "control-plane": "controller-manager" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager" }, "labels": { "app.kubernetes.io/component": "istio-operator.kyma-project.io", "app.kubernetes.io/instance": "istio-operator-default", "app.kubernetes.io/name": "istio-operator", "app.kubernetes.io/part-of": "istio", "app.kubernetes.io/version": "1.8.0", "control-plane": "controller-manager", "kyma-project.io/module": "istio", "sidecar.istio.io/inject": "false" } }, "spec": { "containers": [ { "args": [ "--leader-elect", "--health-probe-bind-address=:8081", "--metrics-bind-address=:8080" ], "command": [ "/manager" ], "image": "europe-docker.pkg.dev/kyma-project/prod/istio-manager:1.8.0", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "1000m", "memory": "512Mi" }, "requests": { "cpu": "10m", "memory": "64Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "priorityClassName": "istio-kyma-priority", "securityContext": { "runAsNonRoot": true }, "serviceAccountName": "istio-controller-manager", "terminationGracePeriodSeconds": 10 } } } } ], "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/istio-controller-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/istio-manager:1.8.0", "crPath": "/apis/operator.kyma-project.io/v1alpha2/namespaces/kyma-system/istios/default" } ] }, { "name": "api-gateway", "documentation": "https://kyma-project.io/#/api-gateway/user/README", "repository": "https://github.com/kyma-project/api-gateway.git", "managedResources": [ "/apis/operator.kyma-project.io/v1alpha1/apigateways", "/apis/gateway.kyma-project.io/v1beta1/apirules" ], "manageable": true, "latestGithubRelease": { "repository": "kyma-project/api-gateway", "deploymentYaml": "api-gateway-manager.yaml", "crYaml": "apigateway-default-cr.yaml" }, "versions": [ { "version": "2.3.1", "deploymentYaml": "https://github.com/kyma-project/api-gateway/releases/download/2.3.1/api-gateway-manager.yaml", "crYaml": "https://github.com/kyma-project/api-gateway/releases/download/2.3.1/apigateway-default-cr.yaml", "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "APIGateway", "metadata": { "name": "default" }, "spec": { "enableKymaGateway": true } }, "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.10.0" }, "creationTimestamp": null, "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "api-gateway-operator-default", "app.kubernetes.io/name": "api-gateway-operator", "app.kubernetes.io/part-of": "api-gateway", "app.kubernetes.io/version": "2.3.1", "kyma-project.io/module": "api-gateway" }, "name": "apigateways.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "APIGateway", "listKind": "APIGatewayList", "plural": "apigateways", "singular": "apigateway" }, "scope": "Cluster", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.state", "name": "State", "type": "string" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "APIGateway is the Schema for the apigateways API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "APIGatewaySpec defines the desired state of APIGateway", "properties": { "enableKymaGateway": { "description": "Specifies whether the default Kyma Gateway kyma-gateway in kyma-system Namespace is created.", "type": "boolean" } }, "type": "object" }, "status": { "description": "APIGatewayStatus defines the observed state of APIGateway", "properties": { "conditions": { "description": "Conditions of APIGateway", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition. This may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "description": { "description": "Description of APIGateway status", "type": "string" }, "state": { "description": "State signifies current state of APIGateway. Value can be one of (\"Ready\", \"Processing\", \"Error\", \"Deleting\", \"Warning\").", "enum": [ "Processing", "Deleting", "Ready", "Error", "Warning" ], "type": "string" } }, "required": [ "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.10.0" }, "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "api-gateway-operator-default", "app.kubernetes.io/name": "api-gateway-operator", "app.kubernetes.io/part-of": "api-gateway", "app.kubernetes.io/version": "2.3.1", "kyma-project.io/module": "api-gateway" }, "name": "apirules.gateway.kyma-project.io" }, "spec": { "conversion": { "strategy": "Webhook", "webhook": { "clientConfig": { "service": { "name": "webhook-service", "namespace": "kyma-system", "path": "/convert" } }, "conversionReviewVersions": [ "v1beta1", "v1alpha1" ] } }, "group": "gateway.kyma-project.io", "names": { "kind": "APIRule", "listKind": "APIRuleList", "plural": "apirules", "singular": "apirule" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.APIRuleStatus.code", "name": "Status", "type": "string" }, { "jsonPath": ".spec.host", "name": "Host", "type": "string" } ], "name": "v1beta1", "schema": { "openAPIV3Schema": { "description": "APIRule is the Schema for ApiRule APIs.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired state of ApiRule.", "properties": { "corsPolicy": { "description": "Specifies CORS headers configuration that will be sent downstream", "properties": { "allowCredentials": { "type": "boolean" }, "allowHeaders": { "items": { "type": "string" }, "type": "array" }, "allowMethods": { "items": { "type": "string" }, "type": "array" }, "allowOrigins": { "items": { "additionalProperties": { "type": "string" }, "type": "object" }, "type": "array" }, "exposeHeaders": { "items": { "type": "string" }, "type": "array" }, "maxAge": { "format": "duration", "type": "string" } }, "type": "object" }, "gateway": { "description": "Specifies the Istio Gateway to be used.", "pattern": "^[0-9a-z-_]+(\\/[0-9a-z-_]+|(\\.[0-9a-z-_]+)*)$", "type": "string" }, "host": { "description": "Specifies the URL of the exposed service.", "maxLength": 256, "minLength": 3, "pattern": "^([a-zA-Z0-9][a-zA-Z0-9-_]*\\.)*[a-zA-Z0-9]*[a-zA-Z0-9-_]*[[a-zA-Z0-9]+$", "type": "string" }, "rules": { "description": "Represents the array of Oathkeeper access rules to be applied.", "items": { "description": "Rule .", "properties": { "accessStrategies": { "description": "Specifies the list of access strategies. All strategies listed in [Oathkeeper documentation](https://www.ory.sh/docs/oathkeeper/pipeline/authn) are supported.", "items": { "description": "Represents a handler that authenticates provided credentials. See the corresponding type in the oathkeeper-maester project.", "properties": { "config": { "description": "Configures the handler. Configuration keys vary per handler.", "type": "object", "x-kubernetes-preserve-unknown-fields": true }, "handler": { "description": "Specifies the name of the handler.", "type": "string" } }, "required": [ "handler" ], "type": "object" }, "minItems": 1, "type": "array" }, "methods": { "description": "Represents the list of allowed HTTP request methods available for the **spec.rules.path**.", "items": { "description": "HttpMethod specifies the HTTP request method. The list of supported methods is defined in RFC 9910: HTTP Semantics and RFC 5789: PATCH Method for HTTP.", "enum": [ "GET", "HEAD", "POST", "PUT", "DELETE", "CONNECT", "OPTIONS", "TRACE", "PATCH" ], "type": "string" }, "minItems": 1, "type": "array" }, "mutators": { "description": "Specifies the list of [Ory Oathkeeper](https://www.ory.sh/docs/oathkeeper/pipeline/mutator) mutators.", "items": { "description": "Mutator represents a handler that transforms the HTTP request before forwarding it. See the corresponding in the oathkeeper-maester project.", "properties": { "config": { "description": "Configures the handler. Configuration keys vary per handler.", "type": "object", "x-kubernetes-preserve-unknown-fields": true }, "handler": { "description": "Specifies the name of the handler.", "type": "string" } }, "required": [ "handler" ], "type": "object" }, "type": "array" }, "path": { "description": "Specifies the path of the exposed service.", "pattern": "^([0-9a-zA-Z./*()?!\\\\_-]+)", "type": "string" }, "service": { "description": "Describes the service to expose. Overwrites the **spec** level service if defined.", "properties": { "external": { "description": "Specifies if the service is internal (in cluster) or external.", "type": "boolean" }, "name": { "description": "Specifies the name of the exposed service.", "type": "string" }, "namespace": { "description": "Specifies the Namespace of the exposed service. If not defined, it defaults to the APIRule Namespace.", "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$", "type": "string" }, "port": { "description": "Specifies the communication port of the exposed service.", "format": "int32", "maximum": 65535, "minimum": 1, "type": "integer" } }, "required": [ "name", "port" ], "type": "object" }, "timeout": { "description": "Timeout for HTTP requests in seconds. The timeout can be configured up to 3900 seconds (65 minutes).", "maximum": 3900, "minimum": 1, "type": "integer" } }, "required": [ "accessStrategies", "methods", "path" ], "type": "object" }, "minItems": 1, "type": "array" }, "service": { "description": "Describes the service to expose.", "properties": { "external": { "description": "Specifies if the service is internal (in cluster) or external.", "type": "boolean" }, "name": { "description": "Specifies the name of the exposed service.", "type": "string" }, "namespace": { "description": "Specifies the Namespace of the exposed service. If not defined, it defaults to the APIRule Namespace.", "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$", "type": "string" }, "port": { "description": "Specifies the communication port of the exposed service.", "format": "int32", "maximum": 65535, "minimum": 1, "type": "integer" } }, "required": [ "name", "port" ], "type": "object" }, "timeout": { "description": "Timeout for HTTP requests in seconds. The timeout can be configured up to 3900 seconds (65 minutes).", "maximum": 3900, "minimum": 1, "type": "integer" } }, "required": [ "gateway", "host", "rules" ], "type": "object" }, "status": { "description": "Describes the observed state of ApiRule.", "properties": { "APIRuleStatus": { "description": "Describes the status of APIRule.", "properties": { "code": { "description": "Status code describing APIRule.", "type": "string" }, "desc": { "type": "string" } }, "type": "object" }, "accessRuleStatus": { "description": "Describes the status of APIRule.", "properties": { "code": { "description": "Status code describing APIRule.", "type": "string" }, "desc": { "type": "string" } }, "type": "object" }, "authorizationPolicyStatus": { "description": "Describes the status of APIRule.", "properties": { "code": { "description": "Status code describing APIRule.", "type": "string" }, "desc": { "type": "string" } }, "type": "object" }, "lastProcessedTime": { "format": "date-time", "type": "string" }, "observedGeneration": { "format": "int64", "type": "integer" }, "requestAuthenticationStatus": { "description": "Describes the status of APIRule.", "properties": { "code": { "description": "Status code describing APIRule.", "type": "string" }, "desc": { "type": "string" } }, "type": "object" }, "virtualServiceStatus": { "description": "Describes the status of APIRule.", "properties": { "code": { "description": "Status code describing APIRule.", "type": "string" }, "desc": { "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "api-gateway-operator-default", "app.kubernetes.io/name": "api-gateway-operator", "app.kubernetes.io/part-of": "api-gateway", "app.kubernetes.io/version": "2.3.1", "kyma-project.io/module": "api-gateway" }, "name": "api-gateway-controller-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "api-gateway-operator-default", "app.kubernetes.io/name": "api-gateway-operator", "app.kubernetes.io/part-of": "api-gateway", "app.kubernetes.io/version": "2.3.1", "kyma-project.io/module": "api-gateway" }, "name": "api-gateway-leader-election-role", "namespace": "kyma-system" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "creationTimestamp": null, "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "api-gateway-operator-default", "app.kubernetes.io/name": "api-gateway-operator", "app.kubernetes.io/part-of": "api-gateway", "app.kubernetes.io/version": "2.3.1", "kyma-project.io/module": "api-gateway" }, "name": "api-gateway-manager-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "deployments", "secrets", "serviceaccounts", "services" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "nodes" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "pods" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "autoscaling" ], "resources": [ "horizontalpodautoscalers" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "cert.gardener.cloud" ], "resources": [ "certificates" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "dns.gardener.cloud" ], "resources": [ "dnsentries" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "gateway.kyma-project.io" ], "resources": [ "apirules" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "gateway.kyma-project.io" ], "resources": [ "apirules/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "gateway.kyma-project.io" ], "resources": [ "apirules/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "networking.istio.io" ], "resources": [ "gateways" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "networking.istio.io" ], "resources": [ "virtualservices" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "oathkeeper.ory.sh" ], "resources": [ "rules" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "apigateways" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "apigateways/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "apigateways/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "policy" ], "resources": [ "poddisruptionbudgets" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings", "clusterroles", "rolebindings", "roles" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "authorizationpolicies" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "peerauthentications" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "requestauthentications" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "api-gateway-operator-default", "app.kubernetes.io/name": "api-gateway-operator", "app.kubernetes.io/part-of": "api-gateway", "app.kubernetes.io/version": "2.3.1", "kyma-project.io/module": "api-gateway" }, "name": "api-gateway-leader-election-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "api-gateway-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "api-gateway-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "api-gateway-operator-default", "app.kubernetes.io/name": "api-gateway-operator", "app.kubernetes.io/part-of": "api-gateway", "app.kubernetes.io/version": "2.3.1", "kyma-project.io/module": "api-gateway" }, "name": "api-gateway-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "api-gateway-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "api-gateway-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "dataSources": "relatedGateways:\n resource:\n kind: Gateway\n group: networking.istio.io\n version: v1beta1\n namespace: null\nrelatedServices:\n resource:\n kind: Service\n version: v1\n namespace: null\nvirtualServices:\n resource:\n kind: VirtualService\n group: networking.istio.io\n version: v1beta1\n namespace: null\n filter: '$item.metadata.labels.\"apirule.gateway.kyma-project.io/v1beta1\" = $root.metadata.name & \".\" & $root.metadata.namespace'\n", "details": "header:\n - name: status\n widget: Badge\n highlights:\n positive:\n - 'OK'\n negative:\n - 'ERROR'\n critical:\n - 'SKIPPED'\n source: 'status.APIRuleStatus.code ? status.APIRuleStatus.code : \"UNKNOWN\"'\n description: status.APIRuleStatus.desc\n - name: host\n source: spec\n widget: APIRuleHost\nbody:\n - simple: true\n widget: Alert\n severity: warning\n source: '\"alert.spec.jwks_url_http\"'\n visibility: '$count(spec.rules.accessStrategies.config.jwks_urls)>0 and $reduce(spec.rules.accessStrategies.config.jwks_urls,function($i, $j){$i or $substringBefore($j,\"://\")=\"http\"},false)'\n - simple: true\n widget: Alert\n severity: warning\n source: '\"alert.spec.trusted_issuers_http\"'\n visibility: '$count(spec.rules.accessStrategies.config.trusted_issuers)>0 and $reduce(spec.rules.accessStrategies.config.trusted_issuers,function($i, $j){$i or $substringBefore($j,\"://\")=\"http\"},false)'\n - simple: true\n widget: Alert\n severity: warning\n source: '\"alert.corsPolicy\"'\n visibility: '$not($exists(spec.corsPolicy))'\n - widget: Panel\n name: corsPolicy\n source: spec.corsPolicy\n visibility: $exists(spec.corsPolicy)\n children:\n - name: corsAllowMethods\n source: allowMethods\n widget: JoinedArray\n visibility: '$not($count(allowMethods)=0)'\n - name: corsAllowOriginsRegex\n source: $join(allowOrigins.regex,\",\")\n widget: Text\n visibility: '$not($count(allowOrigins.regex)=0)'\n - name: corsAllowOriginsPrefix\n source: $join(allowOrigins.prefix,\",\")\n widget: Text\n visibility: '$not($count(allowOrigins.prefix)=0)'\n - name: corsAllowOriginsExact\n source: $join(allowOrigins.exact,\",\")\n widget: Text\n visibility: '$not($count(allowOrigins.exact)=0)'\n - name: corsExposeHeaders\n source: exposeHeaders\n widget: JoinedArray\n visibility: '$not($count(exposeHeaders)=0)'\n - name: corsAllowHeaders\n source: allowHeaders\n widget: JoinedArray\n visibility: '$not($count(allowHeaders)=0)'\n - name: corsAllowCredentials\n source: allowCredentials\n widget: Badge\n visibility: '$exists(allowCredentials)'\n - name: corsMaxAge\n source: maxAge\n widget: Text\n visibility: '$exists(maxAge)'\n - name: general\n source: spec\n widget: Panel\n visibility: $exists(spec.timeout)\n children:\n - source: timeout\n name: details.timeout\n - name: service\n source: spec.service\n widget: Panel\n children:\n - name: service.name\n source: name\n widget: ResourceLink\n resource:\n name: $root.spec.service.name\n namespace: $root.metadata.namespace\n kind: '\"Service\"'\n - name: service.port\n source: port\n - source: spec.rules\n widget: Table\n name: rules\n children:\n - source: $item.path\n name: rules.path\n - source: $item.methods\n name: rules.methods\n widget: Badge\n collapsible:\n - name: general\n source: $item\n widget: Panel\n visibility: $exists($item.timeout)\n children:\n - source: $item.timeout\n name: details.timeout\n - source: $item.accessStrategies\n widget: Table\n disablePadding: true\n name: accessStrategies\n children:\n - source: $item.handler\n name: accessStrategies.handlers\n widget: Badge\n - source: $item.config.required_scope\n name: accessStrategies.required_scope\n widget: JoinedArray\n - source: $item.config.jwks_urls\n name: accessStrategies.jwks_urls\n widget: JoinedArray\n - source: $item.config.trusted_issuers\n name: accessStrategies.trusted_issuers\n widget: JoinedArray\n - source: $item.config.introspection_url\n name: accessStrategies.introspection_url\n widget: Text\n - source: $item.config.introspection_request_headers\n name: accessStrategies.introspection_request_headers\n widget: Labels\n - source: $item.config.token_from\n name: accessStrategies.token_from\n widget: Labels\n - source: $item.mutators\n widget: Table\n disablePadding: true\n name: mutators\n visibility: $exists($item.mutators)\n children:\n - source: $item.handler\n name: mutators.handlers\n widget: Badge\n - source: $item.config\n name: mutators.config\n widget: CodeViewer\n description: \"Configuration for {{[Ory Oathkeeper Rule mutators]https://www.ory.sh/docs/oathkeeper/pipeline/mutator}}\"\n language: \"'yaml'\"\n visibility: '$exists($value)'\n - name: service\n source: $item.service\n widget: Panel\n visibility: $exists($item.service)\n children:\n - name: service.name\n source: $item.service.name\n widget: ResourceLink\n resource:\n name: $item.service.name\n namespace: $root.metadata.namespace\n kind: '\"Service\"'\n - name: service.port\n source: $item.service.port\n - widget: ResourceList\n source: $virtualServices()\n name: virtualService\n disableCreate: true\n", "form": "- simple: true\n required: false\n path: spec.timeout\n name: timeout\n inputInfo: inputInfo.timeout\n value:\n type: number\n- simple: true\n required: false\n path: spec.service\n name: service\n widget: FormGroup\n defaultExpanded: true\n children:\n - simple: true\n required: false\n path: name\n name: service-name\n widget: Resource\n resource:\n kind: Service\n version: v1\n scope: namespace\n trigger: [port]\n - simple: true\n required: false\n path: port\n name: service.port\n subscribe:\n port: \"$filter($relatedServices().items, function ($v) { $v.metadata.name = $root.spec.service.name and $v.metadata.namespace = $root.metadata.namespace }).spec.ports[0].port\"\n- simple: true\n required: true\n path: spec.gateway\n name: gateway\n widget: ResourceRef\n defaultExpanded: true\n visibility: $canI('networking.istio.io/v1beta1', 'Gateway')\n resource:\n kind: Gateway\n group: networking.istio.io\n version: v1beta1\n overwrite: false\n toInternal: '($values := $split($, \".\"); { \"namespace\": $values[1], \"name\": $values[0] })'\n toExternal: 'name & \".\" & namespace & \".svc.cluster.local\"'\n trigger: [host]\n- simple: true\n var: separator\n value: \"\"\n- simple: true\n required: true\n path: spec.gateway\n name: gateway\n visibility: $not($canI('networking.istio.io/v1beta1', 'Gateway'))\n inputInfo: inputInfo.gateway\n overwrite: false\n trigger: [host]\n- simple: true\n widget: Alert\n severity: warning\n alert: '\"alert.corsPolicy\"'\n visibility: '$not($useCorsPolicy)'\n- var: useCorsPolicy\n name: useCorsPolicy\n simple: true\n type: boolean\n dynamicValue: '$boolean(spec.corsPolicy)'\n- simple: true\n visibility: '$useCorsPolicy'\n required: false\n path: spec.corsPolicy\n name: corsPolicy\n defaultExpanded: true\n inputInfo: inputInfo.corsPolicy\n widget: FormGroup\n children:\n - simple: true\n required: false\n path: allowMethods\n name: corsAllowMethods\n widget: MultiCheckbox\n options:\n - key: GET\n - key: POST\n - key: PUT\n - key: DELETE\n - key: PATCH\n - key: HEAD\n - key: OPTIONS\n - key: CONNECT\n - key: TRACE\n - simple: true\n required: false\n path: allowOrigins\n name: corsAllowOrigins\n widget: GenericList\n children:\n - path: '[]'\n widget: KeyValuePair\n keyEnum:\n - exact\n - prefix\n - regex\n simple: true\n - simple: true\n required: false\n path: allowHeaders\n name: corsAllowHeaders\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - simple: true\n required: false\n path: exposeHeaders\n name: corsExposeHeaders\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - simple: true\n required: false\n path: allowCredentials\n name: corsAllowCredentials\n value:\n type: boolean\n - simple: true\n required: false\n path: maxAge\n name: corsMaxAge\n value:\n type: string\n- simple: true\n required: true\n path: spec.host\n name: host\n enum: \"$distinct($filter($relatedGateways().items, function ($v) { $v.metadata.name = $substringBefore($root.spec.gateway, '.') and $v.metadata.namespace = $substringBefore($substringAfter($root.spec.gateway, '.'), '.')}).spec.servers.hosts)\"\n subscribe:\n host: \"$string($filter($relatedGateways().items, function ($v) { $v.metadata.name = $substringBefore($root.spec.gateway, '.') and $v.metadata.namespace = $substringBefore($substringAfter($root.spec.gateway, '.'), '.')}).spec.servers[0].hosts[0])\"\n- simple: true\n widget: Alert\n severity: error\n alert: '\"alert.spec.host\"'\n visibility: '$substring(spec.host, 0, 1)=\"*\"'\n- simple: true\n required: true\n path: spec.rules\n name: rules\n widget: GenericList\n defaultExpanded: true\n template:\n path: '/.*'\n methods: ['GET']\n accessStrategies:\n - handler: 'no_auth'\n children:\n - simple: true\n required: false\n path: '[].timeout'\n name: timeout\n inputInfo: inputInfo.timeout\n value:\n type: number\n - simple: true\n required: true\n path: '[].path'\n name: path\n inputInfo: inputInfo.path\n - required: true\n simple: true\n path: '[].accessStrategies'\n name: accessStrategies\n widget: GenericList\n defaultExpanded: true\n template:\n handler: 'no_auth'\n children:\n - required: true\n simple: true\n path: '[].handler'\n name: accessStrategies.handler\n enum:\n - allow\n - no_auth\n - noop\n - jwt\n - oauth2_introspection\n - path: '[].config'\n simple: true\n name: accessStrategies.config\n type: object\n properties:\n jwks_urls:\n type: array\n items:\n type: string\n pattern: ^(https://|file://).*$\n trusted_issuers:\n type: array\n items:\n type: string\n pattern: ^(https://|file://).*$\n required_scope:\n type: array\n items:\n type: string\n introspection_url:\n type: string\n pattern: ^(https://|http://).*$\n introspection_request_headers:\n type: map\n token_from:\n type: map\n children:\n - simple: true\n widget: Alert\n severity: warning\n alert: '\"alert.spec.jwks_url_http\"'\n visibility: '$reduce($item.config.jwks_urls,function($i, $j){$i or $substringBefore($j,\"://\")=\"http\"},false)'\n - path: jwks_urls\n name: accessStrategies.jwks_urls\n inputInfo: inputInfo.jwks_urls\n simple: true\n widget: SimpleList\n visibility: '$item.handler=\"jwt\"'\n children:\n - path: '[]'\n simple: true\n - simple: true\n widget: Alert\n severity: warning\n alert: '\"alert.spec.trusted_issuers_http\"'\n visibility: '$reduce($item.config.trusted_issuers,function($i, $j){$i or $substringBefore($j,\"://\")=\"http\"},false)'\n - path: trusted_issuers\n name: accessStrategies.trusted_issuers\n inputInfo: inputInfo.trusted_issuers\n simple: true\n widget: SimpleList\n visibility: '$item.handler=\"jwt\"'\n children:\n - path: '[]'\n simple: true\n - path: introspection_url\n name: accessStrategies.introspection_url\n inputInfo: inputInfo.introspection_url\n simple: true\n visibility: '$item.handler=\"oauth2_introspection\"'\n - path: introspection_request_headers\n name: accessStrategies.introspection_request_headers\n simple: true\n inputInfo: inputInfo.introspection_request_headers\n widget: KeyValuePair\n visibility: '$item.handler=\"oauth2_introspection\"'\n - path: required_scope\n name: accessStrategies.required_scope\n simple: true\n widget: SimpleList\n visibility: '$item.handler=\"oauth2_introspection\" or $item.handler=\"oauth2_client_credentials\" or $item.handler=\"jwt\"'\n children:\n - path: '[]'\n simple: true\n - path: token_from\n name: accessStrategies.token_from\n simple: true\n inputInfo: inputInfo.token_from\n widget: KeyValuePair\n visibility: '$item.handler!=\"allow\" and $item.handler!=\"no_auth\" and $item.handler!=\"noop\"'\n keyEnum:\n - header\n - query_parameter\n - cookie\n - required: true\n simple: true\n path: '[].methods'\n name: rules.methods\n widget: MultiCheckbox\n options:\n - key: GET\n - key: POST\n - key: PUT\n - key: DELETE\n - key: PATCH\n - key: HEAD\n - key: OPTIONS\n - key: CONNECT\n - key: TRACE\n - path: '[].mutators'\n name: mutators\n widget: GenericList\n children:\n - path: '[].config'\n widget: CodeEditor\n description: \"Configuration for {{[Ory Oathkeeper Rule mutators]https://www.ory.sh/docs/oathkeeper/pipeline/mutator}}\"\n language: \"'yaml'\"\n - required: true\n path: '[].handler'\n name: accessStrategies.handler\n enum:\n - noop\n - id_token\n - header\n - cookie\n - path: '[].service'\n simple: true\n name: service\n widget: FormGroup\n required: false\n children:\n - simple: true\n required: false\n path: name\n name: service-name\n widget: Resource\n resource:\n kind: Service\n version: v1\n scope: namespace\n trigger: [accessStrategyPort]\n - simple: true\n required: false\n path: port\n name: service.port\n subscribe:\n accessStrategyPort: \"$filter($relatedServices().items, function ($v) { $v.metadata.name = $item.service.name and $v.metadata.namespace = $root.metadata.namespace }).spec.ports[0].port\"", "general": "resource:\n kind: APIRule\n group: gateway.kyma-project.io\n version: v1beta1\nname: API Rules\ncategory: Discovery and Network\nscope: namespace\ndescription: '{{[APIRule](https://kyma-project.io/#/api-gateway/user/custom-resources/apirule/04-10-apirule-custom-resource)}} allows for exposing a service externally.'\nurlPath: apirules", "list": "- name: host\n source: spec\n widget: APIRuleHost\n- name: service-name\n source: '$string(spec.service.name) ? ($string(spec.service.name) & \" (port: \" & $string(spec.service.port) & \")\") : \"\"'\n widget: ResourceLink\n resource:\n name: $root.spec.service.name\n namespace: $root.metadata.namespace\n kind: '\"Service\"'\n- name: status\n widget: Badge\n highlights:\n positive:\n - 'OK'\n negative:\n - 'ERROR'\n critical:\n - 'SKIPPED'\n source: 'status.APIRuleStatus.code ? status.APIRuleStatus.code : \"UNKNOWN\"'\n description: status.APIRuleStatus.desc", "presets": "- name: Default gateway\n default: true\n value:\n spec:\n gateway: kyma-gateway.kyma-system.svc.cluster.local\n rules:\n - path: /.*\n methods:\n - GET\n accessStrategies:\n - handler: no_auth", "translations": "en:\n accessStrategies: Access Strategies\n accessStrategies.config: Config\n accessStrategies.handler: Handler\n accessStrategies.handlers: Handlers\n accessStrategies.jwks_urls: JWKS URLs\n accessStrategies.trusted_issuers: Trusted Issuers\n accessStrategies.required_scope: Required Scope\n accessStrategies.introspection_url: Introspection URL\n accessStrategies.introspection_request_headers: Introspection Request Headers\n accessStrategies.token_from: Token From\n gateway: Gateway\n useCorsPolicy: Use custom CORS policy\n corsPolicy: CORS Policy\n corsAllowMethods: CORS Allow Methods\n corsAllowOrigins: CORS Allow Origins\n corsAllowHeaders: CORS Allow Headers\n corsExposeHeaders: CORS Expose Headers\n corsAllowCredentials: CORS Allow Credentials\n corsAllowOriginsRegex: CORS origins allowed with regex match\n corsAllowOriginsPrefix: CORS origins allowed with prefix match\n corsAllowOriginsExact: CORS origins allowed with exact match\n corsMaxAge: CORS Max Age\n host: Host\n inputInfo.corsPolicy: Defines what CORS headers will be sent on CORS preflight and response\n inputInfo.gateway: Gateway structure, '{GATEWAY}.{NAMESPACE}.svc.cluster.local'\n inputInfo.path: \"Path can contain alphanumeric characters and '/', '.', '*', '?', '!', '-', '(', and ')'.\"\n inputInfo.jwks_urls: \"JWKS URLs must start with 'https://', 'http://' or 'file://'. HTTP protocol is not recommended.\"\n inputInfo.trusted_issuers: \"Trusted Issuers must start with 'https://', 'http://' or 'file://'. HTTP protocol is not recommended.\"\n inputInfo.introspection_url: \"URL endpoint used for validating the Bearer token. Should start with 'http://' or 'https://'\"\n inputInfo.introspection_request_headers: \"Headers sent alongside the introspection request\"\n inputInfo.token_from: \"Defines where Ory Oathkeeper should look for access token\"\n inputInfo.timeout: \"Timeout for HTTP requests in seconds. The timeout can be configured for a maximum of 3900 seconds (65 minutes).\"\n mutators: Mutators\n mutators.config: Config\n mutators.handlers: Handlers\n path: Path\n rules: Rules\n rules.methods: Methods\n rules.path: Path\n service: Service\n service.name: Name\n service.port: Port\n service-name: Service Name\n status: Status\n general: General\n timeout: HTTP Request Timeout\n details.timeout: HTTP Request Timeout (seconds)\n virtualService: Virtual Service\n alert.spec.host: Host can not be a wildcard, replace * with subdomain name\n alert.spec.jwks_url_http: \"JWKS URL: HTTP protocol is not secure, consider using HTTPS\"\n alert.spec.trusted_issuers_http: \"Trusted Issuers: HTTP protocol is not secure, consider using HTTPS\"\n alert.corsPolicy: \"Disabling custom CORS Policy is not recommended. Consider setting up CORS yourself\"\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "api-gateway-operator-default", "app.kubernetes.io/name": "api-gateway-operator", "app.kubernetes.io/part-of": "api-gateway", "app.kubernetes.io/version": "2.3.1", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "api-gateway" }, "name": "api-gateway-apirule-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n- name: Ready\n source: status.state\n widget: Badge\n description: status.description\n highlights:\n positive:\n - 'Ready'\n negative:\n - 'Error'\n critical:\n - 'Warning'\nbody:\n- widget: Panel\n name: Configuration\n children:\n - source: spec.enableKymaGateway\n name: enableKymaGateway\n visibility: '$exists($value)'\n\n- source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true", "form": "- path: spec\n simple: true\n name: General\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: enableKymaGateway\n simple: true\n name: enableKymaGateway\n value:\n type: boolean", "general": "resource:\n kind: APIGateway\n group: operator.kyma-project.io\n version: v1alpha1\nurlPath: apigateways\ncategory: Kyma\nname: APIGateway\nscope: cluster\nfeatures:\n actions:\n disableCreate: true\n disableDelete: true\ndescription: >-\n See the description of the {{[APIGateway custom resource](https://github.com/kyma-project/api-gateway/blob/main/config/samples/operator_v1alpha1_apigateway.yaml)}}.", "list": "- name: Ready\n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'\n negative:\n - 'Error'\n critical:\n - 'Warning'", "translations": "en:\n enableKymaGateway: Enable Kyma Gateway" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "api-gateway-operator-default", "app.kubernetes.io/name": "api-gateway-operator", "app.kubernetes.io/part-of": "api-gateway", "app.kubernetes.io/version": "2.3.1", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "api-gateway" }, "name": "api-gateway-ui.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "api-gateway-operator-default", "app.kubernetes.io/name": "api-gateway-operator", "app.kubernetes.io/part-of": "api-gateway", "app.kubernetes.io/version": "2.3.1", "kyma-project.io/module": "api-gateway" }, "name": "api-gateway-operator-metrics", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http-metrics", "port": 8080, "targetPort": 8080 } ], "selector": { "app.kubernetes.io/component": "api-gateway-operator.kyma-project.io", "control-plane": "controller-manager" } } }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Scheduling priority of api-gateway component. Must not be blocked by unschedulable user workloads.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "labels": { "app.kubernetes.io/component": "operator", "app.kubernetes.io/instance": "api-gateway-operator-default", "app.kubernetes.io/name": "api-gateway-operator", "app.kubernetes.io/part-of": "api-gateway", "app.kubernetes.io/version": "2.3.1", "kyma-project.io/module": "api-gateway" }, "name": "api-gateway-priority-class" }, "value": 2100000 }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "istio-operator.kyma-project.io", "app.kubernetes.io/instance": "api-gateway-operator-default", "app.kubernetes.io/name": "api-gateway-operator", "app.kubernetes.io/part-of": "api-gateway", "app.kubernetes.io/version": "2.3.1", "control-plane": "controller-manager", "kyma-project.io/module": "api-gateway" }, "name": "api-gateway-controller-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/component": "api-gateway-operator.kyma-project.io", "control-plane": "controller-manager" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager" }, "labels": { "app.kubernetes.io/component": "api-gateway-operator.kyma-project.io", "app.kubernetes.io/instance": "api-gateway-operator-default", "app.kubernetes.io/name": "api-gateway-operator", "app.kubernetes.io/part-of": "api-gateway", "app.kubernetes.io/version": "2.3.1", "control-plane": "controller-manager", "kyma-project.io/module": "api-gateway", "sidecar.istio.io/inject": "false" } }, "spec": { "containers": [ { "args": [ "--leader-elect", "--health-probe-bind-address=:8081", "--metrics-bind-address=:8080" ], "command": [ "/manager" ], "image": "europe-docker.pkg.dev/kyma-project/prod/api-gateway-manager:2.3.1", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "10m", "memory": "128Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "securityContext": { "runAsNonRoot": true }, "serviceAccountName": "api-gateway-controller-manager", "terminationGracePeriodSeconds": 10 } } } } ], "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/api-gateway-controller-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/api-gateway-manager:2.3.1", "crPath": "/apis/operator.kyma-project.io/v1alpha1/apigateways/default", "channels": [ "fast", "regular" ], "documentation": "https://kyma-project.io/#/api-gateway/user/README", "repository": "https://github.com/kyma-project/api-gateway.git" } ] }, { "name": "serverless", "documentation": "https://kyma-project.io/#/serverless-manager/user/README", "repository": "https://github.com/kyma-project/serverless-manager.git", "managedResources": [ "/apis/serverless.kyma-project.io/v1alpha2/functions", "/apis/operator.kyma-project.io/v1alpha1/serverlesses" ], "manageable": true, "latestGithubRelease": { "repository": "kyma-project/serverless-manager", "deploymentYaml": "serverless-operator.yaml", "crYaml": "default-serverless-cr.yaml" }, "versions": [ { "version": "1.5.1", "deploymentYaml": "https://github.com/kyma-project/serverless/releases/download/1.5.1/serverless-operator.yaml", "crYaml": "https://github.com/kyma-project/serverless/releases/download/1.5.1/default-serverless-cr.yaml", "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "Serverless", "metadata": { "name": "default", "namespace": "kyma-system" }, "spec": { "dockerRegistry": { "enableInternal": true } } }, "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "serverless-operator.kyma-project.io" }, "name": "serverlesses.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "Serverless", "listKind": "ServerlessList", "plural": "serverlesses", "singular": "serverless" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type=='Configured')].status", "name": "Configured", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type=='Installed')].status", "name": "Installed", "type": "string" }, { "jsonPath": ".metadata.generation", "name": "generation", "type": "integer" }, { "jsonPath": ".metadata.creationTimestamp", "name": "age", "type": "date" }, { "jsonPath": ".status.state", "name": "state", "type": "string" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "Serverless is the Schema for the serverlesses API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "ServerlessSpec defines the desired state of Serverless", "properties": { "defaultBuildJobPreset": { "description": "Configures the default build Job preset to be used", "type": "string" }, "defaultRuntimePodPreset": { "description": "Configures the default runtime Pod preset to be used", "type": "string" }, "dockerRegistry": { "properties": { "enableInternal": { "description": "When set to true, the internal Docker registry is enabled", "type": "boolean" }, "secretName": { "description": "Secret used for configuration of the Docker registry", "type": "string" } }, "type": "object" }, "eventing": { "description": "Used Eventing endpoint", "properties": { "endpoint": { "type": "string" } }, "required": [ "endpoint" ], "type": "object" }, "functionBuildExecutorArgs": { "description": "Specifies the arguments passed to the Function build executor", "type": "string" }, "functionBuildMaxSimultaneousJobs": { "description": "A number of simultaneous jobs that can run at the same time. The default value is `5`", "type": "string" }, "functionRequeueDuration": { "description": "Sets the requeue duration for Function. By default, the Function associated with the default configuration is requeued every 5 minutes", "type": "string" }, "healthzLivenessTimeout": { "description": "Sets the timeout for the Function health check. The default value in seconds is `10`", "type": "string" }, "targetCPUUtilizationPercentage": { "description": "Sets a custom CPU utilization threshold for scaling Function Pods", "type": "string" }, "tracing": { "description": "Used Tracing endpoint", "properties": { "endpoint": { "type": "string" } }, "required": [ "endpoint" ], "type": "object" } }, "type": "object" }, "status": { "properties": { "conditions": { "description": "Conditions associated with CustomStatus.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "defaultBuildJobPreset": { "type": "string" }, "defaultRuntimePodPreset": { "type": "string" }, "dockerRegistry": { "description": "Used registry configuration.\nContains registry URL or \"internal\"", "type": "string" }, "eventingEndpoint": { "description": "Used the Eventing endpoint and the Tracing endpoint.", "type": "string" }, "functionBuildExecutorArgs": { "type": "string" }, "functionBuildMaxSimultaneousJobs": { "type": "string" }, "functionRequeueDuration": { "type": "string" }, "healthzLivenessTimeout": { "type": "string" }, "served": { "description": "Served signifies that current Serverless is managed.\nValue can be one of (\"True\", \"False\").", "enum": [ "True", "False" ], "type": "string" }, "state": { "description": "State signifies current state of Serverless.\nValue can be one of (\"Ready\", \"Processing\", \"Error\", \"Deleting\").", "enum": [ "Processing", "Deleting", "Ready", "Error", "Warning" ], "type": "string" }, "targetCPUUtilizationPercentage": { "type": "string" }, "tracingEndpoint": { "type": "string" } }, "required": [ "served" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "serverless-operator.kyma-project.io", "app.kubernetes.io/created-by": "serverless-operator", "app.kubernetes.io/instance": "serverless-operator-sa", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "serviceaccount", "app.kubernetes.io/part-of": "serverless-operator" }, "name": "serverless-operator", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "serverless-operator.kyma-project.io" }, "name": "serverless-operator-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps", "secrets", "serviceaccounts", "services" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "get", "list", "patch", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "namespaces" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "nodes" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "persistentvolumeclaims" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "mutatingwebhookconfigurations", "validatingwebhookconfigurations" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "daemonsets" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments/status" ], "verbs": [ "get" ] }, { "apiGroups": [ "apps" ], "resources": [ "replicasets" ], "verbs": [ "list" ] }, { "apiGroups": [ "autoscaling" ], "resources": [ "horizontalpodautoscalers" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "batch" ], "resources": [ "jobs" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "batch" ], "resources": [ "jobs/status" ], "verbs": [ "get" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "serverlesses" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "serverlesses/finalizers" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "serverlesses/status" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "policy" ], "resources": [ "podsecuritypolicies" ], "verbs": [ "use" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings", "clusterroles" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "rolebindings", "roles" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "scheduling.k8s.io" ], "resources": [ "priorityclasses" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "serverless.kyma-project.io" ], "resources": [ "functions" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "serverless.kyma-project.io" ], "resources": [ "functions/status" ], "verbs": [ "create", "delete", "deletecollection", "get", "list", "patch", "update", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "serverless-operator.kyma-project.io", "app.kubernetes.io/created-by": "serverless-operator", "app.kubernetes.io/instance": "serverless-operator-rolebinding", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "clusterrolebinding", "app.kubernetes.io/part-of": "serverless-operator" }, "name": "serverless-operator-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "serverless-operator-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "serverless-operator", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "details": "header:\n - name: Ready \n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'\nbody:\n - widget: Alert\n severity: warning\n source: '\"alert.internalregistry\"'\n visibility: $root.spec.dockerRegistry.enableInternal = true\n - name: Desired Specification\n widget: Panel\n children:\n - name: Docker Registry\n visibility: $root.spec.dockerRegistry.enableInternal = true\n source: spec.dockerRegistry.enableInternal?\"INTERNAL\":\"\"\n - name: Docker Registry\n visibility: '$exists($value)'\n source: spec.dockerRegistry.secretName\n widget: ResourceLink\n resource:\n name: spec.dockerRegistry.secretName\n namespace: $root.metadata.namespace\n kind: \"'Secret'\"\n - name: Eventing Endpoint\n source: spec.eventing.endpoint\n visibility: '$exists($value)'\n - name: OTLP Trace Endpoint\n source: spec.tracing.endpoint\n visibility: '$exists($value)'\n - name: Default Resources Preset (Build-time)\n source: spec.defaultBuildJobPreset\n visibility: '$exists($value)'\n - name: Default Resources Preset (Runtime)\n source: spec.defaultRuntimePodPreset\n visibility: '$exists($value)'\n - name: Custom Build Execution Args\n source: spec.functionBuildExecutorArgs\n visibility: '$exists($value)'\n - name: Max Simultaneous Builds \n source: spec.functionBuildMaxSimultaneousJobs\n visibility: '$exists($value)'\n - name: Function Requeue Duration\n source: spec.functionRequeueDuration\n visibility: '$exists($value)'\n - name: Controller Liveness Timeout\n source: spec.healthzLivenessTimeout\n visibility: '$exists($value)'\n - name: Target CPU utilisation for HPA\n source: spec.targetCPUUtilizationPercentage\n visibility: '$exists($value)'\n - name: Status\n widget: Panel\n children:\n - name: Docker Registry\n source: status.dockerRegistry\n - name: Eventing Endpoint\n source: status.eventingEndpoint\n - name: OTLP Trace Endpoint\n source: status.tracingEndpoint\n - name: Simultanous Builds Limit\n source: status.functionBuildMaxSimultaneousJobs\n - name: Default Job Preset\n source: status.defaultBuildJobPreset\n - name: Default Function Preset\n source: status.defaultRuntimePodPreset\n - source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n positive:\n - 'True'\n negative:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n\n - widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n name: events\n defaultType: information\n", "form": "- path: spec.dockerRegistry.enableInternal\n simple: true\n name: Enable Internal Docker Registry\n- simple: true\n widget: Alert\n severity: warning\n alert: '\"alert.internalregistry\"'\n visibility: $root.spec.dockerRegistry.enableInternal = true\n- path: spec.dockerRegistry.secretName\n visibility: $root.spec.dockerRegistry.enableInternal != true\n simple: true\n widget: Resource\n name: External Docker Registry Configuration\n resource:\n kind: Secret\n version: v1\n scope: namespace\n- path: spec.tracing.endpoint\n name: OTLP Trace Endpoint\n simple: true\n required: false\n- path: spec.eventing.endpoint\n name: Eventing Endpoint\n simple: true\n required: false\n- path: spec.functionBuildMaxSimultaneousJobs\n name: Simultanous Builds Limit\n simple: true\n required: false\n- path: spec.defaultBuildJobPreset\n name: Default Job Preset\n simple: true\n required: false\n enum:\n - fast\n - normal\n - slow\n - local-dev\n- name: Default Function Preset\n path: spec.defaultRuntimePodPreset\n simple: true\n required: false\n enum:\n - XS\n - S\n - M\n - L\n - XL", "general": "resource:\n kind: Serverless\n group: operator.kyma-project.io\n version: v1alpha1\nurlPath: serverlesses\ncategory: Kyma\nname: Serverless\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableDelete: true\ndescription: >-\n {{[Serverless custom resource](https://kyma-project.io/#/serverless-manager/user/resources/06-20-serverless-cr)}}\n configures the Serverless module.\n", "list": "- name: Ready \n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'", "translations": "en:\n alert.internalregistry: Internal Docker Registry is not a highly available registry and should be used for development purpose only" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "serverless-operator.kyma-project.io", "app.kubernetes.io/name": "serverlesses.operator.kyma-project.io", "busola.io/extension": "resource", "busola.io/extension-version": "0.5" }, "name": "serverless-operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "serverless-operator.kyma-project.io", "app.kubernetes.io/created-by": "serverless-operator", "app.kubernetes.io/instance": "serverless-operator", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "deployment", "app.kubernetes.io/part-of": "serverless-operator", "control-plane": "operator" }, "name": "serverless-operator", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/component": "serverless-operator.kyma-project.io", "control-plane": "operator" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager" }, "labels": { "app.kubernetes.io/component": "serverless-operator.kyma-project.io", "control-plane": "operator", "sidecar.istio.io/inject": "false" } }, "spec": { "containers": [ { "command": [ "/operator" ], "env": [ { "name": "SERVERLESS_MANAGER_UID", "valueFrom": { "fieldRef": { "fieldPath": "metadata.uid" } } } ], "image": "europe-docker.pkg.dev/kyma-project/prod/serverless-operator:1.5.1", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "1000m", "memory": "512Mi" }, "requests": { "cpu": "10m", "memory": "64Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "securityContext": { "runAsNonRoot": true }, "serviceAccountName": "serverless-operator", "terminationGracePeriodSeconds": 10 } } } } ], "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/serverless-operator", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/serverless-operator:1.5.1", "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/serverlesses/default", "channels": [ "fast", "regular" ], "documentation": "https://kyma-project.io/#/serverless-manager/user/README", "repository": "https://github.com/kyma-project/serverless-manager.git" } ] }, { "name": "btp-operator", "documentation": "https://kyma-project.io/#/btp-manager/user/README", "repository": "https://github.com/kyma-project/btp-manager.git", "managedResources": [ "/apis/services.cloud.sap.com/v1/serviceinstances", "/apis/services.cloud.sap.com/v1/servicebindings", "/apis/services.cloud.sap.com/v1alpha1/servicebindings", "/apis/services.cloud.sap.com/v1alpha1/serviceinstances", "/apis/operator.kyma-project.io/v1alpha1/btpoperators" ], "manageable": true, "latestGithubRelease": { "repository": "kyma-project/btp-manager", "deploymentYaml": "btp-manager.yaml", "crYaml": "btp-operator-default-cr.yaml" }, "versions": [ { "version": "1.1.11", "channels": [ "regular" ], "documentation": "https://kyma-project.io/#/btp-manager/user/README", "repository": "https://github.com/kyma-project/btp-manager.git", "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/btp-manager-controller-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/btp-manager:1.1.11", "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.15.0" }, "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btpoperators.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "BtpOperator", "listKind": "BtpOperatorList", "plural": "btpoperators", "singular": "btpoperator" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.state", "name": "State", "type": "string" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "BtpOperator is the Schema for the btpoperators API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "BtpOperatorSpec defines the desired state of BtpOperator", "nullable": true, "type": "object" }, "status": { "description": "Status defines the observed state of CustomObject.", "properties": { "conditions": { "description": "Conditions associated with CustomStatus.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "state": { "description": "State signifies current state of CustomObject.\nValue can be one of (\"Ready\", \"Processing\", \"Error\", \"Deleting\", \"Warning\").", "enum": [ "Processing", "Deleting", "Ready", "Error", "Warning" ], "type": "string" } }, "required": [ "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btp-manager-controller-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btp-manager-leader-election-role", "namespace": "kyma-system" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btp-manager-manager-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "*" ] }, { "apiGroups": [ "" ], "resources": [ "namespaces" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "secrets" ], "verbs": [ "*" ] }, { "apiGroups": [ "" ], "resources": [ "serviceaccounts" ], "verbs": [ "*" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "*" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "mutatingwebhookconfigurations" ], "verbs": [ "*" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "validatingwebhookconfigurations" ], "verbs": [ "*" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "*" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "*" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "btpoperators" ], "verbs": [ "*" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "btpoperators/status" ], "verbs": [ "*" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings" ], "verbs": [ "*" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterroles" ], "verbs": [ "*" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "rolebindings" ], "verbs": [ "*" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "roles" ], "verbs": [ "*" ] }, { "apiGroups": [ "services.cloud.sap.com" ], "resources": [ "servicebindings", "serviceinstances" ], "verbs": [ "*" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btp-manager-leader-election-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "btp-manager-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "btp-manager-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btp-manager-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "btp-manager-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "btp-manager-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "kind": "Service", "metadata": { "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btp-manager-metrics-service", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http", "port": 8080, "targetPort": "http" } ], "selector": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" } } }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btp-manager-controller-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager", "traffic.sidecar.istio.io/excludeInboundPorts": "8080", "traffic.sidecar.istio.io/includeInboundPorts": "*" }, "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" } }, "spec": { "containers": [ { "args": [ "--leader-elect" ], "command": [ "/manager" ], "image": "europe-docker.pkg.dev/kyma-project/prod/btp-manager:1.1.11", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "ports": [ { "containerPort": 8080, "name": "http" } ], "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "200m", "memory": "128Mi" }, "requests": { "cpu": "10m", "memory": "32Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "securityContext": { "runAsNonRoot": true }, "serviceAccountName": "btp-manager-controller-manager", "terminationGracePeriodSeconds": 10 } } } } ], "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "BtpOperator", "metadata": { "labels": { "app.kubernetes.io/name": "btpoperator", "app.kubernetes.io/instance": "btpoperator", "app.kubernetes.io/part-of": "btp-manager", "app.kubernetes.io/managed-by": "btp-manager", "app.kubernetes.io/created-by": "btp-manager" }, "name": "btpoperator", "namespace": "kyma-system" }, "spec": null }, "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/btpoperators/btpoperator", "deploymentYaml": "https://github.com/kyma-project/btp-manager/releases/download/1.1.11/btp-manager.yaml", "crYaml": "https://github.com/kyma-project/btp-manager/releases/download/1.1.11/btp-operator-default-cr.yaml" }, { "version": "1.1.13", "deploymentYaml": "https://github.com/kyma-project/btp-manager/releases/download/1.1.13/btp-manager.yaml", "crYaml": "https://github.com/kyma-project/btp-manager/releases/download/1.1.13/btp-operator-default-cr.yaml", "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "BtpOperator", "metadata": { "labels": { "app.kubernetes.io/name": "btpoperator", "app.kubernetes.io/instance": "btpoperator", "app.kubernetes.io/part-of": "btp-manager", "app.kubernetes.io/managed-by": "btp-manager", "app.kubernetes.io/created-by": "btp-manager" }, "name": "btpoperator", "namespace": "kyma-system" }, "spec": null }, "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.15.0" }, "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btpoperators.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "BtpOperator", "listKind": "BtpOperatorList", "plural": "btpoperators", "singular": "btpoperator" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.state", "name": "State", "type": "string" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "BtpOperator is the Schema for the btpoperators API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "BtpOperatorSpec defines the desired state of BtpOperator", "nullable": true, "type": "object" }, "status": { "description": "Status defines the observed state of CustomObject.", "properties": { "conditions": { "description": "Conditions associated with CustomStatus.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "state": { "description": "State signifies current state of CustomObject.\nValue can be one of (\"Ready\", \"Processing\", \"Error\", \"Deleting\", \"Warning\").", "enum": [ "Processing", "Deleting", "Ready", "Error", "Warning" ], "type": "string" } }, "required": [ "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btp-manager-controller-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btp-manager-leader-election-role", "namespace": "kyma-system" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btp-manager-manager-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "*" ] }, { "apiGroups": [ "" ], "resources": [ "namespaces" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "secrets" ], "verbs": [ "*" ] }, { "apiGroups": [ "" ], "resources": [ "serviceaccounts" ], "verbs": [ "*" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "*" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "mutatingwebhookconfigurations" ], "verbs": [ "*" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "validatingwebhookconfigurations" ], "verbs": [ "*" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "*" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "*" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "btpoperators" ], "verbs": [ "*" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "btpoperators/status" ], "verbs": [ "*" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings" ], "verbs": [ "*" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterroles" ], "verbs": [ "*" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "rolebindings" ], "verbs": [ "*" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "roles" ], "verbs": [ "*" ] }, { "apiGroups": [ "services.cloud.sap.com" ], "resources": [ "servicebindings", "serviceinstances" ], "verbs": [ "*" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btp-manager-leader-election-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "btp-manager-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "btp-manager-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btp-manager-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "btp-manager-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "btp-manager-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "kind": "Service", "metadata": { "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btp-manager-metrics-service", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http", "port": 8080, "targetPort": "http" } ], "selector": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" } } }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" }, "name": "btp-manager-controller-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager", "traffic.sidecar.istio.io/excludeInboundPorts": "8080", "traffic.sidecar.istio.io/includeInboundPorts": "*" }, "labels": { "app.kubernetes.io/component": "btp-manager.kyma-project.io" } }, "spec": { "containers": [ { "args": [ "--leader-elect" ], "command": [ "/manager" ], "image": "europe-docker.pkg.dev/kyma-project/prod/btp-manager:1.1.13", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "ports": [ { "containerPort": 8080, "name": "http" } ], "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "200m", "memory": "128Mi" }, "requests": { "cpu": "10m", "memory": "32Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "securityContext": { "runAsNonRoot": true }, "serviceAccountName": "btp-manager-controller-manager", "terminationGracePeriodSeconds": 10 } } } } ], "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/btp-manager-controller-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/btp-manager:1.1.13", "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/btpoperators/btpoperator", "channels": [ "fast" ], "documentation": "https://kyma-project.io/#/btp-manager/user/README", "repository": "https://github.com/kyma-project/btp-manager.git" } ] }, { "name": "telemetry", "documentation": "https://kyma-project.io/#/telemetry-manager/user/README", "repository": "https://github.com/kyma-project/telemetry-manager.git", "managedResources": [ "/apis/operator.kyma-project.io/v1alpha1/telemetries", "/apis/telemetry.kyma-project.io/v1alpha1/logparsers", "/apis/telemetry.kyma-project.io/v1alpha1/logpipelines", "/apis/telemetry.kyma-project.io/v1alpha1/tracepipelines" ], "manageable": true, "latestGithubRelease": { "repository": "kyma-project/telemetry-manager", "deploymentYaml": "telemetry-manager.yaml", "crYaml": "telemetry-default-cr.yaml" }, "versions": [ { "version": "1.16.2", "channels": [ "regular" ], "documentation": "https://kyma-project.io/#/telemetry-manager/user/README", "repository": "https://github.com/kyma-project/telemetry-manager.git", "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/telemetry-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/telemetry-manager:1.16.2", "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "logparsers.telemetry.kyma-project.io" }, "spec": { "group": "telemetry.kyma-project.io", "names": { "kind": "LogParser", "listKind": "LogParserList", "plural": "logparsers", "singular": "logparser" }, "scope": "Cluster", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type==\"AgentHealthy\")].status", "name": "Agent Healthy", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "deprecated": true, "deprecationWarning": "The LogParser API is deprecated. Instead, log in JSON format and use the JSON parsing feature of the LogPipeline", "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "LogParser is the Schema for the logparsers API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired state of LogParser.", "properties": { "parser": { "description": "[Fluent Bit Parsers](https://docs.fluentbit.io/manual/pipeline/parsers). The parser specified here has no effect until it is referenced by a [Pod annotation](https://docs.fluentbit.io/manual/pipeline/filters/kubernetes#kubernetes-annotations) on your workload or by a [Parser Filter](https://docs.fluentbit.io/manual/pipeline/filters/parser) defined in a pipeline's filters section.", "type": "string" } }, "type": "object" }, "status": { "description": "Shows the observed state of the LogParser.", "properties": { "conditions": { "description": "An array of conditions describing the status of the parser.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "logpipelines.telemetry.kyma-project.io" }, "spec": { "group": "telemetry.kyma-project.io", "names": { "kind": "LogPipeline", "listKind": "LogPipelineList", "plural": "logpipelines", "singular": "logpipeline" }, "scope": "Cluster", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type==\"ConfigurationGenerated\")].status", "name": "Configuration Generated", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"AgentHealthy\")].status", "name": "Agent Healthy", "type": "string" }, { "jsonPath": ".status.unsupportedMode", "name": "Unsupported-Mode", "type": "boolean" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "LogPipeline is the Schema for the logpipelines API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired state of LogPipeline", "properties": { "files": { "items": { "description": "Provides file content to be consumed by a LogPipeline configuration", "properties": { "content": { "type": "string" }, "name": { "type": "string" } }, "type": "object" }, "type": "array" }, "filters": { "items": { "description": "Describes a filtering option on the logs of the pipeline.", "properties": { "custom": { "description": "Custom filter definition in the Fluent Bit syntax. Note: If you use a `custom` filter, you put the LogPipeline in unsupported mode.", "type": "string" } }, "type": "object" }, "type": "array" }, "input": { "description": "Defines where to collect logs, including selector mechanisms.", "properties": { "application": { "description": "Configures in more detail from which containers application logs are enabled as input.", "properties": { "containers": { "description": "Describes whether application logs from specific containers are selected. The options are mutually exclusive.", "properties": { "exclude": { "description": "Specifies to exclude only the container logs with the specified container names.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Specifies to include only the container logs with the specified container names.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "dropLabels": { "description": "Defines whether to drop all Kubernetes labels. The default is `false`.", "type": "boolean" }, "keepAnnotations": { "description": "Defines whether to keep all Kubernetes annotations. The default is `false`.", "type": "boolean" }, "namespaces": { "description": "Describes whether application logs from specific Namespaces are selected. The options are mutually exclusive. System Namespaces are excluded by default from the collection.", "properties": { "exclude": { "description": "Exclude the container logs of the specified Namespace names.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include only the container logs of the specified Namespace names.", "items": { "type": "string" }, "type": "array" }, "system": { "description": "Set to `true` if collecting from all Namespaces must also include the system Namespaces like kube-system, istio-system, and kyma-system.", "type": "boolean" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "output": { "description": "[Fluent Bit output](https://docs.fluentbit.io/manual/pipeline/outputs) where you want to push the logs. Only one output can be specified.", "properties": { "custom": { "description": "Defines a custom output in the Fluent Bit syntax. Note: If you use a `custom` output, you put the LogPipeline in unsupported mode.", "type": "string" }, "grafana-loki": { "description": "The grafana-loki output is not supported anymore. For integration with a custom Loki installation, use the `custom` output and follow [Installing a custom Loki stack in Kyma](https://kyma-project.io/#/telemetry-manager/user/integration/loki/README ).", "properties": { "labels": { "additionalProperties": { "type": "string" }, "description": "Labels to set for each log record.", "type": "object" }, "removeKeys": { "description": "Attributes to be removed from a log record.", "items": { "type": "string" }, "type": "array" }, "url": { "description": "Grafana Loki URL.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "http": { "description": "Configures an HTTP-based output compatible with the Fluent Bit HTTP output plugin.", "properties": { "compress": { "description": "Defines the compression algorithm to use.", "type": "string" }, "dedot": { "description": "Enables de-dotting of Kubernetes labels and annotations for compatibility with ElasticSearch based backends. Dots (.) will be replaced by underscores (_). Default is `false`.", "type": "boolean" }, "format": { "description": "Data format to be used in the HTTP request body. Default is `json`.", "type": "string" }, "host": { "description": "Defines the host of the HTTP receiver.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "password": { "description": "Defines the basic auth password.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "port": { "description": "Defines the port of the HTTP receiver. Default is 443.", "type": "string" }, "tls": { "description": "Configures TLS for the HTTP target server.", "properties": { "ca": { "description": "Defines an optional CA certificate for server certificate verification when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "cert": { "description": "Defines a client certificate to use when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "disabled": { "description": "Indicates if TLS is disabled or enabled. Default is `false`.", "type": "boolean" }, "key": { "description": "Defines the client key to use when using TLS. The key must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "skipCertificateValidation": { "description": "If `true`, the validation of certificates is skipped. Default is `false`.", "type": "boolean" } }, "type": "object" }, "uri": { "description": "Defines the URI of the HTTP receiver. Default is \"/\".", "type": "string" }, "user": { "description": "Defines the basic auth user.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "variables": { "description": "A list of mappings from Kubernetes Secret keys to environment variables. Mapped keys are mounted as environment variables, so that they are available as [Variables](https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/classic-mode/variables) in the sections.", "items": { "description": "References a Kubernetes secret that should be provided as environment variable to Fluent Bit", "properties": { "name": { "description": "Name of the variable to map.", "type": "string" }, "valueFrom": { "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "type": "array" } }, "type": "object" }, "status": { "description": "Shows the observed state of the LogPipeline", "properties": { "conditions": { "description": "An array of conditions describing the status of the pipeline.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "unsupportedMode": { "description": "Is active when the LogPipeline uses a `custom` output or filter; see [unsupported mode](https://github.com/kyma-project/telemetry-manager/blob/main/docs/user/02-logs.md#unsupported-mode).", "type": "boolean" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "metricpipelines.telemetry.kyma-project.io" }, "spec": { "group": "telemetry.kyma-project.io", "names": { "kind": "MetricPipeline", "listKind": "MetricPipelineList", "plural": "metricpipelines", "singular": "metricpipeline" }, "scope": "Cluster", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type==\"ConfigurationGenerated\")].status", "name": "Configuration Generated", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"GatewayHealthy\")].status", "name": "Gateway Healthy", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"AgentHealthy\")].status", "name": "Agent Healthy", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "MetricPipeline is the Schema for the metricpipelines API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired characteristics of MetricPipeline.", "properties": { "input": { "description": "Configures different inputs to send additional metrics to the metric gateway.", "properties": { "istio": { "description": "Configures istio-proxy metrics scraping.", "properties": { "diagnosticMetrics": { "description": "Configures diagnostic metrics scraping", "properties": { "enabled": { "description": "If enabled, diagnostic metrics are scraped. The default is `false`.", "type": "boolean" } }, "type": "object" }, "enabled": { "description": "If enabled, metrics for istio-proxy containers are scraped from Pods that have had the istio-proxy sidecar injected. The default is `false`.", "type": "boolean" }, "namespaces": { "description": "Describes whether istio-proxy metrics from specific Namespaces are selected. System Namespaces are enabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" }, "otlp": { "description": "Configures the collection of push-based metrics that use the OpenTelemetry protocol.", "properties": { "disabled": { "description": "If disabled, push-based OTLP metrics are not collected. The default is `false`.", "type": "boolean" }, "namespaces": { "description": "Describes whether push-based OTLP metrics from specific Namespaces are selected. System Namespaces are enabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" }, "prometheus": { "description": "Configures Prometheus scraping.", "properties": { "diagnosticMetrics": { "description": "Configures diagnostic metrics scraping", "properties": { "enabled": { "description": "If enabled, diagnostic metrics are scraped. The default is `false`.", "type": "boolean" } }, "type": "object" }, "enabled": { "description": "If enabled, Pods marked with `prometheus.io/scrape=true` annotation are scraped. The default is `false`.", "type": "boolean" }, "namespaces": { "default": { "exclude": [ "kyma-system", "kube-system", "istio-system", "compass-system" ] }, "description": "Describes whether Prometheus metrics from specific Namespaces are selected. System Namespaces are disabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" }, "runtime": { "description": "Configures runtime scraping.", "properties": { "enabled": { "description": "If enabled, workload-related Kubernetes metrics are scraped. The default is `false`.", "type": "boolean" }, "namespaces": { "default": { "exclude": [ "kyma-system", "kube-system", "istio-system", "compass-system" ] }, "description": "Describes whether workload-related Kubernetes metrics from specific Namespaces are selected. System Namespaces are disabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" } }, "type": "object" }, "output": { "description": "Configures the metric gateway.", "properties": { "otlp": { "description": "Defines an output using the OpenTelemetry protocol.", "properties": { "authentication": { "description": "Defines authentication options for the OTLP output", "properties": { "basic": { "description": "Activates `Basic` authentication for the destination providing relevant Secrets.", "properties": { "password": { "description": "Contains the basic auth password or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "user": { "description": "Contains the basic auth username or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "password", "user" ], "type": "object" } }, "type": "object" }, "endpoint": { "description": "Defines the host and port (:) of an OTLP endpoint.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "headers": { "description": "Defines custom headers to be added to outgoing HTTP or GRPC requests.", "items": { "properties": { "name": { "description": "Defines the header name.", "type": "string" }, "prefix": { "description": "Defines an optional header value prefix. The prefix is separated from the value by a space character.", "type": "string" }, "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "required": [ "name" ], "type": "object" }, "type": "array" }, "path": { "description": "Defines OTLP export URL path (only for the HTTP protocol). This value overrides auto-appended paths /v1/metrics and /v1/traces", "type": "string" }, "protocol": { "default": "grpc", "description": "Defines the OTLP protocol (http or grpc). Default is grpc.", "enum": [ "grpc", "http" ], "minLength": 1, "type": "string" }, "tls": { "description": "Defines TLS options for the OTLP output.", "properties": { "ca": { "description": "Defines an optional CA certificate for server certificate verification when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "cert": { "description": "Defines a client certificate to use when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "insecure": { "description": "Defines whether to send requests using plaintext instead of TLS.", "type": "boolean" }, "insecureSkipVerify": { "description": "Defines whether to skip server certificate verification when using TLS.", "type": "boolean" }, "key": { "description": "Defines the client key to use when using TLS. The key must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "endpoint" ], "type": "object", "x-kubernetes-validations": [ { "message": "Path is only available with HTTP protocol", "rule": "((!has(self.path) || size(self.path) <= 0) && (has(self.protocol) && self.protocol == 'grpc')) || (has(self.protocol) && self.protocol == 'http')" } ] } }, "required": [ "otlp" ], "type": "object" } }, "type": "object" }, "status": { "description": "Represents the current information/status of MetricPipeline.", "properties": { "conditions": { "description": "An array of conditions describing the status of the pipeline.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetries.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "Telemetry", "listKind": "TelemetryList", "plural": "telemetries", "singular": "telemetry" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".metadata.generation", "name": "generation", "type": "integer" }, { "jsonPath": ".metadata.creationTimestamp", "name": "age", "type": "date" }, { "jsonPath": ".status.state", "name": "state", "type": "string" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "Telemetry is the Schema for the telemetries API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "TelemetrySpec defines the desired state of Telemetry", "properties": { "metric": { "description": "MetricSpec defines the behavior of the metric gateway", "properties": { "gateway": { "properties": { "scaling": { "description": "Scaling defines which strategy is used for scaling the gateway, with detailed configuration options for each strategy type.", "properties": { "static": { "description": "Static is a scaling strategy enabling you to define a custom amount of replicas to be used for the gateway. Present only if Type =\nStaticScalingStrategyType.", "properties": { "replicas": { "description": "Replicas defines a static number of pods to run the gateway. Minimum is 1.", "format": "int32", "minimum": 1, "type": "integer" } }, "type": "object" }, "type": { "description": "Type of scaling strategy. Default is none, using a fixed amount of replicas.", "enum": [ "Static" ], "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "trace": { "description": "TraceSpec defines the behavior of the trace gateway", "properties": { "gateway": { "properties": { "scaling": { "description": "Scaling defines which strategy is used for scaling the gateway, with detailed configuration options for each strategy type.", "properties": { "static": { "description": "Static is a scaling strategy enabling you to define a custom amount of replicas to be used for the gateway. Present only if Type =\nStaticScalingStrategyType.", "properties": { "replicas": { "description": "Replicas defines a static number of pods to run the gateway. Minimum is 1.", "format": "int32", "minimum": 1, "type": "integer" } }, "type": "object" }, "type": { "description": "Type of scaling strategy. Default is none, using a fixed amount of replicas.", "enum": [ "Static" ], "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "status": { "description": "TelemetryStatus defines the observed state of Telemetry", "properties": { "conditions": { "description": "Conditions contain a set of conditionals to determine the State of Status.\nIf all Conditions are met, State is expected to be in StateReady.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "endpoints": { "description": "endpoints for trace and metric gateway.", "nullable": true, "properties": { "metrics": { "description": "metrics contains the endpoints for metric gateway supporting OTLP.", "properties": { "grpc": { "description": "GRPC endpoint for OTLP.", "type": "string" }, "http": { "description": "HTTP endpoint for OTLP.", "type": "string" } }, "type": "object" }, "traces": { "description": "traces contains the endpoints for trace gateway supporting OTLP.", "properties": { "grpc": { "description": "GRPC endpoint for OTLP.", "type": "string" }, "http": { "description": "HTTP endpoint for OTLP.", "type": "string" } }, "type": "object" } }, "type": "object" }, "state": { "description": "State signifies current state of Module CR.\nValue can be one of these three: \"Ready\", \"Deleting\", or \"Warning\".", "enum": [ "Deleting", "Ready", "Warning" ], "type": "string" } }, "required": [ "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "tracepipelines.telemetry.kyma-project.io" }, "spec": { "group": "telemetry.kyma-project.io", "names": { "kind": "TracePipeline", "listKind": "TracePipelineList", "plural": "tracepipelines", "singular": "tracepipeline" }, "scope": "Cluster", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type==\"ConfigurationGenerated\")].status", "name": "Configuration Generated", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"GatewayHealthy\")].status", "name": "Gateway Healthy", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "TracePipeline is the Schema for the tracepipelines API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired state of TracePipeline", "properties": { "output": { "description": "Defines a destination for shipping trace data. Only one can be defined per pipeline.", "properties": { "otlp": { "description": "Configures the underlying Otel Collector with an [OTLP exporter](https://github.com/open-telemetry/opentelemetry-collector/blob/main/exporter/otlpexporter/README.md). If you switch `protocol`to `http`, an [OTLP HTTP exporter](https://github.com/open-telemetry/opentelemetry-collector/tree/main/exporter/otlphttpexporter) is used.", "properties": { "authentication": { "description": "Defines authentication options for the OTLP output", "properties": { "basic": { "description": "Activates `Basic` authentication for the destination providing relevant Secrets.", "properties": { "password": { "description": "Contains the basic auth password or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "user": { "description": "Contains the basic auth username or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "password", "user" ], "type": "object" } }, "type": "object" }, "endpoint": { "description": "Defines the host and port (:) of an OTLP endpoint.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "headers": { "description": "Defines custom headers to be added to outgoing HTTP or GRPC requests.", "items": { "properties": { "name": { "description": "Defines the header name.", "type": "string" }, "prefix": { "description": "Defines an optional header value prefix. The prefix is separated from the value by a space character.", "type": "string" }, "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "required": [ "name" ], "type": "object" }, "type": "array" }, "path": { "description": "Defines OTLP export URL path (only for the HTTP protocol). This value overrides auto-appended paths /v1/metrics and /v1/traces", "type": "string" }, "protocol": { "default": "grpc", "description": "Defines the OTLP protocol (http or grpc). Default is grpc.", "enum": [ "grpc", "http" ], "minLength": 1, "type": "string" }, "tls": { "description": "Defines TLS options for the OTLP output.", "properties": { "ca": { "description": "Defines an optional CA certificate for server certificate verification when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "cert": { "description": "Defines a client certificate to use when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "insecure": { "description": "Defines whether to send requests using plaintext instead of TLS.", "type": "boolean" }, "insecureSkipVerify": { "description": "Defines whether to skip server certificate verification when using TLS.", "type": "boolean" }, "key": { "description": "Defines the client key to use when using TLS. The key must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "endpoint" ], "type": "object", "x-kubernetes-validations": [ { "message": "Path is only available with HTTP protocol", "rule": "((!has(self.path) || size(self.path) <= 0) && (has(self.protocol) && self.protocol == 'grpc')) || (has(self.protocol) && self.protocol == 'http')" } ] } }, "required": [ "otlp" ], "type": "object" } }, "required": [ "output" ], "type": "object" }, "status": { "description": "Shows the observed state of the TracePipeline", "properties": { "conditions": { "description": "An array of conditions describing the status of the pipeline.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-leader-election-role", "namespace": "kyma-system" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-role", "namespace": "kyma-system" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "secrets" ], "verbs": [ "create", "delete", "patch", "update" ] }, { "apiGroups": [ "" ], "resources": [ "serviceaccounts" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "daemonsets" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "networking.k8s.io" ], "resources": [ "networkpolicies" ], "verbs": [ "create", "delete", "patch", "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "telemetries" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "telemetries/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "telemetries/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "peerauthentications" ], "verbs": [ "create", "delete", "patch", "update" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-role" }, "rules": [ { "nonResourceURLs": [ "/metrics" ], "verbs": [ "get" ] }, { "nonResourceURLs": [ "/metrics/cadvisor" ], "verbs": [ "get" ] }, { "apiGroups": [ "" ], "resources": [ "endpoints" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] }, { "apiGroups": [ "" ], "resources": [ "namespaces" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "nodes" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "nodes/metrics" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "nodes/stats" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "pods" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "secrets" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "validatingwebhookconfigurations" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "replicasets" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "networking.k8s.io" ], "resources": [ "networkpolicies" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "telemetries" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterroles" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "rolebindings" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "roles" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "peerauthentications" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logparsers" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logparsers/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logparsers/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logpipelines" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logpipelines/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logpipelines/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "metricpipelines" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "metricpipelines/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "metricpipelines/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "tracepipelines" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "tracepipelines/status" ], "verbs": [ "get", "patch", "update" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-leader-election-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "telemetry-manager-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "telemetry-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "telemetry-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "telemetry-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "telemetry-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "telemetry-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "details": "header:\n - source: >-\n $each(spec.output, function($v, $k) {$v.url.value or\n $v.url.valueFrom.secretKeyRef.name or $v.host.value or\n $v.host.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\n - name: Unsupported-Mode\n source: status.unsupportedMode\n widget: Badge\n highlights:\n positive:\n - 'false'\n negative:\n - 'true'\nbody:\n - source: $filter(status.conditions, function ($v) { $v.type != \"Pending\" and $v.type != \"Running\" })\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n - widget: Panel\n name: Applications\n children:\n - widget: Panel\n name: Namespaces\n children:\n - name: Include\n widget: JoinedArray\n source: spec.input.application.namespaces.include\n separator: ', '\n - name: Exclude\n widget: JoinedArray\n source: spec.input.application.namespaces.exclude\n separator: ', '\n - name: System Namespaces\n source: spec.input.application.namespaces.system\n - widget: Panel\n name: Containers\n children:\n - name: Include\n widget: JoinedArray\n source: spec.input.application.containers.include\n separator: ', '\n - name: Exclude\n widget: JoinedArray\n source: spec.input.application.containers.exclude\n separator: ', '\n - widget: Panel\n name: Other Settings\n children:\n - name: Keep Annotations\n source: spec.input.application.keepAnnotations\n - name: Drop Labels\n source: spec.input.application.dropLabels\n - widget: Panel\n name: Output\n children:\n - name: Custom\n widget: CodeViewer\n language: '''plaintext'''\n source: spec.output.custom\n visibility: $exists(spec.output.custom)\n - name: Grafana-Loki\n widget: Panel\n visibility: $not($exists(spec.output.custom) or $exists(spec.output.http))\n children:\n - name: URL\n source: spec.output.`grafana-loki`.url.value\n - name: Labels\n widget: Labels\n source: spec.output.`grafana-loki`.labels\n - name: Remove keys\n widget: JoinedArray\n separator: ','\n source: spec.output.`grafana-loki`.removeKeys\n - name: HTTP\n widget: Panel\n visibility: $exists(spec.output.http)\n children:\n - name: Host\n widget: Panel\n children:\n - name: Value\n source: spec.output.http.host.value\n visibility: $exists(spec.output.http.host.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: spec.output.http.host.valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(spec.output.http.host.valueFrom.secretKeyRef.name)\n - name: User\n widget: Panel\n children:\n - name: Value\n source: spec.output.http.user.value\n visibility: $exists(spec.output.http.user.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: spec.output.http.user.valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(spec.output.http.user.valueFrom.secretKeyRef.name)\n - name: Password\n widget: Panel\n children:\n - name: Value\n source: spec.output.http.password.value\n visibility: $exists(spec.output.http.password.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: spec.output.http.password.valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(spec.output.http.password.valueFrom.secretKeyRef.name)\n - name: TLS Settings\n widget: Panel\n children:\n - name: Disabled\n source: spec.output.http.tls.disabled\n placeholder: 'false'\n - name: Skip certificate validation\n source: spec.output.http.tls.skipCertificateValidation\n placeholder: 'false'\n - name: Ca\n widget: Panel\n visibility: $exists(spec.output.http.tls.ca)\n source: spec.output.http.tls.ca\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Cert\n widget: Panel\n visibility: $exists(spec.output.http.tls.cert)\n source: spec.output.http.tls.cert\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Key\n widget: Panel\n visibility: $exists(spec.output.http.tls.key)\n source: spec.output.http.tls.key\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Other Settings\n widget: Panel\n children:\n - name: Compression\n source: spec.output.http.compress\n - name: De-dot\n source: spec.output.http.dedot\n placeholder: 'false'\n - name: Format\n source: spec.output.http.format\n placeholder: json\n - name: Port\n source: spec.output.http.port\n placeholder: '443'\n - name: URI\n source: spec.output.http.uri", "form": "- path: spec.input\n widget: FormGroup\n defaultExpanded: true\n children:\n - name: Include Namespaces\n widget: SimpleList\n path: application.namespaces.include\n defaultExpanded: true\n inputInfo: Include container logs from selected namespaces\n children:\n - path: '[]'\n - name: Exclude Namespaces\n widget: SimpleList\n path: application.namespaces.exclude\n children:\n - path: '[]'\n - name: Include System Namespaces\n path: application.namespaces.system\n - name: Include Containers\n widget: SimpleList\n path: application.containers.include\n - name: Exclude Containers\n widget: SimpleList\n path: application.containers.exclude\n - name: Keep Annotations\n path: application.keepAnnotations\n - name: Drop Labels\n path: application.dropLabels\n- name: Filters\n widget: SimpleList\n path: spec.filters\n children:\n - widget: FormGroup\n path: '[]'\n children:\n - widget: CodeEditor\n path: custom\n- path: spec.output\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: Custom\n path: custom\n widget: CodeEditor\n advanced: true\n inputInfo: >-\n Note: If you use a custom output, you put the LogPipeline in unsupported\n mode\n (https://kyma-project.io/#/telemetry-manager/user/02-logs?id=unsupported-mode)\n - name: HTTP\n path: http\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: Host\n path: host\n simple: true\n widget: FormGroup\n children:\n - name: Value\n path: value\n simple: true\n widget: Text\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n simple: true\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n children:\n - path: key\n simple: true\n enum: $keys($secret.data)\n - name: User\n path: user\n simple: true\n widget: FormGroup\n children:\n - name: Value\n path: value\n simple: true\n widget: Text\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n simple: true\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n children:\n - path: key\n simple: true\n enum: $keys($secret.data)\n - name: Password\n path: password\n simple: true\n widget: FormGroup\n children:\n - name: Value\n path: value\n simple: true\n widget: Text\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n simple: true\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n children:\n - path: key\n simple: true\n enum: $keys($secret.data)\n - name: TLS\n widget: FormGroup\n path: tls\n children:\n - name: Disabled\n path: disabled\n - name: Skip Certificate Validation\n path: skipCertificateValidation\n - name: CA\n path: ca\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Cert\n path: cert\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Key\n path: key\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: URI\n path: uri\n widget: Text\n - name: Port\n path: port\n widget: Text\n - name: Compress\n path: compress\n widget: Text\n - name: Format\n path: format\n widget: Text\n - name: Dedot\n simple: true\n path: dedot\n", "general": "resource:\n kind: LogPipeline\n group: telemetry.kyma-project.io\n version: v1alpha1\nname: Log Pipelines\ncategory: Observability\nurlPath: logpipelines\nscope: cluster\ndescription: >-\n {{[LogPipeline](https://kyma-project.io/#/telemetry-manager/user/resources/02-logpipeline)}} configures log selection, filters, and outputs.", "list": "- source: >-\n $each(spec.output, function($v, $k) {$v.url.value or\n $v.url.valueFrom.secretKeyRef.name or $v.host.value or\n $v.host.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\n- name: Unsupported-Mode\n source: status.unsupportedMode\n widget: Badge\n highlights:\n positive:\n - 'false'\n negative:\n - 'true'\n- name: Status\n source: $filter(status.conditions, function ($v) { $v.type != \"Pending\" and $v.type != \"Running\" })\n widget: Columns\n children:\n - name: Type\n source: type\n widget: Badge\n - name: Status\n source: status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "telemetry-manager" }, "name": "telemetry-logpipelines", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - source: >-\n $each(spec.output, function($v, $k) {$v.endpoint.value or\n $v.endpoint.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\nbody:\n - source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n - widget: Panel\n name: Input\n children:\n - name: Prometheus\n widget: Panel\n visibility: $exists(spec.input.prometheus)\n children:\n - name: Enabled\n visibility: $exists(spec.input.prometheus.enabled)\n source: spec.input.prometheus.enabled\n - name: Include Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.prometheus.namespaces.include)\n source: spec.input.prometheus.namespaces.include\n separator: ', '\n - name: Exclude Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.prometheus.namespaces.exclude)\n source: spec.input.prometheus.namespaces.exclude\n separator: ', '\n - name: Diagnostic Metrics\n visibility: $exists(spec.input.prometheus.diagnosticMetrics.enabled)\n source: spec.input.prometheus.diagnosticMetrics.enabled\n - name: Istio\n widget: Panel\n visibility: $exists(spec.input.istio)\n children:\n - name: Enabled\n visibility: $exists(spec.input.istio.enabled)\n source: spec.input.istio.enabled\n - name: Include Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.istio.namespaces.include)\n source: spec.input.istio.namespaces.include\n separator: ', '\n - name: Exclude Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.istio.namespaces.exclude)\n source: spec.input.istio.namespaces.exclude\n separator: ', '\n - name: Diagnostic Metrics\n visibility: $exists(spec.input.istio.diagnosticMetrics.enabled)\n source: spec.input.istio.diagnosticMetrics.enabled\n - name: Runtime\n widget: Panel\n visibility: $exists(spec.input.runtime)\n children:\n - name: Enabled\n visibility: $exists(spec.input.runtime.enabled)\n source: spec.input.runtime.enabled\n - name: Include Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.runtime.namespaces.include)\n source: spec.input.runtime.namespaces.include\n separator: ', '\n - name: Exclude Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.runtime.namespaces.exclude)\n source: spec.input.runtime.namespaces.exclude\n separator: ', '\n - name: OTLP\n widget: Panel\n visibility: $exists(spec.input.otlp)\n children:\n - name: Disabled\n visibility: $exists(spec.input.otlp.disabled)\n source: spec.input.otlp.disabled\n - name: Include Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.otlp.namespaces.include)\n source: spec.input.otlp.namespaces.include\n separator: ', '\n - name: Exclude Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.otlp.namespaces.exclude)\n source: spec.input.otlp.namespaces.exclude\n separator: ', '\n - widget: Panel\n name: Output\n children:\n - name: OTLP\n widget: Panel\n visibility: $exists(spec.output.otlp)\n children:\n - name: Endpoint\n widget: Panel\n visibility: $exists(spec.output.otlp.endpoint)\n children:\n - name: Value\n source: spec.output.otlp.endpoint.value\n visibility: $exists(spec.output.otlp.endpoint.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: spec.output.otlp.endpoint.valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(spec.output.otlp.endpoint.valueFrom.secretKeyRef.name)\n - name: Authentication\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication)\n children:\n - name: User\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication.basic.user)\n children:\n - name: Value\n source: spec.output.otlp.authentication.basic.user.value\n visibility: $exists(spec.output.otlp.authentication.basic.user.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: >-\n spec.output.otlp.authentication.basic.user.valueFrom.secretKeyRef\n kind: Secret\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.user.valueFrom.secretKeyRef.name)\n - name: Password\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication.basic.password)\n children:\n - name: Value\n source: spec.output.otlp.authentication.basic.password.value\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.password.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: >-\n spec.output.otlp.authentication.basic.password.valueFrom.secretKeyRef\n kind: Secret\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.password.valueFrom.secretKeyRef.name)\n - name: Headers\n widget: Panel\n visibility: $exists(spec.output.otlp.headers)\n children:\n - name: Header\n widget: Panel\n visibility: $exists(spec.output.otlp.headers[].name)\n source: spec.output.otlp.headers[]\n children:\n - name: Name\n source: name\n visibility: $exists(name)\n - name: Prefix\n source: prefix\n visibility: $exists(prefix)\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: TLS\n widget: Panel\n visibility: $exists(spec.output.otlp.tls)\n children:\n - name: Insecure\n visibility: $exists(spec.output.otlp.tls.insecure)\n source: spec.output.otlp.tls.insecure\n - name: Skip Cert Verification\n visibility: $exists(spec.output.otlp.tls.insecureSkipVerify)\n source: spec.output.otlp.tls.insecureSkipVerify\n - name: Ca\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.ca)\n source: spec.output.otlp.tls.ca\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Cert\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.cert)\n source: spec.output.otlp.tls.cert\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Key\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.key)\n source: spec.output.otlp.tls.key\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - widget: Panel\n name: Other Settings\n children:\n - name: Protocol\n source: spec.output.otlp.protocol", "form": "- path: spec.input\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: Prometheus\n path: prometheus\n widget: FormGroup\n simple: true\n children:\n - name: Enabled\n path: enabled\n simple: true\n - name: Include Namespaces\n widget: SimpleList\n path: namespaces.include\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Exclude Namespaces\n widget: SimpleList\n path: namespaces.exclude\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Enable Diagnostic Metrics\n path: diagnosticMetrics.enabled\n simple: true\n - name: Istio\n path: istio\n widget: FormGroup\n simple: true\n children:\n - name: Enabled\n path: enabled\n simple: true\n - name: Include Namespaces\n widget: SimpleList\n path: namespaces.include\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Exclude Namespaces\n widget: SimpleList\n path: namespaces.exclude\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Enable Diagnostic Metrics\n path: diagnosticMetrics.enabled\n simple: true\n - name: Runtime\n path: runtime\n widget: FormGroup\n simple: true\n children:\n - name: Enabled\n path: enabled\n simple: true\n - name: Include Namespaces\n widget: SimpleList\n path: namespaces.include\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Exclude Namespaces\n widget: SimpleList\n path: namespaces.exclude\n defaultExpanded: true\n children:\n - path: '[]'\n - name: OTLP\n path: otlp\n widget: FormGroup\n simple: true\n children:\n - name: Disabled\n path: disabled\n simple: true\n - name: Include Namespaces\n widget: SimpleList\n path: namespaces.include\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Exclude Namespaces\n widget: SimpleList\n path: namespaces.exclude\n defaultExpanded: true\n children:\n - path: '[]'\n- path: spec.output\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: OTLP\n path: otlp\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: Endpoint\n path: endpoint\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Protocol\n path: protocol\n simple: true\n widget: FormGroup\n children:\n - name: Value\n widget: Text\n - name: Authentication\n path: authentication\n widget: FormGroup\n simple: true\n children:\n - name: User\n path: basic.user\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n simple: true\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Password\n path: basic.password\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n simple: true\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Headers\n path: headers[]\n widget: FormGroup\n simple: true\n children:\n - name: Name\n path: name\n widget: Text\n simple: true\n - name: Prefix\n path: prefix\n widget: Text\n simple: true\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: TLS\n widget: FormGroup\n path: tls\n children:\n - name: Insecure\n path: insecure\n - name: Skip Certificate Validation\n path: insecureSkipVerify\n - name: CA\n path: ca\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Cert\n path: cert\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Key\n path: key\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n", "general": "resource:\n kind: MetricPipeline\n group: telemetry.kyma-project.io\n version: v1alpha1\nname: Metric Pipelines\ncategory: Observability\nurlPath: metricpipelines\nscope: cluster\ndescription: >-\n {{[MetricPipeline](https://kyma-project.io/#/telemetry-manager/user/resources/05-metricpipeline)}} configures a custom Metric Pipeline", "list": "- source: >-\n $each(spec.output, function($v, $k) {$v.endpoint.value or\n $v.endpoint.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\n- name: Status\n source: status.conditions\n widget: Columns\n children:\n - name: Type\n source: type\n widget: Badge\n - name: Status\n source: status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "telemetry-manager" }, "name": "telemetry-metricpipelines", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - name: State\n source: status.state\n widget: Badge\n\nbody:\n - name: Traces\n widget: Panel\n visibility: $exists(spec.trace.gateway.scaling.static.replicas)\n children:\n - name: Gateway Replicas\n source: spec.trace.gateway.scaling.static.replicas\n - name: Scaling Type\n source: spec.trace.gateway.scaling.type\n - name: Metrics\n widget: Panel\n visibility: $exists(spec.metric.gateway.scaling.static.replicas)\n children:\n - name: Gateway Replicas\n source: spec.metric.gateway.scaling.static.replicas\n - name: Scaling Type\n source: spec.metric.gateway.scaling.type\n - name: Status\n widget: Panel\n children:\n - source: status.endpoints.traces.grpc\n name: OTLP GRPC Trace Endpoint\n - source: status.endpoints.traces.http\n name: OTLP HTTP Trace Endpoint\n - source: status.endpoints.metrics.grpc\n name: OTLP GRPC Metric Endpoint\n - source: status.endpoints.metrics.http\n name: OTLP HTTP Metric Endpoint\n - source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n", "form": "- advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: spec.trace\n name: Traces\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: gateway\n name: Gateway\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: scaling\n name: Scaling\n widget: FormGroup\n children:\n - path: type\n override: false\n enum:\n - None\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n visibility: \"$item.spec.trace.gateway.scaling.type = 'Static'\"\n path: static\n name: Static\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: replicas\n name: Replicas\n simple: false\n widget: Text\n- advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: spec.metric\n name: Metrics\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: gateway\n name: Gateway\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: scaling\n name: Scaling\n widget: FormGroup\n children:\n - path: type\n override: false\n enum:\n - None\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n visibility: \"$item.spec.metric.gateway.scaling.type = 'Static'\"\n path: static\n name: Static\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: replicas\n name: Replicas\n simple: false\n widget: Text\n", "general": "resource:\n kind: Telemetry\n group: operator.kyma-project.io\n version: v1alpha1\nname: Telemetry\ncategory: Kyma\nurlPath: telemetries\nscope: namespace\ndescription: >-\n The {{[Telemetry](https://kyma-project.io/#/telemetry-manager/user/resources/01-telemetry)}} resource configures the telemetry module.\nfeatures:\n actions:\n disableCreate: true\n disableDelete: true\n", "list": "- name: State\n source: status.state\n widget: Badge\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "telemetry-manager" }, "name": "telemetry-module", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - source: >-\n $each(spec.output, function($v, $k) {$v.endpoint.value or\n $v.endpoint.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\nbody:\n - source: $filter(status.conditions, function ($v) { $v.type != \"Pending\" and $v.type != \"Running\" })\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n - widget: Panel\n name: Output\n children:\n - name: OTLP\n widget: Panel\n visibility: $exists(spec.output.otlp)\n children:\n - name: Endpoint\n widget: Panel\n visibility: $exists(spec.output.otlp.endpoint)\n children:\n - name: Value\n source: spec.output.otlp.endpoint.value\n visibility: $exists(spec.output.otlp.endpoint.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: spec.output.otlp.endpoint.valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(spec.output.otlp.endpoint.valueFrom.secretKeyRef.name)\n - name: Authentication\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication)\n children:\n - name: User\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication.basic.user)\n children:\n - name: Value\n source: spec.output.otlp.authentication.basic.user.value\n visibility: $exists(spec.output.otlp.authentication.basic.user.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: >-\n spec.output.otlp.authentication.basic.user.valueFrom.secretKeyRef\n kind: Secret\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.user.valueFrom.secretKeyRef.name)\n - name: Password\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication.basic.password)\n children:\n - name: Value\n source: spec.output.otlp.authentication.basic.password.value\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.password.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: >-\n spec.output.otlp.authentication.basic.password.valueFrom.secretKeyRef\n kind: Secret\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.password.valueFrom.secretKeyRef.name)\n - name: Headers\n widget: Panel\n visibility: $exists(spec.output.otlp.headers)\n children:\n - name: Header\n widget: Panel\n visibility: $exists(spec.output.otlp.headers[].name)\n source: spec.output.otlp.headers[]\n children:\n - name: Name\n source: name\n visibility: $exists(name)\n - name: Prefix\n source: prefix\n visibility: $exists(prefix)\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: TLS\n widget: Panel\n visibility: $exists(spec.output.otlp.tls)\n children:\n - name: Insecure\n visibility: $exists(spec.output.otlp.tls.insecure)\n source: spec.output.otlp.tls.insecure\n - name: Skip Cert Verification\n visibility: $exists(spec.output.otlp.tls.insecureSkipVerify)\n source: spec.output.otlp.tls.insecureSkipVerify\n - name: Ca\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.ca)\n source: spec.output.otlp.tls.ca\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Cert\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.cert)\n source: spec.output.otlp.tls.cert\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Key\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.key)\n source: spec.output.otlp.tls.key\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - widget: Panel\n name: Other Settings\n children:\n - name: Protocol\n source: spec.output.otlp.protocol", "form": "- path: spec.output\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: OTLP\n path: otlp\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: Endpoint\n path: endpoint\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Protocol\n path: protocol\n simple: true\n widget: FormGroup\n children:\n - name: Value\n widget: Text\n - name: Authentication\n path: authentication\n widget: FormGroup\n simple: true\n children:\n - name: User\n path: basic.user\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n simple: true\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Password\n path: basic.password\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n simple: true\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Headers\n path: headers[]\n widget: FormGroup\n simple: true\n children:\n - name: Name\n path: name\n widget: Text\n simple: true\n - name: Prefix\n path: prefix\n widget: Text\n simple: true\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: TLS\n widget: FormGroup\n path: tls\n children:\n - name: Insecure\n path: insecure\n - name: Skip Certificate Validation\n path: insecureSkipVerify\n - name: CA\n path: ca\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Cert\n path: cert\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Key\n path: key\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n", "general": "resource:\n kind: TracePipeline\n group: telemetry.kyma-project.io\n version: v1alpha1\nname: Trace Pipelines\ncategory: Observability\nurlPath: tracepipelines\nscope: cluster\ndescription: >-\n {{[TracePipeline](https://kyma-project.io/#/telemetry-manager/user/resources/04-tracepipeline)}} configures a custom Trace Pipeline", "list": "- source: >-\n $each(spec.output, function($v, $k) {$v.endpoint.value or\n $v.endpoint.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\n- name: Status\n source: $filter(status.conditions, function ($v) { $v.type != \"Pending\" and $v.type != \"Running\" })\n widget: Columns\n children:\n - name: Type\n source: type\n widget: Badge\n - name: Status\n source: status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "telemetry-manager" }, "name": "telemetry-tracepipelines", "namespace": "kyma-system" } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "annotations": { "prometheus.io/port": "8080", "prometheus.io/scrape": "true" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-metrics", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http-metrics", "port": 8080, "targetPort": 8080 } ], "selector": { "app.kubernetes.io/instance": "telemetry", "app.kubernetes.io/name": "manager", "control-plane": "telemetry-manager", "kyma-project.io/component": "controller" } } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-webhook", "namespace": "kyma-system" }, "spec": { "ports": [ { "port": 443, "protocol": "TCP", "targetPort": 9443 } ], "selector": { "app.kubernetes.io/instance": "telemetry", "app.kubernetes.io/name": "manager", "control-plane": "telemetry-manager", "kyma-project.io/component": "controller" } } }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Global (default) scheduling priority of Kyma components. Must not be blocked by unschedulable user workloads.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-priority-class" }, "value": 2000000 }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Global scheduling priority of Telemetry DaemonSet components. Must not be blocked by unschedulable non-daemonset workloads.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-priority-class-high" }, "value": 2100000 }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/instance": "telemetry", "app.kubernetes.io/name": "manager", "control-plane": "telemetry-manager", "kyma-project.io/component": "controller" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager", "sidecar.istio.io/inject": "false" }, "labels": { "app.kubernetes.io/instance": "telemetry", "app.kubernetes.io/name": "manager", "control-plane": "telemetry-manager", "kyma-project.io/component": "controller" } }, "spec": { "containers": [ { "args": [ "--cert-dir=/tmp", "--fluent-bit-priority-class-name=telemetry-priority-class-high", "--metric-gateway-priority-class=telemetry-priority-class", "--trace-collector-priority-class=telemetry-priority-class", "--validating-webhook-enabled=true" ], "command": [ "/manager" ], "env": [ { "name": "GOMEMLIMIT", "value": "300MiB" }, { "name": "APP_LOG_LEVEL", "value": "info" }, { "name": "MY_POD_NAMESPACE", "valueFrom": { "fieldRef": { "fieldPath": "metadata.namespace" } } } ], "image": "europe-docker.pkg.dev/kyma-project/prod/telemetry-manager:1.16.2", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "100m", "memory": "384Mi" }, "requests": { "cpu": "5m", "memory": "100Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] }, "privileged": false, "readOnlyRootFilesystem": false } } ], "priorityClassName": "telemetry-priority-class", "securityContext": { "runAsNonRoot": true, "seccompProfile": { "type": "RuntimeDefault" } }, "serviceAccountName": "telemetry-manager", "terminationGracePeriodSeconds": 10 } } } }, { "apiVersion": "networking.k8s.io/v1", "kind": "NetworkPolicy", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager", "namespace": "kyma-system" }, "spec": { "egress": [ { "to": [ { "ipBlock": { "cidr": "0.0.0.0/0" } }, { "ipBlock": { "cidr": "::/0" } } ] } ], "ingress": [ { "from": [ { "ipBlock": { "cidr": "0.0.0.0/0" } }, { "ipBlock": { "cidr": "::/0" } } ], "ports": [ { "port": 8080, "protocol": "TCP" }, { "port": 8081, "protocol": "TCP" }, { "port": 9443, "protocol": "TCP" } ] } ], "podSelector": { "matchLabels": { "app.kubernetes.io/instance": "telemetry", "app.kubernetes.io/name": "manager", "control-plane": "telemetry-manager", "kyma-project.io/component": "controller" } }, "policyTypes": [ "Ingress", "Egress" ] } } ], "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "Telemetry", "metadata": { "labels": { "app.kubernetes.io/name": "telemetry", "app.kubernetes.io/instance": "default", "app.kubernetes.io/part-of": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/created-by": "telemetry-manager" }, "name": "default", "namespace": "kyma-system" } }, "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/telemetries/default", "deploymentYaml": "https://github.com/kyma-project/telemetry-manager/releases/download/1.16.2/telemetry-manager.yaml", "crYaml": "https://github.com/kyma-project/telemetry-manager/releases/download/1.16.2/telemetry-default-cr.yaml" }, { "version": "1.18.1", "deploymentYaml": "https://github.com/kyma-project/telemetry-manager/releases/download/1.18.1/telemetry-manager.yaml", "crYaml": "https://github.com/kyma-project/telemetry-manager/releases/download/1.18.1/telemetry-default-cr.yaml", "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "Telemetry", "metadata": { "labels": { "app.kubernetes.io/name": "telemetry", "app.kubernetes.io/instance": "default", "app.kubernetes.io/part-of": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/created-by": "telemetry-manager" }, "name": "default", "namespace": "kyma-system" } }, "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "logparsers.telemetry.kyma-project.io" }, "spec": { "group": "telemetry.kyma-project.io", "names": { "kind": "LogParser", "listKind": "LogParserList", "plural": "logparsers", "singular": "logparser" }, "scope": "Cluster", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type==\"AgentHealthy\")].status", "name": "Agent Healthy", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "deprecated": true, "deprecationWarning": "The LogParser API is deprecated. Instead, log in JSON format and use the JSON parsing feature of the LogPipeline", "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "LogParser is the Schema for the logparsers API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired state of LogParser.", "properties": { "parser": { "description": "[Fluent Bit Parsers](https://docs.fluentbit.io/manual/pipeline/parsers). The parser specified here has no effect until it is referenced by a [Pod annotation](https://docs.fluentbit.io/manual/pipeline/filters/kubernetes#kubernetes-annotations) on your workload or by a [Parser Filter](https://docs.fluentbit.io/manual/pipeline/filters/parser) defined in a pipeline's filters section.", "type": "string" } }, "type": "object" }, "status": { "description": "Shows the observed state of the LogParser.", "properties": { "conditions": { "description": "An array of conditions describing the status of the parser.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "logpipelines.telemetry.kyma-project.io" }, "spec": { "group": "telemetry.kyma-project.io", "names": { "categories": [ "telemetry-pipelines" ], "kind": "LogPipeline", "listKind": "LogPipelineList", "plural": "logpipelines", "singular": "logpipeline" }, "scope": "Cluster", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type==\"ConfigurationGenerated\")].status", "name": "Configuration Generated", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"AgentHealthy\")].status", "name": "Agent Healthy", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"TelemetryFlowHealthy\")].status", "name": "Flow Healthy", "type": "string" }, { "jsonPath": ".status.unsupportedMode", "name": "Unsupported Mode", "type": "boolean" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "LogPipeline is the Schema for the logpipelines API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired state of LogPipeline", "properties": { "files": { "items": { "description": "Provides file content to be consumed by a LogPipeline configuration", "properties": { "content": { "type": "string" }, "name": { "type": "string" } }, "type": "object" }, "type": "array" }, "filters": { "items": { "description": "Describes a filtering option on the logs of the pipeline.", "properties": { "custom": { "description": "Custom filter definition in the Fluent Bit syntax. Note: If you use a `custom` filter, you put the LogPipeline in unsupported mode.", "type": "string" } }, "type": "object" }, "type": "array" }, "input": { "description": "Defines where to collect logs, including selector mechanisms.", "properties": { "application": { "description": "Configures in more detail from which containers application logs are enabled as input.", "properties": { "containers": { "description": "Describes whether application logs from specific containers are selected. The options are mutually exclusive.", "properties": { "exclude": { "description": "Specifies to exclude only the container logs with the specified container names.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Specifies to include only the container logs with the specified container names.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "dropLabels": { "description": "Defines whether to drop all Kubernetes labels. The default is `false`.", "type": "boolean" }, "keepAnnotations": { "description": "Defines whether to keep all Kubernetes annotations. The default is `false`.", "type": "boolean" }, "namespaces": { "description": "Describes whether application logs from specific Namespaces are selected. The options are mutually exclusive. System Namespaces are excluded by default from the collection.", "properties": { "exclude": { "description": "Exclude the container logs of the specified Namespace names.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include only the container logs of the specified Namespace names.", "items": { "type": "string" }, "type": "array" }, "system": { "description": "Set to `true` if collecting from all Namespaces must also include the system Namespaces like kube-system, istio-system, and kyma-system.", "type": "boolean" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "output": { "description": "[Fluent Bit output](https://docs.fluentbit.io/manual/pipeline/outputs) where you want to push the logs. Only one output can be specified.", "properties": { "custom": { "description": "Defines a custom output in the Fluent Bit syntax. Note: If you use a `custom` output, you put the LogPipeline in unsupported mode.", "type": "string" }, "grafana-loki": { "description": "The grafana-loki output is not supported anymore. For integration with a custom Loki installation, use the `custom` output and follow [Installing a custom Loki stack in Kyma](https://kyma-project.io/#/telemetry-manager/user/integration/loki/README ).", "properties": { "labels": { "additionalProperties": { "type": "string" }, "description": "Labels to set for each log record.", "type": "object" }, "removeKeys": { "description": "Attributes to be removed from a log record.", "items": { "type": "string" }, "type": "array" }, "url": { "description": "Grafana Loki URL.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "http": { "description": "Configures an HTTP-based output compatible with the Fluent Bit HTTP output plugin.", "properties": { "compress": { "description": "Defines the compression algorithm to use.", "type": "string" }, "dedot": { "description": "Enables de-dotting of Kubernetes labels and annotations for compatibility with ElasticSearch based backends. Dots (.) will be replaced by underscores (_). Default is `false`.", "type": "boolean" }, "format": { "description": "Data format to be used in the HTTP request body. Default is `json`.", "type": "string" }, "host": { "description": "Defines the host of the HTTP receiver.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "password": { "description": "Defines the basic auth password.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "port": { "description": "Defines the port of the HTTP receiver. Default is 443.", "type": "string" }, "tls": { "description": "Configures TLS for the HTTP target server.", "properties": { "ca": { "description": "Defines an optional CA certificate for server certificate verification when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "cert": { "description": "Defines a client certificate to use when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "disabled": { "description": "Indicates if TLS is disabled or enabled. Default is `false`.", "type": "boolean" }, "key": { "description": "Defines the client key to use when using TLS. The key must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "skipCertificateValidation": { "description": "If `true`, the validation of certificates is skipped. Default is `false`.", "type": "boolean" } }, "type": "object" }, "uri": { "description": "Defines the URI of the HTTP receiver. Default is \"/\".", "type": "string" }, "user": { "description": "Defines the basic auth user.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "variables": { "description": "A list of mappings from Kubernetes Secret keys to environment variables. Mapped keys are mounted as environment variables, so that they are available as [Variables](https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/classic-mode/variables) in the sections.", "items": { "description": "References a Kubernetes secret that should be provided as environment variable to Fluent Bit", "properties": { "name": { "description": "Name of the variable to map.", "type": "string" }, "valueFrom": { "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "type": "array" } }, "type": "object" }, "status": { "description": "Shows the observed state of the LogPipeline", "properties": { "conditions": { "description": "An array of conditions describing the status of the pipeline.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "unsupportedMode": { "description": "Is active when the LogPipeline uses a `custom` output or filter; see [unsupported mode](https://github.com/kyma-project/telemetry-manager/blob/main/docs/user/02-logs.md#unsupported-mode).", "type": "boolean" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "metricpipelines.telemetry.kyma-project.io" }, "spec": { "group": "telemetry.kyma-project.io", "names": { "categories": [ "telemetry-pipelines" ], "kind": "MetricPipeline", "listKind": "MetricPipelineList", "plural": "metricpipelines", "singular": "metricpipeline" }, "scope": "Cluster", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type==\"ConfigurationGenerated\")].status", "name": "Configuration Generated", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"GatewayHealthy\")].status", "name": "Gateway Healthy", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"AgentHealthy\")].status", "name": "Agent Healthy", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"TelemetryFlowHealthy\")].status", "name": "Flow Healthy", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "MetricPipeline is the Schema for the metricpipelines API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired characteristics of MetricPipeline.", "properties": { "input": { "description": "Configures different inputs to send additional metrics to the metric gateway.", "properties": { "istio": { "description": "Configures istio-proxy metrics scraping.", "properties": { "diagnosticMetrics": { "description": "Configures diagnostic metrics scraping", "properties": { "enabled": { "description": "If enabled, diagnostic metrics are scraped. The default is `false`.", "type": "boolean" } }, "type": "object" }, "enabled": { "description": "If enabled, metrics for istio-proxy containers are scraped from Pods that have had the istio-proxy sidecar injected. The default is `false`.", "type": "boolean" }, "namespaces": { "description": "Describes whether istio-proxy metrics from specific Namespaces are selected. System Namespaces are enabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" }, "otlp": { "description": "Configures the collection of push-based metrics that use the OpenTelemetry protocol.", "properties": { "disabled": { "description": "If disabled, push-based OTLP metrics are not collected. The default is `false`.", "type": "boolean" }, "namespaces": { "description": "Describes whether push-based OTLP metrics from specific Namespaces are selected. System Namespaces are enabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" }, "prometheus": { "description": "Configures Prometheus scraping.", "properties": { "diagnosticMetrics": { "description": "Configures diagnostic metrics scraping", "properties": { "enabled": { "description": "If enabled, diagnostic metrics are scraped. The default is `false`.", "type": "boolean" } }, "type": "object" }, "enabled": { "description": "If enabled, Pods marked with `prometheus.io/scrape=true` annotation are scraped. The default is `false`.", "type": "boolean" }, "namespaces": { "default": { "exclude": [ "kyma-system", "kube-system", "istio-system", "compass-system" ] }, "description": "Describes whether Prometheus metrics from specific Namespaces are selected. System Namespaces are disabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" }, "runtime": { "description": "Configures runtime scraping.", "properties": { "enabled": { "description": "If enabled, workload-related Kubernetes metrics are scraped. The default is `false`.", "type": "boolean" }, "namespaces": { "default": { "exclude": [ "kyma-system", "kube-system", "istio-system", "compass-system" ] }, "description": "Describes whether workload-related Kubernetes metrics from specific Namespaces are selected. System Namespaces are disabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" } }, "type": "object" }, "output": { "description": "Configures the metric gateway.", "properties": { "otlp": { "description": "Defines an output using the OpenTelemetry protocol.", "properties": { "authentication": { "description": "Defines authentication options for the OTLP output", "properties": { "basic": { "description": "Activates `Basic` authentication for the destination providing relevant Secrets.", "properties": { "password": { "description": "Contains the basic auth password or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "user": { "description": "Contains the basic auth username or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "password", "user" ], "type": "object" } }, "type": "object" }, "endpoint": { "description": "Defines the host and port (:) of an OTLP endpoint.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "headers": { "description": "Defines custom headers to be added to outgoing HTTP or GRPC requests.", "items": { "properties": { "name": { "description": "Defines the header name.", "type": "string" }, "prefix": { "description": "Defines an optional header value prefix. The prefix is separated from the value by a space character.", "type": "string" }, "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "required": [ "name" ], "type": "object" }, "type": "array" }, "path": { "description": "Defines OTLP export URL path (only for the HTTP protocol). This value overrides auto-appended paths /v1/metrics and /v1/traces", "type": "string" }, "protocol": { "default": "grpc", "description": "Defines the OTLP protocol (http or grpc). Default is grpc.", "enum": [ "grpc", "http" ], "minLength": 1, "type": "string" }, "tls": { "description": "Defines TLS options for the OTLP output.", "properties": { "ca": { "description": "Defines an optional CA certificate for server certificate verification when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "cert": { "description": "Defines a client certificate to use when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "insecure": { "description": "Defines whether to send requests using plaintext instead of TLS.", "type": "boolean" }, "insecureSkipVerify": { "description": "Defines whether to skip server certificate verification when using TLS.", "type": "boolean" }, "key": { "description": "Defines the client key to use when using TLS. The key must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "endpoint" ], "type": "object", "x-kubernetes-validations": [ { "message": "Path is only available with HTTP protocol", "rule": "((!has(self.path) || size(self.path) <= 0) && (has(self.protocol) && self.protocol == 'grpc')) || (has(self.protocol) && self.protocol == 'http')" } ] } }, "required": [ "otlp" ], "type": "object" } }, "type": "object" }, "status": { "description": "Represents the current information/status of MetricPipeline.", "properties": { "conditions": { "description": "An array of conditions describing the status of the pipeline.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetries.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "Telemetry", "listKind": "TelemetryList", "plural": "telemetries", "singular": "telemetry" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".metadata.generation", "name": "generation", "type": "integer" }, { "jsonPath": ".metadata.creationTimestamp", "name": "age", "type": "date" }, { "jsonPath": ".status.state", "name": "state", "type": "string" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "Telemetry is the Schema for the telemetries API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "TelemetrySpec defines the desired state of Telemetry", "properties": { "metric": { "description": "MetricSpec defines the behavior of the metric gateway", "properties": { "gateway": { "properties": { "scaling": { "description": "Scaling defines which strategy is used for scaling the gateway, with detailed configuration options for each strategy type.", "properties": { "static": { "description": "Static is a scaling strategy enabling you to define a custom amount of replicas to be used for the gateway. Present only if Type =\nStaticScalingStrategyType.", "properties": { "replicas": { "description": "Replicas defines a static number of pods to run the gateway. Minimum is 1.", "format": "int32", "minimum": 1, "type": "integer" } }, "type": "object" }, "type": { "description": "Type of scaling strategy. Default is none, using a fixed amount of replicas.", "enum": [ "Static" ], "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "trace": { "description": "TraceSpec defines the behavior of the trace gateway", "properties": { "gateway": { "properties": { "scaling": { "description": "Scaling defines which strategy is used for scaling the gateway, with detailed configuration options for each strategy type.", "properties": { "static": { "description": "Static is a scaling strategy enabling you to define a custom amount of replicas to be used for the gateway. Present only if Type =\nStaticScalingStrategyType.", "properties": { "replicas": { "description": "Replicas defines a static number of pods to run the gateway. Minimum is 1.", "format": "int32", "minimum": 1, "type": "integer" } }, "type": "object" }, "type": { "description": "Type of scaling strategy. Default is none, using a fixed amount of replicas.", "enum": [ "Static" ], "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "status": { "description": "TelemetryStatus defines the observed state of Telemetry", "properties": { "conditions": { "description": "Conditions contain a set of conditionals to determine the State of Status.\nIf all Conditions are met, State is expected to be in StateReady.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "endpoints": { "description": "endpoints for trace and metric gateway.", "nullable": true, "properties": { "metrics": { "description": "metrics contains the endpoints for metric gateway supporting OTLP.", "properties": { "grpc": { "description": "GRPC endpoint for OTLP.", "type": "string" }, "http": { "description": "HTTP endpoint for OTLP.", "type": "string" } }, "type": "object" }, "traces": { "description": "traces contains the endpoints for trace gateway supporting OTLP.", "properties": { "grpc": { "description": "GRPC endpoint for OTLP.", "type": "string" }, "http": { "description": "HTTP endpoint for OTLP.", "type": "string" } }, "type": "object" } }, "type": "object" }, "state": { "description": "State signifies current state of Module CR.\nValue can be one of these three: \"Ready\", \"Deleting\", or \"Warning\".", "enum": [ "Deleting", "Ready", "Warning" ], "type": "string" } }, "required": [ "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "tracepipelines.telemetry.kyma-project.io" }, "spec": { "group": "telemetry.kyma-project.io", "names": { "categories": [ "telemetry-pipelines" ], "kind": "TracePipeline", "listKind": "TracePipelineList", "plural": "tracepipelines", "singular": "tracepipeline" }, "scope": "Cluster", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type==\"ConfigurationGenerated\")].status", "name": "Configuration Generated", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"GatewayHealthy\")].status", "name": "Gateway Healthy", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"TelemetryFlowHealthy\")].status", "name": "Flow Healthy", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "TracePipeline is the Schema for the tracepipelines API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired state of TracePipeline", "properties": { "output": { "description": "Defines a destination for shipping trace data. Only one can be defined per pipeline.", "properties": { "otlp": { "description": "Configures the underlying Otel Collector with an [OTLP exporter](https://github.com/open-telemetry/opentelemetry-collector/blob/main/exporter/otlpexporter/README.md). If you switch `protocol`to `http`, an [OTLP HTTP exporter](https://github.com/open-telemetry/opentelemetry-collector/tree/main/exporter/otlphttpexporter) is used.", "properties": { "authentication": { "description": "Defines authentication options for the OTLP output", "properties": { "basic": { "description": "Activates `Basic` authentication for the destination providing relevant Secrets.", "properties": { "password": { "description": "Contains the basic auth password or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "user": { "description": "Contains the basic auth username or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "password", "user" ], "type": "object" } }, "type": "object" }, "endpoint": { "description": "Defines the host and port (:) of an OTLP endpoint.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "headers": { "description": "Defines custom headers to be added to outgoing HTTP or GRPC requests.", "items": { "properties": { "name": { "description": "Defines the header name.", "type": "string" }, "prefix": { "description": "Defines an optional header value prefix. The prefix is separated from the value by a space character.", "type": "string" }, "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "required": [ "name" ], "type": "object" }, "type": "array" }, "path": { "description": "Defines OTLP export URL path (only for the HTTP protocol). This value overrides auto-appended paths /v1/metrics and /v1/traces", "type": "string" }, "protocol": { "default": "grpc", "description": "Defines the OTLP protocol (http or grpc). Default is grpc.", "enum": [ "grpc", "http" ], "minLength": 1, "type": "string" }, "tls": { "description": "Defines TLS options for the OTLP output.", "properties": { "ca": { "description": "Defines an optional CA certificate for server certificate verification when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "cert": { "description": "Defines a client certificate to use when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "insecure": { "description": "Defines whether to send requests using plaintext instead of TLS.", "type": "boolean" }, "insecureSkipVerify": { "description": "Defines whether to skip server certificate verification when using TLS.", "type": "boolean" }, "key": { "description": "Defines the client key to use when using TLS. The key must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "endpoint" ], "type": "object", "x-kubernetes-validations": [ { "message": "Path is only available with HTTP protocol", "rule": "((!has(self.path) || size(self.path) <= 0) && (has(self.protocol) && self.protocol == 'grpc')) || (has(self.protocol) && self.protocol == 'http')" } ] } }, "required": [ "otlp" ], "type": "object" } }, "required": [ "output" ], "type": "object" }, "status": { "description": "Shows the observed state of the TracePipeline", "properties": { "conditions": { "description": "An array of conditions describing the status of the pipeline.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-leader-election-role", "namespace": "kyma-system" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-role", "namespace": "kyma-system" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "secrets" ], "verbs": [ "create", "delete", "patch", "update" ] }, { "apiGroups": [ "" ], "resources": [ "serviceaccounts" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "daemonsets" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "networking.k8s.io" ], "resources": [ "networkpolicies" ], "verbs": [ "create", "delete", "patch", "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "telemetries" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "telemetries/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "telemetries/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "peerauthentications" ], "verbs": [ "create", "delete", "patch", "update" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-role" }, "rules": [ { "nonResourceURLs": [ "/metrics" ], "verbs": [ "get" ] }, { "nonResourceURLs": [ "/metrics/cadvisor" ], "verbs": [ "get" ] }, { "apiGroups": [ "" ], "resources": [ "endpoints" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] }, { "apiGroups": [ "" ], "resources": [ "namespaces" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "nodes" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "nodes/metrics" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "nodes/stats" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "pods" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "secrets" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "validatingwebhookconfigurations" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "replicasets" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "networking.k8s.io" ], "resources": [ "networkpolicies" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "telemetries" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterroles" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "rolebindings" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "roles" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "peerauthentications" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logparsers" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logparsers/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logparsers/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logpipelines" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logpipelines/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logpipelines/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "metricpipelines" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "metricpipelines/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "metricpipelines/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "tracepipelines" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "tracepipelines/status" ], "verbs": [ "get", "patch", "update" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-leader-election-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "telemetry-manager-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "telemetry-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "telemetry-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "telemetry-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "telemetry-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "telemetry-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "details": "header:\n - source: >-\n $each(spec.output, function($v, $k) {$v.url.value or\n $v.url.valueFrom.secretKeyRef.name or $v.host.value or\n $v.host.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\n - name: Unsupported-Mode\n source: status.unsupportedMode\n widget: Badge\n highlights:\n positive:\n - 'false'\n negative:\n - 'true'\nbody:\n - source: $filter(status.conditions, function ($v) { $v.type != \"Pending\" and $v.type != \"Running\" })\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n - widget: Panel\n name: Applications\n children:\n - widget: Panel\n name: Namespaces\n children:\n - name: Include\n widget: JoinedArray\n source: spec.input.application.namespaces.include\n separator: ', '\n - name: Exclude\n widget: JoinedArray\n source: spec.input.application.namespaces.exclude\n separator: ', '\n - name: System Namespaces\n source: spec.input.application.namespaces.system\n - widget: Panel\n name: Containers\n children:\n - name: Include\n widget: JoinedArray\n source: spec.input.application.containers.include\n separator: ', '\n - name: Exclude\n widget: JoinedArray\n source: spec.input.application.containers.exclude\n separator: ', '\n - widget: Panel\n name: Other Settings\n children:\n - name: Keep Annotations\n source: spec.input.application.keepAnnotations\n - name: Drop Labels\n source: spec.input.application.dropLabels\n - widget: Panel\n name: Output\n children:\n - name: Custom\n widget: CodeViewer\n language: '''plaintext'''\n source: spec.output.custom\n visibility: $exists(spec.output.custom)\n - name: Grafana-Loki\n widget: Panel\n visibility: $not($exists(spec.output.custom) or $exists(spec.output.http))\n children:\n - name: URL\n source: spec.output.`grafana-loki`.url.value\n - name: Labels\n widget: Labels\n source: spec.output.`grafana-loki`.labels\n - name: Remove keys\n widget: JoinedArray\n separator: ','\n source: spec.output.`grafana-loki`.removeKeys\n - name: HTTP\n widget: Panel\n visibility: $exists(spec.output.http)\n children:\n - name: Host\n widget: Panel\n children:\n - name: Value\n source: spec.output.http.host.value\n visibility: $exists(spec.output.http.host.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: spec.output.http.host.valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(spec.output.http.host.valueFrom.secretKeyRef.name)\n - name: User\n widget: Panel\n children:\n - name: Value\n source: spec.output.http.user.value\n visibility: $exists(spec.output.http.user.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: spec.output.http.user.valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(spec.output.http.user.valueFrom.secretKeyRef.name)\n - name: Password\n widget: Panel\n children:\n - name: Value\n source: spec.output.http.password.value\n visibility: $exists(spec.output.http.password.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: spec.output.http.password.valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(spec.output.http.password.valueFrom.secretKeyRef.name)\n - name: TLS Settings\n widget: Panel\n children:\n - name: Disabled\n source: spec.output.http.tls.disabled\n placeholder: 'false'\n - name: Skip certificate validation\n source: spec.output.http.tls.skipCertificateValidation\n placeholder: 'false'\n - name: Ca\n widget: Panel\n visibility: $exists(spec.output.http.tls.ca)\n source: spec.output.http.tls.ca\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Cert\n widget: Panel\n visibility: $exists(spec.output.http.tls.cert)\n source: spec.output.http.tls.cert\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Key\n widget: Panel\n visibility: $exists(spec.output.http.tls.key)\n source: spec.output.http.tls.key\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Other Settings\n widget: Panel\n children:\n - name: Compression\n source: spec.output.http.compress\n - name: De-dot\n source: spec.output.http.dedot\n placeholder: 'false'\n - name: Format\n source: spec.output.http.format\n placeholder: json\n - name: Port\n source: spec.output.http.port\n placeholder: '443'\n - name: URI\n source: spec.output.http.uri", "form": "- path: spec.input\n widget: FormGroup\n defaultExpanded: true\n children:\n - name: Include Namespaces\n widget: SimpleList\n path: application.namespaces.include\n defaultExpanded: true\n inputInfo: Include container logs from selected namespaces\n children:\n - path: '[]'\n - name: Exclude Namespaces\n widget: SimpleList\n path: application.namespaces.exclude\n children:\n - path: '[]'\n - name: Include System Namespaces\n path: application.namespaces.system\n - name: Include Containers\n widget: SimpleList\n path: application.containers.include\n - name: Exclude Containers\n widget: SimpleList\n path: application.containers.exclude\n - name: Keep Annotations\n path: application.keepAnnotations\n - name: Drop Labels\n path: application.dropLabels\n- name: Filters\n widget: SimpleList\n path: spec.filters\n children:\n - widget: FormGroup\n path: '[]'\n children:\n - widget: CodeEditor\n path: custom\n- path: spec.output\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: Custom\n path: custom\n widget: CodeEditor\n advanced: true\n inputInfo: >-\n Note: If you use a custom output, you put the LogPipeline in unsupported\n mode\n (https://kyma-project.io/#/telemetry-manager/user/02-logs?id=unsupported-mode)\n - name: HTTP\n path: http\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: Host\n path: host\n simple: true\n widget: FormGroup\n children:\n - name: Value\n path: value\n simple: true\n widget: Text\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n simple: true\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n children:\n - path: key\n simple: true\n enum: $keys($secret.data)\n - name: User\n path: user\n simple: true\n widget: FormGroup\n children:\n - name: Value\n path: value\n simple: true\n widget: Text\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n simple: true\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n children:\n - path: key\n simple: true\n enum: $keys($secret.data)\n - name: Password\n path: password\n simple: true\n widget: FormGroup\n children:\n - name: Value\n path: value\n simple: true\n widget: Text\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n simple: true\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n children:\n - path: key\n simple: true\n enum: $keys($secret.data)\n - name: TLS\n widget: FormGroup\n path: tls\n children:\n - name: Disabled\n path: disabled\n - name: Skip Certificate Validation\n path: skipCertificateValidation\n - name: CA\n path: ca\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Cert\n path: cert\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Key\n path: key\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: URI\n path: uri\n widget: Text\n - name: Port\n path: port\n widget: Text\n - name: Compress\n path: compress\n widget: Text\n - name: Format\n path: format\n widget: Text\n - name: Dedot\n simple: true\n path: dedot\n", "general": "resource:\n kind: LogPipeline\n group: telemetry.kyma-project.io\n version: v1alpha1\nname: Log Pipelines\ncategory: Observability\nurlPath: logpipelines\nscope: cluster\ndescription: >-\n {{[LogPipeline custom resource](https://kyma-project.io/#/telemetry-manager/user/resources/02-logpipeline)}} configures a custom Log Pipeline.", "list": "- source: >-\n $each(spec.output, function($v, $k) {$v.url.value or\n $v.url.valueFrom.secretKeyRef.name or $v.host.value or\n $v.host.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\n- name: Unsupported-Mode\n source: status.unsupportedMode\n widget: Badge\n highlights:\n positive:\n - 'false'\n negative:\n - 'true'\n- name: Status\n source: $filter(status.conditions, function ($v) { $v.type != \"Pending\" and $v.type != \"Running\" })\n widget: Columns\n children:\n - name: Type\n source: type\n widget: Badge\n - name: Status\n source: status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "telemetry-manager" }, "name": "telemetry-logpipelines", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - source: >-\n $each(spec.output, function($v, $k) {$v.endpoint.value or\n $v.endpoint.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\nbody:\n - source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n - widget: Panel\n name: Input\n children:\n - name: Prometheus\n widget: Panel\n visibility: $exists(spec.input.prometheus)\n children:\n - name: Enabled\n visibility: $exists(spec.input.prometheus.enabled)\n source: spec.input.prometheus.enabled\n - name: Include Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.prometheus.namespaces.include)\n source: spec.input.prometheus.namespaces.include\n separator: ', '\n - name: Exclude Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.prometheus.namespaces.exclude)\n source: spec.input.prometheus.namespaces.exclude\n separator: ', '\n - name: Diagnostic Metrics\n visibility: $exists(spec.input.prometheus.diagnosticMetrics.enabled)\n source: spec.input.prometheus.diagnosticMetrics.enabled\n - name: Istio\n widget: Panel\n visibility: $exists(spec.input.istio)\n children:\n - name: Enabled\n visibility: $exists(spec.input.istio.enabled)\n source: spec.input.istio.enabled\n - name: Include Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.istio.namespaces.include)\n source: spec.input.istio.namespaces.include\n separator: ', '\n - name: Exclude Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.istio.namespaces.exclude)\n source: spec.input.istio.namespaces.exclude\n separator: ', '\n - name: Diagnostic Metrics\n visibility: $exists(spec.input.istio.diagnosticMetrics.enabled)\n source: spec.input.istio.diagnosticMetrics.enabled\n - name: Runtime\n widget: Panel\n visibility: $exists(spec.input.runtime)\n children:\n - name: Enabled\n visibility: $exists(spec.input.runtime.enabled)\n source: spec.input.runtime.enabled\n - name: Include Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.runtime.namespaces.include)\n source: spec.input.runtime.namespaces.include\n separator: ', '\n - name: Exclude Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.runtime.namespaces.exclude)\n source: spec.input.runtime.namespaces.exclude\n separator: ', '\n - name: OTLP\n widget: Panel\n visibility: $exists(spec.input.otlp)\n children:\n - name: Disabled\n visibility: $exists(spec.input.otlp.disabled)\n source: spec.input.otlp.disabled\n - name: Include Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.otlp.namespaces.include)\n source: spec.input.otlp.namespaces.include\n separator: ', '\n - name: Exclude Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.otlp.namespaces.exclude)\n source: spec.input.otlp.namespaces.exclude\n separator: ', '\n - widget: Panel\n name: Output\n children:\n - name: OTLP\n widget: Panel\n visibility: $exists(spec.output.otlp)\n children:\n - name: Endpoint\n widget: Panel\n visibility: $exists(spec.output.otlp.endpoint)\n children:\n - name: Value\n source: spec.output.otlp.endpoint.value\n visibility: $exists(spec.output.otlp.endpoint.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: spec.output.otlp.endpoint.valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(spec.output.otlp.endpoint.valueFrom.secretKeyRef.name)\n - name: Authentication\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication)\n children:\n - name: User\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication.basic.user)\n children:\n - name: Value\n source: spec.output.otlp.authentication.basic.user.value\n visibility: $exists(spec.output.otlp.authentication.basic.user.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: >-\n spec.output.otlp.authentication.basic.user.valueFrom.secretKeyRef\n kind: Secret\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.user.valueFrom.secretKeyRef.name)\n - name: Password\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication.basic.password)\n children:\n - name: Value\n source: spec.output.otlp.authentication.basic.password.value\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.password.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: >-\n spec.output.otlp.authentication.basic.password.valueFrom.secretKeyRef\n kind: Secret\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.password.valueFrom.secretKeyRef.name)\n - name: Headers\n widget: Panel\n visibility: $exists(spec.output.otlp.headers)\n children:\n - name: Header\n widget: Panel\n visibility: $exists(spec.output.otlp.headers[].name)\n source: spec.output.otlp.headers[]\n children:\n - name: Name\n source: name\n visibility: $exists(name)\n - name: Prefix\n source: prefix\n visibility: $exists(prefix)\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: TLS\n widget: Panel\n visibility: $exists(spec.output.otlp.tls)\n children:\n - name: Insecure\n visibility: $exists(spec.output.otlp.tls.insecure)\n source: spec.output.otlp.tls.insecure\n - name: Skip Cert Verification\n visibility: $exists(spec.output.otlp.tls.insecureSkipVerify)\n source: spec.output.otlp.tls.insecureSkipVerify\n - name: Ca\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.ca)\n source: spec.output.otlp.tls.ca\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Cert\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.cert)\n source: spec.output.otlp.tls.cert\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Key\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.key)\n source: spec.output.otlp.tls.key\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - widget: Panel\n name: Other Settings\n children:\n - name: Protocol\n source: spec.output.otlp.protocol", "form": "- path: spec.input\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: Prometheus\n path: prometheus\n widget: FormGroup\n simple: true\n children:\n - name: Enabled\n path: enabled\n simple: true\n - name: Include Namespaces\n widget: SimpleList\n path: namespaces.include\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Exclude Namespaces\n widget: SimpleList\n path: namespaces.exclude\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Enable Diagnostic Metrics\n path: diagnosticMetrics.enabled\n simple: true\n - name: Istio\n path: istio\n widget: FormGroup\n simple: true\n children:\n - name: Enabled\n path: enabled\n simple: true\n - name: Include Namespaces\n widget: SimpleList\n path: namespaces.include\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Exclude Namespaces\n widget: SimpleList\n path: namespaces.exclude\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Enable Diagnostic Metrics\n path: diagnosticMetrics.enabled\n simple: true\n - name: Runtime\n path: runtime\n widget: FormGroup\n simple: true\n children:\n - name: Enabled\n path: enabled\n simple: true\n - name: Include Namespaces\n widget: SimpleList\n path: namespaces.include\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Exclude Namespaces\n widget: SimpleList\n path: namespaces.exclude\n defaultExpanded: true\n children:\n - path: '[]'\n - name: OTLP\n path: otlp\n widget: FormGroup\n simple: true\n children:\n - name: Disabled\n path: disabled\n simple: true\n - name: Include Namespaces\n widget: SimpleList\n path: namespaces.include\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Exclude Namespaces\n widget: SimpleList\n path: namespaces.exclude\n defaultExpanded: true\n children:\n - path: '[]'\n- path: spec.output\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: OTLP\n path: otlp\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: Endpoint\n path: endpoint\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Protocol\n path: protocol\n simple: true\n widget: FormGroup\n children:\n - name: Value\n widget: Text\n - name: Authentication\n path: authentication\n widget: FormGroup\n simple: true\n children:\n - name: User\n path: basic.user\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n simple: true\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Password\n path: basic.password\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n simple: true\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Headers\n path: headers[]\n widget: FormGroup\n simple: true\n children:\n - name: Name\n path: name\n widget: Text\n simple: true\n - name: Prefix\n path: prefix\n widget: Text\n simple: true\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: TLS\n widget: FormGroup\n path: tls\n children:\n - name: Insecure\n path: insecure\n - name: Skip Certificate Validation\n path: insecureSkipVerify\n - name: CA\n path: ca\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Cert\n path: cert\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Key\n path: key\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n", "general": "resource:\n kind: MetricPipeline\n group: telemetry.kyma-project.io\n version: v1alpha1\nname: Metric Pipelines\ncategory: Observability\nurlPath: metricpipelines\nscope: cluster\ndescription: >-\n {{[MetricPipeline custom resource](https://kyma-project.io/#/telemetry-manager/user/resources/05-metricpipeline)}} configures a custom Metric Pipeline.", "list": "- source: >-\n $each(spec.output, function($v, $k) {$v.endpoint.value or\n $v.endpoint.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\n- name: Status\n source: status.conditions\n widget: Columns\n children:\n - name: Type\n source: type\n widget: Badge\n - name: Status\n source: status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "telemetry-manager" }, "name": "telemetry-metricpipelines", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - name: State\n source: status.state\n widget: Badge\n\nbody:\n - name: Traces\n widget: Panel\n visibility: $exists(spec.trace.gateway.scaling.static.replicas)\n children:\n - name: Gateway Replicas\n source: spec.trace.gateway.scaling.static.replicas\n - name: Scaling Type\n source: spec.trace.gateway.scaling.type\n - name: Metrics\n widget: Panel\n visibility: $exists(spec.metric.gateway.scaling.static.replicas)\n children:\n - name: Gateway Replicas\n source: spec.metric.gateway.scaling.static.replicas\n - name: Scaling Type\n source: spec.metric.gateway.scaling.type\n - name: Status\n widget: Panel\n children:\n - source: status.endpoints.traces.grpc\n name: OTLP GRPC Trace Endpoint\n - source: status.endpoints.traces.http\n name: OTLP HTTP Trace Endpoint\n - source: status.endpoints.metrics.grpc\n name: OTLP GRPC Metric Endpoint\n - source: status.endpoints.metrics.http\n name: OTLP HTTP Metric Endpoint\n - source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n", "form": "- advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: spec.trace\n name: Traces\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: gateway\n name: Gateway\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: scaling\n name: Scaling\n widget: FormGroup\n children:\n - path: type\n override: false\n enum:\n - None\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n visibility: \"$item.spec.trace.gateway.scaling.type = 'Static'\"\n path: static\n name: Static\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: replicas\n name: Replicas\n simple: false\n widget: Text\n- advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: spec.metric\n name: Metrics\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: gateway\n name: Gateway\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: scaling\n name: Scaling\n widget: FormGroup\n children:\n - path: type\n override: false\n enum:\n - None\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n visibility: \"$item.spec.metric.gateway.scaling.type = 'Static'\"\n path: static\n name: Static\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: replicas\n name: Replicas\n simple: false\n widget: Text\n", "general": "resource:\n kind: Telemetry\n group: operator.kyma-project.io\n version: v1alpha1\nname: Telemetry\ncategory: Kyma\nurlPath: telemetries\nscope: namespace\ndescription: >-\n {{[Telemetry custom resource](https://kyma-project.io/#/telemetry-manager/user/resources/01-telemetry)}} configures the Telemetry module.\nfeatures:\n actions:\n disableCreate: true\n disableDelete: true\n", "list": "- name: State\n source: status.state\n widget: Badge\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "telemetry-manager" }, "name": "telemetry-module", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - source: >-\n $each(spec.output, function($v, $k) {$v.endpoint.value or\n $v.endpoint.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\nbody:\n - source: $filter(status.conditions, function ($v) { $v.type != \"Pending\" and $v.type != \"Running\" })\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n - widget: Panel\n name: Output\n children:\n - name: OTLP\n widget: Panel\n visibility: $exists(spec.output.otlp)\n children:\n - name: Endpoint\n widget: Panel\n visibility: $exists(spec.output.otlp.endpoint)\n children:\n - name: Value\n source: spec.output.otlp.endpoint.value\n visibility: $exists(spec.output.otlp.endpoint.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: spec.output.otlp.endpoint.valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(spec.output.otlp.endpoint.valueFrom.secretKeyRef.name)\n - name: Authentication\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication)\n children:\n - name: User\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication.basic.user)\n children:\n - name: Value\n source: spec.output.otlp.authentication.basic.user.value\n visibility: $exists(spec.output.otlp.authentication.basic.user.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: >-\n spec.output.otlp.authentication.basic.user.valueFrom.secretKeyRef\n kind: Secret\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.user.valueFrom.secretKeyRef.name)\n - name: Password\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication.basic.password)\n children:\n - name: Value\n source: spec.output.otlp.authentication.basic.password.value\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.password.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: >-\n spec.output.otlp.authentication.basic.password.valueFrom.secretKeyRef\n kind: Secret\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.password.valueFrom.secretKeyRef.name)\n - name: Headers\n widget: Panel\n visibility: $exists(spec.output.otlp.headers)\n children:\n - name: Header\n widget: Panel\n visibility: $exists(spec.output.otlp.headers[].name)\n source: spec.output.otlp.headers[]\n children:\n - name: Name\n source: name\n visibility: $exists(name)\n - name: Prefix\n source: prefix\n visibility: $exists(prefix)\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: TLS\n widget: Panel\n visibility: $exists(spec.output.otlp.tls)\n children:\n - name: Insecure\n visibility: $exists(spec.output.otlp.tls.insecure)\n source: spec.output.otlp.tls.insecure\n - name: Skip Cert Verification\n visibility: $exists(spec.output.otlp.tls.insecureSkipVerify)\n source: spec.output.otlp.tls.insecureSkipVerify\n - name: Ca\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.ca)\n source: spec.output.otlp.tls.ca\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Cert\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.cert)\n source: spec.output.otlp.tls.cert\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Key\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.key)\n source: spec.output.otlp.tls.key\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - widget: Panel\n name: Other Settings\n children:\n - name: Protocol\n source: spec.output.otlp.protocol", "form": "- path: spec.output\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: OTLP\n path: otlp\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: Endpoint\n path: endpoint\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Protocol\n path: protocol\n simple: true\n widget: FormGroup\n children:\n - name: Value\n widget: Text\n - name: Authentication\n path: authentication\n widget: FormGroup\n simple: true\n children:\n - name: User\n path: basic.user\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n simple: true\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Password\n path: basic.password\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n simple: true\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Headers\n path: headers[]\n widget: FormGroup\n simple: true\n children:\n - name: Name\n path: name\n widget: Text\n simple: true\n - name: Prefix\n path: prefix\n widget: Text\n simple: true\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: TLS\n widget: FormGroup\n path: tls\n children:\n - name: Insecure\n path: insecure\n - name: Skip Certificate Validation\n path: insecureSkipVerify\n - name: CA\n path: ca\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Cert\n path: cert\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Key\n path: key\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n", "general": "resource:\n kind: TracePipeline\n group: telemetry.kyma-project.io\n version: v1alpha1\nname: Trace Pipelines\ncategory: Observability\nurlPath: tracepipelines\nscope: cluster\ndescription: >-\n {{[TracePipeline custom resource](https://kyma-project.io/#/telemetry-manager/user/resources/04-tracepipeline)}} configures a custom Trace Pipeline.", "list": "- source: >-\n $each(spec.output, function($v, $k) {$v.endpoint.value or\n $v.endpoint.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\n- name: Status\n source: $filter(status.conditions, function ($v) { $v.type != \"Pending\" and $v.type != \"Running\" })\n widget: Columns\n children:\n - name: Type\n source: type\n widget: Badge\n - name: Status\n source: status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "telemetry-manager" }, "name": "telemetry-tracepipelines", "namespace": "kyma-system" } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "annotations": { "prometheus.io/port": "8080", "prometheus.io/scrape": "true" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-metrics", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http-metrics", "port": 8080, "targetPort": 8080 } ], "selector": { "app.kubernetes.io/instance": "telemetry", "app.kubernetes.io/name": "manager", "control-plane": "telemetry-manager", "kyma-project.io/component": "controller" } } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-webhook", "namespace": "kyma-system" }, "spec": { "ports": [ { "port": 443, "protocol": "TCP", "targetPort": 9443 } ], "selector": { "app.kubernetes.io/instance": "telemetry", "app.kubernetes.io/name": "manager", "control-plane": "telemetry-manager", "kyma-project.io/component": "controller" } } }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Global (default) scheduling priority of Kyma components. Must not be blocked by unschedulable user workloads.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-priority-class" }, "value": 2000000 }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Global scheduling priority of Telemetry DaemonSet components. Must not be blocked by unschedulable non-daemonset workloads.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-priority-class-high" }, "value": 2100000 }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/instance": "telemetry", "app.kubernetes.io/name": "manager", "control-plane": "telemetry-manager", "kyma-project.io/component": "controller" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager", "sidecar.istio.io/inject": "false" }, "labels": { "app.kubernetes.io/instance": "telemetry", "app.kubernetes.io/name": "manager", "control-plane": "telemetry-manager", "kyma-project.io/component": "controller" } }, "spec": { "containers": [ { "args": [ "--cert-dir=/tmp", "--fluent-bit-priority-class-name=telemetry-priority-class-high", "--metric-gateway-priority-class=telemetry-priority-class", "--trace-collector-priority-class=telemetry-priority-class", "--self-monitor-priority-class=telemetry-priority-class", "--validating-webhook-enabled=true" ], "command": [ "/manager" ], "env": [ { "name": "GOMEMLIMIT", "value": "300MiB" }, { "name": "APP_LOG_LEVEL", "value": "info" }, { "name": "MY_POD_NAMESPACE", "valueFrom": { "fieldRef": { "fieldPath": "metadata.namespace" } } } ], "image": "europe-docker.pkg.dev/kyma-project/prod/telemetry-manager:1.18.1", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "100m", "memory": "384Mi" }, "requests": { "cpu": "5m", "memory": "100Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] }, "privileged": false, "readOnlyRootFilesystem": false } } ], "priorityClassName": "telemetry-priority-class", "securityContext": { "runAsNonRoot": true, "seccompProfile": { "type": "RuntimeDefault" } }, "serviceAccountName": "telemetry-manager", "terminationGracePeriodSeconds": 10 } } } }, { "apiVersion": "networking.k8s.io/v1", "kind": "NetworkPolicy", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager", "namespace": "kyma-system" }, "spec": { "egress": [ { "to": [ { "ipBlock": { "cidr": "0.0.0.0/0" } }, { "ipBlock": { "cidr": "::/0" } } ] } ], "ingress": [ { "from": [ { "ipBlock": { "cidr": "0.0.0.0/0" } }, { "ipBlock": { "cidr": "::/0" } } ], "ports": [ { "port": 8080, "protocol": "TCP" }, { "port": 8081, "protocol": "TCP" }, { "port": 9443, "protocol": "TCP" } ] } ], "podSelector": { "matchLabels": { "app.kubernetes.io/instance": "telemetry", "app.kubernetes.io/name": "manager", "control-plane": "telemetry-manager", "kyma-project.io/component": "controller" } }, "policyTypes": [ "Ingress", "Egress" ] } } ], "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/telemetry-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/telemetry-manager:1.18.1", "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/telemetries/default", "channels": [ "fast" ], "documentation": "https://kyma-project.io/#/telemetry-manager/user/README", "repository": "https://github.com/kyma-project/telemetry-manager.git" }, { "version": "1.18.1-dev", "channels": [ "experimental" ], "documentation": "https://kyma-project.io/#/telemetry-manager/user/README", "repository": "https://github.com/kyma-project/telemetry-manager.git", "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/telemetry-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/telemetry-manager:1.18.1", "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "logparsers.telemetry.kyma-project.io" }, "spec": { "group": "telemetry.kyma-project.io", "names": { "kind": "LogParser", "listKind": "LogParserList", "plural": "logparsers", "singular": "logparser" }, "scope": "Cluster", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type==\"AgentHealthy\")].status", "name": "Agent Healthy", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "deprecated": true, "deprecationWarning": "The LogParser API is deprecated. Instead, log in JSON format and use the JSON parsing feature of the LogPipeline", "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "LogParser is the Schema for the logparsers API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired state of LogParser.", "properties": { "parser": { "description": "[Fluent Bit Parsers](https://docs.fluentbit.io/manual/pipeline/parsers). The parser specified here has no effect until it is referenced by a [Pod annotation](https://docs.fluentbit.io/manual/pipeline/filters/kubernetes#kubernetes-annotations) on your workload or by a [Parser Filter](https://docs.fluentbit.io/manual/pipeline/filters/parser) defined in a pipeline's filters section.", "type": "string" } }, "type": "object" }, "status": { "description": "Shows the observed state of the LogParser.", "properties": { "conditions": { "description": "An array of conditions describing the status of the parser.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "logpipelines.telemetry.kyma-project.io" }, "spec": { "group": "telemetry.kyma-project.io", "names": { "categories": [ "telemetry-pipelines" ], "kind": "LogPipeline", "listKind": "LogPipelineList", "plural": "logpipelines", "singular": "logpipeline" }, "scope": "Cluster", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type==\"ConfigurationGenerated\")].status", "name": "Configuration Generated", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"AgentHealthy\")].status", "name": "Agent Healthy", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"TelemetryFlowHealthy\")].status", "name": "Flow Healthy", "type": "string" }, { "jsonPath": ".status.unsupportedMode", "name": "Unsupported Mode", "type": "boolean" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "LogPipeline is the Schema for the logpipelines API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired state of LogPipeline", "properties": { "files": { "items": { "description": "Provides file content to be consumed by a LogPipeline configuration", "properties": { "content": { "type": "string" }, "name": { "type": "string" } }, "type": "object" }, "type": "array" }, "filters": { "items": { "description": "Describes a filtering option on the logs of the pipeline.", "properties": { "custom": { "description": "Custom filter definition in the Fluent Bit syntax. Note: If you use a `custom` filter, you put the LogPipeline in unsupported mode.", "type": "string" } }, "type": "object" }, "type": "array" }, "input": { "description": "Defines where to collect logs, including selector mechanisms.", "properties": { "application": { "description": "Configures in more detail from which containers application logs are enabled as input.", "properties": { "containers": { "description": "Describes whether application logs from specific containers are selected. The options are mutually exclusive.", "properties": { "exclude": { "description": "Specifies to exclude only the container logs with the specified container names.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Specifies to include only the container logs with the specified container names.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "dropLabels": { "description": "Defines whether to drop all Kubernetes labels. The default is `false`.", "type": "boolean" }, "keepAnnotations": { "description": "Defines whether to keep all Kubernetes annotations. The default is `false`.", "type": "boolean" }, "namespaces": { "description": "Describes whether application logs from specific Namespaces are selected. The options are mutually exclusive. System Namespaces are excluded by default from the collection.", "properties": { "exclude": { "description": "Exclude the container logs of the specified Namespace names.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include only the container logs of the specified Namespace names.", "items": { "type": "string" }, "type": "array" }, "system": { "description": "Set to `true` if collecting from all Namespaces must also include the system Namespaces like kube-system, istio-system, and kyma-system.", "type": "boolean" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "output": { "description": "[Fluent Bit output](https://docs.fluentbit.io/manual/pipeline/outputs) where you want to push the logs. Only one output can be specified.", "properties": { "custom": { "description": "Defines a custom output in the Fluent Bit syntax. Note: If you use a `custom` output, you put the LogPipeline in unsupported mode.", "type": "string" }, "grafana-loki": { "description": "The grafana-loki output is not supported anymore. For integration with a custom Loki installation, use the `custom` output and follow [Installing a custom Loki stack in Kyma](https://kyma-project.io/#/telemetry-manager/user/integration/loki/README ).", "properties": { "labels": { "additionalProperties": { "type": "string" }, "description": "Labels to set for each log record.", "type": "object" }, "removeKeys": { "description": "Attributes to be removed from a log record.", "items": { "type": "string" }, "type": "array" }, "url": { "description": "Grafana Loki URL.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "http": { "description": "Configures an HTTP-based output compatible with the Fluent Bit HTTP output plugin.", "properties": { "compress": { "description": "Defines the compression algorithm to use.", "type": "string" }, "dedot": { "description": "Enables de-dotting of Kubernetes labels and annotations for compatibility with ElasticSearch based backends. Dots (.) will be replaced by underscores (_). Default is `false`.", "type": "boolean" }, "format": { "description": "Data format to be used in the HTTP request body. Default is `json`.", "type": "string" }, "host": { "description": "Defines the host of the HTTP receiver.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "password": { "description": "Defines the basic auth password.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "port": { "description": "Defines the port of the HTTP receiver. Default is 443.", "type": "string" }, "tls": { "description": "Configures TLS for the HTTP target server.", "properties": { "ca": { "description": "Defines an optional CA certificate for server certificate verification when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "cert": { "description": "Defines a client certificate to use when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "disabled": { "description": "Indicates if TLS is disabled or enabled. Default is `false`.", "type": "boolean" }, "key": { "description": "Defines the client key to use when using TLS. The key must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "skipCertificateValidation": { "description": "If `true`, the validation of certificates is skipped. Default is `false`.", "type": "boolean" } }, "type": "object" }, "uri": { "description": "Defines the URI of the HTTP receiver. Default is \"/\".", "type": "string" }, "user": { "description": "Defines the basic auth user.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "variables": { "description": "A list of mappings from Kubernetes Secret keys to environment variables. Mapped keys are mounted as environment variables, so that they are available as [Variables](https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/classic-mode/variables) in the sections.", "items": { "description": "References a Kubernetes secret that should be provided as environment variable to Fluent Bit", "properties": { "name": { "description": "Name of the variable to map.", "type": "string" }, "valueFrom": { "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "type": "array" } }, "type": "object" }, "status": { "description": "Shows the observed state of the LogPipeline", "properties": { "conditions": { "description": "An array of conditions describing the status of the pipeline.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "unsupportedMode": { "description": "Is active when the LogPipeline uses a `custom` output or filter; see [unsupported mode](https://github.com/kyma-project/telemetry-manager/blob/main/docs/user/02-logs.md#unsupported-mode).", "type": "boolean" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": false, "subresources": { "status": {} } }, { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type==\"ConfigurationGenerated\")].status", "name": "Configuration Generated", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"AgentHealthy\")].status", "name": "Agent Healthy", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"TelemetryFlowHealthy\")].status", "name": "Flow Healthy", "type": "string" }, { "jsonPath": ".status.unsupportedMode", "name": "Unsupported Mode", "type": "boolean" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1beta1", "schema": { "openAPIV3Schema": { "description": "LogPipeline is the Schema for the logpipelines API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired state of LogPipeline", "properties": { "files": { "items": { "description": "Provides file content to be consumed by a LogPipeline configuration", "properties": { "content": { "type": "string" }, "name": { "type": "string" } }, "type": "object" }, "type": "array" }, "filters": { "items": { "description": "Describes a filtering option on the logs of the pipeline.", "properties": { "custom": { "description": "Custom filter definition in the Fluent Bit syntax. Note: If you use a `custom` filter, you put the LogPipeline in unsupported mode.", "type": "string" } }, "type": "object" }, "type": "array" }, "input": { "description": "Defines where to collect logs, including selector mechanisms.", "properties": { "application": { "description": "Configures in more detail from which containers application logs are enabled as input.", "properties": { "containers": { "description": "Describes whether application logs from specific containers are selected. The options are mutually exclusive.", "properties": { "exclude": { "description": "Specifies to exclude only the container logs with the specified container names.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Specifies to include only the container logs with the specified container names.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "dropLabels": { "description": "Defines whether to drop all Kubernetes labels. The default is `false`.", "type": "boolean" }, "keepAnnotations": { "description": "Defines whether to keep all Kubernetes annotations. The default is `false`.", "type": "boolean" }, "namespaces": { "description": "Describes whether application logs from specific Namespaces are selected. The options are mutually exclusive. System Namespaces are excluded by default from the collection.", "properties": { "exclude": { "description": "Exclude the container logs of the specified Namespace names.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include only the container logs of the specified Namespace names.", "items": { "type": "string" }, "type": "array" }, "system": { "description": "Set to `true` if collecting from all Namespaces must also include the system Namespaces like kube-system, istio-system, and kyma-system.", "type": "boolean" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "output": { "description": "[Fluent Bit output](https://docs.fluentbit.io/manual/pipeline/outputs) where you want to push the logs. Only one output can be specified.", "properties": { "custom": { "description": "Defines a custom output in the Fluent Bit syntax. Note: If you use a `custom` output, you put the LogPipeline in unsupported mode.", "type": "string" }, "grafana-loki": { "description": "The grafana-loki output is not supported anymore. For integration with a custom Loki installation, use the `custom` output and follow [Installing a custom Loki stack in Kyma](https://kyma-project.io/#/telemetry-manager/user/integration/loki/README ).", "properties": { "labels": { "additionalProperties": { "type": "string" }, "description": "Labels to set for each log record.", "type": "object" }, "removeKeys": { "description": "Attributes to be removed from a log record.", "items": { "type": "string" }, "type": "array" }, "url": { "description": "Grafana Loki URL.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "http": { "description": "Configures an HTTP-based output compatible with the Fluent Bit HTTP output plugin.", "properties": { "compress": { "description": "Defines the compression algorithm to use.", "type": "string" }, "dedot": { "description": "Enables de-dotting of Kubernetes labels and annotations for compatibility with ElasticSearch based backends. Dots (.) will be replaced by underscores (_). Default is `false`.", "type": "boolean" }, "format": { "description": "Data format to be used in the HTTP request body. Default is `json`.", "type": "string" }, "host": { "description": "Defines the host of the HTTP receiver.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "password": { "description": "Defines the basic auth password.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "port": { "description": "Defines the port of the HTTP receiver. Default is 443.", "type": "string" }, "tls": { "description": "Configures TLS for the HTTP target server.", "properties": { "ca": { "description": "Defines an optional CA certificate for server certificate verification when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "cert": { "description": "Defines a client certificate to use when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "disabled": { "description": "Indicates if TLS is disabled or enabled. Default is `false`.", "type": "boolean" }, "key": { "description": "Defines the client key to use when using TLS. The key must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "skipCertificateValidation": { "description": "If `true`, the validation of certificates is skipped. Default is `false`.", "type": "boolean" } }, "type": "object" }, "uri": { "description": "Defines the URI of the HTTP receiver. Default is \"/\".", "type": "string" }, "user": { "description": "Defines the basic auth user.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "variables": { "description": "A list of mappings from Kubernetes Secret keys to environment variables. Mapped keys are mounted as environment variables, so that they are available as [Variables](https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/classic-mode/variables) in the sections.", "items": { "description": "References a Kubernetes secret that should be provided as environment variable to Fluent Bit", "properties": { "name": { "description": "Name of the variable to map.", "type": "string" }, "valueFrom": { "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "type": "array" } }, "type": "object" }, "status": { "description": "Shows the observed state of the LogPipeline", "properties": { "conditions": { "description": "An array of conditions describing the status of the pipeline.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "unsupportedMode": { "description": "Is active when the LogPipeline uses a `custom` output or filter; see [unsupported mode](https://github.com/kyma-project/telemetry-manager/blob/main/docs/user/02-logs.md#unsupported-mode).", "type": "boolean" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "metricpipelines.telemetry.kyma-project.io" }, "spec": { "group": "telemetry.kyma-project.io", "names": { "categories": [ "telemetry-pipelines" ], "kind": "MetricPipeline", "listKind": "MetricPipelineList", "plural": "metricpipelines", "singular": "metricpipeline" }, "scope": "Cluster", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type==\"ConfigurationGenerated\")].status", "name": "Configuration Generated", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"GatewayHealthy\")].status", "name": "Gateway Healthy", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"AgentHealthy\")].status", "name": "Agent Healthy", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"TelemetryFlowHealthy\")].status", "name": "Flow Healthy", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "MetricPipeline is the Schema for the metricpipelines API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired characteristics of MetricPipeline.", "properties": { "input": { "description": "Configures different inputs to send additional metrics to the metric gateway.", "properties": { "istio": { "description": "Configures istio-proxy metrics scraping.", "properties": { "diagnosticMetrics": { "description": "Configures diagnostic metrics scraping", "properties": { "enabled": { "description": "If enabled, diagnostic metrics are scraped. The default is `false`.", "type": "boolean" } }, "type": "object" }, "enabled": { "description": "If enabled, metrics for istio-proxy containers are scraped from Pods that have had the istio-proxy sidecar injected. The default is `false`.", "type": "boolean" }, "namespaces": { "description": "Describes whether istio-proxy metrics from specific Namespaces are selected. System Namespaces are enabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" }, "otlp": { "description": "Configures the collection of push-based metrics that use the OpenTelemetry protocol.", "properties": { "disabled": { "description": "If disabled, push-based OTLP metrics are not collected. The default is `false`.", "type": "boolean" }, "namespaces": { "description": "Describes whether push-based OTLP metrics from specific Namespaces are selected. System Namespaces are enabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" }, "prometheus": { "description": "Configures Prometheus scraping.", "properties": { "diagnosticMetrics": { "description": "Configures diagnostic metrics scraping", "properties": { "enabled": { "description": "If enabled, diagnostic metrics are scraped. The default is `false`.", "type": "boolean" } }, "type": "object" }, "enabled": { "description": "If enabled, Pods marked with `prometheus.io/scrape=true` annotation are scraped. The default is `false`.", "type": "boolean" }, "namespaces": { "default": { "exclude": [ "kyma-system", "kube-system", "istio-system", "compass-system" ] }, "description": "Describes whether Prometheus metrics from specific Namespaces are selected. System Namespaces are disabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" }, "runtime": { "description": "Configures runtime scraping.", "properties": { "enabled": { "description": "If enabled, workload-related Kubernetes metrics are scraped. The default is `false`.", "type": "boolean" }, "namespaces": { "default": { "exclude": [ "kyma-system", "kube-system", "istio-system", "compass-system" ] }, "description": "Describes whether workload-related Kubernetes metrics from specific Namespaces are selected. System Namespaces are disabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" } }, "type": "object" }, "output": { "description": "Configures the metric gateway.", "properties": { "otlp": { "description": "Defines an output using the OpenTelemetry protocol.", "properties": { "authentication": { "description": "Defines authentication options for the OTLP output", "properties": { "basic": { "description": "Activates `Basic` authentication for the destination providing relevant Secrets.", "properties": { "password": { "description": "Contains the basic auth password or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "user": { "description": "Contains the basic auth username or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "password", "user" ], "type": "object" } }, "type": "object" }, "endpoint": { "description": "Defines the host and port (:) of an OTLP endpoint.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "headers": { "description": "Defines custom headers to be added to outgoing HTTP or GRPC requests.", "items": { "properties": { "name": { "description": "Defines the header name.", "type": "string" }, "prefix": { "description": "Defines an optional header value prefix. The prefix is separated from the value by a space character.", "type": "string" }, "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "required": [ "name" ], "type": "object" }, "type": "array" }, "path": { "description": "Defines OTLP export URL path (only for the HTTP protocol). This value overrides auto-appended paths /v1/metrics and /v1/traces", "type": "string" }, "protocol": { "default": "grpc", "description": "Defines the OTLP protocol (http or grpc). Default is grpc.", "enum": [ "grpc", "http" ], "minLength": 1, "type": "string" }, "tls": { "description": "Defines TLS options for the OTLP output.", "properties": { "ca": { "description": "Defines an optional CA certificate for server certificate verification when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "cert": { "description": "Defines a client certificate to use when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "insecure": { "description": "Defines whether to send requests using plaintext instead of TLS.", "type": "boolean" }, "insecureSkipVerify": { "description": "Defines whether to skip server certificate verification when using TLS.", "type": "boolean" }, "key": { "description": "Defines the client key to use when using TLS. The key must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "endpoint" ], "type": "object", "x-kubernetes-validations": [ { "message": "Path is only available with HTTP protocol", "rule": "((!has(self.path) || size(self.path) <= 0) && (has(self.protocol) && self.protocol == 'grpc')) || (has(self.protocol) && self.protocol == 'http')" } ] } }, "required": [ "otlp" ], "type": "object" } }, "type": "object" }, "status": { "description": "Represents the current information/status of MetricPipeline.", "properties": { "conditions": { "description": "An array of conditions describing the status of the pipeline.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": false, "subresources": { "status": {} } }, { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type==\"ConfigurationGenerated\")].status", "name": "Configuration Generated", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"GatewayHealthy\")].status", "name": "Gateway Healthy", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"AgentHealthy\")].status", "name": "Agent Healthy", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"TelemetryFlowHealthy\")].status", "name": "Flow Healthy", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1beta1", "schema": { "openAPIV3Schema": { "description": "MetricPipeline is the Schema for the metricpipelines API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired characteristics of MetricPipeline.", "properties": { "input": { "description": "Configures different inputs to send additional metrics to the metric gateway.", "properties": { "istio": { "description": "Configures istio-proxy metrics scraping.", "properties": { "diagnosticMetrics": { "description": "Configures diagnostic metrics scraping", "properties": { "enabled": { "description": "If enabled, diagnostic metrics are scraped. The default is `false`.", "type": "boolean" } }, "type": "object" }, "enabled": { "description": "If enabled, metrics for istio-proxy containers are scraped from Pods that have had the istio-proxy sidecar injected. The default is `false`.", "type": "boolean" }, "namespaces": { "description": "Describes whether istio-proxy metrics from specific Namespaces are selected. System Namespaces are enabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" }, "otlp": { "description": "Configures the collection of push-based metrics that use the OpenTelemetry protocol.", "properties": { "disabled": { "description": "If disabled, push-based OTLP metrics are not collected. The default is `false`.", "type": "boolean" }, "namespaces": { "description": "Describes whether push-based OTLP metrics from specific Namespaces are selected. System Namespaces are enabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" }, "prometheus": { "description": "Configures Prometheus scraping.", "properties": { "diagnosticMetrics": { "description": "Configures diagnostic metrics scraping", "properties": { "enabled": { "description": "If enabled, diagnostic metrics are scraped. The default is `false`.", "type": "boolean" } }, "type": "object" }, "enabled": { "description": "If enabled, Pods marked with `prometheus.io/scrape=true` annotation are scraped. The default is `false`.", "type": "boolean" }, "namespaces": { "default": { "exclude": [ "kyma-system", "kube-system", "istio-system", "compass-system" ] }, "description": "Describes whether Prometheus metrics from specific Namespaces are selected. System Namespaces are disabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" }, "runtime": { "description": "Configures runtime scraping.", "properties": { "enabled": { "description": "If enabled, workload-related Kubernetes metrics are scraped. The default is `false`.", "type": "boolean" }, "namespaces": { "default": { "exclude": [ "kyma-system", "kube-system", "istio-system", "compass-system" ] }, "description": "Describes whether workload-related Kubernetes metrics from specific Namespaces are selected. System Namespaces are disabled by default.", "properties": { "exclude": { "description": "Exclude metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" }, "include": { "description": "Include metrics from the specified Namespace names only.", "items": { "type": "string" }, "type": "array" } }, "type": "object", "x-kubernetes-validations": [ { "message": "Can only define one namespace selector - either 'include' or 'exclude'", "rule": "!((has(self.include) && size(self.include) != 0) && (has(self.exclude) && size(self.exclude) != 0))" } ] } }, "type": "object" } }, "type": "object" }, "output": { "description": "Configures the metric gateway.", "properties": { "otlp": { "description": "Defines an output using the OpenTelemetry protocol.", "properties": { "authentication": { "description": "Defines authentication options for the OTLP output", "properties": { "basic": { "description": "Activates `Basic` authentication for the destination providing relevant Secrets.", "properties": { "password": { "description": "Contains the basic auth password or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "user": { "description": "Contains the basic auth username or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "password", "user" ], "type": "object" } }, "type": "object" }, "endpoint": { "description": "Defines the host and port (:) of an OTLP endpoint.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "headers": { "description": "Defines custom headers to be added to outgoing HTTP or GRPC requests.", "items": { "properties": { "name": { "description": "Defines the header name.", "type": "string" }, "prefix": { "description": "Defines an optional header value prefix. The prefix is separated from the value by a space character.", "type": "string" }, "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "required": [ "name" ], "type": "object" }, "type": "array" }, "path": { "description": "Defines OTLP export URL path (only for the HTTP protocol). This value overrides auto-appended paths /v1/metrics and /v1/traces", "type": "string" }, "protocol": { "default": "grpc", "description": "Defines the OTLP protocol (http or grpc). Default is grpc.", "enum": [ "grpc", "http" ], "type": "string" }, "tls": { "description": "Defines TLS options for the OTLP output.", "properties": { "ca": { "description": "Defines an optional CA certificate for server certificate verification when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "cert": { "description": "Defines a client certificate to use when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "insecure": { "description": "Defines whether to send requests using plaintext instead of TLS.", "type": "boolean" }, "insecureSkipVerify": { "description": "Defines whether to skip server certificate verification when using TLS.", "type": "boolean" }, "key": { "description": "Defines the client key to use when using TLS. The key must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "endpoint" ], "type": "object", "x-kubernetes-validations": [ { "message": "Path is only available with HTTP protocol", "rule": "((!has(self.path) || size(self.path) <= 0) && (has(self.protocol) && self.protocol == 'grpc')) || (has(self.protocol) && self.protocol == 'http')" } ] } }, "required": [ "otlp" ], "type": "object" } }, "type": "object" }, "status": { "description": "Represents the current information/status of MetricPipeline.", "properties": { "conditions": { "description": "An array of conditions describing the status of the pipeline.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetries.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "Telemetry", "listKind": "TelemetryList", "plural": "telemetries", "singular": "telemetry" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".metadata.generation", "name": "generation", "type": "integer" }, { "jsonPath": ".metadata.creationTimestamp", "name": "age", "type": "date" }, { "jsonPath": ".status.state", "name": "state", "type": "string" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "Telemetry is the Schema for the telemetries API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "TelemetrySpec defines the desired state of Telemetry", "properties": { "metric": { "description": "MetricSpec defines the behavior of the metric gateway", "properties": { "gateway": { "properties": { "scaling": { "description": "Scaling defines which strategy is used for scaling the gateway, with detailed configuration options for each strategy type.", "properties": { "static": { "description": "Static is a scaling strategy enabling you to define a custom amount of replicas to be used for the gateway. Present only if Type =\nStaticScalingStrategyType.", "properties": { "replicas": { "description": "Replicas defines a static number of pods to run the gateway. Minimum is 1.", "format": "int32", "minimum": 1, "type": "integer" } }, "type": "object" }, "type": { "description": "Type of scaling strategy. Default is none, using a fixed amount of replicas.", "enum": [ "Static" ], "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "trace": { "description": "TraceSpec defines the behavior of the trace gateway", "properties": { "gateway": { "properties": { "scaling": { "description": "Scaling defines which strategy is used for scaling the gateway, with detailed configuration options for each strategy type.", "properties": { "static": { "description": "Static is a scaling strategy enabling you to define a custom amount of replicas to be used for the gateway. Present only if Type =\nStaticScalingStrategyType.", "properties": { "replicas": { "description": "Replicas defines a static number of pods to run the gateway. Minimum is 1.", "format": "int32", "minimum": 1, "type": "integer" } }, "type": "object" }, "type": { "description": "Type of scaling strategy. Default is none, using a fixed amount of replicas.", "enum": [ "Static" ], "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "status": { "description": "TelemetryStatus defines the observed state of Telemetry", "properties": { "conditions": { "description": "Conditions contain a set of conditionals to determine the State of Status.\nIf all Conditions are met, State is expected to be in StateReady.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "endpoints": { "description": "endpoints for trace and metric gateway.", "nullable": true, "properties": { "metrics": { "description": "metrics contains the endpoints for metric gateway supporting OTLP.", "properties": { "grpc": { "description": "GRPC endpoint for OTLP.", "type": "string" }, "http": { "description": "HTTP endpoint for OTLP.", "type": "string" } }, "type": "object" }, "traces": { "description": "traces contains the endpoints for trace gateway supporting OTLP.", "properties": { "grpc": { "description": "GRPC endpoint for OTLP.", "type": "string" }, "http": { "description": "HTTP endpoint for OTLP.", "type": "string" } }, "type": "object" } }, "type": "object" }, "state": { "description": "State signifies current state of Module CR.\nValue can be one of these three: \"Ready\", \"Deleting\", or \"Warning\".", "enum": [ "Deleting", "Ready", "Warning" ], "type": "string" } }, "required": [ "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "tracepipelines.telemetry.kyma-project.io" }, "spec": { "group": "telemetry.kyma-project.io", "names": { "categories": [ "telemetry-pipelines" ], "kind": "TracePipeline", "listKind": "TracePipelineList", "plural": "tracepipelines", "singular": "tracepipeline" }, "scope": "Cluster", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type==\"ConfigurationGenerated\")].status", "name": "Configuration Generated", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"GatewayHealthy\")].status", "name": "Gateway Healthy", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"TelemetryFlowHealthy\")].status", "name": "Flow Healthy", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "TracePipeline is the Schema for the tracepipelines API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired state of TracePipeline", "properties": { "output": { "description": "Defines a destination for shipping trace data. Only one can be defined per pipeline.", "properties": { "otlp": { "description": "Configures the underlying Otel Collector with an [OTLP exporter](https://github.com/open-telemetry/opentelemetry-collector/blob/main/exporter/otlpexporter/README.md). If you switch `protocol`to `http`, an [OTLP HTTP exporter](https://github.com/open-telemetry/opentelemetry-collector/tree/main/exporter/otlphttpexporter) is used.", "properties": { "authentication": { "description": "Defines authentication options for the OTLP output", "properties": { "basic": { "description": "Activates `Basic` authentication for the destination providing relevant Secrets.", "properties": { "password": { "description": "Contains the basic auth password or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "user": { "description": "Contains the basic auth username or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "password", "user" ], "type": "object" } }, "type": "object" }, "endpoint": { "description": "Defines the host and port (:) of an OTLP endpoint.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "headers": { "description": "Defines custom headers to be added to outgoing HTTP or GRPC requests.", "items": { "properties": { "name": { "description": "Defines the header name.", "type": "string" }, "prefix": { "description": "Defines an optional header value prefix. The prefix is separated from the value by a space character.", "type": "string" }, "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "required": [ "name" ], "type": "object" }, "type": "array" }, "path": { "description": "Defines OTLP export URL path (only for the HTTP protocol). This value overrides auto-appended paths /v1/metrics and /v1/traces", "type": "string" }, "protocol": { "default": "grpc", "description": "Defines the OTLP protocol (http or grpc). Default is grpc.", "enum": [ "grpc", "http" ], "minLength": 1, "type": "string" }, "tls": { "description": "Defines TLS options for the OTLP output.", "properties": { "ca": { "description": "Defines an optional CA certificate for server certificate verification when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "cert": { "description": "Defines a client certificate to use when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "insecure": { "description": "Defines whether to send requests using plaintext instead of TLS.", "type": "boolean" }, "insecureSkipVerify": { "description": "Defines whether to skip server certificate verification when using TLS.", "type": "boolean" }, "key": { "description": "Defines the client key to use when using TLS. The key must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "endpoint" ], "type": "object", "x-kubernetes-validations": [ { "message": "Path is only available with HTTP protocol", "rule": "((!has(self.path) || size(self.path) <= 0) && (has(self.protocol) && self.protocol == 'grpc')) || (has(self.protocol) && self.protocol == 'http')" } ] } }, "required": [ "otlp" ], "type": "object" } }, "required": [ "output" ], "type": "object" }, "status": { "description": "Shows the observed state of the TracePipeline", "properties": { "conditions": { "description": "An array of conditions describing the status of the pipeline.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": false, "subresources": { "status": {} } }, { "additionalPrinterColumns": [ { "jsonPath": ".status.conditions[?(@.type==\"ConfigurationGenerated\")].status", "name": "Configuration Generated", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"GatewayHealthy\")].status", "name": "Gateway Healthy", "type": "string" }, { "jsonPath": ".status.conditions[?(@.type==\"TelemetryFlowHealthy\")].status", "name": "Flow Healthy", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1beta1", "schema": { "openAPIV3Schema": { "description": "TracePipeline is the Schema for the tracepipelines API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired state of TracePipeline", "properties": { "output": { "description": "Defines a destination for shipping trace data. Only one can be defined per pipeline.", "properties": { "otlp": { "description": "Configures the underlying Otel Collector with an [OTLP exporter](https://github.com/open-telemetry/opentelemetry-collector/blob/main/exporter/otlpexporter/README.md). If you switch `protocol`to `http`, an [OTLP HTTP exporter](https://github.com/open-telemetry/opentelemetry-collector/tree/main/exporter/otlphttpexporter) is used.", "properties": { "authentication": { "description": "Defines authentication options for the OTLP output", "properties": { "basic": { "description": "Activates `Basic` authentication for the destination providing relevant Secrets.", "properties": { "password": { "description": "Contains the basic auth password or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "user": { "description": "Contains the basic auth username or a Secret reference.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "password", "user" ], "type": "object" } }, "type": "object" }, "endpoint": { "description": "Defines the host and port (:) of an OTLP endpoint.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "headers": { "description": "Defines custom headers to be added to outgoing HTTP or GRPC requests.", "items": { "properties": { "name": { "description": "Defines the header name.", "type": "string" }, "prefix": { "description": "Defines an optional header value prefix. The prefix is separated from the value by a space character.", "type": "string" }, "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "required": [ "name" ], "type": "object" }, "type": "array" }, "path": { "description": "Defines OTLP export URL path (only for the HTTP protocol). This value overrides auto-appended paths /v1/metrics and /v1/traces", "type": "string" }, "protocol": { "default": "grpc", "description": "Defines the OTLP protocol (http or grpc). Default is grpc.", "enum": [ "grpc", "http" ], "type": "string" }, "tls": { "description": "Defines TLS options for the OTLP output.", "properties": { "ca": { "description": "Defines an optional CA certificate for server certificate verification when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "cert": { "description": "Defines a client certificate to use when using TLS. The certificate must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "insecure": { "description": "Defines whether to send requests using plaintext instead of TLS.", "type": "boolean" }, "insecureSkipVerify": { "description": "Defines whether to skip server certificate verification when using TLS.", "type": "boolean" }, "key": { "description": "Defines the client key to use when using TLS. The key must be provided in PEM format.", "properties": { "value": { "description": "The value as plain text.", "type": "string" }, "valueFrom": { "description": "The value as a reference to a resource.", "properties": { "secretKeyRef": { "description": "Refers to the value of a specific key in a Secret. You must provide `name` and `namespace` of the Secret, as well as the name of the `key`.", "properties": { "key": { "description": "The name of the attribute of the Secret holding the referenced value.", "type": "string" }, "name": { "description": "The name of the Secret containing the referenced value", "type": "string" }, "namespace": { "description": "The name of the Namespace containing the Secret with the referenced value.", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "endpoint" ], "type": "object", "x-kubernetes-validations": [ { "message": "Path is only available with HTTP protocol", "rule": "((!has(self.path) || size(self.path) <= 0) && (has(self.protocol) && self.protocol == 'grpc')) || (has(self.protocol) && self.protocol == 'http')" } ] } }, "required": [ "otlp" ], "type": "object" } }, "required": [ "output" ], "type": "object" }, "status": { "description": "Shows the observed state of the TracePipeline", "properties": { "conditions": { "description": "An array of conditions describing the status of the pipeline.", "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-leader-election-role", "namespace": "kyma-system" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-role", "namespace": "kyma-system" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "secrets" ], "verbs": [ "create", "delete", "patch", "update" ] }, { "apiGroups": [ "" ], "resources": [ "serviceaccounts" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "daemonsets" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "networking.k8s.io" ], "resources": [ "networkpolicies" ], "verbs": [ "create", "delete", "patch", "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "telemetries" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "telemetries/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "telemetries/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "peerauthentications" ], "verbs": [ "create", "delete", "patch", "update" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-role" }, "rules": [ { "nonResourceURLs": [ "/metrics" ], "verbs": [ "get" ] }, { "nonResourceURLs": [ "/metrics/cadvisor" ], "verbs": [ "get" ] }, { "apiGroups": [ "" ], "resources": [ "endpoints" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] }, { "apiGroups": [ "" ], "resources": [ "namespaces" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "nodes" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "nodes/metrics" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "nodes/stats" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "pods" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "secrets" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "validatingwebhookconfigurations" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "replicasets" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "networking.k8s.io" ], "resources": [ "networkpolicies" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "telemetries" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterroles" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "rolebindings" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "roles" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "peerauthentications" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logparsers" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logparsers/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logparsers/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logpipelines" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logpipelines/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "logpipelines/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "metricpipelines" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "metricpipelines/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "metricpipelines/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "tracepipelines" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "telemetry.kyma-project.io" ], "resources": [ "tracepipelines/status" ], "verbs": [ "get", "patch", "update" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-leader-election-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "telemetry-manager-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "telemetry-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "telemetry-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "telemetry-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "telemetry-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "telemetry-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "details": "header:\n - source: >-\n $each(spec.output, function($v, $k) {$v.url.value or\n $v.url.valueFrom.secretKeyRef.name or $v.host.value or\n $v.host.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\n - name: Unsupported-Mode\n source: status.unsupportedMode\n widget: Badge\n highlights:\n positive:\n - 'false'\n negative:\n - 'true'\nbody:\n - source: $filter(status.conditions, function ($v) { $v.type != \"Pending\" and $v.type != \"Running\" })\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n - widget: Panel\n name: Applications\n children:\n - widget: Panel\n name: Namespaces\n children:\n - name: Include\n widget: JoinedArray\n source: spec.input.application.namespaces.include\n separator: ', '\n - name: Exclude\n widget: JoinedArray\n source: spec.input.application.namespaces.exclude\n separator: ', '\n - name: System Namespaces\n source: spec.input.application.namespaces.system\n - widget: Panel\n name: Containers\n children:\n - name: Include\n widget: JoinedArray\n source: spec.input.application.containers.include\n separator: ', '\n - name: Exclude\n widget: JoinedArray\n source: spec.input.application.containers.exclude\n separator: ', '\n - widget: Panel\n name: Other Settings\n children:\n - name: Keep Annotations\n source: spec.input.application.keepAnnotations\n - name: Drop Labels\n source: spec.input.application.dropLabels\n - widget: Panel\n name: Output\n children:\n - name: Custom\n widget: CodeViewer\n language: '''plaintext'''\n source: spec.output.custom\n visibility: $exists(spec.output.custom)\n - name: Grafana-Loki\n widget: Panel\n visibility: $not($exists(spec.output.custom) or $exists(spec.output.http))\n children:\n - name: URL\n source: spec.output.`grafana-loki`.url.value\n - name: Labels\n widget: Labels\n source: spec.output.`grafana-loki`.labels\n - name: Remove keys\n widget: JoinedArray\n separator: ','\n source: spec.output.`grafana-loki`.removeKeys\n - name: HTTP\n widget: Panel\n visibility: $exists(spec.output.http)\n children:\n - name: Host\n widget: Panel\n children:\n - name: Value\n source: spec.output.http.host.value\n visibility: $exists(spec.output.http.host.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: spec.output.http.host.valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(spec.output.http.host.valueFrom.secretKeyRef.name)\n - name: User\n widget: Panel\n children:\n - name: Value\n source: spec.output.http.user.value\n visibility: $exists(spec.output.http.user.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: spec.output.http.user.valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(spec.output.http.user.valueFrom.secretKeyRef.name)\n - name: Password\n widget: Panel\n children:\n - name: Value\n source: spec.output.http.password.value\n visibility: $exists(spec.output.http.password.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: spec.output.http.password.valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(spec.output.http.password.valueFrom.secretKeyRef.name)\n - name: TLS Settings\n widget: Panel\n children:\n - name: Disabled\n source: spec.output.http.tls.disabled\n placeholder: 'false'\n - name: Skip certificate validation\n source: spec.output.http.tls.skipCertificateValidation\n placeholder: 'false'\n - name: Ca\n widget: Panel\n visibility: $exists(spec.output.http.tls.ca)\n source: spec.output.http.tls.ca\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Cert\n widget: Panel\n visibility: $exists(spec.output.http.tls.cert)\n source: spec.output.http.tls.cert\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Key\n widget: Panel\n visibility: $exists(spec.output.http.tls.key)\n source: spec.output.http.tls.key\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Other Settings\n widget: Panel\n children:\n - name: Compression\n source: spec.output.http.compress\n - name: De-dot\n source: spec.output.http.dedot\n placeholder: 'false'\n - name: Format\n source: spec.output.http.format\n placeholder: json\n - name: Port\n source: spec.output.http.port\n placeholder: '443'\n - name: URI\n source: spec.output.http.uri", "form": "- path: spec.input\n widget: FormGroup\n defaultExpanded: true\n children:\n - name: Include Namespaces\n widget: SimpleList\n path: application.namespaces.include\n defaultExpanded: true\n inputInfo: Include container logs from selected namespaces\n children:\n - path: '[]'\n - name: Exclude Namespaces\n widget: SimpleList\n path: application.namespaces.exclude\n children:\n - path: '[]'\n - name: Include System Namespaces\n path: application.namespaces.system\n - name: Include Containers\n widget: SimpleList\n path: application.containers.include\n - name: Exclude Containers\n widget: SimpleList\n path: application.containers.exclude\n - name: Keep Annotations\n path: application.keepAnnotations\n - name: Drop Labels\n path: application.dropLabels\n- name: Filters\n widget: SimpleList\n path: spec.filters\n children:\n - widget: FormGroup\n path: '[]'\n children:\n - widget: CodeEditor\n path: custom\n- path: spec.output\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: Custom\n path: custom\n widget: CodeEditor\n advanced: true\n inputInfo: >-\n Note: If you use a custom output, you put the LogPipeline in unsupported\n mode\n (https://kyma-project.io/#/telemetry-manager/user/02-logs?id=unsupported-mode)\n - name: HTTP\n path: http\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: Host\n path: host\n simple: true\n widget: FormGroup\n children:\n - name: Value\n path: value\n simple: true\n widget: Text\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n simple: true\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n children:\n - path: key\n simple: true\n enum: $keys($secret.data)\n - name: User\n path: user\n simple: true\n widget: FormGroup\n children:\n - name: Value\n path: value\n simple: true\n widget: Text\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n simple: true\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n children:\n - path: key\n simple: true\n enum: $keys($secret.data)\n - name: Password\n path: password\n simple: true\n widget: FormGroup\n children:\n - name: Value\n path: value\n simple: true\n widget: Text\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n simple: true\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n children:\n - path: key\n simple: true\n enum: $keys($secret.data)\n - name: TLS\n widget: FormGroup\n path: tls\n children:\n - name: Disabled\n path: disabled\n - name: Skip Certificate Validation\n path: skipCertificateValidation\n - name: CA\n path: ca\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Cert\n path: cert\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Key\n path: key\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: URI\n path: uri\n widget: Text\n - name: Port\n path: port\n widget: Text\n - name: Compress\n path: compress\n widget: Text\n - name: Format\n path: format\n widget: Text\n - name: Dedot\n simple: true\n path: dedot\n", "general": "resource:\n kind: LogPipeline\n group: telemetry.kyma-project.io\n version: v1alpha1\nname: Log Pipelines\ncategory: Observability\nurlPath: logpipelines\nscope: cluster\ndescription: >-\n {{[LogPipeline custom resource](https://kyma-project.io/#/telemetry-manager/user/resources/02-logpipeline)}} configures a custom Log Pipeline.", "list": "- source: >-\n $each(spec.output, function($v, $k) {$v.url.value or\n $v.url.valueFrom.secretKeyRef.name or $v.host.value or\n $v.host.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\n- name: Unsupported-Mode\n source: status.unsupportedMode\n widget: Badge\n highlights:\n positive:\n - 'false'\n negative:\n - 'true'\n- name: Status\n source: $filter(status.conditions, function ($v) { $v.type != \"Pending\" and $v.type != \"Running\" })\n widget: Columns\n children:\n - name: Type\n source: type\n widget: Badge\n - name: Status\n source: status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "telemetry-manager" }, "name": "telemetry-logpipelines", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - source: >-\n $each(spec.output, function($v, $k) {$v.endpoint.value or\n $v.endpoint.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\nbody:\n - source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n - widget: Panel\n name: Input\n children:\n - name: Prometheus\n widget: Panel\n visibility: $exists(spec.input.prometheus)\n children:\n - name: Enabled\n visibility: $exists(spec.input.prometheus.enabled)\n source: spec.input.prometheus.enabled\n - name: Include Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.prometheus.namespaces.include)\n source: spec.input.prometheus.namespaces.include\n separator: ', '\n - name: Exclude Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.prometheus.namespaces.exclude)\n source: spec.input.prometheus.namespaces.exclude\n separator: ', '\n - name: Diagnostic Metrics\n visibility: $exists(spec.input.prometheus.diagnosticMetrics.enabled)\n source: spec.input.prometheus.diagnosticMetrics.enabled\n - name: Istio\n widget: Panel\n visibility: $exists(spec.input.istio)\n children:\n - name: Enabled\n visibility: $exists(spec.input.istio.enabled)\n source: spec.input.istio.enabled\n - name: Include Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.istio.namespaces.include)\n source: spec.input.istio.namespaces.include\n separator: ', '\n - name: Exclude Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.istio.namespaces.exclude)\n source: spec.input.istio.namespaces.exclude\n separator: ', '\n - name: Diagnostic Metrics\n visibility: $exists(spec.input.istio.diagnosticMetrics.enabled)\n source: spec.input.istio.diagnosticMetrics.enabled\n - name: Runtime\n widget: Panel\n visibility: $exists(spec.input.runtime)\n children:\n - name: Enabled\n visibility: $exists(spec.input.runtime.enabled)\n source: spec.input.runtime.enabled\n - name: Include Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.runtime.namespaces.include)\n source: spec.input.runtime.namespaces.include\n separator: ', '\n - name: Exclude Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.runtime.namespaces.exclude)\n source: spec.input.runtime.namespaces.exclude\n separator: ', '\n - name: OTLP\n widget: Panel\n visibility: $exists(spec.input.otlp)\n children:\n - name: Disabled\n visibility: $exists(spec.input.otlp.disabled)\n source: spec.input.otlp.disabled\n - name: Include Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.otlp.namespaces.include)\n source: spec.input.otlp.namespaces.include\n separator: ', '\n - name: Exclude Namespaces\n widget: JoinedArray\n visibility: $exists(spec.input.otlp.namespaces.exclude)\n source: spec.input.otlp.namespaces.exclude\n separator: ', '\n - widget: Panel\n name: Output\n children:\n - name: OTLP\n widget: Panel\n visibility: $exists(spec.output.otlp)\n children:\n - name: Endpoint\n widget: Panel\n visibility: $exists(spec.output.otlp.endpoint)\n children:\n - name: Value\n source: spec.output.otlp.endpoint.value\n visibility: $exists(spec.output.otlp.endpoint.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: spec.output.otlp.endpoint.valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(spec.output.otlp.endpoint.valueFrom.secretKeyRef.name)\n - name: Authentication\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication)\n children:\n - name: User\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication.basic.user)\n children:\n - name: Value\n source: spec.output.otlp.authentication.basic.user.value\n visibility: $exists(spec.output.otlp.authentication.basic.user.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: >-\n spec.output.otlp.authentication.basic.user.valueFrom.secretKeyRef\n kind: Secret\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.user.valueFrom.secretKeyRef.name)\n - name: Password\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication.basic.password)\n children:\n - name: Value\n source: spec.output.otlp.authentication.basic.password.value\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.password.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: >-\n spec.output.otlp.authentication.basic.password.valueFrom.secretKeyRef\n kind: Secret\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.password.valueFrom.secretKeyRef.name)\n - name: Headers\n widget: Panel\n visibility: $exists(spec.output.otlp.headers)\n children:\n - name: Header\n widget: Panel\n visibility: $exists(spec.output.otlp.headers[].name)\n source: spec.output.otlp.headers[]\n children:\n - name: Name\n source: name\n visibility: $exists(name)\n - name: Prefix\n source: prefix\n visibility: $exists(prefix)\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: TLS\n widget: Panel\n visibility: $exists(spec.output.otlp.tls)\n children:\n - name: Insecure\n visibility: $exists(spec.output.otlp.tls.insecure)\n source: spec.output.otlp.tls.insecure\n - name: Skip Cert Verification\n visibility: $exists(spec.output.otlp.tls.insecureSkipVerify)\n source: spec.output.otlp.tls.insecureSkipVerify\n - name: Ca\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.ca)\n source: spec.output.otlp.tls.ca\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Cert\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.cert)\n source: spec.output.otlp.tls.cert\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Key\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.key)\n source: spec.output.otlp.tls.key\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - widget: Panel\n name: Other Settings\n children:\n - name: Protocol\n source: spec.output.otlp.protocol", "form": "- path: spec.input\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: Prometheus\n path: prometheus\n widget: FormGroup\n simple: true\n children:\n - name: Enabled\n path: enabled\n simple: true\n - name: Include Namespaces\n widget: SimpleList\n path: namespaces.include\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Exclude Namespaces\n widget: SimpleList\n path: namespaces.exclude\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Enable Diagnostic Metrics\n path: diagnosticMetrics.enabled\n simple: true\n - name: Istio\n path: istio\n widget: FormGroup\n simple: true\n children:\n - name: Enabled\n path: enabled\n simple: true\n - name: Include Namespaces\n widget: SimpleList\n path: namespaces.include\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Exclude Namespaces\n widget: SimpleList\n path: namespaces.exclude\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Enable Diagnostic Metrics\n path: diagnosticMetrics.enabled\n simple: true\n - name: Runtime\n path: runtime\n widget: FormGroup\n simple: true\n children:\n - name: Enabled\n path: enabled\n simple: true\n - name: Include Namespaces\n widget: SimpleList\n path: namespaces.include\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Exclude Namespaces\n widget: SimpleList\n path: namespaces.exclude\n defaultExpanded: true\n children:\n - path: '[]'\n - name: OTLP\n path: otlp\n widget: FormGroup\n simple: true\n children:\n - name: Disabled\n path: disabled\n simple: true\n - name: Include Namespaces\n widget: SimpleList\n path: namespaces.include\n defaultExpanded: true\n children:\n - path: '[]'\n - name: Exclude Namespaces\n widget: SimpleList\n path: namespaces.exclude\n defaultExpanded: true\n children:\n - path: '[]'\n- path: spec.output\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: OTLP\n path: otlp\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: Endpoint\n path: endpoint\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Protocol\n path: protocol\n simple: true\n widget: FormGroup\n children:\n - name: Value\n widget: Text\n - name: Authentication\n path: authentication\n widget: FormGroup\n simple: true\n children:\n - name: User\n path: basic.user\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n simple: true\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Password\n path: basic.password\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n simple: true\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Headers\n path: headers[]\n widget: FormGroup\n simple: true\n children:\n - name: Name\n path: name\n widget: Text\n simple: true\n - name: Prefix\n path: prefix\n widget: Text\n simple: true\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: TLS\n widget: FormGroup\n path: tls\n children:\n - name: Insecure\n path: insecure\n - name: Skip Certificate Validation\n path: insecureSkipVerify\n - name: CA\n path: ca\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Cert\n path: cert\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Key\n path: key\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n", "general": "resource:\n kind: MetricPipeline\n group: telemetry.kyma-project.io\n version: v1alpha1\nname: Metric Pipelines\ncategory: Observability\nurlPath: metricpipelines\nscope: cluster\ndescription: >-\n {{[MetricPipeline custom resource](https://kyma-project.io/#/telemetry-manager/user/resources/05-metricpipeline)}} configures a custom Metric Pipeline.", "list": "- source: >-\n $each(spec.output, function($v, $k) {$v.endpoint.value or\n $v.endpoint.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\n- name: Status\n source: status.conditions\n widget: Columns\n children:\n - name: Type\n source: type\n widget: Badge\n - name: Status\n source: status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "telemetry-manager" }, "name": "telemetry-metricpipelines", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - name: State\n source: status.state\n widget: Badge\n\nbody:\n - name: Traces\n widget: Panel\n visibility: $exists(spec.trace.gateway.scaling.static.replicas)\n children:\n - name: Gateway Replicas\n source: spec.trace.gateway.scaling.static.replicas\n - name: Scaling Type\n source: spec.trace.gateway.scaling.type\n - name: Metrics\n widget: Panel\n visibility: $exists(spec.metric.gateway.scaling.static.replicas)\n children:\n - name: Gateway Replicas\n source: spec.metric.gateway.scaling.static.replicas\n - name: Scaling Type\n source: spec.metric.gateway.scaling.type\n - name: Status\n widget: Panel\n children:\n - source: status.endpoints.traces.grpc\n name: OTLP GRPC Trace Endpoint\n - source: status.endpoints.traces.http\n name: OTLP HTTP Trace Endpoint\n - source: status.endpoints.metrics.grpc\n name: OTLP GRPC Metric Endpoint\n - source: status.endpoints.metrics.http\n name: OTLP HTTP Metric Endpoint\n - source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n", "form": "- advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: spec.trace\n name: Traces\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: gateway\n name: Gateway\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: scaling\n name: Scaling\n widget: FormGroup\n children:\n - path: type\n override: false\n enum:\n - None\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n visibility: \"$item.spec.trace.gateway.scaling.type = 'Static'\"\n path: static\n name: Static\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: replicas\n name: Replicas\n simple: false\n widget: Text\n- advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: spec.metric\n name: Metrics\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: gateway\n name: Gateway\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: scaling\n name: Scaling\n widget: FormGroup\n children:\n - path: type\n override: false\n enum:\n - None\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n visibility: \"$item.spec.metric.gateway.scaling.type = 'Static'\"\n path: static\n name: Static\n widget: FormGroup\n children:\n - advanced: true\n defaultExpanded: false\n readOnly: false\n decodable: false\n path: replicas\n name: Replicas\n simple: false\n widget: Text\n", "general": "resource:\n kind: Telemetry\n group: operator.kyma-project.io\n version: v1alpha1\nname: Telemetry\ncategory: Kyma\nurlPath: telemetries\nscope: namespace\ndescription: >-\n {{[Telemetry custom resource](https://kyma-project.io/#/telemetry-manager/user/resources/01-telemetry)}} configures the Telemetry module.\nfeatures:\n actions:\n disableCreate: true\n disableDelete: true\n", "list": "- name: State\n source: status.state\n widget: Badge\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "telemetry-manager" }, "name": "telemetry-module", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - source: >-\n $each(spec.output, function($v, $k) {$v.endpoint.value or\n $v.endpoint.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\nbody:\n - source: $filter(status.conditions, function ($v) { $v.type != \"Pending\" and $v.type != \"Running\" })\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n - widget: Panel\n name: Output\n children:\n - name: OTLP\n widget: Panel\n visibility: $exists(spec.output.otlp)\n children:\n - name: Endpoint\n widget: Panel\n visibility: $exists(spec.output.otlp.endpoint)\n children:\n - name: Value\n source: spec.output.otlp.endpoint.value\n visibility: $exists(spec.output.otlp.endpoint.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: spec.output.otlp.endpoint.valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(spec.output.otlp.endpoint.valueFrom.secretKeyRef.name)\n - name: Authentication\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication)\n children:\n - name: User\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication.basic.user)\n children:\n - name: Value\n source: spec.output.otlp.authentication.basic.user.value\n visibility: $exists(spec.output.otlp.authentication.basic.user.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: >-\n spec.output.otlp.authentication.basic.user.valueFrom.secretKeyRef\n kind: Secret\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.user.valueFrom.secretKeyRef.name)\n - name: Password\n widget: Panel\n visibility: $exists(spec.output.otlp.authentication.basic.password)\n children:\n - name: Value\n source: spec.output.otlp.authentication.basic.password.value\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.password.value)\n - name: Value From Secret\n widget: ResourceRefs\n source: >-\n spec.output.otlp.authentication.basic.password.valueFrom.secretKeyRef\n kind: Secret\n visibility: >-\n $exists(spec.output.otlp.authentication.basic.password.valueFrom.secretKeyRef.name)\n - name: Headers\n widget: Panel\n visibility: $exists(spec.output.otlp.headers)\n children:\n - name: Header\n widget: Panel\n visibility: $exists(spec.output.otlp.headers[].name)\n source: spec.output.otlp.headers[]\n children:\n - name: Name\n source: name\n visibility: $exists(name)\n - name: Prefix\n source: prefix\n visibility: $exists(prefix)\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: TLS\n widget: Panel\n visibility: $exists(spec.output.otlp.tls)\n children:\n - name: Insecure\n visibility: $exists(spec.output.otlp.tls.insecure)\n source: spec.output.otlp.tls.insecure\n - name: Skip Cert Verification\n visibility: $exists(spec.output.otlp.tls.insecureSkipVerify)\n source: spec.output.otlp.tls.insecureSkipVerify\n - name: Ca\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.ca)\n source: spec.output.otlp.tls.ca\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Cert\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.cert)\n source: spec.output.otlp.tls.cert\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - name: Key\n widget: Panel\n visibility: $exists(spec.output.otlp.tls.key)\n source: spec.output.otlp.tls.key\n children:\n - name: Value\n source: value\n visibility: $exists(value)\n - name: Value From Secret\n widget: ResourceRefs\n source: valueFrom.secretKeyRef\n kind: Secret\n visibility: $exists(valueFrom.secretKeyRef.name)\n - widget: Panel\n name: Other Settings\n children:\n - name: Protocol\n source: spec.output.otlp.protocol", "form": "- path: spec.output\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: OTLP\n path: otlp\n widget: FormGroup\n defaultExpanded: true\n simple: true\n children:\n - name: Endpoint\n path: endpoint\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Protocol\n path: protocol\n simple: true\n widget: FormGroup\n children:\n - name: Value\n widget: Text\n - name: Authentication\n path: authentication\n widget: FormGroup\n simple: true\n children:\n - name: User\n path: basic.user\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n simple: true\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Password\n path: basic.password\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n resource:\n kind: secret\n version: v1\n simple: true\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Headers\n path: headers[]\n widget: FormGroup\n simple: true\n children:\n - name: Name\n path: name\n widget: Text\n simple: true\n - name: Prefix\n path: prefix\n widget: Text\n simple: true\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: TLS\n widget: FormGroup\n path: tls\n children:\n - name: Insecure\n path: insecure\n - name: Skip Certificate Validation\n path: insecureSkipVerify\n - name: CA\n path: ca\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Cert\n path: cert\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n - name: Key\n path: key\n widget: FormGroup\n simple: true\n children:\n - name: Value\n path: value\n widget: Text\n simple: true\n - name: Secret Reference\n path: valueFrom.secretKeyRef\n widget: ResourceRef\n simple: true\n resource:\n kind: secret\n version: v1\n children:\n - simple: true\n path: key\n enum: $keys($secret.data)\n", "general": "resource:\n kind: TracePipeline\n group: telemetry.kyma-project.io\n version: v1alpha1\nname: Trace Pipelines\ncategory: Observability\nurlPath: tracepipelines\nscope: cluster\ndescription: >-\n {{[TracePipeline custom resource](https://kyma-project.io/#/telemetry-manager/user/resources/04-tracepipeline)}} configures a custom Trace Pipeline.", "list": "- source: >-\n $each(spec.output, function($v, $k) {$v.endpoint.value or\n $v.endpoint.valueFrom.secretKeyRef.name ? $k})\n placeholder: custom\n type: string\n name: Type\n isSelected: true\n widget: Text\n- name: Status\n source: $filter(status.conditions, function ($v) { $v.type != \"Pending\" and $v.type != \"Running\" })\n widget: Columns\n children:\n - name: Type\n source: type\n widget: Badge\n - name: Status\n source: status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "telemetry-manager" }, "name": "telemetry-tracepipelines", "namespace": "kyma-system" } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "annotations": { "prometheus.io/port": "8080", "prometheus.io/scrape": "true" }, "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-metrics", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http-metrics", "port": 8080, "targetPort": 8080 } ], "selector": { "app.kubernetes.io/instance": "telemetry", "app.kubernetes.io/name": "manager", "control-plane": "telemetry-manager", "kyma-project.io/component": "controller" } } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager-webhook", "namespace": "kyma-system" }, "spec": { "ports": [ { "port": 443, "protocol": "TCP", "targetPort": 9443 } ], "selector": { "app.kubernetes.io/instance": "telemetry", "app.kubernetes.io/name": "manager", "control-plane": "telemetry-manager", "kyma-project.io/component": "controller" } } }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Global (default) scheduling priority of Kyma components. Must not be blocked by unschedulable user workloads.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-priority-class" }, "value": 2000000 }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Global scheduling priority of Telemetry DaemonSet components. Must not be blocked by unschedulable non-daemonset workloads.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-priority-class-high" }, "value": 2100000 }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/instance": "telemetry", "app.kubernetes.io/name": "manager", "control-plane": "telemetry-manager", "kyma-project.io/component": "controller" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager", "sidecar.istio.io/inject": "false" }, "labels": { "app.kubernetes.io/instance": "telemetry", "app.kubernetes.io/name": "manager", "control-plane": "telemetry-manager", "kyma-project.io/component": "controller" } }, "spec": { "containers": [ { "args": [ "--cert-dir=/tmp", "--fluent-bit-priority-class-name=telemetry-priority-class-high", "--metric-gateway-priority-class=telemetry-priority-class", "--trace-collector-priority-class=telemetry-priority-class", "--self-monitor-priority-class=telemetry-priority-class", "--validating-webhook-enabled=true" ], "command": [ "/manager" ], "env": [ { "name": "GOMEMLIMIT", "value": "300MiB" }, { "name": "APP_LOG_LEVEL", "value": "info" }, { "name": "MY_POD_NAMESPACE", "valueFrom": { "fieldRef": { "fieldPath": "metadata.namespace" } } } ], "image": "europe-docker.pkg.dev/kyma-project/prod/telemetry-manager:1.18.1", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "100m", "memory": "384Mi" }, "requests": { "cpu": "5m", "memory": "100Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] }, "privileged": false, "readOnlyRootFilesystem": false } } ], "priorityClassName": "telemetry-priority-class", "securityContext": { "runAsNonRoot": true, "seccompProfile": { "type": "RuntimeDefault" } }, "serviceAccountName": "telemetry-manager", "terminationGracePeriodSeconds": 10 } } } }, { "apiVersion": "networking.k8s.io/v1", "kind": "NetworkPolicy", "metadata": { "labels": { "app.kubernetes.io/component": "telemetry", "app.kubernetes.io/instance": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "telemetry-manager", "app.kubernetes.io/part-of": "kyma", "control-plane": "telemetry-manager" }, "name": "telemetry-manager", "namespace": "kyma-system" }, "spec": { "egress": [ { "to": [ { "ipBlock": { "cidr": "0.0.0.0/0" } }, { "ipBlock": { "cidr": "::/0" } } ] } ], "ingress": [ { "from": [ { "ipBlock": { "cidr": "0.0.0.0/0" } }, { "ipBlock": { "cidr": "::/0" } } ], "ports": [ { "port": 8080, "protocol": "TCP" }, { "port": 8081, "protocol": "TCP" }, { "port": 9443, "protocol": "TCP" } ] } ], "podSelector": { "matchLabels": { "app.kubernetes.io/instance": "telemetry", "app.kubernetes.io/name": "manager", "control-plane": "telemetry-manager", "kyma-project.io/component": "controller" } }, "policyTypes": [ "Ingress", "Egress" ] } } ], "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "Telemetry", "metadata": { "labels": { "app.kubernetes.io/name": "telemetry", "app.kubernetes.io/instance": "default", "app.kubernetes.io/part-of": "telemetry-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/created-by": "telemetry-manager" }, "name": "default", "namespace": "kyma-system" } }, "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/telemetries/default" } ] }, { "name": "nats", "documentation": "https://kyma-project.io/#/nats-manager/user/README", "repository": "https://github.com/kyma-project/nats-manager.git", "managedResources": [ "/apis/operator.kyma-project.io/v1alpha1/nats" ], "manageable": true, "latestGithubRelease": { "repository": "kyma-project/nats-manager", "deploymentYaml": "nats-manager.yaml", "crYaml": "nats-default-cr.yaml" }, "versions": [ { "version": "1.2.1", "deploymentYaml": "https://github.com/kyma-project/nats-manager/releases/download/1.2.1/nats-manager.yaml", "crYaml": "https://github.com/kyma-project/nats-manager/releases/download/1.2.1/nats-default-cr.yaml", "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "NATS", "metadata": { "name": "eventing-nats", "namespace": "kyma-system" }, "spec": { "cluster": { "size": 3 }, "jetStream": { "fileStorage": { "size": "1Gi", "storageClassName": "default" }, "memStorage": { "enabled": true, "size": "1Gi" } }, "logging": { "debug": false, "trace": false }, "resources": { "limits": { "cpu": "500m", "memory": "1Gi" }, "requests": { "cpu": "40m", "memory": "64Mi" } } } }, "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "nats-manager", "app.kubernetes.io/created-by": "nats-manager", "app.kubernetes.io/instance": "nats-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "nats-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "nats-manager" }, "name": "nats.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "NATS", "listKind": "NATSList", "plural": "nats", "singular": "nats" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "description": "State of NATS deployment", "jsonPath": ".status.state", "name": "State", "type": "string" }, { "description": "Age of the resource", "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "NATS is the Schema for the NATS API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "default": { "cluster": { "size": 3 }, "jetStream": { "fileStorage": { "size": "1Gi", "storageClassName": "default" }, "memStorage": { "enabled": true, "size": "1Gi" } }, "logging": { "debug": false, "trace": false }, "resources": { "limits": { "cpu": "500m", "memory": "1Gi" }, "requests": { "cpu": "40m", "memory": "64Mi" } } }, "description": "NATSSpec defines the desired state of NATS.", "properties": { "annotations": { "additionalProperties": { "type": "string" }, "description": "Annotations allows to add annotations to NATS.", "type": "object" }, "cluster": { "default": { "size": 3 }, "description": "Cluster defines configurations that are specific to NATS clusters.", "properties": { "size": { "default": 3, "description": "Size of a NATS cluster, i.e. number of NATS nodes.", "minimum": 1, "type": "integer", "x-kubernetes-validations": [ { "message": "size only accepts odd numbers", "rule": "(self%2) != 0" }, { "message": "cannot be set to 1 if size was greater than 1", "rule": "!(oldSelf > 1 && self == 1)" } ] } }, "type": "object" }, "jetStream": { "default": { "fileStorage": { "size": "1Gi", "storageClassName": "default" }, "memStorage": { "enabled": true, "size": "1Gi" } }, "description": "JetStream defines configurations that are specific to NATS JetStream.", "properties": { "fileStorage": { "default": { "size": "1Gi", "storageClassName": "default" }, "description": "FileStorage defines configurations to file storage in NATS JetStream.", "properties": { "size": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "default": "1Gi", "description": "Size defines the file storage size.", "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "fileStorage is immutable once it was set", "rule": "self == oldSelf" } ] }, "storageClassName": { "default": "default", "description": "StorageClassName defines the file storage class name.", "type": "string", "x-kubernetes-validations": [ { "message": "fileStorage is immutable once it was set", "rule": "self == oldSelf" } ] } }, "type": "object", "x-kubernetes-validations": [ { "message": "fileStorage is immutable once it was set", "rule": "self == oldSelf" } ] }, "memStorage": { "default": { "enabled": true, "size": "1Gi" }, "description": "MemStorage defines configurations to memory storage in NATS JetStream.", "properties": { "enabled": { "default": true, "description": "Enabled allows the enablement of memory storage.", "type": "boolean" }, "size": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "default": "1Gi", "description": "Size defines the mem.", "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true } }, "type": "object", "x-kubernetes-validations": [ { "message": "can only be enabled if size is not 0", "rule": "!self.enabled || self.size != 0" } ] } }, "type": "object", "x-kubernetes-validations": [ { "message": "fileStorage is immutable once it was set", "rule": "self.fileStorage == oldSelf.fileStorage" } ] }, "labels": { "additionalProperties": { "type": "string" }, "description": "Labels allows to add Labels to NATS.", "type": "object" }, "logging": { "default": { "debug": false, "trace": false }, "description": "JetStream defines configurations that are specific to NATS logging in NATS.", "properties": { "debug": { "default": false, "description": "Debug allows debug logging.", "type": "boolean" }, "trace": { "default": false, "description": "Trace allows trace logging.", "type": "boolean" } }, "type": "object" }, "resources": { "default": { "limits": { "cpu": "500m", "memory": "1Gi" }, "requests": { "cpu": "40m", "memory": "64Mi" } }, "description": "Resources defines resources for NATS.", "properties": { "claims": { "description": "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers.", "items": { "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", "properties": { "name": { "description": "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container.", "type": "string" } }, "required": [ "name" ], "type": "object" }, "type": "array", "x-kubernetes-list-map-keys": [ "name" ], "x-kubernetes-list-type": "map" }, "limits": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" }, "requests": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" } }, "type": "object" } }, "type": "object" }, "status": { "description": "NATSStatus defines the observed state of NATS.", "properties": { "availabilityZonesUsed": { "type": "integer" }, "conditions": { "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "state": { "type": "string" }, "url": { "type": "string" } }, "required": [ "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "nats-manager", "app.kubernetes.io/created-by": "nats-manager", "app.kubernetes.io/instance": "nats-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "nats-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "nats-manager" }, "name": "nats-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "nats-manager", "app.kubernetes.io/created-by": "nats-manager", "app.kubernetes.io/instance": "nats-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "nats-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "nats-manager" }, "name": "nats-manager-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "" ], "resourceNames": [ "eventing-nats-config" ], "resources": [ "configmaps" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] }, { "apiGroups": [ "" ], "resources": [ "nodes" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "persistentvolumeclaims" ], "verbs": [ "delete", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "pods" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "secrets" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "" ], "resourceNames": [ "eventing-nats-secret" ], "resources": [ "secrets" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "" ], "resourceNames": [ "eventing-nats" ], "resources": [ "services" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "statefulsets" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "apps" ], "resourceNames": [ "eventing-nats" ], "resources": [ "statefulsets" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "networking.istio.io" ], "resources": [ "destinationrules" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "networking.istio.io" ], "resourceNames": [ "eventing-nats" ], "resources": [ "destinationrules" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "nats" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "nats/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "nats/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "policy" ], "resources": [ "poddisruptionbudgets" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "policy" ], "resourceNames": [ "eventing-nats" ], "resources": [ "poddisruptionbudgets" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "nats-manager", "app.kubernetes.io/created-by": "nats-manager", "app.kubernetes.io/instance": "nats-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "nats-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "nats-manager" }, "name": "nats-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "nats-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "nats-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "details": "header:\n - name: State\n source: status.state\n widget: Badge\n\nbody:\n - name: Conditions\n source: status.conditions\n widget: Table\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n positive:\n - 'True'\n negative:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n - name: Events\n widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n defaultType: information\n", "form": "", "general": "resource:\n kind: NATS\n group: operator.kyma-project.io\n version: v1alpha1\nurlPath: nats\ncategory: Kyma\nname: NATS\nscope: namespace\nfeatures:\n actions:\n disableCreate: false\n disableDelete: false\ndescription: >-\n {{[NATS CR](https://github.com/kyma-project/nats-manager/blob/main/config/samples/default.yaml)}}\n specifies NATS module.\n", "list": "- name: State\n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "nats-manager", "app.kubernetes.io/created-by": "nats-manager", "app.kubernetes.io/instance": "nats-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "nats-manager", "app.kubernetes.io/part-of": "Kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "nats-manager" }, "name": "nats-operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Scheduling priority of the NATS-Manager module. Must not be blocked by unschedulable user workloads.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "labels": { "app.kubernetes.io/component": "nats-manager", "app.kubernetes.io/created-by": "nats-manager", "app.kubernetes.io/instance": "nats-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "nats-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "nats-manager" }, "name": "nats-manager-priority-class" }, "value": 2000000 }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "nats-manager", "app.kubernetes.io/created-by": "nats-manager", "app.kubernetes.io/instance": "nats-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "nats-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "nats-manager" }, "name": "nats-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "control-plane": "manager" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager" }, "labels": { "control-plane": "manager" } }, "spec": { "containers": [ { "command": [ "/manager" ], "env": [ { "name": "LOG_LEVEL", "value": "INFO" }, { "name": "NATS_CHART_DIR", "value": "/resources/nats" }, { "name": "NATS_CR_NAME", "value": "eventing-nats" }, { "name": "NATS_CR_NAMESPACE", "value": "kyma-system" } ], "image": "europe-docker.pkg.dev/kyma-project/prod/nats-manager:1.2.1", "imagePullPolicy": "Always", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "500m", "memory": "384Mi" }, "requests": { "cpu": "10m", "memory": "64Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "priorityClassName": "nats-manager-priority-class", "securityContext": { "fsGroup": 10001, "runAsGroup": 10001, "runAsNonRoot": true, "runAsUser": 10001, "seccompProfile": { "type": "RuntimeDefault" } }, "serviceAccountName": "nats-manager", "terminationGracePeriodSeconds": 10 } } } } ], "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/nats-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/nats-manager:1.2.1", "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/nats/eventing-nats", "channels": [ "fast", "regular" ], "documentation": "https://kyma-project.io/#/nats-manager/user/README", "repository": "https://github.com/kyma-project/nats-manager.git" }, { "version": "v1.0.2", "deploymentYaml": "https://github.com/kyma-project/nats-manager/releases/download/v1.0.2/nats-manager.yaml", "crYaml": "https://github.com/kyma-project/nats-manager/releases/download/v1.0.2/nats_default_cr.yaml", "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "NATS", "metadata": { "name": "eventing-nats", "namespace": "kyma-system" }, "spec": { "cluster": { "size": 3 }, "jetStream": { "fileStorage": { "size": "1Gi", "storageClassName": "default" }, "memStorage": { "enabled": true, "size": "1Gi" } }, "logging": { "debug": false, "trace": false }, "resources": { "limits": { "cpu": "500m", "memory": "1Gi" }, "requests": { "cpu": "40m", "memory": "64Mi" } } } }, "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.11.1" }, "creationTimestamp": null, "name": "nats.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "NATS", "listKind": "NATSList", "plural": "nats", "singular": "nats" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "description": "State of NATS deployment", "jsonPath": ".status.state", "name": "State", "type": "string" }, { "description": "Age of the resource", "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "NATS is the Schema for the NATS API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "default": { "cluster": { "size": 3 }, "jetStream": { "fileStorage": { "size": "1Gi", "storageClassName": "default" }, "memStorage": { "enabled": true, "size": "1Gi" } }, "logging": { "debug": false, "trace": false }, "resources": { "limits": { "cpu": "500m", "memory": "1Gi" }, "requests": { "cpu": "40m", "memory": "64Mi" } } }, "description": "NATSSpec defines the desired state of NATS.", "properties": { "annotations": { "additionalProperties": { "type": "string" }, "description": "Annotations allows to add annotations to NATS.", "type": "object" }, "cluster": { "default": { "size": 3 }, "description": "Cluster defines configurations that are specific to NATS clusters.", "properties": { "size": { "default": 3, "description": "Size of a NATS cluster, i.e. number of NATS nodes.", "minimum": 1, "type": "integer", "x-kubernetes-validations": [ { "message": "size only accepts odd numbers", "rule": "(self%2) != 0" } ] } }, "type": "object" }, "jetStream": { "default": { "fileStorage": { "size": "1Gi", "storageClassName": "default" }, "memStorage": { "enabled": true, "size": "1Gi" } }, "description": "JetStream defines configurations that are specific to NATS JetStream.", "properties": { "fileStorage": { "default": { "size": "1Gi", "storageClassName": "default" }, "description": "FileStorage defines configurations to file storage in NATS JetStream.", "properties": { "size": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "default": "1Gi", "description": "Size defines the file storage size.", "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true, "x-kubernetes-validations": [ { "message": "fileStorage is immutable once it was set", "rule": "self == oldSelf" } ] }, "storageClassName": { "default": "default", "description": "StorageClassName defines the file storage class name.", "type": "string", "x-kubernetes-validations": [ { "message": "fileStorage is immutable once it was set", "rule": "self == oldSelf" } ] } }, "type": "object", "x-kubernetes-validations": [ { "message": "fileStorage is immutable once it was set", "rule": "self == oldSelf" } ] }, "memStorage": { "default": { "enabled": true, "size": "1Gi" }, "description": "MemStorage defines configurations to memory storage in NATS JetStream.", "properties": { "enabled": { "default": true, "description": "Enabled allows the enablement of memory storage.", "type": "boolean" }, "size": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "default": "1Gi", "description": "Size defines the mem.", "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true } }, "type": "object", "x-kubernetes-validations": [ { "message": "can only be enabled if size is not 0", "rule": "!self.enabled || self.size != 0" } ] } }, "type": "object", "x-kubernetes-validations": [ { "message": "fileStorage is immutable once it was set", "rule": "self.fileStorage == oldSelf.fileStorage" } ] }, "labels": { "additionalProperties": { "type": "string" }, "description": "Labels allows to add Labels to NATS.", "type": "object" }, "logging": { "default": { "debug": false, "trace": false }, "description": "JetStream defines configurations that are specific to NATS logging in NATS.", "properties": { "debug": { "default": false, "description": "Debug allows debug logging.", "type": "boolean" }, "trace": { "default": false, "description": "Trace allows trace logging.", "type": "boolean" } }, "type": "object" }, "resources": { "default": { "limits": { "cpu": "500m", "memory": "1Gi" }, "requests": { "cpu": "40m", "memory": "64Mi" } }, "description": "Resources defines resources for NATS.", "properties": { "claims": { "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", "items": { "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", "properties": { "name": { "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", "type": "string" } }, "required": [ "name" ], "type": "object" }, "type": "array", "x-kubernetes-list-map-keys": [ "name" ], "x-kubernetes-list-type": "map" }, "limits": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" }, "requests": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" } }, "type": "object" } }, "type": "object" }, "status": { "description": "NATSStatus defines the observed state of NATS.", "properties": { "conditions": { "items": { "description": "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition. This may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "state": { "type": "string" } }, "required": [ "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/created-by": "nats-manager", "app.kubernetes.io/instance": "manager-sa", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "serviceaccount", "app.kubernetes.io/part-of": "nats-manager" }, "name": "nats-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "creationTimestamp": null, "name": "nats-manager-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "" ], "resourceNames": [ "eventing-nats-config" ], "resources": [ "configmaps" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] }, { "apiGroups": [ "" ], "resources": [ "persistentvolumeclaims" ], "verbs": [ "delete", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "secrets" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "" ], "resourceNames": [ "eventing-nats-secret" ], "resources": [ "secrets" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "" ], "resourceNames": [ "eventing-nats" ], "resources": [ "services" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "statefulsets" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "apps" ], "resourceNames": [ "eventing-nats" ], "resources": [ "statefulsets" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "networking.istio.io" ], "resources": [ "destinationrules" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "networking.istio.io" ], "resourceNames": [ "eventing-nats" ], "resources": [ "destinationrules" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "nats" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "nats/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "nats/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "policy" ], "resources": [ "poddisruptionbudgets" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "policy" ], "resourceNames": [ "eventing-nats" ], "resources": [ "poddisruptionbudgets" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/created-by": "nats-manager", "app.kubernetes.io/instance": "manager-rolebinding", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "clusterrolebinding", "app.kubernetes.io/part-of": "nats-manager" }, "name": "nats-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "nats-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "nats-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "details": "header:\n - name: State\n source: status.state\n widget: Badge\n\nbody:\n - name: Conditions\n source: status.conditions\n widget: Table\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n positive:\n - 'True'\n negative:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n - name: Events\n widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n defaultType: information\n", "form": "", "general": "resource:\n kind: NATS\n group: operator.kyma-project.io\n version: v1alpha1\nurlPath: nats\ncategory: Kyma\nname: NATS\nscope: namespace\nfeatures:\n actions:\n disableCreate: false\n disableDelete: false\ndescription: >-\n {{[NATS CR](https://github.com/kyma-project/nats-manager/blob/main/config/samples/default.yaml)}}\n specifies NATS module.\n", "list": "- name: State\n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/name": "nats.operator.kyma-project.io", "busola.io/extension": "resource", "busola.io/extension-version": "0.5" }, "name": "nats-operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Scheduling priority of the NATS-Manager module. Must not be blocked by unschedulable user workloads.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "name": "nats-manager-priority-class" }, "value": 2000000 }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "manager", "app.kubernetes.io/created-by": "nats-manager", "app.kubernetes.io/instance": "manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "deployment", "app.kubernetes.io/part-of": "nats-manager", "control-plane": "manager" }, "name": "nats-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "control-plane": "manager" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager" }, "labels": { "control-plane": "manager" } }, "spec": { "containers": [ { "command": [ "/manager" ], "env": [ { "name": "LOG_LEVEL", "value": "INFO" }, { "name": "NATS_CHART_DIR", "value": "/resources/nats" }, { "name": "NATS_CR_NAME", "value": "eventing-nats" }, { "name": "NATS_CR_NAMESPACE", "value": "kyma-system" } ], "image": "europe-docker.pkg.dev/kyma-project/prod/nats-manager:3aee6dc4bd47f62c72caf19557d717e8c2706527", "imagePullPolicy": "Always", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "500m", "memory": "384Mi" }, "requests": { "cpu": "10m", "memory": "64Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "priorityClassName": "nats-manager-priority-class", "securityContext": { "fsGroup": 10001, "runAsGroup": 10001, "runAsNonRoot": true, "runAsUser": 10001, "seccompProfile": { "type": "RuntimeDefault" } }, "serviceAccountName": "nats-manager", "terminationGracePeriodSeconds": 10 } } } } ], "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/nats-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/nats-manager:3aee6dc4bd47f62c72caf19557d717e8c2706527", "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/nats/eventing-nats", "channels": [ "experimental" ], "documentation": "https://kyma-project.io/#/nats-manager/user/README", "repository": "https://github.com/kyma-project/nats-manager.git" } ] }, { "name": "eventing", "documentation": "https://kyma-project.io/#/eventing-manager/user/README", "repository": "https://github.com/kyma-project/eventing-manager.git", "manageable": true, "managedResources": [ "/apis/eventing.kyma-project.io/v1alpha1/subscriptions", "/apis/eventing.kyma-project.io/v1alpha2/subscriptions", "/apis/operator.kyma-project.io/v1alpha1/eventings" ], "latestGithubRelease": { "repository": "kyma-project/eventing-manager", "deploymentYaml": "eventing-manager.yaml", "crYaml": "eventing-default-cr.yaml" }, "versions": [ { "version": "1.0.1", "deploymentYaml": "https://github.com/kyma-project/eventing-manager/releases/download/1.0.1/eventing-manager.yaml", "crYaml": "https://github.com/kyma-project/eventing-manager/releases/download/1.0.1/eventing_default_cr.yaml", "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "Eventing", "metadata": { "labels": { "app.kubernetes.io/name": "eventing", "app.kubernetes.io/instance": "eventing", "app.kubernetes.io/part-of": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager" }, "name": "eventing", "namespace": "kyma-system" }, "spec": { "backend": { "type": "NATS", "config": { "eventTypePrefix": "sap.kyma.custom", "natsStreamStorageType": "File", "natsStreamReplicas": 3, "natsStreamMaxSize": "700M", "natsMaxMsgsPerTopic": 1000000 } }, "publisher": { "replicas": { "min": 2, "max": 2 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "40m", "memory": "64Mi" } } } } }, "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.11.3" }, "creationTimestamp": null, "name": "eventings.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "Eventing", "listKind": "EventingList", "plural": "eventings", "singular": "eventing" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "description": "State of Eventing", "jsonPath": ".status.state", "name": "State", "type": "string" }, { "description": "Type of Eventing backend, either NATS or EventMesh", "jsonPath": ".spec.backend.type", "name": "Backend", "type": "string" }, { "description": "Age of the resource", "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "Eventing is the Schema for the eventing API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "default": { "backend": { "config": { "natsMaxMsgsPerTopic": 1000000, "natsStreamMaxSize": "700Mi", "natsStreamReplicas": 3, "natsStreamStorageType": "File" }, "type": "NATS" }, "logging": { "logLevel": "Info" }, "publisher": { "replicas": { "max": 2, "min": 2 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "40m", "memory": "256Mi" } } } }, "description": "EventingSpec defines the desired state of Eventing", "properties": { "annotations": { "additionalProperties": { "type": "string" }, "description": "Annotations allows to add annotations to resources.", "type": "object" }, "backend": { "default": { "config": { "natsMaxMsgsPerTopic": 1000000, "natsStreamMaxSize": "700Mi", "natsStreamReplicas": 3, "natsStreamStorageType": "File" }, "type": "NATS" }, "description": "Backend defines the active backend used by Eventing.", "properties": { "config": { "default": { "natsMaxMsgsPerTopic": 1000000, "natsStreamMaxSize": "700Mi", "natsStreamReplicas": 3, "natsStreamStorageType": "File" }, "description": "Config defines configuration for eventing backend.", "properties": { "domain": { "description": "Domain defines the cluster public domain used to configure the EventMesh Subscriptions and their corresponding ApiRules.", "pattern": "^(?:([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9])(\\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9]))*)?$", "type": "string" }, "eventMeshSecret": { "description": "EventMeshSecret defines the namespaced name of K8s Secret containing EventMesh credentials. The format of name is \"namespace/name\".", "pattern": "^[a-zA-Z0-9_-]+/[a-zA-Z0-9_-]+$", "type": "string" }, "eventTypePrefix": { "default": "sap.kyma.custom", "type": "string", "x-kubernetes-validations": [ { "message": "eventTypePrefix cannot be empty", "rule": "self!=''" } ] }, "natsMaxMsgsPerTopic": { "default": 1000000, "description": "NATSMaxMsgsPerTopic limits how many messages in the NATS stream to retain per subject.", "type": "integer" }, "natsStreamMaxSize": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "default": "700Mi", "description": "NATSStreamMaxSize defines the maximum storage size for stream data.", "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "natsStreamReplicas": { "default": 3, "description": "NATSStreamReplicas defines the number of replicas for stream.", "type": "integer" }, "natsStreamStorageType": { "default": "File", "description": "NATSStreamStorageType defines the storage type for stream data.", "type": "string", "x-kubernetes-validations": [ { "message": "storage type can only be set to File or Memory", "rule": "self=='File' || self=='Memory'" } ] } }, "type": "object" }, "type": { "default": "NATS", "description": "Type defines which backend to use. The value is either `EventMesh`, or `NATS`.", "type": "string", "x-kubernetes-validations": [ { "message": "backend type can only be set to NATS or EventMesh", "rule": "self=='NATS' || self=='EventMesh' || self==''" } ] } }, "required": [ "type" ], "type": "object", "x-kubernetes-validations": [ { "message": "secret cannot be empty if EventMesh backend is used", "rule": " (self.type != 'EventMesh') || ((self.type == 'EventMesh') && (self.config.eventMeshSecret != ''))" } ] }, "labels": { "additionalProperties": { "type": "string" }, "description": "Labels allows to add Labels to resources.", "type": "object" }, "logging": { "default": { "logLevel": "Info" }, "description": "Logging defines the log level for eventing-manager.", "properties": { "logLevel": { "default": "Info", "description": "LogLevel defines the log level.", "type": "string", "x-kubernetes-validations": [ { "message": "logLevel can only be set to Debug, Info, Warn or Error", "rule": "self=='Info' || self=='Warn' || self=='Error' || self=='Debug'" } ] } }, "type": "object" }, "publisher": { "default": { "replicas": { "max": 2, "min": 2 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "40m", "memory": "256Mi" } } }, "description": "Publisher defines the configurations for eventing-publisher-proxy.", "properties": { "replicas": { "default": { "max": 2, "min": 2 }, "description": "Replicas defines the scaling min/max for eventing-publisher-proxy.", "properties": { "max": { "default": 2, "description": "Max defines maximum number of replicas.", "type": "integer" }, "min": { "default": 2, "description": "Min defines minimum number of replicas.", "minimum": 0, "type": "integer" } }, "type": "object", "x-kubernetes-validations": [ { "message": "min value must be smaller than the max value", "rule": "self.min <= self.max" } ] }, "resources": { "default": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "40m", "memory": "256Mi" } }, "description": "Resources defines resources for eventing-publisher-proxy.", "properties": { "claims": { "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", "items": { "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", "properties": { "name": { "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", "type": "string" } }, "required": [ "name" ], "type": "object" }, "type": "array", "x-kubernetes-list-map-keys": [ "name" ], "x-kubernetes-list-type": "map" }, "limits": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" }, "requests": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "backend" ], "type": "object" }, "status": { "description": "EventingStatus defines the observed state of Eventing", "properties": { "activeBackend": { "type": "string" }, "conditions": { "items": { "description": "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition. This may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "specHash": { "format": "int64", "type": "integer" }, "state": { "type": "string" } }, "required": [ "activeBackend", "specHash", "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.11.1" }, "name": "subscriptions.eventing.kyma-project.io" }, "spec": { "conversion": { "strategy": "Webhook", "webhook": { "clientConfig": { "service": { "name": "eventing-manager-webhook-service", "namespace": "kyma-system", "path": "/convert" } }, "conversionReviewVersions": [ "v1" ] } }, "group": "eventing.kyma-project.io", "names": { "kind": "Subscription", "listKind": "SubscriptionList", "plural": "subscriptions", "singular": "subscription" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.ready", "name": "Ready", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" }, { "jsonPath": ".status.cleanEventTypes", "name": "Clean Event Types", "type": "string" } ], "deprecated": true, "deprecationWarning": "The v1alpha1 API version is deprecated as of Kyma 2.14.X.", "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "Subscription is the Schema for the subscriptions API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "SubscriptionSpec defines the desired state of Subscription.", "properties": { "config": { "description": "Defines additional configuration for the active backend.", "properties": { "maxInFlightMessages": { "description": "Defines how many not-ACKed messages can be in flight simultaneously.", "minimum": 1, "type": "integer" } }, "type": "object" }, "filter": { "description": "Defines which events will be sent to the sink.", "properties": { "dialect": { "description": "Contains a `URI-reference` to the CloudEvent filter dialect. See [here](https://github.com/cloudevents/spec/blob/main/subscriptions/spec.md#3241-filter-dialects) for more details.", "type": "string" }, "filters": { "items": { "description": "Defines the BEB filter element as a combination of two CE filter elements.", "properties": { "eventSource": { "description": "Defines the source of the CE filter.", "properties": { "property": { "description": "Defines the property of the filter.", "type": "string" }, "type": { "description": "Defines the type of the filter.", "type": "string" }, "value": { "description": "Defines the value of the filter.", "type": "string" } }, "required": [ "property", "value" ], "type": "object" }, "eventType": { "description": "Defines the type of the CE filter.", "properties": { "property": { "description": "Defines the property of the filter.", "type": "string" }, "type": { "description": "Defines the type of the filter.", "type": "string" }, "value": { "description": "Defines the value of the filter.", "type": "string" } }, "required": [ "property", "value" ], "type": "object" } }, "required": [ "eventSource", "eventType" ], "type": "object" }, "type": "array" } }, "required": [ "filters" ], "type": "object" }, "id": { "description": "Unique identifier of the Subscription, read-only.", "type": "string" }, "protocol": { "description": "Defines the CE protocol specification implementation.", "type": "string" }, "protocolsettings": { "description": "Defines the CE protocol settings specification implementation.", "properties": { "contentMode": { "description": "Defines the content mode for eventing based on BEB. The value is either `BINARY`, or `STRUCTURED`.", "type": "string" }, "exemptHandshake": { "description": "Defines if the exempt handshake for eventing is based on BEB.", "type": "boolean" }, "qos": { "description": "Defines the quality of service for eventing based on BEB.", "type": "string" }, "webhookAuth": { "description": "Defines the Webhook called by an active subscription on BEB.", "properties": { "clientId": { "description": "Defines the clientID for OAuth2.", "type": "string" }, "clientSecret": { "description": "Defines the Client Secret for OAuth2.", "type": "string" }, "grantType": { "description": "Defines the grant type for OAuth2.", "type": "string" }, "scope": { "description": "Defines the scope for OAuth2.", "items": { "type": "string" }, "type": "array" }, "tokenUrl": { "description": "Defines the token URL for OAuth2.", "type": "string" }, "type": { "description": "Defines the authentication type.", "type": "string" } }, "required": [ "clientId", "clientSecret", "grantType", "tokenUrl" ], "type": "object" } }, "type": "object" }, "sink": { "description": "Kubernetes Service that should be used as a target for the events that match the Subscription. Must exist in the same Namespace as the Subscription.", "type": "string" } }, "required": [ "filter", "sink" ], "type": "object" }, "status": { "description": "SubscriptionStatus defines the observed state of the Subscription.", "properties": { "apiRuleName": { "description": "Defines the name of the APIRule which is used by the Subscription.", "type": "string" }, "cleanEventTypes": { "description": "CleanEventTypes defines the filter's event types after cleanup to use it with the configured backend.", "items": { "type": "string" }, "type": "array" }, "conditions": { "description": "Current state of the Subscription.", "items": { "properties": { "lastTransitionTime": { "description": "Defines the date of the last condition status change.", "format": "date-time", "type": "string" }, "message": { "description": "Provides more details about the condition status change.", "type": "string" }, "reason": { "description": "Defines the reason for the condition status change.", "type": "string" }, "status": { "description": "Status of the condition. The value is either `True`, `False`, or `Unknown`.", "type": "string" }, "type": { "description": "Short description of the condition.", "type": "string" } }, "required": [ "status" ], "type": "object" }, "type": "array" }, "config": { "description": "Defines the configurations that have been applied to the eventing backend when creating this Subscription.", "properties": { "maxInFlightMessages": { "description": "Defines how many not-ACKed messages can be in flight simultaneously.", "minimum": 1, "type": "integer" } }, "type": "object" }, "emsSubscriptionStatus": { "description": "Defines the status of the Subscription in EventMesh.", "properties": { "lastFailedDelivery": { "description": "Timestamp of the last failed delivery.", "type": "string" }, "lastFailedDeliveryReason": { "description": "Reason for the last failed delivery.", "type": "string" }, "lastSuccessfulDelivery": { "description": "Timestamp of the last successful delivery.", "type": "string" }, "subscriptionStatus": { "description": "Status of the Subscription as reported by EventMesh.", "type": "string" }, "subscriptionStatusReason": { "description": "Reason for the current status.", "type": "string" } }, "type": "object" }, "emshash": { "description": "Defines the checksum for the Subscription in EventMesh.", "format": "int64", "type": "integer" }, "ev2hash": { "description": "Defines the checksum for the Subscription custom resource.", "format": "int64", "type": "integer" }, "externalSink": { "description": "Defines the webhook URL which is used by EventMesh to trigger subscribers.", "type": "string" }, "failedActivation": { "description": "Defines the reason if a Subscription failed activation in EventMesh.", "type": "string" }, "ready": { "description": "Overall readiness of the Subscription.", "type": "boolean" } }, "required": [ "cleanEventTypes", "ready" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": false, "subresources": { "status": {} } }, { "additionalPrinterColumns": [ { "jsonPath": ".status.ready", "name": "Ready", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha2", "schema": { "openAPIV3Schema": { "description": "Subscription is the Schema for the subscriptions API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired state of the Subscription.", "properties": { "config": { "additionalProperties": { "type": "string" }, "description": "Map of configuration options that will be applied on the backend.", "type": "object" }, "id": { "description": "Unique identifier of the Subscription, read-only.", "type": "string" }, "sink": { "description": "Kubernetes Service that should be used as a target for the events that match the Subscription. Must exist in the same Namespace as the Subscription.", "type": "string" }, "source": { "description": "Defines the origin of the event.", "type": "string" }, "typeMatching": { "description": "Defines how types should be handled.
- `standard`: backend-specific logic will be applied to the configured source and types.
- `exact`: no further processing will be applied to the configured source and types.", "type": "string" }, "types": { "description": "List of event types that will be used for subscribing on the backend.", "items": { "type": "string" }, "type": "array" } }, "required": [ "sink", "source", "types" ], "type": "object" }, "status": { "description": "SubscriptionStatus defines the observed state of Subscription.", "properties": { "backend": { "description": "Backend-specific status which is applicable to the active backend only.", "properties": { "apiRuleName": { "description": "Name of the APIRule which is used by the Subscription.", "type": "string" }, "emsSubscriptionStatus": { "description": "Status of the Subscription as reported by EventMesh.", "properties": { "lastFailedDelivery": { "description": "Timestamp of the last failed delivery.", "type": "string" }, "lastFailedDeliveryReason": { "description": "Reason for the last failed delivery.", "type": "string" }, "lastSuccessfulDelivery": { "description": "Timestamp of the last successful delivery.", "type": "string" }, "status": { "description": "Status of the Subscription as reported by the backend.", "type": "string" }, "statusReason": { "description": "Reason for the current status.", "type": "string" } }, "type": "object" }, "emsTypes": { "description": "List of mappings from event type to EventMesh compatible types. Used only with EventMesh as the backend.", "items": { "properties": { "eventMeshType": { "description": "Event type that is used on the EventMesh backend.", "type": "string" }, "originalType": { "description": "Event type that was originally used to subscribe.", "type": "string" } }, "required": [ "eventMeshType", "originalType" ], "type": "object" }, "type": "array" }, "emshash": { "description": "Hash used to identify an EventMesh Subscription retrieved from the server without the WebhookAuth config.", "format": "int64", "type": "integer" }, "ev2hash": { "description": "Checksum for the Subscription custom resource.", "format": "int64", "type": "integer" }, "eventMeshLocalHash": { "description": "Hash used to identify an EventMesh Subscription posted to the server without the WebhookAuth config.", "format": "int64", "type": "integer" }, "externalSink": { "description": "Webhook URL used by EventMesh to trigger subscribers.", "type": "string" }, "failedActivation": { "description": "Provides the reason if a Subscription failed activation in EventMesh.", "type": "string" }, "types": { "description": "List of event type to consumer name mappings for the NATS backend.", "items": { "properties": { "consumerName": { "description": "Name of the JetStream consumer created for the event type.", "type": "string" }, "originalType": { "description": "Event type that was originally used to subscribe.", "type": "string" } }, "required": [ "originalType" ], "type": "object" }, "type": "array" }, "webhookAuthHash": { "description": "Hash used to identify the WebhookAuth of an EventMesh Subscription existing on the server.", "format": "int64", "type": "integer" } }, "type": "object" }, "conditions": { "description": "Current state of the Subscription.", "items": { "properties": { "lastTransitionTime": { "description": "Defines the date of the last condition status change.", "format": "date-time", "type": "string" }, "message": { "description": "Provides more details about the condition status change.", "type": "string" }, "reason": { "description": "Defines the reason for the condition status change.", "type": "string" }, "status": { "description": "Status of the condition. The value is either `True`, `False`, or `Unknown`.", "type": "string" }, "type": { "description": "Short description of the condition.", "type": "string" } }, "required": [ "status" ], "type": "object" }, "type": "array" }, "ready": { "description": "Overall readiness of the Subscription.", "type": "boolean" }, "types": { "description": "List of event types after cleanup for use with the configured backend.", "items": { "properties": { "cleanType": { "description": "Event type after it was cleaned up from backend compatible characters.", "type": "string" }, "originalType": { "description": "Event type as specified in the Subscription spec.", "type": "string" } }, "required": [ "cleanType", "originalType" ], "type": "object" }, "type": "array" } }, "required": [ "ready", "types" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "manager-sa", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "eventing-manager" }, "name": "eventing-manager", "namespace": "kyma-system" } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app": "eventing-manager-cert-handler", "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/part-of": "eventing-manager" }, "name": "eventing-manager-cert-handler", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "creationTimestamp": null, "name": "eventing-manager" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] }, { "apiGroups": [ "" ], "resources": [ "secrets" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "serviceaccounts" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "mutatingwebhookconfigurations" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "validatingwebhookconfigurations" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "applicationconnector.kyma-project.io" ], "resources": [ "applications" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "autoscaling" ], "resources": [ "horizontalpodautoscalers" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "eventing.kyma-project.io" ], "resources": [ "subscriptions" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "eventing.kyma-project.io" ], "resources": [ "subscriptions/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "gateway.kyma-project.io" ], "resources": [ "apirules" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "eventings" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "eventings/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "eventings/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "nats" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterroles" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "peerauthentications" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "name": "eventing-manager-cert-handler" }, "rules": [ { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "get", "patch", "list", "watch", "update" ] }, { "apiGroups": [ "" ], "resources": [ "secrets" ], "verbs": [ "create", "get", "patch", "list", "watch", "update" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "clusterrolebinding", "app.kubernetes.io/part-of": "eventing-manager" }, "name": "eventing-manager" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "eventing-manager" }, "subjects": [ { "kind": "ServiceAccount", "name": "eventing-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/part-of": "eventing-manager" }, "name": "eventing-manager-cert-handler" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "eventing-manager-cert-handler" }, "subjects": [ { "kind": "ServiceAccount", "name": "eventing-manager-cert-handler", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "details": "header:\n - name: State\n source: status.state\n widget: Badge\n\nbody:\n - name: Conditions\n source: status.conditions\n widget: Table\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n positive:\n - 'True'\n negative:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n - name: Events\n widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n defaultType: information\n", "form": "- path: spec.backend.type\n name: Backend Type\n widget: FormGroup\n defaultExpanded: true\n enum:\n - NATS\n - EventMesh\n description: Choose a backend type from the dropdown.\n\n- path: spec.backend.config.eventMeshSecret\n visibility: \"spec.backend.type = 'EventMesh'\"\n widget: ResourceRef\n defaultExpanded: false\n resource:\n kind: Secret\n version: v1\n toInternal: |\n (\n $values := $split($, '/');\n { 'namespace': $values[0], 'name': $values[1] }\n )\n toExternal: namespace & '/' & name\n\n- path: spec.publisher.replicas\n name: Publisher Replicas\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: max\n - path: min\n", "general": "resource:\n kind: Eventing\n group: operator.kyma-project.io\n version: v1alpha1\nurlPath: eventings\ncategory: Kyma\nname: Eventing\nscope: namespace\nfeatures:\n actions:\n disableCreate: false\n disableDelete: false\ndescription: >-\n {{[Eventing CR](https://github.com/kyma-project/eventing-manager/blob/main/config/samples/default.yaml)}}\n specifies eventing module.\n", "list": "- name: State\n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/name": "eventings.operator.kyma-project.io", "busola.io/extension": "resource", "busola.io/extension-version": "0.5" }, "name": "eventings.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - name: status.conditions.status\n source: 'status.ready = false ? \"error\" : \"ready\"'\n widget: Badge\n description: status.conditions.message\n - name: spec.typeMatching\n source: spec.typeMatching\n - name: spec.source\n source: spec.source\n - name: spec.sink\n source: spec.sink\n widget: ResourceLink\n resource:\n name: '$substringBefore($substringAfter(spec.sink, \"http://\"), \".\")'\n namespace: $root.metadata.namespace\n kind: \"'Service'\"\nbody:\n - source: status.conditions\n widget: Table\n name: status.conditions\n children:\n - source: '$item.type'\n name: status.conditions.type\n - source: '$item.status'\n widget: Badge\n name: status.conditions.status\n - source: '$item.reason'\n name: status.conditions.reason\n - source: '$item.message'\n name: status.conditions.message\n - source: '$readableTimestamp($item.lastTransitionTime)'\n name: status.conditions.lastTransitionTime\n - name: spec.types\n source: spec.types\n widget: Table\n children:\n - name: Type\n search: true\n source: '$item'\n sort: false\n - widget: EventList\n filter: \"$matchEvents($$, $root.kind, $root.metadata.name)\"\n name: events\n defaultType: NORMAL\n hideInvolvedObjects: true", "form": "- path: spec.config\n widget: KeyValuePair\n defaultExpanded: false\n- path: spec.types\n simple: true\n widget: SimpleList\n defaultExpanded: true\n children:\n - path: '[]'\n simple: true\n- simple: true\n type: string\n var: service\n name: Service\n widget: Resource\n resource:\n kind: Service\n version: v1\n scope: namespace\n trigger: [sink]\n- path: spec.sink\n name: spec.sink\n simple: true\n inputInfo: inputInfo.sink\n placeholder: placeholder.sink\n subscribe:\n sink: '\"http://\" & $service & \".\" & $root.metadata.namespace & \".svc.cluster.local\"'\n- path: spec.typeMatching\n simple: true\n enum:\n - standard\n - exact\n required: true\n- path: spec.source\n name: spec.source\n simple: true\n required: true\n visibility: \"spec.typeMatching = 'standard'\"\n widget: Resource\n resource:\n kind: Application\n group: applicationconnector.kyma-project.io\n version: v1alpha1", "general": "resource:\n kind: Subscription\n group: eventing.kyma-project.io\n version: v1alpha2\nname: Subscriptions\ncategory: Configuration\nscope: namespace\ndescription: >-\n {{\"{{[Subscription](https://kyma-project.io/docs/kyma/latest/05-technical-reference/00-custom-resources/evnt-01-subscription#documentation-content)}}\"}} is used to subscribe to events.\nurlPath: subscriptions", "list": "- name: status.conditions.status\n source: 'status.ready = false ? \"error\" : \"ready\"'\n widget: Badge\n description: status.conditions.message", "presets": "- name: Default Type Matching\n default: true\n value:\n spec:\n typeMatching: standard", "translations": "en:\n inputInfo.sink: Sink structure, 'http://{SERVICE}.{NAMESPACE}.svc.cluster.local'\n inputInfo.eventType: Event Type structure, 'sap.kyma.custom.{APP}.{EVENT.NAME}.{VERSION}'\n events: Events\n placeholder.eventType: Enter the event type, for example, sap.kyma.custom.test-app.order.cancelled.v1\n placeholder.sink: Enter the sink, for example, http://service.default.svc.cluster.local\n spec.filters: Filters\n spec.filter.eventType: Event Type\n spec.filter.eventSource: Event Source\n spec.filter.event.property: Property\n spec.filter.event.type: Type\n spec.filter.event.value: Value\n spec.types: Types\n spec.source: Source\n spec.typeMatching: Type Matching\n spec.sink: Sink\n spec.service: Service\n spec.sink.controlledBy: Controlled By\n status.cleanEventTypes: Event Types\n status.conditions: Conditions\n status.conditions.lastTransitionTime: Last Transition\n status.conditions.reason: Reason\n status.conditions.status: Status\n status.conditions.type: Type\n status.conditions.message: Message\n status.type: Type" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/name": "subscriptions", "busola.io/extension": "resource", "busola.io/extension-version": "0.5" }, "name": "subscriptions", "namespace": "kyma-system" } }, { "apiVersion": "v1", "kind": "Secret", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/name": "eventing-manager-webhook-service", "app.kubernetes.io/part-of": "eventing-manager" }, "name": "eventing-manager-webhook-server-cert", "namespace": "kyma-system" }, "type": "Opaque" }, { "apiVersion": "v1", "kind": "Service", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" }, "name": "eventing-manager-health", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http-status", "port": 15020, "protocol": "TCP", "targetPort": 15020 } ], "selector": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" }, "type": "ClusterIP" } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "annotations": { "prometheus.io/port": "8080", "prometheus.io/scheme": "http", "prometheus.io/scrape": "true" }, "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" }, "name": "eventing-manager-metrics", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http-metrics", "port": 80, "protocol": "TCP", "targetPort": 8080 } ], "selector": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" }, "type": "ClusterIP" } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/name": "eventing-manager-webhook-service", "app.kubernetes.io/part-of": "eventing-manager" }, "name": "eventing-manager-webhook-service", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http-convert", "port": 443, "protocol": "TCP", "targetPort": 9443 } ], "selector": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" } } }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Scheduling priority of the Eventing-Manager module. Must not be blocked by unschedulable user workloads.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "name": "eventing-manager-priority-class" }, "value": 2000000 }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "eventing-manager", "control-plane": "eventing-manager" }, "name": "eventing-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager", "traffic.sidecar.istio.io/excludeInboundPorts": "9443" }, "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" } }, "spec": { "containers": [ { "command": [ "/manager" ], "env": [ { "name": "NAMESPACE", "valueFrom": { "fieldRef": { "fieldPath": "metadata.namespace" } } }, { "name": "EVENTING_CR_NAME", "value": "eventing" }, { "name": "EVENTING_CR_NAMESPACE", "value": "kyma-system" }, { "name": "NATS_URL", "value": "eventing-nats.kyma-system.svc.cluster.local" }, { "name": "PUBLISHER_REQUESTS_CPU", "value": "10m" }, { "name": "PUBLISHER_REQUESTS_MEMORY", "value": "64Mi" }, { "name": "PUBLISHER_LIMITS_CPU", "value": "100m" }, { "name": "PUBLISHER_LIMITS_MEMORY", "value": "128Mi" }, { "name": "PUBLISHER_IMAGE", "value": "europe-docker.pkg.dev/kyma-project/prod/event-publisher-proxy:v20231025-3f5d1600" }, { "name": "PUBLISHER_IMAGE_PULL_POLICY", "value": "IfNotPresent" }, { "name": "PUBLISHER_REPLICAS", "value": "1" }, { "name": "PUBLISHER_REQUEST_TIMEOUT", "value": "10s" }, { "name": "DEFAULT_MAX_IN_FLIGHT_MESSAGES", "value": "10" }, { "name": "DEFAULT_DISPATCHER_RETRY_PERIOD", "value": "5m" }, { "name": "DEFAULT_DISPATCHER_MAX_RETRIES", "value": "10" }, { "name": "APP_LOG_FORMAT", "value": "json" }, { "name": "APP_LOG_LEVEL", "value": "info" }, { "name": "JS_STREAM_NAME", "value": "sap" }, { "name": "JS_STREAM_SUBJECT_PREFIX", "value": "kyma" }, { "name": "JS_STREAM_STORAGE_TYPE", "value": "file" }, { "name": "JS_STREAM_REPLICAS", "value": "1" }, { "name": "JS_STREAM_DISCARD_POLICY", "value": "new" }, { "name": "JS_STREAM_RETENTION_POLICY", "value": "interest" }, { "name": "JS_CONSUMER_DELIVER_POLICY", "value": "new" }, { "name": "JS_STREAM_MAX_MSGS", "value": "-1" }, { "name": "JS_STREAM_MAX_BYTES", "value": "700Mi" }, { "name": "WEBHOOK_SECRET_NAME", "value": "eventing-manager-webhook-server-cert" }, { "name": "MUTATING_WEBHOOK_NAME", "value": "subscription-mutating-webhook-configuration" }, { "name": "VALIDATING_WEBHOOK_NAME", "value": "subscription-validating-webhook-configuration" }, { "name": "EVENTING_WEBHOOK_AUTH_SECRET_NAME", "value": "eventing-webhook-auth" }, { "name": "EVENTING_WEBHOOK_AUTH_SECRET_NAMESPACE", "value": "kyma-system" } ], "image": "europe-docker.pkg.dev/kyma-project/prod/eventing-manager:49b1192071ec05bfdd18c1f667544ac34aa927a1", "imagePullPolicy": "Always", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "10m", "memory": "128Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } }, "volumeMounts": [ { "mountPath": "/tmp/k8s-webhook-server/serving-certs", "name": "cert", "readOnly": true } ] } ], "priorityClassName": "eventing-manager-priority-class", "securityContext": { "fsGroup": 10001, "runAsGroup": 10001, "runAsNonRoot": true, "runAsUser": 10001, "seccompProfile": { "type": "RuntimeDefault" } }, "serviceAccountName": "eventing-manager", "terminationGracePeriodSeconds": 10, "volumes": [ { "name": "cert", "secret": { "defaultMode": 420, "secretName": "eventing-manager-webhook-server-cert" } } ] } } } }, { "apiVersion": "batch/v1", "kind": "CronJob", "metadata": { "annotations": { "sidecar.istio.io/inject": "false" }, "labels": { "app": "eventing-manager-cert-handler", "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/part-of": "eventing-manager" }, "name": "eventing-manager-cert-handler", "namespace": "kyma-system" }, "spec": { "jobTemplate": { "spec": { "template": { "metadata": { "annotations": { "sidecar.istio.io/inject": "false" } }, "spec": { "containers": [ { "env": [ { "name": "CRD_NAME", "value": "subscriptions.eventing.kyma-project.io" }, { "name": "SECRET_NAME", "value": "eventing-manager-webhook-server-cert" } ], "image": "europe-docker.pkg.dev/kyma-project/prod/eventing-webhook-certificates:1.7.0", "imagePullPolicy": "IfNotPresent", "name": "api-gateway" } ], "priorityClassName": "eventing-manager-priority-class", "restartPolicy": "Never", "serviceAccountName": "eventing-manager-cert-handler" } } } }, "schedule": "0 0 * * 0,4" } }, { "apiVersion": "batch/v1", "kind": "Job", "metadata": { "annotations": { "sidecar.istio.io/inject": "false" }, "labels": { "app": "eventing-manager-cert-handler", "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/part-of": "eventing-manager" }, "name": "eventing-manager-cert-handler", "namespace": "kyma-system" }, "spec": { "template": { "metadata": { "annotations": { "sidecar.istio.io/inject": "false" } }, "spec": { "containers": [ { "env": [ { "name": "CRD_NAME", "value": "subscriptions.eventing.kyma-project.io" }, { "name": "SECRET_NAME", "value": "eventing-manager-webhook-server-cert" } ], "image": "europe-docker.pkg.dev/kyma-project/prod/eventing-webhook-certificates:1.7.0", "imagePullPolicy": "IfNotPresent", "name": "api-gateway" } ], "priorityClassName": "eventing-manager-priority-class", "restartPolicy": "Never", "serviceAccountName": "eventing-manager-cert-handler" } } } }, { "apiVersion": "admissionregistration.k8s.io/v1", "kind": "MutatingWebhookConfiguration", "metadata": { "creationTimestamp": null, "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/name": "subscription-mutating-webhook-configuration", "app.kubernetes.io/part-of": "eventing-manager" }, "name": "subscription-mutating-webhook-configuration" }, "webhooks": [ { "admissionReviewVersions": [ "v1" ], "clientConfig": { "service": { "name": "eventing-manager-webhook-service", "namespace": "kyma-system", "path": "/mutate-eventing-kyma-project-io-v1alpha2-subscription" } }, "failurePolicy": "Fail", "name": "msubscription.kb.io", "rules": [ { "apiGroups": [ "eventing.kyma-project.io" ], "apiVersions": [ "v1alpha2" ], "operations": [ "CREATE", "UPDATE" ], "resources": [ "subscriptions" ] } ], "sideEffects": "None" } ] }, { "apiVersion": "admissionregistration.k8s.io/v1", "kind": "ValidatingWebhookConfiguration", "metadata": { "creationTimestamp": null, "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/name": "subscription-validating-webhook-configuration", "app.kubernetes.io/part-of": "eventing-manager" }, "name": "subscription-validating-webhook-configuration" }, "webhooks": [ { "admissionReviewVersions": [ "v1" ], "clientConfig": { "service": { "name": "eventing-manager-webhook-service", "namespace": "kyma-system", "path": "/validate-eventing-kyma-project-io-v1alpha2-subscription" } }, "failurePolicy": "Fail", "name": "vsubscription.kb.io", "rules": [ { "apiGroups": [ "eventing.kyma-project.io" ], "apiVersions": [ "v1alpha2" ], "operations": [ "CREATE", "UPDATE" ], "resources": [ "subscriptions" ] } ], "sideEffects": "None" } ] } ], "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/eventing-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/eventing-manager:49b1192071ec05bfdd18c1f667544ac34aa927a1", "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/eventings/eventing", "channels": [ "experimental" ], "documentation": "https://kyma-project.io/#/eventing-manager/user/README", "repository": "https://github.com/kyma-project/eventing-manager.git" }, { "version": "1.0.2", "deploymentYaml": "https://github.com/kyma-project/eventing-manager/releases/download/1.0.2/eventing-manager.yaml", "crYaml": "https://github.com/kyma-project/eventing-manager/releases/download/1.0.2/eventing_default_cr.yaml", "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "Eventing", "metadata": { "labels": { "app.kubernetes.io/name": "eventing", "app.kubernetes.io/instance": "eventing", "app.kubernetes.io/part-of": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager" }, "name": "eventing", "namespace": "kyma-system" }, "spec": { "backend": { "type": "NATS", "config": { "eventTypePrefix": "sap.kyma.custom", "natsStreamStorageType": "File", "natsStreamReplicas": 3, "natsStreamMaxSize": "700M", "natsMaxMsgsPerTopic": 1000000 } }, "publisher": { "replicas": { "min": 2, "max": 2 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "40m", "memory": "64Mi" } } } } }, "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.11.3" }, "creationTimestamp": null, "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventings.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "Eventing", "listKind": "EventingList", "plural": "eventings", "singular": "eventing" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "description": "State of Eventing", "jsonPath": ".status.state", "name": "State", "type": "string" }, { "description": "Type of Eventing backend, either NATS or EventMesh", "jsonPath": ".spec.backend.type", "name": "Backend", "type": "string" }, { "description": "Age of the resource", "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "Eventing is the Schema for the eventing API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "default": { "backend": { "config": { "natsMaxMsgsPerTopic": 1000000, "natsStreamMaxSize": "700Mi", "natsStreamReplicas": 3, "natsStreamStorageType": "File" }, "type": "NATS" }, "logging": { "logLevel": "Info" }, "publisher": { "replicas": { "max": 2, "min": 2 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "40m", "memory": "256Mi" } } } }, "description": "EventingSpec defines the desired state of Eventing", "properties": { "annotations": { "additionalProperties": { "type": "string" }, "description": "Annotations allows to add annotations to resources.", "type": "object" }, "backend": { "default": { "config": { "natsMaxMsgsPerTopic": 1000000, "natsStreamMaxSize": "700Mi", "natsStreamReplicas": 3, "natsStreamStorageType": "File" }, "type": "NATS" }, "description": "Backend defines the active backend used by Eventing.", "properties": { "config": { "default": { "natsMaxMsgsPerTopic": 1000000, "natsStreamMaxSize": "700Mi", "natsStreamReplicas": 3, "natsStreamStorageType": "File" }, "description": "Config defines configuration for eventing backend.", "properties": { "domain": { "description": "Domain defines the cluster public domain used to configure the EventMesh Subscriptions and their corresponding ApiRules.", "pattern": "^(?:([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9])(\\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9]))*)?$", "type": "string" }, "eventMeshSecret": { "description": "EventMeshSecret defines the namespaced name of K8s Secret containing EventMesh credentials. The format of name is \"namespace/name\".", "pattern": "^[a-zA-Z0-9_-]+/[a-zA-Z0-9_-]+$", "type": "string" }, "eventTypePrefix": { "default": "sap.kyma.custom", "type": "string", "x-kubernetes-validations": [ { "message": "eventTypePrefix cannot be empty", "rule": "self!=''" } ] }, "natsMaxMsgsPerTopic": { "default": 1000000, "description": "NATSMaxMsgsPerTopic limits how many messages in the NATS stream to retain per subject.", "type": "integer" }, "natsStreamMaxSize": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "default": "700Mi", "description": "NATSStreamMaxSize defines the maximum storage size for stream data.", "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "natsStreamReplicas": { "default": 3, "description": "NATSStreamReplicas defines the number of replicas for stream.", "type": "integer" }, "natsStreamStorageType": { "default": "File", "description": "NATSStreamStorageType defines the storage type for stream data.", "type": "string", "x-kubernetes-validations": [ { "message": "storage type can only be set to File or Memory", "rule": "self=='File' || self=='Memory'" } ] } }, "type": "object" }, "type": { "default": "NATS", "description": "Type defines which backend to use. The value is either `EventMesh`, or `NATS`.", "type": "string", "x-kubernetes-validations": [ { "message": "backend type can only be set to NATS or EventMesh", "rule": "self=='NATS' || self=='EventMesh' || self==''" } ] } }, "required": [ "type" ], "type": "object", "x-kubernetes-validations": [ { "message": "secret cannot be empty if EventMesh backend is used", "rule": " (self.type != 'EventMesh') || ((self.type == 'EventMesh') && (self.config.eventMeshSecret != ''))" } ] }, "labels": { "additionalProperties": { "type": "string" }, "description": "Labels allows to add Labels to resources.", "type": "object" }, "logging": { "default": { "logLevel": "Info" }, "description": "Logging defines the log level for eventing-manager.", "properties": { "logLevel": { "default": "Info", "description": "LogLevel defines the log level.", "type": "string", "x-kubernetes-validations": [ { "message": "logLevel can only be set to Debug, Info, Warn or Error", "rule": "self=='Info' || self=='Warn' || self=='Error' || self=='Debug'" } ] } }, "type": "object" }, "publisher": { "default": { "replicas": { "max": 2, "min": 2 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "40m", "memory": "256Mi" } } }, "description": "Publisher defines the configurations for eventing-publisher-proxy.", "properties": { "replicas": { "default": { "max": 2, "min": 2 }, "description": "Replicas defines the scaling min/max for eventing-publisher-proxy.", "properties": { "max": { "default": 2, "description": "Max defines maximum number of replicas.", "type": "integer" }, "min": { "default": 2, "description": "Min defines minimum number of replicas.", "minimum": 0, "type": "integer" } }, "type": "object", "x-kubernetes-validations": [ { "message": "min value must be smaller than the max value", "rule": "self.min <= self.max" } ] }, "resources": { "default": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "40m", "memory": "256Mi" } }, "description": "Resources defines resources for eventing-publisher-proxy.", "properties": { "claims": { "description": "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers.", "items": { "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", "properties": { "name": { "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", "type": "string" } }, "required": [ "name" ], "type": "object" }, "type": "array", "x-kubernetes-list-map-keys": [ "name" ], "x-kubernetes-list-type": "map" }, "limits": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" }, "requests": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" } }, "type": "object" } }, "type": "object" } }, "required": [ "backend" ], "type": "object" }, "status": { "description": "EventingStatus defines the observed state of Eventing", "properties": { "activeBackend": { "type": "string" }, "conditions": { "items": { "description": "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition. This may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "specHash": { "format": "int64", "type": "integer" }, "state": { "type": "string" } }, "required": [ "activeBackend", "specHash", "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.11.3" }, "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "subscriptions.eventing.kyma-project.io" }, "spec": { "conversion": { "strategy": "Webhook", "webhook": { "clientConfig": { "service": { "name": "eventing-manager-webhook-service", "namespace": "kyma-system", "path": "/convert" } }, "conversionReviewVersions": [ "v1" ] } }, "group": "eventing.kyma-project.io", "names": { "kind": "Subscription", "listKind": "SubscriptionList", "plural": "subscriptions", "singular": "subscription" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.ready", "name": "Ready", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" }, { "jsonPath": ".status.cleanEventTypes", "name": "Clean Event Types", "type": "string" } ], "deprecated": true, "deprecationWarning": "The v1alpha1 API version is deprecated as of Kyma 2.14.X.", "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "Subscription is the Schema for the subscriptions API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "SubscriptionSpec defines the desired state of Subscription.", "properties": { "config": { "description": "Defines additional configuration for the active backend.", "properties": { "maxInFlightMessages": { "description": "Defines how many not-ACKed messages can be in flight simultaneously.", "minimum": 1, "type": "integer" } }, "type": "object" }, "filter": { "description": "Defines which events will be sent to the sink.", "properties": { "dialect": { "description": "Contains a `URI-reference` to the CloudEvent filter dialect. See [here](https://github.com/cloudevents/spec/blob/main/subscriptions/spec.md#3241-filter-dialects) for more details.", "type": "string" }, "filters": { "items": { "description": "Defines the BEB filter element as a combination of two CE filter elements.", "properties": { "eventSource": { "description": "Defines the source of the CE filter.", "properties": { "property": { "description": "Defines the property of the filter.", "type": "string" }, "type": { "description": "Defines the type of the filter.", "type": "string" }, "value": { "description": "Defines the value of the filter.", "type": "string" } }, "required": [ "property", "value" ], "type": "object" }, "eventType": { "description": "Defines the type of the CE filter.", "properties": { "property": { "description": "Defines the property of the filter.", "type": "string" }, "type": { "description": "Defines the type of the filter.", "type": "string" }, "value": { "description": "Defines the value of the filter.", "type": "string" } }, "required": [ "property", "value" ], "type": "object" } }, "required": [ "eventSource", "eventType" ], "type": "object" }, "type": "array" } }, "required": [ "filters" ], "type": "object" }, "id": { "description": "Unique identifier of the Subscription, read-only.", "type": "string" }, "protocol": { "description": "Defines the CE protocol specification implementation.", "type": "string" }, "protocolsettings": { "description": "Defines the CE protocol settings specification implementation.", "properties": { "contentMode": { "description": "Defines the content mode for eventing based on BEB. The value is either `BINARY`, or `STRUCTURED`.", "type": "string" }, "exemptHandshake": { "description": "Defines if the exempt handshake for eventing is based on BEB.", "type": "boolean" }, "qos": { "description": "Defines the quality of service for eventing based on BEB.", "type": "string" }, "webhookAuth": { "description": "Defines the Webhook called by an active subscription on BEB.", "properties": { "clientId": { "description": "Defines the clientID for OAuth2.", "type": "string" }, "clientSecret": { "description": "Defines the Client Secret for OAuth2.", "type": "string" }, "grantType": { "description": "Defines the grant type for OAuth2.", "type": "string" }, "scope": { "description": "Defines the scope for OAuth2.", "items": { "type": "string" }, "type": "array" }, "tokenUrl": { "description": "Defines the token URL for OAuth2.", "type": "string" }, "type": { "description": "Defines the authentication type.", "type": "string" } }, "required": [ "clientId", "clientSecret", "grantType", "tokenUrl" ], "type": "object" } }, "type": "object" }, "sink": { "description": "Kubernetes Service that should be used as a target for the events that match the Subscription. Must exist in the same Namespace as the Subscription.", "type": "string" } }, "required": [ "filter", "sink" ], "type": "object" }, "status": { "description": "SubscriptionStatus defines the observed state of the Subscription.", "properties": { "apiRuleName": { "description": "Defines the name of the APIRule which is used by the Subscription.", "type": "string" }, "cleanEventTypes": { "description": "CleanEventTypes defines the filter's event types after cleanup to use it with the configured backend.", "items": { "type": "string" }, "type": "array" }, "conditions": { "description": "Current state of the Subscription.", "items": { "properties": { "lastTransitionTime": { "description": "Defines the date of the last condition status change.", "format": "date-time", "type": "string" }, "message": { "description": "Provides more details about the condition status change.", "type": "string" }, "reason": { "description": "Defines the reason for the condition status change.", "type": "string" }, "status": { "description": "Status of the condition. The value is either `True`, `False`, or `Unknown`.", "type": "string" }, "type": { "description": "Short description of the condition.", "type": "string" } }, "required": [ "status" ], "type": "object" }, "type": "array" }, "config": { "description": "Defines the configurations that have been applied to the eventing backend when creating this Subscription.", "properties": { "maxInFlightMessages": { "description": "Defines how many not-ACKed messages can be in flight simultaneously.", "minimum": 1, "type": "integer" } }, "type": "object" }, "emsSubscriptionStatus": { "description": "Defines the status of the Subscription in EventMesh.", "properties": { "lastFailedDelivery": { "description": "Timestamp of the last failed delivery.", "type": "string" }, "lastFailedDeliveryReason": { "description": "Reason for the last failed delivery.", "type": "string" }, "lastSuccessfulDelivery": { "description": "Timestamp of the last successful delivery.", "type": "string" }, "subscriptionStatus": { "description": "Status of the Subscription as reported by EventMesh.", "type": "string" }, "subscriptionStatusReason": { "description": "Reason for the current status.", "type": "string" } }, "type": "object" }, "emshash": { "description": "Defines the checksum for the Subscription in EventMesh.", "format": "int64", "type": "integer" }, "ev2hash": { "description": "Defines the checksum for the Subscription custom resource.", "format": "int64", "type": "integer" }, "externalSink": { "description": "Defines the webhook URL which is used by EventMesh to trigger subscribers.", "type": "string" }, "failedActivation": { "description": "Defines the reason if a Subscription failed activation in EventMesh.", "type": "string" }, "ready": { "description": "Overall readiness of the Subscription.", "type": "boolean" } }, "required": [ "cleanEventTypes", "ready" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": false, "subresources": { "status": {} } }, { "additionalPrinterColumns": [ { "jsonPath": ".status.ready", "name": "Ready", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha2", "schema": { "openAPIV3Schema": { "description": "Subscription is the Schema for the subscriptions API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired state of the Subscription.", "properties": { "config": { "additionalProperties": { "type": "string" }, "description": "Map of configuration options that will be applied on the backend.", "type": "object" }, "id": { "description": "Unique identifier of the Subscription, read-only.", "type": "string" }, "sink": { "description": "Kubernetes Service that should be used as a target for the events that match the Subscription. Must exist in the same Namespace as the Subscription.", "type": "string" }, "source": { "description": "Defines the origin of the event.", "type": "string" }, "typeMatching": { "description": "Defines how types should be handled.
- `standard`: backend-specific logic will be applied to the configured source and types.
- `exact`: no further processing will be applied to the configured source and types.", "type": "string" }, "types": { "description": "List of event types that will be used for subscribing on the backend.", "items": { "type": "string" }, "type": "array" } }, "required": [ "sink", "source", "types" ], "type": "object" }, "status": { "description": "SubscriptionStatus defines the observed state of Subscription.", "properties": { "backend": { "description": "Backend-specific status which is applicable to the active backend only.", "properties": { "apiRuleName": { "description": "Name of the APIRule which is used by the Subscription.", "type": "string" }, "emsSubscriptionStatus": { "description": "Status of the Subscription as reported by EventMesh.", "properties": { "lastFailedDelivery": { "description": "Timestamp of the last failed delivery.", "type": "string" }, "lastFailedDeliveryReason": { "description": "Reason for the last failed delivery.", "type": "string" }, "lastSuccessfulDelivery": { "description": "Timestamp of the last successful delivery.", "type": "string" }, "status": { "description": "Status of the Subscription as reported by the backend.", "type": "string" }, "statusReason": { "description": "Reason for the current status.", "type": "string" } }, "type": "object" }, "emsTypes": { "description": "List of mappings from event type to EventMesh compatible types. Used only with EventMesh as the backend.", "items": { "properties": { "eventMeshType": { "description": "Event type that is used on the EventMesh backend.", "type": "string" }, "originalType": { "description": "Event type that was originally used to subscribe.", "type": "string" } }, "required": [ "eventMeshType", "originalType" ], "type": "object" }, "type": "array" }, "emshash": { "description": "Hash used to identify an EventMesh Subscription retrieved from the server without the WebhookAuth config.", "format": "int64", "type": "integer" }, "ev2hash": { "description": "Checksum for the Subscription custom resource.", "format": "int64", "type": "integer" }, "eventMeshLocalHash": { "description": "Hash used to identify an EventMesh Subscription posted to the server without the WebhookAuth config.", "format": "int64", "type": "integer" }, "externalSink": { "description": "Webhook URL used by EventMesh to trigger subscribers.", "type": "string" }, "failedActivation": { "description": "Provides the reason if a Subscription failed activation in EventMesh.", "type": "string" }, "types": { "description": "List of event type to consumer name mappings for the NATS backend.", "items": { "properties": { "consumerName": { "description": "Name of the JetStream consumer created for the event type.", "type": "string" }, "originalType": { "description": "Event type that was originally used to subscribe.", "type": "string" } }, "required": [ "originalType" ], "type": "object" }, "type": "array" }, "webhookAuthHash": { "description": "Hash used to identify the WebhookAuth of an EventMesh Subscription existing on the server.", "format": "int64", "type": "integer" } }, "type": "object" }, "conditions": { "description": "Current state of the Subscription.", "items": { "properties": { "lastTransitionTime": { "description": "Defines the date of the last condition status change.", "format": "date-time", "type": "string" }, "message": { "description": "Provides more details about the condition status change.", "type": "string" }, "reason": { "description": "Defines the reason for the condition status change.", "type": "string" }, "status": { "description": "Status of the condition. The value is either `True`, `False`, or `Unknown`.", "type": "string" }, "type": { "description": "Short description of the condition.", "type": "string" } }, "required": [ "status" ], "type": "object" }, "type": "array" }, "ready": { "description": "Overall readiness of the Subscription.", "type": "boolean" }, "types": { "description": "List of event types after cleanup for use with the configured backend.", "items": { "properties": { "cleanType": { "description": "Event type after it was cleaned up from backend compatible characters.", "type": "string" }, "originalType": { "description": "Event type as specified in the Subscription spec.", "type": "string" } }, "required": [ "cleanType", "originalType" ], "type": "object" }, "type": "array" } }, "required": [ "ready", "types" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager", "namespace": "kyma-system" } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app": "eventing-manager-cert-handler", "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager-cert-handler", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "creationTimestamp": null, "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] }, { "apiGroups": [ "" ], "resources": [ "secrets" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "serviceaccounts" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "mutatingwebhookconfigurations" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "validatingwebhookconfigurations" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "applicationconnector.kyma-project.io" ], "resources": [ "applications" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "autoscaling" ], "resources": [ "horizontalpodautoscalers" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "eventing.kyma-project.io" ], "resources": [ "subscriptions" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "eventing.kyma-project.io" ], "resources": [ "subscriptions/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "gateway.kyma-project.io" ], "resources": [ "apirules" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "eventings" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "eventings/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "eventings/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "nats" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterroles" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "peerauthentications" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager-cert-handler" }, "rules": [ { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "get", "patch", "list", "watch", "update" ] }, { "apiGroups": [ "" ], "resources": [ "secrets" ], "verbs": [ "create", "get", "patch", "list", "watch", "update" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "eventing-manager" }, "subjects": [ { "kind": "ServiceAccount", "name": "eventing-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager-cert-handler" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "eventing-manager-cert-handler" }, "subjects": [ { "kind": "ServiceAccount", "name": "eventing-manager-cert-handler", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "details": "header:\n - name: State\n source: status.state\n widget: Badge\n\nbody:\n - name: Conditions\n source: status.conditions\n widget: Table\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n positive:\n - 'True'\n negative:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n - name: Events\n widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n defaultType: information\n", "form": "- path: spec.backend.type\n name: Backend Type\n widget: FormGroup\n defaultExpanded: true\n enum:\n - NATS\n - EventMesh\n description: Choose a backend type from the dropdown.\n\n- path: spec.backend.config.eventMeshSecret\n visibility: \"spec.backend.type = 'EventMesh'\"\n widget: ResourceRef\n defaultExpanded: false\n resource:\n kind: Secret\n version: v1\n toInternal: |\n (\n $values := $split($, '/');\n { 'namespace': $values[0], 'name': $values[1] }\n )\n toExternal: namespace & '/' & name\n\n- path: spec.publisher.replicas\n name: Publisher Replicas\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: max\n - path: min\n", "general": "resource:\n kind: Eventing\n group: operator.kyma-project.io\n version: v1alpha1\nurlPath: eventings\ncategory: Kyma\nname: Eventing\nscope: namespace\nfeatures:\n actions:\n disableCreate: false\n disableDelete: false\ndescription: >-\n {{[Eventing CR](https://github.com/kyma-project/eventing-manager/blob/main/config/samples/default.yaml)}}\n specifies eventing module.\n", "list": "- name: State\n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "eventing-manager" }, "name": "eventings.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - name: status.conditions.status\n source: 'status.ready = false ? \"error\" : \"ready\"'\n widget: Badge\n description: status.conditions.message\n - name: spec.typeMatching\n source: spec.typeMatching\n - name: spec.source\n source: spec.source\n - name: spec.sink\n source: spec.sink\n widget: ResourceLink\n resource:\n name: '$substringBefore($substringAfter(spec.sink, \"http://\"), \".\")'\n namespace: $root.metadata.namespace\n kind: \"'Service'\"\nbody:\n - source: status.conditions\n widget: Table\n name: status.conditions\n children:\n - source: '$item.type'\n name: status.conditions.type\n - source: '$item.status'\n widget: Badge\n name: status.conditions.status\n - source: '$item.reason'\n name: status.conditions.reason\n - source: '$item.message'\n name: status.conditions.message\n - source: '$readableTimestamp($item.lastTransitionTime)'\n name: status.conditions.lastTransitionTime\n - name: spec.types\n source: spec.types\n widget: Table\n children:\n - name: Type\n search: true\n source: '$item'\n sort: false\n - widget: EventList\n filter: \"$matchEvents($$, $root.kind, $root.metadata.name)\"\n name: events\n defaultType: NORMAL\n hideInvolvedObjects: true", "form": "- path: spec.config\n widget: KeyValuePair\n defaultExpanded: false\n- path: spec.types\n simple: true\n widget: SimpleList\n defaultExpanded: true\n children:\n - path: '[]'\n simple: true\n- simple: true\n type: string\n var: service\n name: Service\n widget: Resource\n resource:\n kind: Service\n version: v1\n scope: namespace\n trigger: [sink]\n- path: spec.sink\n name: spec.sink\n simple: true\n inputInfo: inputInfo.sink\n placeholder: placeholder.sink\n subscribe:\n sink: '\"http://\" & $service & \".\" & $root.metadata.namespace & \".svc.cluster.local\"'\n- path: spec.typeMatching\n simple: true\n enum:\n - standard\n - exact\n required: true\n- path: spec.source\n name: spec.source\n simple: true\n required: true\n visibility: \"spec.typeMatching = 'standard'\"\n widget: Resource\n resource:\n kind: Application\n group: applicationconnector.kyma-project.io\n version: v1alpha1", "general": "resource:\n kind: Subscription\n group: eventing.kyma-project.io\n version: v1alpha2\nname: Subscriptions\ncategory: Configuration\nscope: namespace\ndescription: >-\n {{\"{{[Subscription](https://kyma-project.io/docs/kyma/latest/05-technical-reference/00-custom-resources/evnt-01-subscription#documentation-content)}}\"}} is used to subscribe to events.\nurlPath: subscriptions", "list": "- name: status.conditions.status\n source: 'status.ready = false ? \"error\" : \"ready\"'\n widget: Badge\n description: status.conditions.message", "presets": "- name: Default Type Matching\n default: true\n value:\n spec:\n typeMatching: standard", "translations": "en:\n inputInfo.sink: Sink structure, 'http://{SERVICE}.{NAMESPACE}.svc.cluster.local'\n inputInfo.eventType: Event Type structure, 'sap.kyma.custom.{APP}.{EVENT.NAME}.{VERSION}'\n events: Events\n placeholder.eventType: Enter the event type, for example, sap.kyma.custom.test-app.order.cancelled.v1\n placeholder.sink: Enter the sink, for example, http://service.default.svc.cluster.local\n spec.filters: Filters\n spec.filter.eventType: Event Type\n spec.filter.eventSource: Event Source\n spec.filter.event.property: Property\n spec.filter.event.type: Type\n spec.filter.event.value: Value\n spec.types: Types\n spec.source: Source\n spec.typeMatching: Type Matching\n spec.sink: Sink\n spec.service: Service\n spec.sink.controlledBy: Controlled By\n status.cleanEventTypes: Event Types\n status.conditions: Conditions\n status.conditions.lastTransitionTime: Last Transition\n status.conditions.reason: Reason\n status.conditions.status: Status\n status.conditions.type: Type\n status.conditions.message: Message\n status.type: Type" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "eventing-manager" }, "name": "subscriptions", "namespace": "kyma-system" } }, { "apiVersion": "v1", "kind": "Secret", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager-webhook-server-cert", "namespace": "kyma-system" }, "type": "Opaque" }, { "apiVersion": "v1", "kind": "Service", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager-health", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http-status", "port": 15020, "protocol": "TCP", "targetPort": 15020 } ], "selector": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" }, "type": "ClusterIP" } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "annotations": { "prometheus.io/port": "8080", "prometheus.io/scheme": "http", "prometheus.io/scrape": "true" }, "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager-metrics", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http-metrics", "port": 80, "protocol": "TCP", "targetPort": 8080 } ], "selector": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" }, "type": "ClusterIP" } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager-webhook-service", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http-convert", "port": 443, "protocol": "TCP", "targetPort": 9443 } ], "selector": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" } } }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Scheduling priority of the Eventing-Manager module. Must not be blocked by unschedulable user workloads.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager-priority-class" }, "value": 2000000 }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager", "traffic.sidecar.istio.io/excludeInboundPorts": "9443" }, "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" } }, "spec": { "containers": [ { "command": [ "/manager" ], "env": [ { "name": "NAMESPACE", "valueFrom": { "fieldRef": { "fieldPath": "metadata.namespace" } } }, { "name": "EVENTING_CR_NAME", "value": "eventing" }, { "name": "EVENTING_CR_NAMESPACE", "value": "kyma-system" }, { "name": "NATS_URL", "value": "eventing-nats.kyma-system.svc.cluster.local" }, { "name": "PUBLISHER_REQUESTS_CPU", "value": "10m" }, { "name": "PUBLISHER_REQUESTS_MEMORY", "value": "64Mi" }, { "name": "PUBLISHER_LIMITS_CPU", "value": "100m" }, { "name": "PUBLISHER_LIMITS_MEMORY", "value": "128Mi" }, { "name": "PUBLISHER_IMAGE", "value": "europe-docker.pkg.dev/kyma-project/prod/event-publisher-proxy:v20231025-3f5d1600" }, { "name": "PUBLISHER_IMAGE_PULL_POLICY", "value": "IfNotPresent" }, { "name": "PUBLISHER_REPLICAS", "value": "1" }, { "name": "PUBLISHER_REQUEST_TIMEOUT", "value": "10s" }, { "name": "DEFAULT_MAX_IN_FLIGHT_MESSAGES", "value": "10" }, { "name": "DEFAULT_DISPATCHER_RETRY_PERIOD", "value": "5m" }, { "name": "DEFAULT_DISPATCHER_MAX_RETRIES", "value": "10" }, { "name": "APP_LOG_FORMAT", "value": "json" }, { "name": "APP_LOG_LEVEL", "value": "info" }, { "name": "JS_STREAM_NAME", "value": "sap" }, { "name": "JS_STREAM_SUBJECT_PREFIX", "value": "kyma" }, { "name": "JS_STREAM_STORAGE_TYPE", "value": "file" }, { "name": "JS_STREAM_REPLICAS", "value": "1" }, { "name": "JS_STREAM_DISCARD_POLICY", "value": "new" }, { "name": "JS_STREAM_RETENTION_POLICY", "value": "interest" }, { "name": "JS_CONSUMER_DELIVER_POLICY", "value": "new" }, { "name": "JS_STREAM_MAX_MSGS", "value": "-1" }, { "name": "JS_STREAM_MAX_BYTES", "value": "700Mi" }, { "name": "WEBHOOK_SECRET_NAME", "value": "eventing-manager-webhook-server-cert" }, { "name": "MUTATING_WEBHOOK_NAME", "value": "subscription-mutating-webhook-configuration" }, { "name": "VALIDATING_WEBHOOK_NAME", "value": "subscription-validating-webhook-configuration" }, { "name": "EVENTING_WEBHOOK_AUTH_SECRET_NAME", "value": "eventing-webhook-auth" }, { "name": "EVENTING_WEBHOOK_AUTH_SECRET_NAMESPACE", "value": "kyma-system" } ], "image": "europe-docker.pkg.dev/kyma-project/prod/eventing-manager:1.0.2", "imagePullPolicy": "Always", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "10m", "memory": "128Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } }, "volumeMounts": [ { "mountPath": "/tmp/k8s-webhook-server/serving-certs", "name": "cert", "readOnly": true } ] } ], "priorityClassName": "eventing-manager-priority-class", "securityContext": { "fsGroup": 10001, "runAsGroup": 10001, "runAsNonRoot": true, "runAsUser": 10001, "seccompProfile": { "type": "RuntimeDefault" } }, "serviceAccountName": "eventing-manager", "terminationGracePeriodSeconds": 10, "volumes": [ { "name": "cert", "secret": { "defaultMode": 420, "secretName": "eventing-manager-webhook-server-cert" } } ] } } } }, { "apiVersion": "batch/v1", "kind": "CronJob", "metadata": { "annotations": { "sidecar.istio.io/inject": "false" }, "labels": { "app": "eventing-manager-cert-handler", "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager-cert-handler", "namespace": "kyma-system" }, "spec": { "jobTemplate": { "spec": { "template": { "metadata": { "annotations": { "sidecar.istio.io/inject": "false" } }, "spec": { "containers": [ { "env": [ { "name": "CRD_NAME", "value": "subscriptions.eventing.kyma-project.io" }, { "name": "SECRET_NAME", "value": "eventing-manager-webhook-server-cert" } ], "image": "europe-docker.pkg.dev/kyma-project/prod/eventing-webhook-certificates:1.7.0", "imagePullPolicy": "IfNotPresent", "name": "api-gateway" } ], "priorityClassName": "eventing-manager-priority-class", "restartPolicy": "Never", "serviceAccountName": "eventing-manager-cert-handler" } } } }, "schedule": "0 0 * * 0,4" } }, { "apiVersion": "batch/v1", "kind": "Job", "metadata": { "annotations": { "sidecar.istio.io/inject": "false" }, "labels": { "app": "eventing-manager-cert-handler", "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager-cert-handler", "namespace": "kyma-system" }, "spec": { "template": { "metadata": { "annotations": { "sidecar.istio.io/inject": "false" } }, "spec": { "containers": [ { "env": [ { "name": "CRD_NAME", "value": "subscriptions.eventing.kyma-project.io" }, { "name": "SECRET_NAME", "value": "eventing-manager-webhook-server-cert" } ], "image": "europe-docker.pkg.dev/kyma-project/prod/eventing-webhook-certificates:1.7.0", "imagePullPolicy": "IfNotPresent", "name": "api-gateway" } ], "priorityClassName": "eventing-manager-priority-class", "restartPolicy": "Never", "serviceAccountName": "eventing-manager-cert-handler" } } } }, { "apiVersion": "admissionregistration.k8s.io/v1", "kind": "MutatingWebhookConfiguration", "metadata": { "creationTimestamp": null, "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "subscription-mutating-webhook-configuration" }, "webhooks": [ { "admissionReviewVersions": [ "v1" ], "clientConfig": { "service": { "name": "eventing-manager-webhook-service", "namespace": "kyma-system", "path": "/mutate-eventing-kyma-project-io-v1alpha2-subscription" } }, "failurePolicy": "Fail", "name": "msubscription.kb.io", "rules": [ { "apiGroups": [ "eventing.kyma-project.io" ], "apiVersions": [ "v1alpha2" ], "operations": [ "CREATE", "UPDATE" ], "resources": [ "subscriptions" ] } ], "sideEffects": "None" } ] }, { "apiVersion": "admissionregistration.k8s.io/v1", "kind": "ValidatingWebhookConfiguration", "metadata": { "creationTimestamp": null, "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "subscription-validating-webhook-configuration" }, "webhooks": [ { "admissionReviewVersions": [ "v1" ], "clientConfig": { "service": { "name": "eventing-manager-webhook-service", "namespace": "kyma-system", "path": "/validate-eventing-kyma-project-io-v1alpha2-subscription" } }, "failurePolicy": "Fail", "name": "vsubscription.kb.io", "rules": [ { "apiGroups": [ "eventing.kyma-project.io" ], "apiVersions": [ "v1alpha2" ], "operations": [ "CREATE", "UPDATE" ], "resources": [ "subscriptions" ] } ], "sideEffects": "None" } ] } ], "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/eventing-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/eventing-manager:1.0.2", "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/eventings/eventing" }, { "version": "1.2.0", "deploymentYaml": "https://github.com/kyma-project/eventing-manager/releases/download/1.2.0/eventing-manager.yaml", "crYaml": "https://github.com/kyma-project/eventing-manager/releases/download/1.2.0/eventing-default-cr.yaml", "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "Eventing", "metadata": { "labels": { "app.kubernetes.io/name": "eventing", "app.kubernetes.io/instance": "eventing", "app.kubernetes.io/part-of": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager" }, "name": "eventing", "namespace": "kyma-system" }, "spec": { "publisher": { "replicas": { "min": 2, "max": 2 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "40m", "memory": "64Mi" } } } } }, "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventings.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "Eventing", "listKind": "EventingList", "plural": "eventings", "singular": "eventing" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "description": "State of Eventing", "jsonPath": ".status.state", "name": "State", "type": "string" }, { "description": "Type of Eventing backend, either NATS or EventMesh", "jsonPath": ".spec.backend.type", "name": "Backend", "type": "string" }, { "description": "Age of the resource", "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "Eventing is the Schema for the eventing API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "default": { "logging": { "logLevel": "Info" }, "publisher": { "replicas": { "max": 2, "min": 2 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "40m", "memory": "256Mi" } } } }, "description": "EventingSpec defines the desired state of Eventing.", "properties": { "annotations": { "additionalProperties": { "type": "string" }, "description": "Annotations allows to add annotations to resources.", "type": "object" }, "backend": { "description": "Backend defines the active backend used by Eventing.", "properties": { "config": { "default": { "natsMaxMsgsPerTopic": 1000000, "natsStreamMaxSize": "700Mi", "natsStreamReplicas": 3, "natsStreamStorageType": "File" }, "description": "Config defines configuration for the Eventing backend.", "properties": { "domain": { "description": "Domain defines the cluster public domain used to configure the EventMesh Subscriptions\nand their corresponding ApiRules.", "pattern": "^(?:([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9])(\\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9]))*)?$", "type": "string" }, "eventMeshSecret": { "description": "EventMeshSecret defines the namespaced name of the Kubernetes Secret containing EventMesh credentials. The format of name is \"namespace/name\".", "pattern": "^[a-zA-Z0-9_-]+/[a-zA-Z0-9_-]+$", "type": "string" }, "eventTypePrefix": { "default": "sap.kyma.custom", "type": "string", "x-kubernetes-validations": [ { "message": "eventTypePrefix cannot be empty", "rule": "self!=''" } ] }, "natsMaxMsgsPerTopic": { "default": 1000000, "description": "NATSMaxMsgsPerTopic limits how many messages in the NATS stream to retain per subject.", "type": "integer" }, "natsStreamMaxSize": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "default": "700Mi", "description": "NATSStreamMaxSize defines the maximum storage size for stream data.", "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "natsStreamReplicas": { "default": 3, "description": "NATSStreamReplicas defines the number of replicas for the stream.", "type": "integer" }, "natsStreamStorageType": { "default": "File", "description": "NATSStreamStorageType defines the storage type for stream data.", "type": "string", "x-kubernetes-validations": [ { "message": "storage type can only be set to File or Memory", "rule": "self=='File' || self=='Memory'" } ] } }, "type": "object" }, "type": { "default": "NATS", "description": "Type defines which backend to use. The value is either `EventMesh`, or `NATS`.", "type": "string", "x-kubernetes-validations": [ { "message": "backend type can only be set to NATS or EventMesh", "rule": "self=='NATS' || self=='EventMesh' || self==''" } ] } }, "required": [ "type" ], "type": "object", "x-kubernetes-validations": [ { "message": "secret cannot be empty if EventMesh backend is used", "rule": " (self.type != 'EventMesh') || ((self.type == 'EventMesh') && (self.config.eventMeshSecret != ''))" } ] }, "labels": { "additionalProperties": { "type": "string" }, "description": "Labels allows to add Labels to resources.", "type": "object" }, "logging": { "default": { "logLevel": "Info" }, "description": "Logging defines the log level for eventing-manager.", "properties": { "logLevel": { "default": "Info", "description": "LogLevel defines the log level.", "type": "string", "x-kubernetes-validations": [ { "message": "logLevel can only be set to Debug, Info, Warn or Error", "rule": "self=='Info' || self=='Warn' || self=='Error' || self=='Debug'" } ] } }, "type": "object" }, "publisher": { "default": { "replicas": { "max": 2, "min": 2 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "40m", "memory": "256Mi" } } }, "description": "Publisher defines the configurations for eventing-publisher-proxy.", "properties": { "replicas": { "default": { "max": 2, "min": 2 }, "description": "Replicas defines the scaling min/max for eventing-publisher-proxy.", "properties": { "max": { "default": 2, "description": "Max defines maximum number of replicas.", "type": "integer" }, "min": { "default": 2, "description": "Min defines minimum number of replicas.", "minimum": 0, "type": "integer" } }, "type": "object", "x-kubernetes-validations": [ { "message": "min value must be smaller than the max value", "rule": "self.min <= self.max" } ] }, "resources": { "default": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "40m", "memory": "256Mi" } }, "description": "Resources defines resources for eventing-publisher-proxy.", "properties": { "claims": { "description": "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers.", "items": { "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", "properties": { "name": { "description": "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container.", "type": "string" } }, "required": [ "name" ], "type": "object" }, "type": "array", "x-kubernetes-list-map-keys": [ "name" ], "x-kubernetes-list-type": "map" }, "limits": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" }, "requests": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object", "x-kubernetes-validations": [ { "message": "backend config cannot be deleted", "rule": "!(oldSelf!=null && has(oldSelf.backend)) || has(self.backend)" } ] }, "status": { "description": "EventingStatus defines the observed state of Eventing.", "properties": { "activeBackend": { "type": "string" }, "conditions": { "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "publisherService": { "type": "string" }, "specHash": { "format": "int64", "type": "integer" }, "state": { "description": "Defines the overall state of the Eventing custom resource.
\n- `Ready` when all the resources managed by the Eventing manager are deployed successfully and the Eventing backend is connected.
\n- `Warning` if there is a user input misconfiguration. The following are examples of user input misconfigurations:
\n  - There is no backend configured.
\n  - The backend is configured to NATS but there is no NATS module installed.
\n  - The backend is configured to EventMesh but there is no valid EventMesh Secret configured.
\n- `Processing` if the resources managed by the Eventing manager are being created or updated.
\n- `Error` if an error occurred while reconciling the Eventing custom resource.", "type": "string" } }, "required": [ "activeBackend", "specHash", "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "subscriptions.eventing.kyma-project.io" }, "spec": { "group": "eventing.kyma-project.io", "names": { "kind": "Subscription", "listKind": "SubscriptionList", "plural": "subscriptions", "singular": "subscription" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.ready", "name": "Ready", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1alpha2", "schema": { "openAPIV3Schema": { "description": "Subscription is the Schema for the subscriptions API.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Defines the desired state of the Subscription.", "properties": { "config": { "additionalProperties": { "type": "string" }, "default": { "maxInFlightMessages": "10" }, "description": "Map of configuration options that will be applied on the backend.", "type": "object" }, "id": { "description": "Unique identifier of the Subscription, read-only.", "type": "string" }, "sink": { "description": "Kubernetes Service that should be used as a target for the events that match the Subscription.\nMust exist in the same Namespace as the Subscription.", "type": "string" }, "source": { "description": "Defines the origin of the event.", "type": "string" }, "typeMatching": { "default": "standard", "description": "Defines how types should be handled.
\n- `standard`: backend-specific logic will be applied to the configured source and types.
\n- `exact`: no further processing will be applied to the configured source and types.", "type": "string" }, "types": { "description": "List of event types that will be used for subscribing on the backend.", "items": { "type": "string" }, "type": "array" } }, "required": [ "sink", "source", "types" ], "type": "object" }, "status": { "description": "SubscriptionStatus defines the observed state of Subscription.", "properties": { "backend": { "description": "Backend-specific status which is applicable to the active backend only.", "properties": { "apiRuleName": { "description": "Name of the APIRule which is used by the Subscription.", "type": "string" }, "emsSubscriptionStatus": { "description": "Status of the Subscription as reported by EventMesh.", "properties": { "lastFailedDelivery": { "description": "Timestamp of the last failed delivery.", "type": "string" }, "lastFailedDeliveryReason": { "description": "Reason for the last failed delivery.", "type": "string" }, "lastSuccessfulDelivery": { "description": "Timestamp of the last successful delivery.", "type": "string" }, "status": { "description": "Status of the Subscription as reported by the backend.", "type": "string" }, "statusReason": { "description": "Reason for the current status.", "type": "string" } }, "type": "object" }, "emsTypes": { "description": "List of mappings from event type to EventMesh compatible types. Used only with EventMesh as the backend.", "items": { "properties": { "eventMeshType": { "description": "Event type that is used on the EventMesh backend.", "type": "string" }, "originalType": { "description": "Event type that was originally used to subscribe.", "type": "string" } }, "required": [ "eventMeshType", "originalType" ], "type": "object" }, "type": "array" }, "emshash": { "description": "Hash used to identify an EventMesh Subscription retrieved from the server without the WebhookAuth config.", "format": "int64", "type": "integer" }, "ev2hash": { "description": "Checksum for the Subscription custom resource.", "format": "int64", "type": "integer" }, "eventMeshLocalHash": { "description": "Hash used to identify an EventMesh Subscription posted to the server without the WebhookAuth config.", "format": "int64", "type": "integer" }, "externalSink": { "description": "Webhook URL used by EventMesh to trigger subscribers.", "type": "string" }, "failedActivation": { "description": "Provides the reason if a Subscription failed activation in EventMesh.", "type": "string" }, "types": { "description": "List of event type to consumer name mappings for the NATS backend.", "items": { "properties": { "consumerName": { "description": "Name of the JetStream consumer created for the event type.", "type": "string" }, "originalType": { "description": "Event type that was originally used to subscribe.", "type": "string" } }, "required": [ "originalType" ], "type": "object" }, "type": "array" }, "webhookAuthHash": { "description": "Hash used to identify the WebhookAuth of an EventMesh Subscription existing on the server.", "format": "int64", "type": "integer" } }, "type": "object" }, "conditions": { "description": "Current state of the Subscription.", "items": { "properties": { "lastTransitionTime": { "description": "Defines the date of the last condition status change.", "format": "date-time", "type": "string" }, "message": { "description": "Provides more details about the condition status change.", "type": "string" }, "reason": { "description": "Defines the reason for the condition status change.", "type": "string" }, "status": { "description": "Status of the condition. The value is either `True`, `False`, or `Unknown`.", "type": "string" }, "type": { "description": "Short description of the condition.", "type": "string" } }, "required": [ "status" ], "type": "object" }, "type": "array" }, "ready": { "description": "Overall readiness of the Subscription.", "type": "boolean" }, "types": { "description": "List of event types after cleanup for use with the configured backend.", "items": { "properties": { "cleanType": { "description": "Event type after it was cleaned up from backend compatible characters.", "type": "string" }, "originalType": { "description": "Event type as specified in the Subscription spec.", "type": "string" } }, "required": [ "cleanType", "originalType" ], "type": "object" }, "type": "array" } }, "required": [ "ready", "types" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] }, { "apiGroups": [ "" ], "resources": [ "secrets" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "serviceaccounts" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "mutatingwebhookconfigurations" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "validatingwebhookconfigurations" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "applicationconnector.kyma-project.io" ], "resources": [ "applications" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "autoscaling" ], "resources": [ "horizontalpodautoscalers" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "eventing.kyma-project.io" ], "resources": [ "subscriptions" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "eventing.kyma-project.io" ], "resources": [ "subscriptions/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "gateway.kyma-project.io" ], "resources": [ "apirules" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "eventings" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "eventings/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "eventings/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "nats" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterroles" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "security.istio.io" ], "resources": [ "peerauthentications" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "eventing-manager" }, "subjects": [ { "kind": "ServiceAccount", "name": "eventing-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "details": "header:\n - name: State\n source: status.state\n widget: Badge\n\nbody:\n - name: Conditions\n source: status.conditions\n widget: Table\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n positive:\n - 'True'\n negative:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n - source: \"'NATS unavailable: If you chose the NATS backend, you must enable the NATS module.'\"\n widget: Alert\n severity: warning\n visibility: \"$exists(status.conditions[reason = 'NATSUnavailable'])\"\n - source: \"'No backend: If you enable the Eventing module, you must configure a backend.'\"\n widget: Alert\n severity: warning\n visibility: \"$exists(status.conditions[reason = 'BackendNotSpecified'])\"\n - name: Events\n widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n defaultType: information\n", "form": "- path: spec.backend.type\n name: Backend Type\n widget: FormGroup\n defaultExpanded: true\n enum:\n - NATS\n - EventMesh\n description: Choose a backend type from the dropdown.\n\n- simple: true\n widget: Alert\n severity: info\n alert: \"'If you choose the NATS backend, you must enable the NATS module.'\"\n visibility: \"spec.backend.type = 'NATS'\"\n\n- path: spec.backend.config.eventMeshSecret\n visibility: \"spec.backend.type = 'EventMesh'\"\n widget: ResourceRef\n defaultExpanded: false\n resource:\n kind: Secret\n version: v1\n toInternal: |\n (\n $values := $split($, '/');\n { 'namespace': $values[0], 'name': $values[1] }\n )\n toExternal: namespace & '/' & name\n\n- path: spec.publisher.replicas\n name: Publisher Replicas\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: max\n - path: min\n", "general": "resource:\n kind: Eventing\n group: operator.kyma-project.io\n version: v1alpha1\nurlPath: eventings\ncategory: Kyma\nname: Eventing\nscope: namespace\nfeatures:\n actions:\n disableCreate: false\n disableDelete: false\ndescription: >-\n {{[Eventing CR](https://github.com/kyma-project/eventing-manager/blob/main/config/samples/default.yaml)}}\n specifies eventing module.\n", "list": "- name: State\n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "eventing-manager" }, "name": "eventings.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - name: status.conditions.status\n source: 'status.ready = false ? \"error\" : \"ready\"'\n widget: Badge\n description: status.conditions.message\n - name: spec.typeMatching\n source: spec.typeMatching\n - name: spec.source\n source: spec.source\n - name: spec.sink\n source: spec.sink\n widget: ResourceLink\n resource:\n name: '$substringBefore($substringAfter(spec.sink, \"http://\"), \".\")'\n namespace: $root.metadata.namespace\n kind: \"'Service'\"\nbody:\n - source: status.conditions\n widget: Table\n name: status.conditions\n children:\n - source: '$item.type'\n name: status.conditions.type\n - source: '$item.status'\n widget: Badge\n name: status.conditions.status\n - source: '$item.reason'\n name: status.conditions.reason\n - source: '$item.message'\n name: status.conditions.message\n - source: '$readableTimestamp($item.lastTransitionTime)'\n name: status.conditions.lastTransitionTime\n - name: spec.types\n source: spec.types\n widget: Table\n children:\n - name: Type\n search: true\n source: '$item'\n sort: false\n - widget: EventList\n filter: \"$matchEvents($$, $root.kind, $root.metadata.name)\"\n name: events\n defaultType: NORMAL\n hideInvolvedObjects: true", "form": "- path: spec.config\n widget: KeyValuePair\n defaultExpanded: false\n- path: spec.types\n simple: true\n widget: SimpleList\n defaultExpanded: true\n children:\n - path: '[]'\n simple: true\n- simple: true\n type: string\n var: service\n name: Service\n widget: Resource\n resource:\n kind: Service\n version: v1\n scope: namespace\n trigger: [sink]\n- path: spec.sink\n name: spec.sink\n simple: true\n inputInfo: inputInfo.sink\n placeholder: placeholder.sink\n subscribe:\n sink: '\"http://\" & $service & \".\" & $root.metadata.namespace & \".svc.cluster.local\"'\n- path: spec.typeMatching\n simple: true\n enum:\n - standard\n - exact\n required: true\n- path: spec.source\n name: spec.source\n simple: true\n required: true\n visibility: \"spec.typeMatching = 'standard'\"\n widget: Resource\n resource:\n kind: Application\n group: applicationconnector.kyma-project.io\n version: v1alpha1", "general": "resource:\n kind: Subscription\n group: eventing.kyma-project.io\n version: v1alpha2\nname: Subscriptions\ncategory: Configuration\nscope: namespace\ndescription: >-\n {{\"{{[Subscription](https://kyma-project.io/docs/kyma/latest/05-technical-reference/00-custom-resources/evnt-01-subscription#documentation-content)}}\"}} is used to subscribe to events.\nurlPath: subscriptions", "list": "- name: status.conditions.status\n source: 'status.ready = false ? \"error\" : \"ready\"'\n widget: Badge\n description: status.conditions.message", "presets": "- name: Default Type Matching\n default: true\n value:\n spec:\n typeMatching: standard", "translations": "en:\n inputInfo.sink: Sink structure, 'http://{SERVICE}.{NAMESPACE}.svc.cluster.local'\n inputInfo.eventType: Event Type structure, 'sap.kyma.custom.{APP}.{EVENT.NAME}.{VERSION}'\n events: Events\n placeholder.eventType: Enter the event type, for example, sap.kyma.custom.test-app.order.cancelled.v1\n placeholder.sink: Enter the sink, for example, http://service.default.svc.cluster.local\n spec.filters: Filters\n spec.filter.eventType: Event Type\n spec.filter.eventSource: Event Source\n spec.filter.event.property: Property\n spec.filter.event.type: Type\n spec.filter.event.value: Value\n spec.types: Types\n spec.source: Source\n spec.typeMatching: Type Matching\n spec.sink: Sink\n spec.service: Service\n spec.sink.controlledBy: Controlled By\n status.cleanEventTypes: Event Types\n status.conditions: Conditions\n status.conditions.lastTransitionTime: Last Transition\n status.conditions.reason: Reason\n status.conditions.status: Status\n status.conditions.type: Type\n status.conditions.message: Message\n status.type: Type" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "control-plane": "eventing-manager" }, "name": "subscriptions", "namespace": "kyma-system" } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager-health", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http-status", "port": 15020, "protocol": "TCP", "targetPort": 15020 } ], "selector": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" }, "type": "ClusterIP" } }, { "apiVersion": "v1", "kind": "Service", "metadata": { "annotations": { "prometheus.io/port": "8080", "prometheus.io/scheme": "http", "prometheus.io/scrape": "true" }, "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager-metrics", "namespace": "kyma-system" }, "spec": { "ports": [ { "name": "http-metrics", "port": 80, "protocol": "TCP", "targetPort": 8080 } ], "selector": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" }, "type": "ClusterIP" } }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Scheduling priority of the Eventing-Manager module. Must not be blocked by unschedulable user workloads.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager-priority-class" }, "value": 2000000 }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/created-by": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "eventing-manager", "app.kubernetes.io/part-of": "Kyma", "control-plane": "eventing-manager" }, "name": "eventing-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager", "traffic.sidecar.istio.io/excludeInboundPorts": "9443" }, "labels": { "app.kubernetes.io/component": "eventing-manager", "app.kubernetes.io/instance": "eventing-manager", "app.kubernetes.io/name": "eventing-manager", "control-plane": "eventing-manager" } }, "spec": { "containers": [ { "command": [ "/manager" ], "env": [ { "name": "NAMESPACE", "valueFrom": { "fieldRef": { "fieldPath": "metadata.namespace" } } }, { "name": "EVENTING_CR_NAME", "value": "eventing" }, { "name": "EVENTING_CR_NAMESPACE", "value": "kyma-system" }, { "name": "NATS_URL", "value": "eventing-nats.kyma-system.svc.cluster.local" }, { "name": "PUBLISHER_REQUESTS_CPU", "value": "10m" }, { "name": "PUBLISHER_REQUESTS_MEMORY", "value": "64Mi" }, { "name": "PUBLISHER_LIMITS_CPU", "value": "100m" }, { "name": "PUBLISHER_LIMITS_MEMORY", "value": "128Mi" }, { "name": "PUBLISHER_IMAGE", "value": "europe-docker.pkg.dev/kyma-project/prod/eventing-publisher-proxy:1.0.1" }, { "name": "PUBLISHER_IMAGE_PULL_POLICY", "value": "IfNotPresent" }, { "name": "PUBLISHER_REPLICAS", "value": "1" }, { "name": "PUBLISHER_REQUEST_TIMEOUT", "value": "10s" }, { "name": "DEFAULT_MAX_IN_FLIGHT_MESSAGES", "value": "10" }, { "name": "DEFAULT_DISPATCHER_RETRY_PERIOD", "value": "5m" }, { "name": "DEFAULT_DISPATCHER_MAX_RETRIES", "value": "10" }, { "name": "APP_LOG_FORMAT", "value": "json" }, { "name": "APP_LOG_LEVEL", "value": "info" }, { "name": "JS_STREAM_NAME", "value": "sap" }, { "name": "JS_STREAM_SUBJECT_PREFIX", "value": "kyma" }, { "name": "JS_STREAM_STORAGE_TYPE", "value": "file" }, { "name": "JS_STREAM_REPLICAS", "value": "1" }, { "name": "JS_STREAM_DISCARD_POLICY", "value": "new" }, { "name": "JS_STREAM_RETENTION_POLICY", "value": "interest" }, { "name": "JS_CONSUMER_DELIVER_POLICY", "value": "new" }, { "name": "JS_STREAM_MAX_MSGS", "value": "-1" }, { "name": "JS_STREAM_MAX_BYTES", "value": "700Mi" }, { "name": "EVENTING_WEBHOOK_AUTH_SECRET_NAME", "value": "eventing-webhook-auth" }, { "name": "EVENTING_WEBHOOK_AUTH_SECRET_NAMESPACE", "value": "kyma-system" } ], "image": "europe-docker.pkg.dev/kyma-project/prod/eventing-manager:1.2.0", "imagePullPolicy": "Always", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "10m", "memory": "128Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "priorityClassName": "eventing-manager-priority-class", "securityContext": { "fsGroup": 10001, "runAsGroup": 10001, "runAsNonRoot": true, "runAsUser": 10001, "seccompProfile": { "type": "RuntimeDefault" } }, "serviceAccountName": "eventing-manager", "terminationGracePeriodSeconds": 10 } } } } ], "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/eventing-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/eventing-manager:1.2.0", "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/eventings/eventing", "channels": [ "fast", "regular" ], "documentation": "https://kyma-project.io/#/eventing-manager/user/README", "repository": "https://github.com/kyma-project/eventing-manager.git" } ] }, { "name": "application-connector", "documentation": "https://kyma-project.io/#/application-connector-manager/user/README", "repository": "https://github.com/kyma-project/application-connector-manager.git", "manageable": true, "managedResources": [ "/apis/operator.kyma-project.io/v1alpha1/applicationconnectors" ], "latestGithubRelease": { "repository": "kyma-project/application-connector-manager", "deploymentYaml": "application-connector-manager.yaml", "crYaml": "default_application_connector_cr.yaml" }, "versions": [ { "version": "1.1.3", "channels": [ "experimental", "regular" ], "documentation": "https://kyma-project.io/#/application-connector-manager/user/README", "repository": "https://github.com/kyma-project/application-connector-manager.git", "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/application-connector-controller-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/application-connector-manager:v20240419-0093a6f3", "resources": [ { "apiVersion": "v1", "kind": "Namespace", "metadata": { "labels": { "app.kubernetes.io/component": "manager", "app.kubernetes.io/created-by": "application-connector-manager", "app.kubernetes.io/instance": "system", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "namespace", "app.kubernetes.io/part-of": "application-connector-manager", "control-plane": "controller-manager" }, "name": "kyma-system" } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.10.0" }, "creationTimestamp": null, "name": "applicationconnectors.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "ApplicationConnector", "listKind": "ApplicationConnectorList", "plural": "applicationconnectors", "singular": "applicationconnector" }, "scope": "Namespaced", "versions": [ { "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "ApplicationConnector is the Schema for the applicationconnectors API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "properties": { "appConnValidator": { "default": { "logFormat": "json", "logLevel": "info" }, "properties": { "logFormat": { "enum": [ "json", "text" ], "type": "string" }, "logLevel": { "enum": [ "debug", "panic", "fatal", "error", "warn", "info", "debug" ], "type": "string" } }, "required": [ "logFormat", "logLevel" ], "type": "object" }, "appGateway": { "default": { "logLevel": "info", "proxyTimeout": "10s", "requestTimeout": "10s" }, "properties": { "logLevel": { "enum": [ "debug", "panic", "fatal", "error", "warn", "info", "debug" ], "type": "string" }, "proxyTimeout": { "type": "string" }, "requestTimeout": { "type": "string" } }, "required": [ "logLevel", "proxyTimeout", "requestTimeout" ], "type": "object" }, "domainName": { "type": "string" } }, "type": "object" }, "status": { "properties": { "conditions": { "items": { "description": "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition. This may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "served": { "type": "string" }, "state": { "type": "string" } }, "required": [ "served", "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/created-by": "application-connector-manager", "app.kubernetes.io/instance": "controller-manager-sa", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "serviceaccount", "app.kubernetes.io/part-of": "application-connector-manager" }, "name": "application-connector-controller-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/created-by": "application-connector-manager", "app.kubernetes.io/instance": "leader-election-role", "app.kubernetes.io/name": "role", "app.kubernetes.io/part-of": "application-connector-manager", "app.kubernets.io/managed-by": "kustomize" }, "name": "application-connector-leader-election-role", "namespace": "kyma-system" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "creationTimestamp": null, "name": "application-connector-manager-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "create", "delete", "get", "list", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "limitranges" ], "verbs": [ "create", "delete", "get", "list", "update" ] }, { "apiGroups": [ "" ], "resources": [ "namespaces" ], "verbs": [ "create", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "nodes" ], "verbs": [ "get", "list" ] }, { "apiGroups": [ "" ], "resources": [ "persistentvolumes" ], "verbs": [ "get", "list" ] }, { "apiGroups": [ "" ], "resources": [ "pods" ], "verbs": [ "get", "list", "patch" ] }, { "apiGroups": [ "" ], "resourceNames": [ "cluster-client-certificates", "compass-agent-configuration" ], "resources": [ "secrets" ], "verbs": [ "delete", "get" ] }, { "apiGroups": [ "" ], "resources": [ "serviceaccounts" ], "verbs": [ "*" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "*" ], "resources": [ "secrets" ], "verbs": [ "create", "delete", "get", "list", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "create", "delete", "get", "list", "patch", "watch" ] }, { "apiGroups": [ "applicationconnector.kyma-project.io" ], "resources": [ "applications" ], "verbs": [ "create", "delete", "get", "list", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "replicasets" ], "verbs": [ "delete", "list", "watch" ] }, { "apiGroups": [ "autoscaling" ], "resources": [ "horizontalpodautoscalers" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "compass.kyma-project.io" ], "resources": [ "compassconnections" ], "verbs": [ "create", "delete", "get", "list", "update", "watch" ] }, { "apiGroups": [ "metrics.k8s.io" ], "resources": [ "nodes" ], "verbs": [ "get", "list" ] }, { "apiGroups": [ "networking.istio.io" ], "resources": [ "gateways" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "networking.istio.io" ], "resources": [ "virtualservices" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "applicationconnectors" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "applicationconnectors/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "applicationconnectors/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings", "clusterroles" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "rolebindings", "roles" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "scheduling.k8s.io" ], "resources": [ "priorityclasses" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/created-by": "application-connector-manager", "app.kubernetes.io/instance": "leader-election-rolebinding", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "rolebinding", "app.kubernetes.io/part-of": "application-connector-manager" }, "name": "application-connector-leader-election-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "application-connector-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "application-connector-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/created-by": "application-connector-manager", "app.kubernetes.io/instance": "manager-rolebinding", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "clusterrolebinding", "app.kubernetes.io/part-of": "application-connector-manager" }, "name": "application-connector-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "application-connector-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "application-connector-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "details": "header:\n - name: Ready \n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'\nbody:\n - name: Configuration\n widget: Panel\n children:\n - name: Domain name\n source: spec.domainName\n placeholder: Detected automatically\n - widget: Columns\n children:\n - name: Application Connector Validator\n widget: Panel\n children: \n - source: spec.appConnValidator.logLevel\n name: Validator log level\n - source: spec.appConnValidator.logFormat\n name: Validator log format\n - name: Application Connector Gateway\n widget: Panel\n children:\n - source: spec.appGateway.proxyTimeout\n name: Proxy timeout duration\n - source: spec.appGateway.requestTimeout\n name: Request timeout duration\n - source: spec.appGateway.logLevel\n name: Gateway log level\n\n - source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n positive:\n - 'True'\n negative:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n\n - widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n name: events\n defaultType: information\n", "form": "- path: spec.domainName\n name: Domain name\n\n- path: spec.appConnValidator\n widget: FormGroup\n name: Application Connector Validator Configuration\n children:\n - widget: KeyValuePair\n path: \n keyEnum: ['logLevel', 'logFormat']\n\n- path: spec.appGateway\n widget: FormGroup\n name: Application Connector Gateway Configuration\n children:\n - widget: KeyValuePair\n path: requests\n keyEnum: ['proxyTimeout', 'requestTimeout','logLevel']\n\n", "general": "resource:\n kind: ApplicationConnector\n group: operator.kyma-project.io\n version: v1alpha1\nurlPath: applicationconnectors\ncategory: Kyma\nname: ApplicationConnector\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableDelete: true\ndescription: >-\n {{[ApplicationConnector CR](https://github.com/kyma-project/application-connector-manager/blob/main/config/samples/operator_v1alpha1_applicationconnector.yaml)}}\n configures application connector installation.\n", "list": "- name: Ready \n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/name": "applicationconnectors.operator.kyma-project.io", "busola.io/extension": "resource", "busola.io/extension-version": "0.5" }, "name": "application-connector-applicationconnectors.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Scheduling priority of application-connector-manager component. Must not be blocked by unschedulable user workloads.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "name": "application-connector-priority-class" }, "value": 2100000 }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "manager", "app.kubernetes.io/created-by": "application-connector-manager", "app.kubernetes.io/instance": "controller-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "deployment", "app.kubernetes.io/part-of": "application-connector-manager", "control-plane": "controller-manager" }, "name": "application-connector-controller-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "control-plane": "controller-manager" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager" }, "labels": { "control-plane": "controller-manager" } }, "spec": { "containers": [ { "args": [ "--leader-elect" ], "command": [ "/manager" ], "image": "europe-docker.pkg.dev/kyma-project/prod/application-connector-manager:v20240419-0093a6f3", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "10m", "memory": "128Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "priorityClassName": "application-connector-priority-class", "securityContext": { "runAsNonRoot": true }, "serviceAccountName": "application-connector-controller-manager", "terminationGracePeriodSeconds": 10 } } } } ], "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "ApplicationConnector", "metadata": { "namespace": "kyma-system", "labels": { "app.kubernetes.io/name": "applicationconnector", "app.kubernetes.io/instance": "applicationconnector-sample", "app.kubernetes.io/part-of": "application-connector-manager", "app.kuberentes.io/managed-by": "kustomize", "app.kubernetes.io/created-by": "application-connector-manager" }, "name": "applicationconnector-sample" }, "spec": {} }, "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/applicationconnectors/applicationconnector-sample", "deploymentYaml": "https://github.com/kyma-project/application-connector-manager/releases/download/1.1.3/application-connector-manager.yaml", "crYaml": "https://github.com/kyma-project/application-connector-manager/releases/download/1.1.3/default_application_connector_cr.yaml" }, { "version": "1.1.5", "deploymentYaml": "https://github.com/kyma-project/application-connector-manager/releases/download/1.1.5/application-connector-manager.yaml", "crYaml": "https://github.com/kyma-project/application-connector-manager/releases/download/1.1.5/default_application_connector_cr.yaml", "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "ApplicationConnector", "metadata": { "namespace": "kyma-system", "labels": { "app.kubernetes.io/name": "applicationconnector", "app.kubernetes.io/instance": "applicationconnector-sample", "app.kubernetes.io/part-of": "application-connector-manager", "app.kuberentes.io/managed-by": "kustomize", "app.kubernetes.io/created-by": "application-connector-manager" }, "name": "applicationconnector-sample" }, "spec": {} }, "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.10.0" }, "creationTimestamp": null, "name": "applicationconnectors.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "ApplicationConnector", "listKind": "ApplicationConnectorList", "plural": "applicationconnectors", "singular": "applicationconnector" }, "scope": "Namespaced", "versions": [ { "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "ApplicationConnector is the Schema for the applicationconnectors API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "properties": { "appConnValidator": { "default": { "logFormat": "json", "logLevel": "info" }, "properties": { "logFormat": { "enum": [ "json", "text" ], "type": "string" }, "logLevel": { "enum": [ "debug", "panic", "fatal", "error", "warn", "info", "debug" ], "type": "string" } }, "required": [ "logFormat", "logLevel" ], "type": "object" }, "appGateway": { "default": { "logLevel": "info", "proxyTimeout": "10s", "requestTimeout": "10s" }, "properties": { "logLevel": { "enum": [ "debug", "panic", "fatal", "error", "warn", "info", "debug" ], "type": "string" }, "proxyTimeout": { "type": "string" }, "requestTimeout": { "type": "string" } }, "required": [ "logLevel", "proxyTimeout", "requestTimeout" ], "type": "object" }, "domainName": { "type": "string" } }, "type": "object" }, "status": { "properties": { "conditions": { "items": { "description": "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition. This may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "served": { "type": "string" }, "state": { "type": "string" } }, "required": [ "served", "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/created-by": "application-connector-manager", "app.kubernetes.io/instance": "controller-manager-sa", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "serviceaccount", "app.kubernetes.io/part-of": "application-connector-manager" }, "name": "application-connector-controller-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/created-by": "application-connector-manager", "app.kubernetes.io/instance": "leader-election-role", "app.kubernetes.io/name": "role", "app.kubernetes.io/part-of": "application-connector-manager", "app.kubernets.io/managed-by": "kustomize" }, "name": "application-connector-leader-election-role", "namespace": "kyma-system" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "creationTimestamp": null, "name": "application-connector-manager-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "create", "delete", "get", "list", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "limitranges" ], "verbs": [ "create", "delete", "get", "list", "update" ] }, { "apiGroups": [ "" ], "resources": [ "namespaces" ], "verbs": [ "create", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "nodes" ], "verbs": [ "get", "list" ] }, { "apiGroups": [ "" ], "resources": [ "persistentvolumes" ], "verbs": [ "get", "list" ] }, { "apiGroups": [ "" ], "resources": [ "pods" ], "verbs": [ "get", "list", "patch" ] }, { "apiGroups": [ "" ], "resourceNames": [ "cluster-client-certificates", "compass-agent-configuration" ], "resources": [ "secrets" ], "verbs": [ "delete", "get" ] }, { "apiGroups": [ "" ], "resources": [ "serviceaccounts" ], "verbs": [ "*" ] }, { "apiGroups": [ "" ], "resources": [ "services" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "*" ], "resources": [ "secrets" ], "verbs": [ "create", "delete", "get", "list", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "create", "delete", "get", "list", "patch", "watch" ] }, { "apiGroups": [ "applicationconnector.kyma-project.io" ], "resources": [ "applications" ], "verbs": [ "create", "delete", "get", "list", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "replicasets" ], "verbs": [ "delete", "list", "watch" ] }, { "apiGroups": [ "autoscaling" ], "resources": [ "horizontalpodautoscalers" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "compass.kyma-project.io" ], "resources": [ "compassconnections" ], "verbs": [ "create", "delete", "get", "list", "update", "watch" ] }, { "apiGroups": [ "metrics.k8s.io" ], "resources": [ "nodes" ], "verbs": [ "get", "list" ] }, { "apiGroups": [ "networking.istio.io" ], "resources": [ "gateways" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "networking.istio.io" ], "resources": [ "virtualservices" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "applicationconnectors" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "applicationconnectors/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "applicationconnectors/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings", "clusterroles" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "rolebindings", "roles" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "scheduling.k8s.io" ], "resources": [ "priorityclasses" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/created-by": "application-connector-manager", "app.kubernetes.io/instance": "leader-election-rolebinding", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "rolebinding", "app.kubernetes.io/part-of": "application-connector-manager" }, "name": "application-connector-leader-election-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "application-connector-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "application-connector-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/created-by": "application-connector-manager", "app.kubernetes.io/instance": "manager-rolebinding", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "clusterrolebinding", "app.kubernetes.io/part-of": "application-connector-manager" }, "name": "application-connector-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "application-connector-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "application-connector-controller-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "details": "header:\n - name: Ready \n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'\nbody:\n - name: Configuration\n widget: Panel\n children:\n - name: Domain name\n source: spec.domainName\n placeholder: Detected automatically\n - widget: Columns\n children:\n - name: Application Connector Validator\n widget: Panel\n children: \n - source: spec.appConnValidator.logLevel\n name: Validator log level\n - source: spec.appConnValidator.logFormat\n name: Validator log format\n - name: Application Connector Gateway\n widget: Panel\n children:\n - source: spec.appGateway.proxyTimeout\n name: Proxy timeout duration\n - source: spec.appGateway.requestTimeout\n name: Request timeout duration\n - source: spec.appGateway.logLevel\n name: Gateway log level\n\n - source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n positive:\n - 'True'\n negative:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n\n - widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n name: events\n defaultType: information\n", "form": "- path: spec.domainName\n name: Domain name\n\n- path: spec.appConnValidator\n widget: FormGroup\n name: Application Connector Validator Configuration\n children:\n - widget: KeyValuePair\n path: \n keyEnum: ['logLevel', 'logFormat']\n\n- path: spec.appGateway\n widget: FormGroup\n name: Application Connector Gateway Configuration\n children:\n - widget: KeyValuePair\n path: requests\n keyEnum: ['proxyTimeout', 'requestTimeout','logLevel']\n\n", "general": "resource:\n kind: ApplicationConnector\n group: operator.kyma-project.io\n version: v1alpha1\nurlPath: applicationconnectors\ncategory: Kyma\nname: ApplicationConnector\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableDelete: true\ndescription: >-\n {{[ApplicationConnector custom resource](https://kyma-project.io/#/application-connector-manager/user/resources/06-30-application-connector)}}\n configures the Application Connector module.\n", "list": "- name: Ready \n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/name": "applicationconnectors.operator.kyma-project.io", "busola.io/extension": "resource", "busola.io/extension-version": "0.5" }, "name": "application-connector-applicationconnectors.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Scheduling priority of application-connector-manager component. Must not be blocked by unschedulable user workloads.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "name": "application-connector-priority-class" }, "value": 2100000 }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "manager", "app.kubernetes.io/created-by": "application-connector-manager", "app.kubernetes.io/instance": "controller-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "deployment", "app.kubernetes.io/part-of": "application-connector-manager", "control-plane": "controller-manager" }, "name": "application-connector-controller-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "control-plane": "controller-manager" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager" }, "labels": { "control-plane": "controller-manager" } }, "spec": { "containers": [ { "args": [ "--leader-elect" ], "command": [ "/manager" ], "image": "europe-docker.pkg.dev/kyma-project/prod/application-connector-manager:1.1.5", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "10m", "memory": "128Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "priorityClassName": "application-connector-priority-class", "securityContext": { "runAsNonRoot": true }, "serviceAccountName": "application-connector-controller-manager", "terminationGracePeriodSeconds": 10 } } } } ], "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/application-connector-controller-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/application-connector-manager:1.1.5", "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/applicationconnectors/applicationconnector-sample", "channels": [ "fast" ], "documentation": "https://kyma-project.io/#/application-connector-manager/user/README", "repository": "https://github.com/kyma-project/application-connector-manager.git" } ] }, { "name": "keda", "documentation": "https://kyma-project.io/#/keda-manager/user/README", "repository": "https://github.com/kyma-project/keda-manager.git", "managedResources": [ "/apis/operator.kyma-project.io/v1alpha1/kedas", "/apis/keda.sh/v1alpha1/clustertriggerauthentications", "/apis/keda.sh/v1alpha1/scaledjobs", "/apis/keda.sh/v1alpha1/scaledobjects", "/apis/keda.sh/v1alpha1/triggerauthentications" ], "manageable": true, "latestGithubRelease": { "repository": "kyma-project/keda-manager", "deploymentYaml": "keda-manager.yaml", "crYaml": "keda-default-cr.yaml" }, "versions": [ { "version": "1.1.0", "channels": [ "regular" ], "documentation": "https://kyma-project.io/#/keda-manager/user/README", "repository": "https://github.com/kyma-project/keda-manager.git", "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/keda-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/keda-manager:1.1.0", "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.10.0" }, "creationTimestamp": null, "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io" }, "name": "kedas.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "Keda", "listKind": "KedaList", "plural": "kedas", "singular": "keda" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".metadata.generation", "name": "generation", "type": "integer" }, { "jsonPath": ".metadata.creationTimestamp", "name": "age", "type": "date" }, { "jsonPath": ".status.state", "name": "state", "type": "string" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "Keda is the Schema for the kedas API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "KedaSpec defines the desired state of Keda", "properties": { "env": { "items": { "description": "EnvVar represents an environment variable present in a Container.", "properties": { "name": { "description": "Name of the environment variable. Must be a C_IDENTIFIER.", "type": "string" }, "value": { "description": "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\".", "type": "string" }, "valueFrom": { "description": "Source for the environment variable's value. Cannot be used if value is not empty.", "properties": { "configMapKeyRef": { "description": "Selects a key of a ConfigMap.", "properties": { "key": { "description": "The key to select.", "type": "string" }, "name": { "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", "type": "string" }, "optional": { "description": "Specify whether the ConfigMap or its key must be defined", "type": "boolean" } }, "required": [ "key" ], "type": "object", "x-kubernetes-map-type": "atomic" }, "fieldRef": { "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", "properties": { "apiVersion": { "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", "type": "string" }, "fieldPath": { "description": "Path of the field to select in the specified API version.", "type": "string" } }, "required": [ "fieldPath" ], "type": "object", "x-kubernetes-map-type": "atomic" }, "resourceFieldRef": { "description": "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", "properties": { "containerName": { "description": "Container name: required for volumes, optional for env vars", "type": "string" }, "divisor": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "description": "Specifies the output format of the exposed resources, defaults to \"1\"", "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "resource": { "description": "Required: resource to select", "type": "string" } }, "required": [ "resource" ], "type": "object", "x-kubernetes-map-type": "atomic" }, "secretKeyRef": { "description": "Selects a key of a secret in the pod's namespace", "properties": { "key": { "description": "The key of the secret to select from. Must be a valid secret key.", "type": "string" }, "name": { "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?", "type": "string" }, "optional": { "description": "Specify whether the Secret or its key must be defined", "type": "boolean" } }, "required": [ "key" ], "type": "object", "x-kubernetes-map-type": "atomic" } }, "type": "object" } }, "required": [ "name" ], "type": "object" }, "type": "array" }, "logging": { "properties": { "metricServer": { "properties": { "level": { "enum": [ "0", "4" ], "type": "string" } }, "type": "object" }, "operator": { "properties": { "format": { "enum": [ "json", "console" ], "type": "string" }, "level": { "enum": [ "debug", "info", "error" ], "type": "string" }, "timeEncoding": { "enum": [ "epoch", "millis", "nano", "iso8601", "rfc3339", "rfc3339nano" ], "type": "string" } }, "type": "object" } }, "type": "object" }, "resources": { "properties": { "metricServer": { "description": "ResourceRequirements describes the compute resource requirements.", "properties": { "limits": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" }, "requests": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" } }, "type": "object" }, "operator": { "description": "ResourceRequirements describes the compute resource requirements.", "properties": { "limits": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" }, "requests": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "status": { "properties": { "conditions": { "items": { "description": "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition. This may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "served": { "type": "string" }, "state": { "type": "string" } }, "required": [ "served", "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io" }, "name": "keda-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io" }, "name": "keda-leader-election-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "serviceaccounts", "configmaps" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "creationTimestamp": null, "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io" }, "name": "keda-manager-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps", "configmaps/status", "events", "services" ], "verbs": [ "*" ] }, { "apiGroups": [ "" ], "resources": [ "external", "pods", "secrets", "serviceaccounts" ], "verbs": [ "create", "delete", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "limitranges" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "namespaces" ], "verbs": [ "create", "delete" ] }, { "apiGroups": [ "*" ], "resources": [ "*" ], "verbs": [ "get" ] }, { "apiGroups": [ "*" ], "resources": [ "*/scale" ], "verbs": [ "*" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "validatingwebhookconfigurations" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "create", "delete", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiregistration.k8s.io" ], "resources": [ "apiservices" ], "verbs": [ "create", "delete", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "create", "delete", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "replicasets", "statefulsets" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "authentication.k8s.io" ], "resources": [ "tokenreviews" ], "verbs": [ "create" ] }, { "apiGroups": [ "authorization.k8s.io" ], "resources": [ "subjectaccessreviews" ], "verbs": [ "create" ] }, { "apiGroups": [ "autoscaling" ], "resources": [ "horizontalpodautoscalers" ], "verbs": [ "*" ] }, { "apiGroups": [ "batch" ], "resources": [ "jobs" ], "verbs": [ "*" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "*" ] }, { "apiGroups": [ "eventing.keda.sh" ], "resources": [ "cloudeventsources", "cloudeventsources/status" ], "verbs": [ "*" ] }, { "apiGroups": [ "external.metrics.k8s.io" ], "resources": [ "*" ], "verbs": [ "*" ] }, { "apiGroups": [ "keda.sh" ], "resources": [ "clustertriggerauthentications", "clustertriggerauthentications/status", "scaledjobs", "scaledjobs/finalizers", "scaledjobs/status", "scaledobjects", "scaledobjects/finalizers", "scaledobjects/status", "triggerauthentications", "triggerauthentications/status" ], "verbs": [ "*" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "kedas" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "kedas/finalizers" ], "verbs": [ "patch", "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "kedas/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings", "clusterroles", "rolebindings", "roles" ], "verbs": [ "create", "delete", "list", "patch", "update", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io" }, "name": "keda-leader-election-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "keda-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "keda-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io" }, "name": "keda-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "keda-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "keda-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "details": "header:\n - name: Ready \n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'\nbody:\n - name: Configuration\n widget: Panel\n children:\n - name: Log Level\n source: spec.logging.operator.level\n - widget: Columns\n children:\n - name: Operator\n widget: Panel\n children: \n - source: spec.resources.operator.requests.cpu\n name: CPU request\n - source: spec.resources.operator.requests.memory\n name: Memory request\n - source: spec.resources.operator.limits.cpu\n name: CPU limit\n - source: spec.resources.operator.limits.memory\n name: Memory limit\n - name: Metric Server\n widget: Panel\n children:\n - source: spec.resources.metricServer.requests.cpu\n name: CPU request\n - source: spec.resources.metricServer.requests.memory\n name: Memory request\n - source: spec.resources.metricServer.limits.cpu\n name: CPU limit\n - source: spec.resources.metricServer.limits.memory\n name: Memory limit\n\n - source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n positive:\n - 'True'\n negative:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n\n - widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n name: events\n defaultType: information\n", "form": "- path: spec.logging.operator.level\n name: Log Level\n\n- path: spec.resources.operator\n widget: FormGroup\n name: Operator Resources\n children:\n - widget: KeyValuePair\n path: requests\n keyEnum: ['cpu', 'memory']\n - widget: KeyValuePair\n path: limits\n keyEnum: ['cpu', 'memory']\n\n- path: spec.resources.metricServer\n widget: FormGroup\n name: Metric Server Resources\n children:\n - widget: KeyValuePair\n path: requests\n keyEnum: ['cpu', 'memory']\n - widget: KeyValuePair\n path: limits\n keyEnum: ['cpu', 'memory']\n \n\n\n", "general": "resource:\n kind: Keda\n group: operator.kyma-project.io\n version: v1alpha1\nurlPath: kedas\ncategory: Kyma\nname: Keda\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableDelete: true\ndescription: >-\n {{[Keda CR](https://github.com/kyma-project/keda-manager/blob/main/docs/user/01-20-configuration.md)}}\n configures keda installation.\n", "list": "- name: Ready \n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "app.kubernetes.io/name": "kedas.operator.kyma-project.io", "busola.io/extension": "resource", "busola.io/extension-version": "0.5" }, "name": "keda-kedas.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - name: Ready \n source: status.conditions[0].status\n description: status.conditions[0].message\n widget: Badge\n highlights:\n positive:\n - 'True'\n negative:\n - 'False'\nbody:\n - name: columns.container\n widget: Columns\n children:\n - name: Scale Target\n widget: Panel\n children:\n - name: Kind\n source: spec.scaleTargetRef.kind?spec.scaleTargetRef.kind:\"Deployment\"\n - name: Name\n source: spec.scaleTargetRef.name\n widget: ResourceLink\n resource:\n name: spec.scaleTargetRef.name\n namespace: $root.metadata.namespace\n kind: spec.scaleTargetRef.kind?spec.scaleTargetRef.kind:\"Deployment\"\n - name: Scale Config\n widget: Panel\n children:\n - name: Minimum number of replicas\n source: spec.minReplicaCount\n - name: Maximum number of replicas\n source: spec.maxReplicaCount\n - name: Polling Interval\n source: spec.pollingInterval\n visibility: '$exists($value)'\n - name: Cooldown Period\n source: spec.cooldownPeriod \n visibility: '$exists($value)' \n - name: Fallback\n widget: Panel\n source: spec.fallback\n visibility: '$exists($value)' \n children:\n - name: Fallback number of replicas\n source: replicas\n - name: Trigger Failure Threshold\n source: failureThreshold\n - source: spec.triggers\n name: Triggers\n widget: Table\n collapsibleTitle: type\n collapsible:\n - source: metadata\n widget: CodeViewer\n language: \"'yaml'\"\n - widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n name: events\n defaultType: information\n", "form": "- path: spec.minReplicaCount\n inputInfo: \"Minimum number of replicas to scale down to\"\n simple: true\n- path: spec.maxReplicaCount\n inputInfo: \"Maximum number of replicas to scale up to\"\n simple: true\n- path: spec.cooldownPeriod\n inputInfo: \"The minimal inactivity period (in seconds) to wait before scaling the resource back to 0 (default: 5 minutes)\"\n- path: spec.pollingInterval\n inputInfo: \"Interval (in seconds) to check each trigger on (default: 30 seconds).\"\n- path: spec.scaleTargetRef\n widget: FormGroup\n simple: true\n children:\n - path: kind\n simple: true\n required: true\n inputInfo: \"Type of the scale target resource. For example `Deployment`\"\n trigger: [kindChanged]\n enum:\n - Function\n - Deployment\n - path: apiVersion\n simple: true\n required: true\n inputInfo: \"Api group and api version of the scale target resource. For example `apps/v1`\"\n subscribe:\n kindChanged: \"$root.spec.scaleTargetRef.kind = 'Function'?'serverless.kyma-project.io/v1alpha2':'apps/v1'\"\n - path: name\n simple: true\n widget: Resource\n visibility: $root.spec.scaleTargetRef.kind = 'Function'\n overwrite: false\n inputInfo: \"Name of the scale target resource\"\n resource:\n kind: Function\n version: v1alpha2\n group: serverless.kyma-project.io\n scope: namespace\n - var: dummy\n simple: true\n required: false\n visibility: false\n advanced: false\n - path: name\n simple: true\n widget: Resource\n inputInfo: \"Name of the scale target resource\"\n visibility: $root.spec.scaleTargetRef.kind = 'Deployment'\n overwrite: false\n resource:\n kind: Deployment\n version: v1\n group: apps\n scope: namespace\n- path: spec.fallback\n widget: FormGroup\n required: false\n children:\n - path: replicas\n inputInfo: \"Number of replicas to set in case scalers has failed to get metrics from their source\" \n - path: failureThreshold\n inputInfo: \"Number of consecutive times each scaler has failed to get metrics from its source before the fallback amount of replicas is set\"\n- path: spec.triggers\n widget: GenericList\n defaultExpanded: true\n simple: true\n children:\n - path: '[].type'\n simple: true\n required: true\n - path: '[].metadata'\n simple: true\n required: true\n widget: CodeEditor\n language: \"'YAML'\"\n", "general": "resource:\n kind: ScaledObject\n group: keda.sh\n version: v1alpha1\nurlPath: scaledobjects\ncategory: Workloads\nname: Scaled Objects\nscope: namespace\ndescription: >-\n {{[Scaled Objects](https://keda.sh/docs/latest/concepts/scaling-deployments/#scaledobject-spec)}}\n describes which workloads should KEDA scale and what the triggers for the scaling are.\n", "list": "- name: Target\n source: $join([spec.scaleTargetRef.name, ' (', spec.scaleTargetRef.kind?spec.scaleTargetRef.kind:\"Deployment\", ')'])\n- name: Triggers\n source: spec.triggers[].type\n widget: JoinedArray\n- name: Replicas\n source: $join([$string(spec.minReplicaCount), '..', $string(spec.maxReplicaCount)])\n- name: Ready \n source: status.conditions[0].status\n description: status.conditions[0].message\n widget: Badge\n highlights:\n positive:\n - 'True'\n negative:\n - 'False' \n", "presets": "- name: CPU Consumption Triggered\n value:\n apiVersion: keda.sh/v1alpha1\n kind: ScaledObject\n metadata:\n name: ''\n labels: {}\n annotations: {}\n spec:\n triggers:\n - type: cpu\n metadata:\n type: Utilization\n value: '50'\n- name: Prometheus Triggered\n value:\n apiVersion: keda.sh/v1alpha1\n kind: ScaledObject\n metadata:\n name: ''\n labels: {}\n annotations: {}\n spec:\n triggers:\n - type: prometheus\n metadata:\n serverAddress: http://prometheus-operated.kyma-system.svc.cluster.local:9090\n metricName: ''\n query: ''\n threshold: ''" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "app.kubernetes.io/name": "scaledobjects.keda.sh", "busola.io/extension": "resource", "busola.io/extension-version": "0.5" }, "name": "keda-scaledobjects.keda.sh", "namespace": "kyma-system" } }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "control-plane": "manager" }, "name": "keda-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "control-plane": "manager" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager" }, "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "control-plane": "manager" } }, "spec": { "containers": [ { "args": [ "--leader-elect" ], "command": [ "/manager" ], "image": "europe-docker.pkg.dev/kyma-project/prod/keda-manager:1.1.0", "imagePullPolicy": "Always", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "200m", "memory": "128Mi" }, "requests": { "cpu": "10m", "memory": "32Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "securityContext": { "runAsNonRoot": true }, "serviceAccountName": "keda-manager", "terminationGracePeriodSeconds": 10 } } } } ], "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "Keda", "metadata": { "name": "default", "namespace": "kyma-system" }, "spec": { "logging": { "operator": { "level": "info" } }, "resources": { "operator": { "limits": { "cpu": "800m", "memory": "200Mi" }, "requests": { "cpu": "300m", "memory": "150Mi" } }, "metricServer": { "limits": { "cpu": "800m", "memory": "500Mi" }, "requests": { "cpu": "300m", "memory": "500Mi" } } } } }, "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/kedas/default", "deploymentYaml": "https://github.com/kyma-project/keda-manager/releases/download/1.1.0/keda-manager.yaml", "crYaml": "https://github.com/kyma-project/keda-manager/releases/download/1.1.0/keda-default-cr.yaml" }, { "version": "1.2.0", "deploymentYaml": "https://github.com/kyma-project/keda-manager/releases/download/1.2.0/keda-manager.yaml", "crYaml": "https://github.com/kyma-project/keda-manager/releases/download/1.2.0/keda-default-cr.yaml", "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "Keda", "metadata": { "name": "default", "namespace": "kyma-system" }, "spec": { "logging": { "operator": { "level": "info" } }, "resources": { "operator": { "limits": { "cpu": "800m", "memory": "200Mi" }, "requests": { "cpu": "300m", "memory": "150Mi" } }, "metricServer": { "limits": { "cpu": "800m", "memory": "500Mi" }, "requests": { "cpu": "300m", "memory": "500Mi" } } } } }, "resources": [ { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.14.0" }, "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "keda-manager", "app.kubernetes.io/part-of": "keda-manager", "app.kubernetes.io/version": "1.2.0", "kyma-project.io/module": "keda-manager" }, "name": "kedas.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "Keda", "listKind": "KedaList", "plural": "kedas", "singular": "keda" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".metadata.generation", "name": "generation", "type": "integer" }, { "jsonPath": ".metadata.creationTimestamp", "name": "age", "type": "date" }, { "jsonPath": ".status.state", "name": "state", "type": "string" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "Keda is the Schema for the kedas API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "KedaSpec defines the desired state of Keda", "properties": { "env": { "items": { "description": "EnvVar represents an environment variable present in a Container.", "properties": { "name": { "description": "Name of the environment variable. Must be a C_IDENTIFIER.", "type": "string" }, "value": { "description": "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\".", "type": "string" }, "valueFrom": { "description": "Source for the environment variable's value. Cannot be used if value is not empty.", "properties": { "configMapKeyRef": { "description": "Selects a key of a ConfigMap.", "properties": { "key": { "description": "The key to select.", "type": "string" }, "name": { "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?", "type": "string" }, "optional": { "description": "Specify whether the ConfigMap or its key must be defined", "type": "boolean" } }, "required": [ "key" ], "type": "object", "x-kubernetes-map-type": "atomic" }, "fieldRef": { "description": "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.", "properties": { "apiVersion": { "description": "Version of the schema the FieldPath is written in terms of, defaults to \"v1\".", "type": "string" }, "fieldPath": { "description": "Path of the field to select in the specified API version.", "type": "string" } }, "required": [ "fieldPath" ], "type": "object", "x-kubernetes-map-type": "atomic" }, "resourceFieldRef": { "description": "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.", "properties": { "containerName": { "description": "Container name: required for volumes, optional for env vars", "type": "string" }, "divisor": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "description": "Specifies the output format of the exposed resources, defaults to \"1\"", "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "resource": { "description": "Required: resource to select", "type": "string" } }, "required": [ "resource" ], "type": "object", "x-kubernetes-map-type": "atomic" }, "secretKeyRef": { "description": "Selects a key of a secret in the pod's namespace", "properties": { "key": { "description": "The key of the secret to select from. Must be a valid secret key.", "type": "string" }, "name": { "description": "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?", "type": "string" }, "optional": { "description": "Specify whether the Secret or its key must be defined", "type": "boolean" } }, "required": [ "key" ], "type": "object", "x-kubernetes-map-type": "atomic" } }, "type": "object" } }, "required": [ "name" ], "type": "object" }, "type": "array" }, "logging": { "properties": { "metricServer": { "properties": { "level": { "enum": [ "0", "4" ], "type": "string" } }, "type": "object" }, "operator": { "properties": { "format": { "enum": [ "json", "console" ], "type": "string" }, "level": { "enum": [ "debug", "info", "error" ], "type": "string" }, "timeEncoding": { "enum": [ "epoch", "millis", "nano", "iso8601", "rfc3339", "rfc3339nano" ], "type": "string" } }, "type": "object" } }, "type": "object" }, "resources": { "properties": { "metricServer": { "description": "ResourceRequirements describes the compute resource requirements.", "properties": { "claims": { "description": "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers.", "items": { "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", "properties": { "name": { "description": "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container.", "type": "string" } }, "required": [ "name" ], "type": "object" }, "type": "array", "x-kubernetes-list-map-keys": [ "name" ], "x-kubernetes-list-type": "map" }, "limits": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" }, "requests": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" } }, "type": "object" }, "operator": { "description": "ResourceRequirements describes the compute resource requirements.", "properties": { "claims": { "description": "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers.", "items": { "description": "ResourceClaim references one entry in PodSpec.ResourceClaims.", "properties": { "name": { "description": "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container.", "type": "string" } }, "required": [ "name" ], "type": "object" }, "type": "array", "x-kubernetes-list-map-keys": [ "name" ], "x-kubernetes-list-type": "map" }, "limits": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" }, "requests": { "additionalProperties": { "anyOf": [ { "type": "integer" }, { "type": "string" } ], "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", "x-kubernetes-int-or-string": true }, "description": "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", "type": "object" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "status": { "properties": { "conditions": { "items": { "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "served": { "type": "string" }, "state": { "type": "string" } }, "required": [ "served", "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "keda-manager", "app.kubernetes.io/part-of": "keda-manager", "app.kubernetes.io/version": "1.2.0", "kyma-project.io/module": "keda-manager" }, "name": "keda-manager", "namespace": "kyma-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "keda-manager", "app.kubernetes.io/part-of": "keda-manager", "app.kubernetes.io/version": "1.2.0", "kyma-project.io/module": "keda-manager" }, "name": "keda-leader-election-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "serviceaccounts", "configmaps" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "keda-manager", "app.kubernetes.io/part-of": "keda-manager", "app.kubernetes.io/version": "1.2.0", "kyma-project.io/module": "keda-manager" }, "name": "keda-manager-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps", "configmaps/status", "events", "services" ], "verbs": [ "*" ] }, { "apiGroups": [ "" ], "resources": [ "external", "pods", "secrets", "serviceaccounts" ], "verbs": [ "create", "delete", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "limitranges" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "namespaces" ], "verbs": [ "create", "delete" ] }, { "apiGroups": [ "*" ], "resources": [ "*" ], "verbs": [ "get" ] }, { "apiGroups": [ "*" ], "resources": [ "*/scale" ], "verbs": [ "*" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "validatingwebhookconfigurations" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "create", "delete", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiregistration.k8s.io" ], "resources": [ "apiservices" ], "verbs": [ "create", "delete", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "create", "delete", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "replicasets", "statefulsets" ], "verbs": [ "list", "watch" ] }, { "apiGroups": [ "authentication.k8s.io" ], "resources": [ "tokenreviews" ], "verbs": [ "create" ] }, { "apiGroups": [ "authorization.k8s.io" ], "resources": [ "subjectaccessreviews" ], "verbs": [ "create" ] }, { "apiGroups": [ "autoscaling" ], "resources": [ "horizontalpodautoscalers" ], "verbs": [ "*" ] }, { "apiGroups": [ "batch" ], "resources": [ "jobs" ], "verbs": [ "*" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "*" ] }, { "apiGroups": [ "eventing.keda.sh" ], "resources": [ "cloudeventsources", "cloudeventsources/status" ], "verbs": [ "*" ] }, { "apiGroups": [ "external.metrics.k8s.io" ], "resources": [ "*" ], "verbs": [ "*" ] }, { "apiGroups": [ "keda.sh" ], "resources": [ "clustertriggerauthentications", "clustertriggerauthentications/status", "scaledjobs", "scaledjobs/finalizers", "scaledjobs/status", "scaledobjects", "scaledobjects/finalizers", "scaledobjects/status", "triggerauthentications", "triggerauthentications/status" ], "verbs": [ "*" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "kedas" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "kedas/finalizers" ], "verbs": [ "patch", "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "kedas/status" ], "verbs": [ "get", "patch", "update" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings", "clusterroles", "rolebindings", "roles" ], "verbs": [ "create", "delete", "list", "patch", "update", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "keda-manager", "app.kubernetes.io/part-of": "keda-manager", "app.kubernetes.io/version": "1.2.0", "kyma-project.io/module": "keda-manager" }, "name": "keda-leader-election-rolebinding", "namespace": "kyma-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "keda-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "keda-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "keda-manager", "app.kubernetes.io/part-of": "keda-manager", "app.kubernetes.io/version": "1.2.0", "kyma-project.io/module": "keda-manager" }, "name": "keda-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "keda-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "keda-manager", "namespace": "kyma-system" } ] }, { "apiVersion": "v1", "data": { "details": "header:\n - name: Ready \n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'\nbody:\n - name: Configuration\n widget: Panel\n children:\n - name: Log Level\n source: spec.logging.operator.level\n - widget: Columns\n children:\n - name: Operator\n widget: Panel\n children: \n - source: spec.resources.operator.requests.cpu\n name: CPU request\n - source: spec.resources.operator.requests.memory\n name: Memory request\n - source: spec.resources.operator.limits.cpu\n name: CPU limit\n - source: spec.resources.operator.limits.memory\n name: Memory limit\n - name: Metric Server\n widget: Panel\n children:\n - source: spec.resources.metricServer.requests.cpu\n name: CPU request\n - source: spec.resources.metricServer.requests.memory\n name: Memory request\n - source: spec.resources.metricServer.limits.cpu\n name: CPU limit\n - source: spec.resources.metricServer.limits.memory\n name: Memory limit\n\n - source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n positive:\n - 'True'\n negative:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true\n\n - widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n name: events\n defaultType: information\n", "form": "- path: spec.logging.operator.level\n name: Log Level\n\n- path: spec.resources.operator\n widget: FormGroup\n name: Operator Resources\n children:\n - widget: KeyValuePair\n path: requests\n keyEnum: ['cpu', 'memory']\n - widget: KeyValuePair\n path: limits\n keyEnum: ['cpu', 'memory']\n\n- path: spec.resources.metricServer\n widget: FormGroup\n name: Metric Server Resources\n children:\n - widget: KeyValuePair\n path: requests\n keyEnum: ['cpu', 'memory']\n - widget: KeyValuePair\n path: limits\n keyEnum: ['cpu', 'memory']\n \n\n\n", "general": "resource:\n kind: Keda\n group: operator.kyma-project.io\n version: v1alpha1\nurlPath: kedas\ncategory: Kyma\nname: Keda\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableDelete: true\ndescription: >-\n {{[Keda custom resource](https://github.com/kyma-project/keda-manager/blob/main/docs/user/01-20-configuration.md)}}\n configures the Keda module.\n", "list": "- name: Ready \n source: status.state\n widget: Badge\n highlights:\n positive:\n - 'Ready'" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "keda-manager", "app.kubernetes.io/part-of": "keda-manager", "app.kubernetes.io/version": "1.2.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "keda-manager" }, "name": "keda-kedas.operator.kyma-project.io", "namespace": "kyma-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - name: Ready \n source: status.conditions[0].status\n description: status.conditions[0].message\n widget: Badge\n highlights:\n positive:\n - 'True'\n negative:\n - 'False'\nbody:\n - name: columns.container\n widget: Columns\n children:\n - name: Scale Target\n widget: Panel\n children:\n - name: Kind\n source: spec.scaleTargetRef.kind?spec.scaleTargetRef.kind:\"Deployment\"\n - name: Name\n source: spec.scaleTargetRef.name\n widget: ResourceLink\n resource:\n name: spec.scaleTargetRef.name\n namespace: $root.metadata.namespace\n kind: spec.scaleTargetRef.kind?spec.scaleTargetRef.kind:\"Deployment\"\n - name: Scale Config\n widget: Panel\n children:\n - name: Minimum number of replicas\n source: spec.minReplicaCount\n - name: Maximum number of replicas\n source: spec.maxReplicaCount\n - name: Polling Interval\n source: spec.pollingInterval\n visibility: '$exists($value)'\n - name: Cooldown Period\n source: spec.cooldownPeriod \n visibility: '$exists($value)' \n - name: Fallback\n widget: Panel\n source: spec.fallback\n visibility: '$exists($value)' \n children:\n - name: Fallback number of replicas\n source: replicas\n - name: Trigger Failure Threshold\n source: failureThreshold\n - source: spec.triggers\n name: Triggers\n widget: Table\n collapsibleTitle: type\n collapsible:\n - source: metadata\n widget: CodeViewer\n language: \"'yaml'\"\n - widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n name: events\n defaultType: information\n", "form": "- path: spec.minReplicaCount\n inputInfo: \"Minimum number of replicas to scale down to\"\n simple: true\n- path: spec.maxReplicaCount\n inputInfo: \"Maximum number of replicas to scale up to\"\n simple: true\n- path: spec.cooldownPeriod\n inputInfo: \"The minimal inactivity period (in seconds) to wait before scaling the resource back to 0 (default: 5 minutes)\"\n- path: spec.pollingInterval\n inputInfo: \"Interval (in seconds) to check each trigger on (default: 30 seconds).\"\n- path: spec.scaleTargetRef\n widget: FormGroup\n simple: true\n children:\n - path: kind\n simple: true\n required: true\n inputInfo: \"Type of the scale target resource. For example `Deployment`\"\n trigger: [kindChanged]\n enum:\n - Function\n - Deployment\n - path: apiVersion\n simple: true\n required: true\n inputInfo: \"Api group and api version of the scale target resource. For example `apps/v1`\"\n subscribe:\n kindChanged: \"$root.spec.scaleTargetRef.kind = 'Function'?'serverless.kyma-project.io/v1alpha2':'apps/v1'\"\n - path: name\n simple: true\n widget: Resource\n visibility: $root.spec.scaleTargetRef.kind = 'Function'\n overwrite: false\n inputInfo: \"Name of the scale target resource\"\n resource:\n kind: Function\n version: v1alpha2\n group: serverless.kyma-project.io\n scope: namespace\n - var: dummy\n simple: true\n required: false\n visibility: false\n advanced: false\n - path: name\n simple: true\n widget: Resource\n inputInfo: \"Name of the scale target resource\"\n visibility: $root.spec.scaleTargetRef.kind = 'Deployment'\n overwrite: false\n resource:\n kind: Deployment\n version: v1\n group: apps\n scope: namespace\n- path: spec.fallback\n widget: FormGroup\n required: false\n children:\n - path: replicas\n inputInfo: \"Number of replicas to set in case scalers has failed to get metrics from their source\" \n - path: failureThreshold\n inputInfo: \"Number of consecutive times each scaler has failed to get metrics from its source before the fallback amount of replicas is set\"\n- path: spec.triggers\n widget: GenericList\n defaultExpanded: true\n simple: true\n children:\n - path: '[].type'\n simple: true\n required: true\n - path: '[].metadata'\n simple: true\n required: true\n widget: CodeEditor\n language: \"'YAML'\"\n", "general": "resource:\n kind: ScaledObject\n group: keda.sh\n version: v1alpha1\nurlPath: scaledobjects\ncategory: Workloads\nname: Scaled Objects\nscope: namespace\ndescription: >-\n {{[Scaled Objects](https://keda.sh/docs/latest/concepts/scaling-deployments/#scaledobject-spec)}}\n describes which workloads should KEDA scale and what the triggers for the scaling are.\n", "list": "- name: Target\n source: $join([spec.scaleTargetRef.name, ' (', spec.scaleTargetRef.kind?spec.scaleTargetRef.kind:\"Deployment\", ')'])\n- name: Triggers\n source: spec.triggers[].type\n widget: JoinedArray\n- name: Replicas\n source: $join([$string(spec.minReplicaCount), '..', $string(spec.maxReplicaCount)])\n- name: Ready \n source: status.conditions[0].status\n description: status.conditions[0].message\n widget: Badge\n highlights:\n positive:\n - 'True'\n negative:\n - 'False' \n", "presets": "- name: CPU Consumption Triggered\n value:\n apiVersion: keda.sh/v1alpha1\n kind: ScaledObject\n metadata:\n name: ''\n labels: {}\n annotations: {}\n spec:\n triggers:\n - type: cpu\n metadata:\n type: Utilization\n value: '50'\n- name: Prometheus Triggered\n value:\n apiVersion: keda.sh/v1alpha1\n kind: ScaledObject\n metadata:\n name: ''\n labels: {}\n annotations: {}\n spec:\n triggers:\n - type: prometheus\n metadata:\n serverAddress: http://prometheus-operated.kyma-system.svc.cluster.local:9090\n metricName: ''\n query: ''\n threshold: ''" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "keda-manager", "app.kubernetes.io/part-of": "keda-manager", "app.kubernetes.io/version": "1.2.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "keda-manager" }, "name": "keda-scaledobjects.keda.sh", "namespace": "kyma-system" } }, { "apiVersion": "scheduling.k8s.io/v1", "description": "Scheduling priority of the Keda-Manager module. Must not be blocked by unschedulable user workloads.", "globalDefault": false, "kind": "PriorityClass", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "keda-manager", "app.kubernetes.io/part-of": "keda-manager", "app.kubernetes.io/version": "1.2.0", "kyma-project.io/module": "keda-manager" }, "name": "keda-priority-class" }, "value": 2000000 }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "keda-manager", "app.kubernetes.io/part-of": "keda-manager", "app.kubernetes.io/version": "1.2.0", "control-plane": "manager", "kyma-project.io/module": "keda-manager" }, "name": "keda-manager", "namespace": "kyma-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "control-plane": "manager" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager" }, "labels": { "app.kubernetes.io/component": "keda-manager.kyma-project.io", "control-plane": "manager" } }, "spec": { "containers": [ { "args": [ "--leader-elect" ], "command": [ "/manager" ], "image": "europe-docker.pkg.dev/kyma-project/prod/keda-manager:1.2.0", "imagePullPolicy": "Always", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "200m", "memory": "128Mi" }, "requests": { "cpu": "10m", "memory": "32Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "priorityClassName": "keda-priority-class", "securityContext": { "runAsNonRoot": true }, "serviceAccountName": "keda-manager", "terminationGracePeriodSeconds": 10 } } } } ], "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/keda-manager", "managerImage": "europe-docker.pkg.dev/kyma-project/prod/keda-manager:1.2.0", "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/kedas/default", "channels": [ "fast" ], "documentation": "https://kyma-project.io/#/keda-manager/user/README", "repository": "https://github.com/kyma-project/keda-manager.git" } ] }, { "name": "transparent-proxy", "documentation": "https://help.sap.com/docs/connectivity/sap-btp-connectivity-cf/transparent-proxy-in-kyma-environment", "managedResources": [ "apis/operator.kyma-project.io/v1alpha1/transparentproxies" ], "manageable": true, "versions": [ { "version": "1.5.2", "channels": [ "fast", "regular" ], "documentation": "https://help.sap.com/docs/connectivity/sap-btp-connectivity-cf/transparent-proxy-in-kyma-environment", "repository": "https://github.wdf.sap.corp/transparent-proxy/sap-transp-proxy-operator.git", "managerPath": "/apis/apps/v1/namespaces/sap-transp-proxy-system/deployments/sap-transp-proxy-operator", "managerImage": "sapse/sap-transp-proxy-operator:1.5.2", "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "TransparentProxy", "metadata": { "name": "transparent-proxy", "namespace": "sap-transp-proxy-system" }, "spec": { "deployment": { "image": { "registry": "docker.io", "repository": "sapse", "pullPolicy": "IfNotPresent" }, "replicas": { "http": 1, "tcp": 1 }, "resources": { "http": { "requests": { "cpu": 0.2, "memory": "256M" }, "limits": { "cpu": 0.4, "memory": "512M" } }, "tcp": { "requests": { "cpu": 0.05, "memory": "32M" }, "limits": { "cpu": 0.1, "memory": "64M" } } }, "autoscaling": { "http": { "vertical": { "enabled": false, "updateMode": "Off" }, "horizontal": { "enabled": false, "maxReplicaCount": 2, "metrics": { "cpuAverageUtilization": 80, "memoryAverageUtilization": 80 } } }, "tcp": { "horizontal": { "enabled": false, "maxReplicaCount": 2, "metrics": { "cpuAverageUtilization": 80, "memoryAverageUtilization": 80 } }, "vertical": { "enabled": false, "updateMode": "Off" } } } }, "config": { "logging": { "level": "info" }, "tenantMode": "dedicated", "security": { "accessControl": { "destinations": { "defaultScope": "namespaced" } }, "communication": { "internal": { "encryptionEnabled": true, "certManager": { "certificate": { "privateKey": { "algorithm": "ECDSA", "encoding": "PKCS8", "size": 256 }, "duration": "720h", "renewBefore": "120h" } } } } }, "managedNamespacesMode": "all", "manager": { "executionIntervalMinutes": 3 }, "integration": { "serviceMesh": { "istio": { "istio-injection": "enabled" } }, "destinationService": { "connectionTimeoutSeconds": 5, "readTimeoutSeconds": 10, "instances": [] }, "connectivityProxy": { "httpPort": 20003, "tcpPort": 20004, "connectionTimeoutSeconds": 1 } } } } }, "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/sap-transp-proxy-system/transparentproxies/transparent-proxy" } ] }, { "name": "cap-operator", "documentation": "https://sap.github.io/cap-operator/docs/", "repository": "https://github.com/SAP/cap-operator-lifecycle.git", "managedResources": [ "/apis/operator.sme.sap.com/v1alpha1/capoperators" ], "manageable": true, "latestGithubRelease": { "repository": "SAP/cap-operator-lifecycle", "deploymentYaml": "manager_manifest.yaml", "crYaml": "manager_default_CR.yaml" }, "versions": [ { "version": "0.3.0", "channels": [ "experimental" ], "documentation": "https://sap.github.io/cap-operator/", "repository": "https://github.com/SAP/cap-operator-lifecycle.git", "managerPath": "/apis/apps/v1/namespaces/cap-operator-system/deployments/cap-operator-controller-manager", "managerImage": "ghcr.io/sap/cap-operator-lifecycle/cap-operator-manager:0.3.0", "resources": [ { "apiVersion": "v1", "kind": "Namespace", "metadata": { "labels": { "app.kubernetes.io/component": "namespace", "app.kubernetes.io/instance": "cap-operator-system", "app.kubernetes.io/name": "cap-operator-system", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.3.0", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-system" } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.13.0" }, "labels": { "app.kubernetes.io/component": "customresourcedefinition", "app.kubernetes.io/instance": "capoperators.operator.sme.sap.com", "app.kubernetes.io/name": "capoperators.operator.sme.sap.com", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.3.0", "kyma-project.io/module": "cap-operator" }, "name": "capoperators.operator.sme.sap.com" }, "spec": { "group": "operator.sme.sap.com", "names": { "kind": "CAPOperator", "listKind": "CAPOperatorList", "plural": "capoperators", "singular": "capoperator" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.state", "name": "State", "type": "string" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "CAPOperator is the Schema for the CAPOperators API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "CAPOperatorSpec defines the desired state of CAPOperator", "oneOf": [ { "required": [ "ingressGatewayLabels" ] }, { "required": [ "dnsTarget" ] } ], "properties": { "dnsTarget": { "description": "Public ingress URL for the cluster Load Balancer", "pattern": "^[a-z0-9-.]*$", "type": "string" }, "ingressGatewayLabels": { "description": "Labels used to identify the istio ingress-gateway component and its corresponding namespace. Usually {\"app\":\"istio-ingressgateway\",\"istio\":\"ingressgateway\"}", "items": { "description": "Generic Name/Value configuration", "properties": { "name": { "type": "string" }, "value": { "type": "string" } }, "required": [ "name", "value" ], "type": "object" }, "minItems": 1, "type": "array" }, "subscriptionServer": { "description": "SubscriptionServer info", "properties": { "subDomain": { "type": "string" } }, "required": [ "subDomain" ], "type": "object" } }, "required": [ "subscriptionServer" ], "type": "object" }, "status": { "properties": { "appliedGeneration": { "format": "int64", "type": "integer" }, "conditions": { "items": { "description": "Component status Condition.", "properties": { "lastTransitionTime": { "format": "date-time", "type": "string" }, "message": { "type": "string" }, "reason": { "type": "string" }, "status": { "description": "Condition Status. Can be one of 'True', 'False', 'Unknown'.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "Condition type. Currently, only the 'Ready' type is used.", "type": "string" } }, "required": [ "status", "type" ], "type": "object" }, "type": "array" }, "inventory": { "items": { "description": "InventoryItem represents a dependent object managed by this operator.", "properties": { "digest": { "description": "Digest of the descriptor of the dependent object.", "type": "string" }, "group": { "description": "API group.", "type": "string" }, "kind": { "description": "API kind.", "type": "string" }, "managedTypes": { "description": "Managed types", "items": { "description": "TypeInfo represents a Kubernetes type.", "properties": { "group": { "description": "API group.", "type": "string" }, "kind": { "description": "API kind.", "type": "string" }, "version": { "description": "API group version.", "type": "string" } }, "required": [ "group", "kind", "version" ], "type": "object" }, "type": "array" }, "name": { "description": "Name of the referenced object.", "type": "string" }, "namespace": { "description": "Namespace of the referenced object; empty for non-namespaced objects", "type": "string" }, "phase": { "description": "Phase of the dependent object.", "type": "string" }, "status": { "description": "Observed status of the dependent object, as observed by kstatus.", "type": "string" }, "version": { "description": "API group version.", "type": "string" } }, "required": [ "digest", "group", "kind", "name", "version" ], "type": "object" }, "type": "array" }, "lastAppliedAt": { "format": "date-time", "type": "string" }, "lastObservedAt": { "format": "date-time", "type": "string" }, "observedGeneration": { "format": "int64", "type": "integer" }, "state": { "description": "Component state. Can be one of 'Ready', 'Processing', 'Error', 'Deleting'.", "enum": [ "Processing", "Deleting", "Ready", "Error" ], "type": "string" } }, "required": [ "observedGeneration" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "serviceaccount", "app.kubernetes.io/instance": "cap-operator-controller-manager", "app.kubernetes.io/name": "cap-operator-controller-manager", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.3.0", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-controller-manager", "namespace": "cap-operator-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/instance": "cap-operator-leader-election-role", "app.kubernetes.io/name": "cap-operator-leader-election-role", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.3.0", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-leader-election-role", "namespace": "cap-operator-system" }, "rules": [ { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/instance": "cap-operator-manager-role", "app.kubernetes.io/name": "cap-operator-manager-role", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.3.0", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-manager-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps", "events", "namespaces", "pods", "secrets", "serviceaccounts", "services" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "validatingwebhookconfigurations" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "cert-manager.io" ], "resources": [ "certificates" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "cert.gardener.cloud" ], "resources": [ "certificates" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "dns.gardener.cloud" ], "resources": [ "dnsentries" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "networking.istio.io" ], "resources": [ "gateways", "virtualservices" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.sme.sap.com" ], "resources": [ "capoperators", "capoperators/status" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings", "clusterroles" ], "verbs": [ "bind", "create", "delete", "escalate", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "sme.sap.com" ], "resources": [ "capapplications", "capapplicationversions", "captenantoperations", "captenants" ], "verbs": [ "get", "list", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/instance": "cap-operator-leader-election-rolebinding", "app.kubernetes.io/name": "cap-operator-leader-election-rolebinding", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.3.0", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-leader-election-rolebinding", "namespace": "cap-operator-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "cap-operator-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "cap-operator-controller-manager", "namespace": "cap-operator-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/instance": "cap-operator-manager-rolebinding", "app.kubernetes.io/name": "cap-operator-manager-rolebinding", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.3.0", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "cap-operator-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "cap-operator-controller-manager", "namespace": "cap-operator-system" } ] }, { "apiVersion": "v1", "data": { "dataSources": "relatedCAVs:\n resource:\n kind: CAPApplicationVersion\n group: sme.sap.com\n version: v1alpha1\n filter: >-\n $item.metadata.annotations.`sme.sap.com/owner-identifier` = $join([$root.metadata.namespace,\".\",$root.metadata.name])\nrelatedTenants:\n resource:\n kind: CAPTenant\n group: sme.sap.com\n version: v1alpha1\n filter: >-\n $item.metadata.annotations.`sme.sap.com/owner-identifier` = $join([$root.metadata.namespace,\".\",$root.metadata.name])\n", "details": "header: []\nresourceGraph:\n colorVariant: 3\n dataSources:\n - source: relatedCAVs\n - source: relatedTenants\nbody:\n - name: Summary\n widget: Panel\n children:\n - name: Application Name\n source: spec.btpAppName\n - name: Global Account Id\n source: spec.globalAccountId\n - name: Provider Subdomain\n source: spec.provider.subDomain\n - name: Provider Tenant Id\n source: spec.provider.tenantId\n - name: Primary Domain\n source: spec.domains.primary\n - name: Secondary Domain\n source: $join(spec.domains.secondary, ', ')\n - name: State\n source: status.state\n widget: Badge\n highlights:\n information:\n - Processing\n - Deleting\n positive:\n - Consistent\n critical:\n - Error\n - name: Services / Secrets\n source: spec.btp.services\n widget: Table\n children:\n - name: Name\n source: name\n - name: Class\n source: class\n - name: Secret\n source: secret\n widget: ResourceLink\n resource:\n name: $item.secret\n namespace: $root.metadata.namespace\n kind: \"'Secret'\"\n - name: Status\n source: status.conditions\n widget: Table\n children:\n - name: Type\n source: type\n - name: Status\n source: status\n widget: Badge\n highlights:\n positive:\n - \"True\"\n critical:\n - \"False\"\n - name: Reason\n source: reason\n - name: Last Transition Time\n source: $readableTimestamp(lastTransitionTime)\n - name: Message\n source: message\n - name: Recent Events\n widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n defaultType: all\n hideInvolvedObjects: true\n", "form": "[]\n", "general": "resource:\n kind: CAPApplication\n group: sme.sap.com\n version: v1alpha1\nname: CAP Applications\ncategory: CAP Operator\nurlPath: capapplications\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableEdit: true\n", "list": "- name: Application Name\n source: spec.btpAppName\n- name: Global Account Id\n source: spec.globalAccountId\n- name: State\n source: status.state\n widget: Badge\n highlights:\n information:\n - Processing\n - Deleting\n positive:\n - Consistent\n critical:\n - Error\n", "translations": "en:\n metadata.annotations: Annotations\n metadata.labels: Labels\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "configmap", "app.kubernetes.io/instance": "cap-operator-capapplications.sme.sap.com", "app.kubernetes.io/name": "cap-operator-capapplications.sme.sap.com", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.3.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-capapplications.sme.sap.com", "namespace": "cap-operator-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - source: metadata.ownerReferences\n widget: ControlledBy\n name: Owned By\n placeholder: '-'\nbody:\n - name: Summary\n widget: Panel\n children:\n - name: CAP Application\n source: spec.capApplicationInstance\n widget: ResourceLink\n resource:\n name: spec.capApplicationInstance\n namespace: metadata.namespace\n kind: \"'CAPApplication'\"\n - name: Version\n source: spec.version\n - name: Image Pull Secrets\n source: spec.registrySecrets\n widget: JoinedArray\n children:\n - source: $item\n widget: ResourceLink\n resource:\n name: $item\n namespace: metadata.namespace\n kind: \"'Secret'\"\n - name: Status\n widget: Panel\n children:\n - name: State\n source: status.state\n widget: Badge\n - name: Reason\n source: status.conditions[-1].reason\n - name: Message\n source: status.conditions[-1].message\n - name: Last Transition Time\n source: >-\n $readableTimestamp(status.conditions[-1].lastTransitionTime)\n - name: Finished Jobs\n source: status.finishedJobs\n widget: JoinedArray\n children:\n - source: $item\n widget: ResourceLink\n resource:\n name: $item\n namespace: metadata.namespace\n kind: \"'Job'\"\n - name: Deployment Workloads\n source: \"$filter(spec.workloads, function ($v, $i, $a) {$v.deploymentDefinition ? true : false })\"\n widget: Table\n children:\n - name: Name\n source: name\n widget: ResourceLink\n resource:\n name: $join([$root.metadata.name,\"-\",$item.name])\n namespace: $root.metadata.namespace\n kind: \"'Deployment'\"\n - name: Type\n source: deploymentDefinition.type\n - name: Consumed BTP Services\n source: $join(consumedBTPServices, ', ')\n - name: Job Workloads\n source: \"$filter(spec.workloads, function ($v, $i, $a) {$v.jobDefinition ? true : false })\"\n widget: Table\n children:\n - name: Name\n source: name\n - name: Type\n source: jobDefinition.type\n - name: Consumed BTP Services\n source: $join(consumedBTPServices, ', ')\n", "form": "[]\n", "general": "resource:\n kind: CAPApplicationVersion\n group: sme.sap.com\n version: v1alpha1\nname: CAP Application Versions\ncategory: CAP Operator\nurlPath: capapplicationversions\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableEdit: true\n disableDelete: true\n", "list": "- name: CAP Application\n source: spec.capApplicationInstance\n widget: ResourceLink\n resource:\n name: spec.capApplicationInstance\n namespace: metadata.namespace\n kind: \"'CAPApplication'\"\n- name: Version\n source: spec.version\n- name: State\n source: status.state\n widget: Badge\n", "translations": "en:\n metadata.annotations: Annotations\n metadata.labels: Labels\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "configmap", "app.kubernetes.io/instance": "cap-operator-capapplicationversions.sme.sap.com", "app.kubernetes.io/name": "cap-operator-capapplicationversions.sme.sap.com", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.3.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-capapplicationversions.sme.sap.com", "namespace": "cap-operator-system" } }, { "apiVersion": "v1", "data": { "dataSources": "relatedJobs:\n resource:\n kind: Job\n group: batch\n version: v1\n filter: >-\n $item.metadata.annotations.`sme.sap.com/owner-identifier` = $join([$root.metadata.namespace,\".\",$root.metadata.name])\n", "details": "header:\n - source: metadata.ownerReferences\n widget: ControlledBy\n name: Owned By\n placeholder: '-'\nbody:\n - name: Summary\n widget: Panel\n children:\n - name: CAP Application Version Instance\n source: spec.capApplicationVersionInstance\n widget: ResourceLink\n resource:\n name: spec.capApplicationVersionInstance\n namespace: metadata.namespace\n kind: \"'CAPApplicationVersion'\"\n - name: Operation\n source: $uppercase(spec.operation)\n - name: Tenant Identifier\n source: spec.tenantId\n - name: State\n source: status.state\n widget: Badge\n highlights:\n information:\n - Processing\n - Deleting\n positive:\n - Completed\n critical:\n - Failed\n - name: Steps\n source: spec.steps\n widget: Table\n children:\n - name: Name\n search: true\n source: name\n - name: Type\n source: type\n search: true\n - name: Related Jobs\n widget: ResourceList\n source: $relatedJobs()\n - widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n name: Recent Events\n defaultType: all\n hideInvolvedObjects: true\n", "form": "[]\n", "general": "resource:\n kind: CAPTenantOperation\n group: sme.sap.com\n version: v1alpha1\nname: CAP Tenant Operations\ncategory: CAP Operator\nurlPath: captenantoperations\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableEdit: true\n disableDelete: true\n", "list": "- name: Operation\n source: $uppercase(spec.operation)\n- name: State\n source: status.state\n widget: Badge\n highlights:\n information:\n - Processing\n - Deleting\n positive:\n - Completed\n critical:\n - Failed\n description: status.conditions[-1].message\n- name: Uses CAP Application Version\n source: spec.capApplicationVersionInstance\n widget: ResourceLink\n resource:\n name: spec.capApplicationVersionInstance\n namespace: metadata.namespace\n kind: \"'CAPApplicationVersion'\"\n", "translations": "en:\n metadata.annotations: Annotations\n metadata.labels: Labels\n metadata.creationTimestamp: Created at\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "configmap", "app.kubernetes.io/instance": "cap-operator-captenantoperations.sme.sap.com", "app.kubernetes.io/name": "cap-operator-captenantoperations.sme.sap.com", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.3.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-captenantoperations.sme.sap.com", "namespace": "cap-operator-system" } }, { "apiVersion": "v1", "data": { "dataSources": "tenantOps:\n resource:\n kind: CAPTenantOperation\n group: sme.sap.com\n version: v1alpha1\n filter: >-\n $item.metadata.generateName = $join([$root.metadata.name,\"-\"]) and $item.metadata.namespace = $root.metadata.namespace\nvirtualServices:\n resource:\n kind: VirtualService\n group: networking.istio.io\n version: v1beta1\n filter: >-\n $item.metadata.name = $root.metadata.name and $item.metadata.namespace = $root.metadata.namespace\n", "details": "header:\n - source: metadata.ownerReferences\n widget: ControlledBy\n name: Owned By\n placeholder: '-'\nbody:\n - name: Tenant Information\n widget: Panel\n children:\n - name: Tenant Identifier\n source: spec.tenantId\n - name: Subdomain\n source: spec.subDomain\n - name: Desired Version\n source: spec.version\n - name: Version Upgrade Strategy\n source: >-\n spec.versionUpgradeStrategy = \"never\" ? \"Never\" : \"Always\"\n - name: Current CAP Application Version\n source: status.currentCAPApplicationVersionInstance\n widget: ResourceLink\n resource:\n name: status.currentCAPApplicationVersionInstance\n namespace: metadata.namespace\n kind: \"'CAPApplicationVersion'\"\n - name: Application Domains\n widget: Panel\n children:\n - name: URL's\n source: $virtualServices().items[0].spec.hosts\n widget: JoinedArray\n children:\n - source: $item\n widget: ExternalLink\n link: \"'https://' & $item\"\n - name: Status\n widget: Panel\n children:\n - name: Tenant Ready for Use\n widget: Badge\n source: >-\n (status.conditions[-1].type = \"Ready\" and status.conditions[-1].status = \"True\") ? \"Yes\" : \"No\"\n highlights:\n positive:\n - Yes\n negative:\n - No\n - name: State\n source: >-\n status.state = \"UpgradeError\" ? \"Upgrade Error\" : (status.state = \"ProvisioningError\" ? \"Provisioning Error\" : status.state)\n widget: Badge\n highlights:\n information:\n - Provisioning\n - Upgrading\n - Deleting\n positive:\n - Ready\n critical:\n - Provisioning Error\n negative:\n - Upgrade Error\n - name: Reason\n source: status.conditions[-1].reason\n - name: Message\n source: status.conditions[-1].message\n - name: Last Transition Time\n source: >-\n $readableTimestamp(status.conditions[-1].lastTransitionTime)\n - name: Tenant Operations\n widget: Table\n source: $tenantOps().items\n children:\n - source: $item.metadata.name\n name: Name\n widget: ResourceLink\n resource:\n name: $item.metadata.name\n namespace: $item.metadata.namespace\n kind: \"'CAPTenantOperation'\"\n - source: $uppercase($item.spec.operation)\n name: Operation\n - source: $item.status.state\n name: State\n widget: Badge\n highlights:\n information:\n - Processing\n - Deleting\n positive:\n - Completed\n critical:\n - Failed\n - widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n name: Recent Events\n defaultType: all\n hideInvolvedObjects: true\n", "form": "[]\n", "general": "resource:\n kind: CAPTenant\n group: sme.sap.com\n version: v1alpha1\nname: CAP Tenants\ndescription: A tenant represents a consumer who has subscribed to a CAP Application.\nicon: customer\ncategory: CAP Operator\nurlPath: captenants\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableEdit: true\n disableDelete: true\n", "list": "- name: State\n source: >-\n status.state = \"UpgradeError\" ? \"Upgrade Error\" : (status.state = \"ProvisioningError\" ? \"Provisioning Error\" : status.state)\n widget: Badge\n highlights:\n information:\n - Provisioning\n - Upgrading\n - Deleting\n positive:\n - Ready\n critical:\n - Provisioning Error\n negative:\n - Upgrade Error\n- name: CAP Application\n source: spec.capApplicationInstance\n widget: ResourceLink\n resource:\n name: spec.capApplicationInstance\n namespace: metadata.namespace\n kind: \"'CAPApplication'\"\n- name: Current CAP Application Version\n source: status.currentCAPApplicationVersionInstance\n widget: ResourceLink\n resource:\n name: status.currentCAPApplicationVersionInstance\n namespace: metadata.namespace\n kind: \"'CAPApplicationVersion'\"\n- name: Tenant Identifier\n source: spec.tenantId\n", "translations": "en:\n metadata.annotations: Annotations\n metadata.labels: Labels\n metadata.creationTimestamp: Created at\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "configmap", "app.kubernetes.io/instance": "cap-operator-captenants.sme.sap.com", "app.kubernetes.io/name": "cap-operator-captenants.sme.sap.com", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.3.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-captenants.sme.sap.com", "namespace": "cap-operator-system" } }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "controller", "app.kubernetes.io/instance": "cap-operator-controller-manager", "app.kubernetes.io/name": "cap-operator-controller-manager", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.3.0", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-controller-manager", "namespace": "cap-operator-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/part-of": "cap-operator-manager", "kyma-project.io/module": "cap-operator" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager" }, "labels": { "app.kubernetes.io/part-of": "cap-operator-manager", "kyma-project.io/module": "cap-operator" } }, "spec": { "containers": [ { "args": [ "--leader-elect" ], "command": [ "/manager" ], "env": [ { "name": "POD_NAMESPACE", "valueFrom": { "fieldRef": { "fieldPath": "metadata.namespace" } } } ], "image": "ghcr.io/sap/cap-operator-lifecycle/cap-operator-manager:0.3.0", "imagePullPolicy": "Always", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "500m", "memory": "128Mi" }, "requests": { "cpu": "10m", "memory": "64Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "securityContext": { "runAsNonRoot": true }, "serviceAccountName": "cap-operator-controller-manager", "terminationGracePeriodSeconds": 10 } } } } ], "cr": { "apiVersion": "operator.sme.sap.com/v1alpha1", "kind": "CAPOperator", "metadata": { "name": "cap-operator", "labels": { "app.kubernetes.io/name": "cap-operator", "app.kubernetes.io/instance": "cap-operator", "app.kubernetes.io/component": "cap-operator-manager", "app.kubernetes.io/version": "0.3.0", "kyma-project.io/module": "cap-operator", "app.kubernetes.io/part-of": "cap-operator-manager" }, "namespace": "kyma-system" }, "spec": { "subscriptionServer": { "subDomain": "cap-op" }, "ingressGatewayLabels": [ { "name": "istio", "value": "ingressgateway" }, { "name": "app", "value": "istio-ingressgateway" } ] } }, "crPath": "/apis/operator.sme.sap.com/v1alpha1/namespaces/kyma-system/capoperators/cap-operator", "deploymentYaml": "https://github.com/SAP/cap-operator-lifecycle/releases/download/0.3.0/manager_manifest.yaml", "crYaml": "https://github.com/SAP/cap-operator-lifecycle/releases/download/0.3.0/manager_default_CR.yaml" }, { "version": "0.5.0", "deploymentYaml": "https://github.com/SAP/cap-operator-lifecycle/releases/download/0.5.0/manager_manifest.yaml", "crYaml": "https://github.com/SAP/cap-operator-lifecycle/releases/download/0.5.0/manager_default_CR.yaml", "cr": { "apiVersion": "operator.sme.sap.com/v1alpha1", "kind": "CAPOperator", "metadata": { "name": "cap-operator", "labels": { "app.kubernetes.io/name": "cap-operator", "app.kubernetes.io/instance": "cap-operator", "app.kubernetes.io/component": "cap-operator-manager", "app.kubernetes.io/version": "0.5.0", "kyma-project.io/module": "cap-operator", "app.kubernetes.io/part-of": "cap-operator-manager" }, "namespace": "kyma-system" }, "spec": { "subscriptionServer": { "subDomain": "cap-op" }, "ingressGatewayLabels": [ { "name": "istio", "value": "ingressgateway" }, { "name": "app", "value": "istio-ingressgateway" } ] } }, "resources": [ { "apiVersion": "v1", "kind": "Namespace", "metadata": { "labels": { "app.kubernetes.io/component": "namespace", "app.kubernetes.io/instance": "cap-operator-system", "app.kubernetes.io/name": "cap-operator-system", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.5.0", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-system" } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.13.0" }, "labels": { "app.kubernetes.io/component": "customresourcedefinition", "app.kubernetes.io/instance": "capoperators.operator.sme.sap.com", "app.kubernetes.io/name": "capoperators.operator.sme.sap.com", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.5.0", "kyma-project.io/module": "cap-operator" }, "name": "capoperators.operator.sme.sap.com" }, "spec": { "group": "operator.sme.sap.com", "names": { "kind": "CAPOperator", "listKind": "CAPOperatorList", "plural": "capoperators", "singular": "capoperator" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "jsonPath": ".status.state", "name": "State", "type": "string" } ], "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "CAPOperator is the Schema for the CAPOperators API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "CAPOperatorSpec defines the desired state of CAPOperator", "oneOf": [ { "required": [ "ingressGatewayLabels" ] }, { "required": [ "dnsTarget" ] } ], "properties": { "dnsTarget": { "description": "Public ingress URL for the cluster Load Balancer", "pattern": "^[a-z0-9-.]*$", "type": "string" }, "ingressGatewayLabels": { "description": "Labels used to identify the istio ingress-gateway component and its corresponding namespace. Usually {\"app\":\"istio-ingressgateway\",\"istio\":\"ingressgateway\"}", "items": { "description": "Generic Name/Value configuration", "properties": { "name": { "type": "string" }, "value": { "type": "string" } }, "required": [ "name", "value" ], "type": "object" }, "minItems": 1, "type": "array" }, "subscriptionServer": { "description": "SubscriptionServer info", "properties": { "subDomain": { "type": "string" } }, "required": [ "subDomain" ], "type": "object" } }, "required": [ "subscriptionServer" ], "type": "object" }, "status": { "properties": { "appliedGeneration": { "format": "int64", "type": "integer" }, "conditions": { "items": { "description": "Component status Condition.", "properties": { "lastTransitionTime": { "format": "date-time", "type": "string" }, "message": { "type": "string" }, "reason": { "type": "string" }, "status": { "description": "Condition Status. Can be one of 'True', 'False', 'Unknown'.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "Condition type. Currently, only the 'Ready' type is used.", "type": "string" } }, "required": [ "status", "type" ], "type": "object" }, "type": "array" }, "inventory": { "items": { "description": "InventoryItem represents a dependent object managed by this operator.", "properties": { "digest": { "description": "Digest of the descriptor of the dependent object.", "type": "string" }, "group": { "description": "API group.", "type": "string" }, "kind": { "description": "API kind.", "type": "string" }, "managedTypes": { "description": "Managed types", "items": { "description": "TypeInfo represents a Kubernetes type.", "properties": { "group": { "description": "API group.", "type": "string" }, "kind": { "description": "API kind.", "type": "string" }, "version": { "description": "API group version.", "type": "string" } }, "required": [ "group", "kind", "version" ], "type": "object" }, "type": "array" }, "name": { "description": "Name of the referenced object.", "type": "string" }, "namespace": { "description": "Namespace of the referenced object; empty for non-namespaced objects", "type": "string" }, "phase": { "description": "Phase of the dependent object.", "type": "string" }, "status": { "description": "Observed status of the dependent object, as observed by kstatus.", "type": "string" }, "version": { "description": "API group version.", "type": "string" } }, "required": [ "digest", "group", "kind", "name", "version" ], "type": "object" }, "type": "array" }, "lastAppliedAt": { "format": "date-time", "type": "string" }, "lastObservedAt": { "format": "date-time", "type": "string" }, "observedGeneration": { "format": "int64", "type": "integer" }, "state": { "description": "Component state. Can be one of 'Ready', 'Processing', 'Error', 'Deleting'.", "enum": [ "Processing", "Deleting", "Ready", "Error" ], "type": "string" } }, "required": [ "observedGeneration" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "serviceaccount", "app.kubernetes.io/instance": "cap-operator-controller-manager", "app.kubernetes.io/name": "cap-operator-controller-manager", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.5.0", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-controller-manager", "namespace": "cap-operator-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/instance": "cap-operator-leader-election-role", "app.kubernetes.io/name": "cap-operator-leader-election-role", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.5.0", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-leader-election-role", "namespace": "cap-operator-system" }, "rules": [ { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/instance": "cap-operator-manager-role", "app.kubernetes.io/name": "cap-operator-manager-role", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.5.0", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-manager-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps", "events", "namespaces", "pods", "secrets", "serviceaccounts", "services" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "admissionregistration.k8s.io" ], "resources": [ "validatingwebhookconfigurations" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apiextensions.k8s.io" ], "resources": [ "customresourcedefinitions" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "apps" ], "resources": [ "deployments" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "cert-manager.io" ], "resources": [ "certificates" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "cert.gardener.cloud" ], "resources": [ "certificates" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "dns.gardener.cloud" ], "resources": [ "dnsentries" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "networking.istio.io" ], "resources": [ "gateways", "virtualservices" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.sme.sap.com" ], "resources": [ "capoperators", "capoperators/status" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "rbac.authorization.k8s.io" ], "resources": [ "clusterrolebindings", "clusterroles" ], "verbs": [ "bind", "create", "delete", "escalate", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "sme.sap.com" ], "resources": [ "capapplications", "capapplicationversions", "captenantoperations", "captenants" ], "verbs": [ "get", "list", "watch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/instance": "cap-operator-leader-election-rolebinding", "app.kubernetes.io/name": "cap-operator-leader-election-rolebinding", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.5.0", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-leader-election-rolebinding", "namespace": "cap-operator-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "cap-operator-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "cap-operator-controller-manager", "namespace": "cap-operator-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "rbac", "app.kubernetes.io/instance": "cap-operator-manager-rolebinding", "app.kubernetes.io/name": "cap-operator-manager-rolebinding", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.5.0", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "cap-operator-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "cap-operator-controller-manager", "namespace": "cap-operator-system" } ] }, { "apiVersion": "v1", "data": { "dataSources": "relatedCAVs:\n resource:\n kind: CAPApplicationVersion\n group: sme.sap.com\n version: v1alpha1\n filter: >-\n $item.metadata.annotations.`sme.sap.com/owner-identifier` = $join([$root.metadata.namespace,\".\",$root.metadata.name])\nrelatedTenants:\n resource:\n kind: CAPTenant\n group: sme.sap.com\n version: v1alpha1\n filter: >-\n $item.metadata.annotations.`sme.sap.com/owner-identifier` = $join([$root.metadata.namespace,\".\",$root.metadata.name])\n", "details": "header: []\nresourceGraph:\n colorVariant: 3\n dataSources:\n - source: relatedCAVs\n - source: relatedTenants\nbody:\n - name: Summary\n widget: Panel\n children:\n - name: Application Name\n source: spec.btpAppName\n - name: Global Account Id\n source: spec.globalAccountId\n - name: Provider Subdomain\n source: spec.provider.subDomain\n - name: Provider Tenant Id\n source: spec.provider.tenantId\n - name: Primary Domain\n source: spec.domains.primary\n - name: Secondary Domain\n source: $join(spec.domains.secondary, ', ')\n - name: State\n source: status.state\n widget: Badge\n highlights:\n information:\n - Processing\n - Deleting\n positive:\n - Consistent\n critical:\n - Error\n - name: Services / Secrets\n source: spec.btp.services\n widget: Table\n children:\n - name: Name\n source: name\n - name: Class\n source: class\n - name: Secret\n source: secret\n widget: ResourceLink\n resource:\n name: $item.secret\n namespace: $root.metadata.namespace\n kind: \"'Secret'\"\n - name: Status\n source: status.conditions\n widget: Table\n children:\n - name: Type\n source: type\n - name: Status\n source: status\n widget: Badge\n highlights:\n positive:\n - \"True\"\n critical:\n - \"False\"\n - name: Reason\n source: reason\n - name: Last Transition Time\n source: $readableTimestamp(lastTransitionTime)\n - name: Message\n source: message\n - name: Recent Events\n widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n defaultType: all\n hideInvolvedObjects: true\n", "form": "[]\n", "general": "resource:\n kind: CAPApplication\n group: sme.sap.com\n version: v1alpha1\nname: CAP Applications\ncategory: CAP Operator\nurlPath: capapplications\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableEdit: true\n", "list": "- name: Application Name\n source: spec.btpAppName\n- name: Global Account Id\n source: spec.globalAccountId\n- name: State\n source: status.state\n widget: Badge\n highlights:\n information:\n - Processing\n - Deleting\n positive:\n - Consistent\n critical:\n - Error\n", "translations": "en:\n metadata.annotations: Annotations\n metadata.labels: Labels\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "configmap", "app.kubernetes.io/instance": "cap-operator-capapplications.sme.sap.com", "app.kubernetes.io/name": "cap-operator-capapplications.sme.sap.com", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.5.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-capapplications.sme.sap.com", "namespace": "cap-operator-system" } }, { "apiVersion": "v1", "data": { "details": "header:\n - source: metadata.ownerReferences\n widget: ControlledBy\n name: Owned By\n placeholder: '-'\nbody:\n - name: Summary\n widget: Panel\n children:\n - name: CAP Application\n source: spec.capApplicationInstance\n widget: ResourceLink\n resource:\n name: spec.capApplicationInstance\n namespace: metadata.namespace\n kind: \"'CAPApplication'\"\n - name: Version\n source: spec.version\n - name: Image Pull Secrets\n source: spec.registrySecrets\n widget: JoinedArray\n children:\n - source: $item\n widget: ResourceLink\n resource:\n name: $item\n namespace: metadata.namespace\n kind: \"'Secret'\"\n - name: Status\n widget: Panel\n children:\n - name: State\n source: status.state\n widget: Badge\n - name: Reason\n source: status.conditions[-1].reason\n - name: Message\n source: status.conditions[-1].message\n - name: Last Transition Time\n source: >-\n $readableTimestamp(status.conditions[-1].lastTransitionTime)\n - name: Finished Jobs\n source: status.finishedJobs\n widget: JoinedArray\n children:\n - source: $item\n widget: ResourceLink\n resource:\n name: $item\n namespace: metadata.namespace\n kind: \"'Job'\"\n - name: Deployment Workloads\n source: \"$filter(spec.workloads, function ($v, $i, $a) {$v.deploymentDefinition ? true : false })\"\n widget: Table\n children:\n - name: Name\n source: name\n widget: ResourceLink\n resource:\n name: $join([$root.metadata.name,\"-\",$item.name])\n namespace: $root.metadata.namespace\n kind: \"'Deployment'\"\n - name: Type\n source: deploymentDefinition.type\n - name: Consumed BTP Services\n source: $join(consumedBTPServices, ', ')\n - name: Job Workloads\n source: \"$filter(spec.workloads, function ($v, $i, $a) {$v.jobDefinition ? true : false })\"\n widget: Table\n children:\n - name: Name\n source: name\n - name: Type\n source: jobDefinition.type\n - name: Consumed BTP Services\n source: $join(consumedBTPServices, ', ')\n", "form": "[]\n", "general": "resource:\n kind: CAPApplicationVersion\n group: sme.sap.com\n version: v1alpha1\nname: CAP Application Versions\ncategory: CAP Operator\nurlPath: capapplicationversions\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableEdit: true\n disableDelete: true\n", "list": "- name: CAP Application\n source: spec.capApplicationInstance\n widget: ResourceLink\n resource:\n name: spec.capApplicationInstance\n namespace: metadata.namespace\n kind: \"'CAPApplication'\"\n- name: Version\n source: spec.version\n- name: State\n source: status.state\n widget: Badge\n", "translations": "en:\n metadata.annotations: Annotations\n metadata.labels: Labels\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "configmap", "app.kubernetes.io/instance": "cap-operator-capapplicationversions.sme.sap.com", "app.kubernetes.io/name": "cap-operator-capapplicationversions.sme.sap.com", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.5.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-capapplicationversions.sme.sap.com", "namespace": "cap-operator-system" } }, { "apiVersion": "v1", "data": { "dataSources": "relatedJobs:\n resource:\n kind: Job\n group: batch\n version: v1\n filter: >-\n $item.metadata.annotations.`sme.sap.com/owner-identifier` = $join([$root.metadata.namespace,\".\",$root.metadata.name])\n", "details": "header:\n - source: metadata.ownerReferences\n widget: ControlledBy\n name: Owned By\n placeholder: '-'\nbody:\n - name: Summary\n widget: Panel\n children:\n - name: CAP Application Version Instance\n source: spec.capApplicationVersionInstance\n widget: ResourceLink\n resource:\n name: spec.capApplicationVersionInstance\n namespace: metadata.namespace\n kind: \"'CAPApplicationVersion'\"\n - name: Operation\n source: $uppercase(spec.operation)\n - name: Tenant Identifier\n source: spec.tenantId\n - name: State\n source: status.state\n widget: Badge\n highlights:\n information:\n - Processing\n - Deleting\n positive:\n - Completed\n critical:\n - Failed\n - name: Steps\n source: spec.steps\n widget: Table\n children:\n - name: Name\n search: true\n source: name\n - name: Type\n source: type\n search: true\n - name: Related Jobs\n widget: ResourceList\n source: $relatedJobs()\n - widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n name: Recent Events\n defaultType: all\n hideInvolvedObjects: true\n", "form": "[]\n", "general": "resource:\n kind: CAPTenantOperation\n group: sme.sap.com\n version: v1alpha1\nname: CAP Tenant Operations\ncategory: CAP Operator\nurlPath: captenantoperations\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableEdit: true\n disableDelete: true\n", "list": "- name: Operation\n source: $uppercase(spec.operation)\n- name: State\n source: status.state\n widget: Badge\n highlights:\n information:\n - Processing\n - Deleting\n positive:\n - Completed\n critical:\n - Failed\n description: status.conditions[-1].message\n- name: Uses CAP Application Version\n source: spec.capApplicationVersionInstance\n widget: ResourceLink\n resource:\n name: spec.capApplicationVersionInstance\n namespace: metadata.namespace\n kind: \"'CAPApplicationVersion'\"\n", "translations": "en:\n metadata.annotations: Annotations\n metadata.labels: Labels\n metadata.creationTimestamp: Created at\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "configmap", "app.kubernetes.io/instance": "cap-operator-captenantoperations.sme.sap.com", "app.kubernetes.io/name": "cap-operator-captenantoperations.sme.sap.com", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.5.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-captenantoperations.sme.sap.com", "namespace": "cap-operator-system" } }, { "apiVersion": "v1", "data": { "dataSources": "tenantOps:\n resource:\n kind: CAPTenantOperation\n group: sme.sap.com\n version: v1alpha1\n filter: >-\n $item.metadata.generateName = $join([$root.metadata.name,\"-\"]) and $item.metadata.namespace = $root.metadata.namespace\nvirtualServices:\n resource:\n kind: VirtualService\n group: networking.istio.io\n version: v1beta1\n filter: >-\n $item.metadata.name = $root.metadata.name and $item.metadata.namespace = $root.metadata.namespace\n", "details": "header:\n - source: metadata.ownerReferences\n widget: ControlledBy\n name: Owned By\n placeholder: '-'\nbody:\n - name: Tenant Information\n widget: Panel\n children:\n - name: Tenant Identifier\n source: spec.tenantId\n - name: Subdomain\n source: spec.subDomain\n - name: Desired Version\n source: spec.version\n - name: Version Upgrade Strategy\n source: >-\n spec.versionUpgradeStrategy = \"never\" ? \"Never\" : \"Always\"\n - name: Current CAP Application Version\n source: status.currentCAPApplicationVersionInstance\n widget: ResourceLink\n resource:\n name: status.currentCAPApplicationVersionInstance\n namespace: metadata.namespace\n kind: \"'CAPApplicationVersion'\"\n - name: Application Domains\n widget: Panel\n children:\n - name: URL's\n source: $virtualServices().items[0].spec.hosts\n widget: JoinedArray\n children:\n - source: $item\n widget: ExternalLink\n link: \"'https://' & $item\"\n - name: Status\n widget: Panel\n children:\n - name: Tenant Ready for Use\n widget: Badge\n source: >-\n (status.conditions[-1].type = \"Ready\" and status.conditions[-1].status = \"True\") ? \"Yes\" : \"No\"\n highlights:\n positive:\n - Yes\n negative:\n - No\n - name: State\n source: >-\n status.state = \"UpgradeError\" ? \"Upgrade Error\" : (status.state = \"ProvisioningError\" ? \"Provisioning Error\" : status.state)\n widget: Badge\n highlights:\n information:\n - Provisioning\n - Upgrading\n - Deleting\n positive:\n - Ready\n critical:\n - Provisioning Error\n negative:\n - Upgrade Error\n - name: Reason\n source: status.conditions[-1].reason\n - name: Message\n source: status.conditions[-1].message\n - name: Last Transition Time\n source: >-\n $readableTimestamp(status.conditions[-1].lastTransitionTime)\n - name: Tenant Operations\n widget: Table\n source: $tenantOps().items\n children:\n - source: $item.metadata.name\n name: Name\n widget: ResourceLink\n resource:\n name: $item.metadata.name\n namespace: $item.metadata.namespace\n kind: \"'CAPTenantOperation'\"\n - source: $uppercase($item.spec.operation)\n name: Operation\n - source: $item.status.state\n name: State\n widget: Badge\n highlights:\n information:\n - Processing\n - Deleting\n positive:\n - Completed\n critical:\n - Failed\n - widget: EventList\n filter: '$matchEvents($$, $root.kind, $root.metadata.name)'\n name: Recent Events\n defaultType: all\n hideInvolvedObjects: true\n", "form": "[]\n", "general": "resource:\n kind: CAPTenant\n group: sme.sap.com\n version: v1alpha1\nname: CAP Tenants\ndescription: A tenant represents a consumer who has subscribed to a CAP Application.\nicon: customer\ncategory: CAP Operator\nurlPath: captenants\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableEdit: true\n disableDelete: true\n", "list": "- name: State\n source: >-\n status.state = \"UpgradeError\" ? \"Upgrade Error\" : (status.state = \"ProvisioningError\" ? \"Provisioning Error\" : status.state)\n widget: Badge\n highlights:\n information:\n - Provisioning\n - Upgrading\n - Deleting\n positive:\n - Ready\n critical:\n - Provisioning Error\n negative:\n - Upgrade Error\n- name: CAP Application\n source: spec.capApplicationInstance\n widget: ResourceLink\n resource:\n name: spec.capApplicationInstance\n namespace: metadata.namespace\n kind: \"'CAPApplication'\"\n- name: Current CAP Application Version\n source: status.currentCAPApplicationVersionInstance\n widget: ResourceLink\n resource:\n name: status.currentCAPApplicationVersionInstance\n namespace: metadata.namespace\n kind: \"'CAPApplicationVersion'\"\n- name: Tenant Identifier\n source: spec.tenantId\n", "translations": "en:\n metadata.annotations: Annotations\n metadata.labels: Labels\n metadata.creationTimestamp: Created at\n" }, "kind": "ConfigMap", "metadata": { "labels": { "app.kubernetes.io/component": "configmap", "app.kubernetes.io/instance": "cap-operator-captenants.sme.sap.com", "app.kubernetes.io/name": "cap-operator-captenants.sme.sap.com", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.5.0", "busola.io/extension": "resource", "busola.io/extension-version": "0.5", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-captenants.sme.sap.com", "namespace": "cap-operator-system" } }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "controller", "app.kubernetes.io/instance": "cap-operator-controller-manager", "app.kubernetes.io/name": "cap-operator-controller-manager", "app.kubernetes.io/part-of": "cap-operator-manager", "app.kubernetes.io/version": "0.5.0", "kyma-project.io/module": "cap-operator" }, "name": "cap-operator-controller-manager", "namespace": "cap-operator-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/part-of": "cap-operator-manager", "kyma-project.io/module": "cap-operator" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager" }, "labels": { "app.kubernetes.io/part-of": "cap-operator-manager", "kyma-project.io/module": "cap-operator" } }, "spec": { "containers": [ { "args": [ "--leader-elect" ], "command": [ "/manager" ], "env": [ { "name": "POD_NAMESPACE", "valueFrom": { "fieldRef": { "fieldPath": "metadata.namespace" } } } ], "image": "ghcr.io/sap/cap-operator-lifecycle/cap-operator-manager:0.5.0", "imagePullPolicy": "Always", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "500m", "memory": "128Mi" }, "requests": { "cpu": "10m", "memory": "64Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "securityContext": { "runAsNonRoot": true }, "serviceAccountName": "cap-operator-controller-manager", "terminationGracePeriodSeconds": 10 } } } } ], "managerPath": "/apis/apps/v1/namespaces/cap-operator-system/deployments/cap-operator-controller-manager", "managerImage": "ghcr.io/sap/cap-operator-lifecycle/cap-operator-manager:0.5.0", "crPath": "/apis/operator.sme.sap.com/v1alpha1/namespaces/kyma-system/capoperators/cap-operator", "channels": [ "fast", "regular" ], "documentation": "https://sap.github.io/cap-operator/", "repository": "https://github.com/SAP/cap-operator-lifecycle.git" } ] }, { "name": "cluster-ip", "documentation": "https://github.com/pbochynski/cluster-ip#readme", "repository": "https://github.com/pbochynski/cluster-ip.git", "managedResources": [ "apis/operator.kyma-project.io/v1alpha1/clusterips" ], "community": true, "manageable": false, "latestGithubRelease": { "repository": "pbochynski/cluster-ip", "deploymentYaml": "cluster-ip-operator.yaml", "crYaml": "cluster-ip-nodes.yaml" }, "versions": [ { "version": "0.0.28", "deploymentYaml": "https://github.com/pbochynski/cluster-ip/releases/download/0.0.28/cluster-ip-operator.yaml", "crYaml": "https://github.com/pbochynski/cluster-ip/releases/download/0.0.28/cluster-ip-nodes.yaml", "cr": { "apiVersion": "operator.kyma-project.io/v1alpha1", "kind": "ClusterIP", "metadata": { "name": "cluster-ip-nodes", "namespace": "kyma-system" }, "spec": { "nodeSpreadLabel": "kubernetes.io/hostname" } }, "resources": [ { "apiVersion": "v1", "kind": "Namespace", "metadata": { "labels": { "app.kubernetes.io/component": "cluster-ip.kyma-project.io", "app.kubernetes.io/created-by": "cluster-ip", "app.kubernetes.io/instance": "system", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "namespace", "app.kubernetes.io/part-of": "cluster-ip", "control-plane": "controller-manager" }, "name": "cluster-ip-system" } }, { "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.11.1" }, "creationTimestamp": null, "labels": { "app.kubernetes.io/component": "cluster-ip.kyma-project.io" }, "name": "clusterips.operator.kyma-project.io" }, "spec": { "group": "operator.kyma-project.io", "names": { "kind": "ClusterIP", "listKind": "ClusterIPList", "plural": "clusterips", "singular": "clusterip" }, "scope": "Namespaced", "versions": [ { "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "ClusterIP is the Schema for the clusterips API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "default": { "nodeSpreadLabel": "topology.kubernetes.io/zone" }, "description": "ClusterIPSpec defines the desired state of ClusterIP", "properties": { "nodeSpreadLabel": { "default": "topology.kubernetes.io/zone", "type": "string" } }, "type": "object" }, "status": { "description": "ClusterIPStatus defines the observed state of ClusterIP", "properties": { "info": { "type": "string" }, "nodeIPs": { "items": { "properties": { "ip": { "type": "string" }, "lastUpdateTime": { "format": "date-time", "type": "string" }, "nodeLabel": { "type": "string" } }, "required": [ "ip", "nodeLabel" ], "type": "object" }, "type": "array" }, "state": { "description": "State signifies current state of Module CR. Value can be one of (\"Ready\", \"Processing\", \"Error\", \"Deleting\").", "enum": [ "Processing", "Deleting", "Ready", "Error" ], "type": "string" } }, "required": [ "state" ], "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }, { "apiVersion": "v1", "kind": "ServiceAccount", "metadata": { "labels": { "app.kubernetes.io/component": "cluster-ip.kyma-project.io", "app.kubernetes.io/created-by": "cluster-ip", "app.kubernetes.io/instance": "controller-manager-sa", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "serviceaccount", "app.kubernetes.io/part-of": "cluster-ip" }, "name": "cluster-ip-controller-manager", "namespace": "cluster-ip-system" } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "labels": { "app.kubernetes.io/component": "cluster-ip.kyma-project.io", "app.kubernetes.io/created-by": "cluster-ip", "app.kubernetes.io/instance": "leader-election-role", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "role", "app.kubernetes.io/part-of": "cluster-ip" }, "name": "cluster-ip-leader-election-role", "namespace": "cluster-ip-system" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "configmaps" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "coordination.k8s.io" ], "resources": [ "leases" ], "verbs": [ "get", "list", "watch", "create", "update", "patch", "delete" ] }, { "apiGroups": [ "" ], "resources": [ "events" ], "verbs": [ "create", "patch" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "creationTimestamp": null, "labels": { "app.kubernetes.io/component": "cluster-ip.kyma-project.io" }, "name": "cluster-ip-manager-role" }, "rules": [ { "apiGroups": [ "" ], "resources": [ "nodes" ], "verbs": [ "get", "list", "watch" ] }, { "apiGroups": [ "" ], "resources": [ "pods" ], "verbs": [ "create", "delete", "get", "list", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "clusterips" ], "verbs": [ "create", "delete", "get", "list", "patch", "update", "watch" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "clusterips/finalizers" ], "verbs": [ "update" ] }, { "apiGroups": [ "operator.kyma-project.io" ], "resources": [ "clusterips/status" ], "verbs": [ "get", "patch", "update" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "cluster-ip.kyma-project.io", "app.kubernetes.io/created-by": "cluster-ip", "app.kubernetes.io/instance": "metrics-reader", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "clusterrole", "app.kubernetes.io/part-of": "cluster-ip" }, "name": "cluster-ip-metrics-reader" }, "rules": [ { "nonResourceURLs": [ "/metrics" ], "verbs": [ "get" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "labels": { "app.kubernetes.io/component": "cluster-ip.kyma-project.io", "app.kubernetes.io/created-by": "cluster-ip", "app.kubernetes.io/instance": "proxy-role", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "clusterrole", "app.kubernetes.io/part-of": "cluster-ip" }, "name": "cluster-ip-proxy-role" }, "rules": [ { "apiGroups": [ "authentication.k8s.io" ], "resources": [ "tokenreviews" ], "verbs": [ "create" ] }, { "apiGroups": [ "authorization.k8s.io" ], "resources": [ "subjectaccessreviews" ], "verbs": [ "create" ] } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "cluster-ip.kyma-project.io", "app.kubernetes.io/created-by": "cluster-ip", "app.kubernetes.io/instance": "leader-election-rolebinding", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "rolebinding", "app.kubernetes.io/part-of": "cluster-ip" }, "name": "cluster-ip-leader-election-rolebinding", "namespace": "cluster-ip-system" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "Role", "name": "cluster-ip-leader-election-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "cluster-ip-controller-manager", "namespace": "cluster-ip-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "cluster-ip.kyma-project.io", "app.kubernetes.io/created-by": "cluster-ip", "app.kubernetes.io/instance": "manager-rolebinding", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "clusterrolebinding", "app.kubernetes.io/part-of": "cluster-ip" }, "name": "cluster-ip-manager-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "cluster-ip-manager-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "cluster-ip-controller-manager", "namespace": "cluster-ip-system" } ] }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRoleBinding", "metadata": { "labels": { "app.kubernetes.io/component": "cluster-ip.kyma-project.io", "app.kubernetes.io/created-by": "cluster-ip", "app.kubernetes.io/instance": "proxy-rolebinding", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "clusterrolebinding", "app.kubernetes.io/part-of": "cluster-ip" }, "name": "cluster-ip-proxy-rolebinding" }, "roleRef": { "apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "cluster-ip-proxy-role" }, "subjects": [ { "kind": "ServiceAccount", "name": "cluster-ip-controller-manager", "namespace": "cluster-ip-system" } ] }, { "apiVersion": "v1", "kind": "Service", "metadata": { "labels": { "app.kubernetes.io/component": "cluster-ip.kyma-project.io", "app.kubernetes.io/created-by": "cluster-ip", "app.kubernetes.io/instance": "controller-manager-metrics-service", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "service", "app.kubernetes.io/part-of": "cluster-ip", "control-plane": "controller-manager" }, "name": "cluster-ip-controller-manager-metrics-service", "namespace": "cluster-ip-system" }, "spec": { "ports": [ { "name": "https", "port": 8443, "protocol": "TCP", "targetPort": "https" } ], "selector": { "app.kubernetes.io/component": "cluster-ip.kyma-project.io", "control-plane": "controller-manager" } } }, { "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/component": "cluster-ip.kyma-project.io", "app.kubernetes.io/created-by": "cluster-ip", "app.kubernetes.io/instance": "controller-manager", "app.kubernetes.io/managed-by": "kustomize", "app.kubernetes.io/name": "deployment", "app.kubernetes.io/part-of": "cluster-ip", "control-plane": "controller-manager" }, "name": "cluster-ip-controller-manager", "namespace": "cluster-ip-system" }, "spec": { "replicas": 1, "selector": { "matchLabels": { "app.kubernetes.io/component": "cluster-ip.kyma-project.io" } }, "template": { "metadata": { "annotations": { "kubectl.kubernetes.io/default-container": "manager" }, "labels": { "app.kubernetes.io/component": "cluster-ip.kyma-project.io" } }, "spec": { "containers": [ { "command": [ "/manager" ], "env": [ { "name": "MY_POD_NAME", "valueFrom": { "fieldRef": { "fieldPath": "metadata.name" } } }, { "name": "MY_POD_NAMESPACE", "valueFrom": { "fieldRef": { "fieldPath": "metadata.namespace" } } } ], "image": "ghcr.io/pbochynski/cluster-ip:0.0.28", "livenessProbe": { "httpGet": { "path": "/healthz", "port": 8081 }, "initialDelaySeconds": 15, "periodSeconds": 20 }, "name": "manager", "readinessProbe": { "httpGet": { "path": "/readyz", "port": 8081 }, "initialDelaySeconds": 5, "periodSeconds": 10 }, "resources": { "limits": { "cpu": "500m", "memory": "128Mi" }, "requests": { "cpu": "10m", "memory": "64Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } } } ], "securityContext": { "runAsNonRoot": true }, "serviceAccountName": "cluster-ip-controller-manager", "terminationGracePeriodSeconds": 10 } } } } ], "managerPath": "/apis/apps/v1/namespaces/cluster-ip-system/deployments/cluster-ip-controller-manager", "managerImage": "ghcr.io/pbochynski/cluster-ip:0.0.28", "crPath": "/apis/operator.kyma-project.io/v1alpha1/namespaces/kyma-system/clusterips/cluster-ip-nodes" } ] } ]