Robert Munteanu
c8d5598531
OBS-URL: https://build.opensuse.org/package/show/devel:kubic/flux2-cli?expand=0&rev=48
1266 lines
53 KiB
YAML
1266 lines
53 KiB
YAML
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.19.0
|
|
name: alerts.notification.toolkit.fluxcd.io
|
|
spec:
|
|
group: notification.toolkit.fluxcd.io
|
|
names:
|
|
kind: Alert
|
|
listKind: AlertList
|
|
plural: alerts
|
|
singular: alert
|
|
scope: Namespaced
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- jsonPath: .metadata.creationTimestamp
|
|
name: Age
|
|
type: date
|
|
- jsonPath: .status.conditions[?(@.type=="Ready")].status
|
|
name: Ready
|
|
type: string
|
|
- jsonPath: .status.conditions[?(@.type=="Ready")].message
|
|
name: Status
|
|
type: string
|
|
deprecated: true
|
|
deprecationWarning: v1beta2 Alert is deprecated, upgrade to v1beta3
|
|
name: v1beta2
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Alert is the Schema for the alerts API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: AlertSpec defines an alerting rule for events involving a
|
|
list of objects.
|
|
properties:
|
|
eventMetadata:
|
|
additionalProperties:
|
|
type: string
|
|
description: |-
|
|
EventMetadata is an optional field for adding metadata to events dispatched by the
|
|
controller. This can be used for enhancing the context of the event. If a field
|
|
would override one already present on the original event as generated by the emitter,
|
|
then the override doesn't happen, i.e. the original value is preserved, and an info
|
|
log is printed.
|
|
type: object
|
|
eventSeverity:
|
|
default: info
|
|
description: |-
|
|
EventSeverity specifies how to filter events based on severity.
|
|
If set to 'info' no events will be filtered.
|
|
enum:
|
|
- info
|
|
- error
|
|
type: string
|
|
eventSources:
|
|
description: |-
|
|
EventSources specifies how to filter events based
|
|
on the involved object kind, name and namespace.
|
|
items:
|
|
description: |-
|
|
CrossNamespaceObjectReference contains enough information to let you locate the
|
|
typed referenced object at cluster level
|
|
properties:
|
|
apiVersion:
|
|
description: API version of the referent
|
|
type: string
|
|
kind:
|
|
description: Kind of the referent
|
|
enum:
|
|
- Bucket
|
|
- GitRepository
|
|
- Kustomization
|
|
- HelmRelease
|
|
- HelmChart
|
|
- HelmRepository
|
|
- ImageRepository
|
|
- ImagePolicy
|
|
- ImageUpdateAutomation
|
|
- OCIRepository
|
|
type: string
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
description: |-
|
|
MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
|
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
|
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
|
MatchLabels requires the name to be set to `*`.
|
|
type: object
|
|
name:
|
|
description: |-
|
|
Name of the referent
|
|
If multiple resources are targeted `*` may be set.
|
|
maxLength: 253
|
|
minLength: 1
|
|
type: string
|
|
namespace:
|
|
description: Namespace of the referent
|
|
maxLength: 253
|
|
minLength: 1
|
|
type: string
|
|
required:
|
|
- kind
|
|
- name
|
|
type: object
|
|
type: array
|
|
exclusionList:
|
|
description: |-
|
|
ExclusionList specifies a list of Golang regular expressions
|
|
to be used for excluding messages.
|
|
items:
|
|
type: string
|
|
type: array
|
|
inclusionList:
|
|
description: |-
|
|
InclusionList specifies a list of Golang regular expressions
|
|
to be used for including messages.
|
|
items:
|
|
type: string
|
|
type: array
|
|
providerRef:
|
|
description: ProviderRef specifies which Provider this Alert should
|
|
use.
|
|
properties:
|
|
name:
|
|
description: Name of the referent.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
summary:
|
|
description: Summary holds a short description of the impact and affected
|
|
cluster.
|
|
maxLength: 255
|
|
type: string
|
|
suspend:
|
|
description: |-
|
|
Suspend tells the controller to suspend subsequent
|
|
events handling for this Alert.
|
|
type: boolean
|
|
required:
|
|
- eventSources
|
|
- providerRef
|
|
type: object
|
|
status:
|
|
default:
|
|
observedGeneration: -1
|
|
description: AlertStatus defines the observed state of the Alert.
|
|
properties:
|
|
conditions:
|
|
description: Conditions holds the conditions for the Alert.
|
|
items:
|
|
description: Condition contains details for one aspect of the current
|
|
state of this API Resource.
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
minLength: 1
|
|
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- reason
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
lastHandledReconcileAt:
|
|
description: |-
|
|
LastHandledReconcileAt holds the value of the most recent
|
|
reconcile request value, so a change of the annotation value
|
|
can be detected.
|
|
type: string
|
|
observedGeneration:
|
|
description: ObservedGeneration is the last observed generation.
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: false
|
|
subresources:
|
|
status: {}
|
|
- additionalPrinterColumns:
|
|
- jsonPath: .metadata.creationTimestamp
|
|
name: Age
|
|
type: date
|
|
name: v1beta3
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Alert is the Schema for the alerts API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: AlertSpec defines an alerting rule for events involving a
|
|
list of objects.
|
|
properties:
|
|
eventMetadata:
|
|
additionalProperties:
|
|
type: string
|
|
description: |-
|
|
EventMetadata is an optional field for adding metadata to events dispatched by the
|
|
controller. This can be used for enhancing the context of the event. If a field
|
|
would override one already present on the original event as generated by the emitter,
|
|
then the override doesn't happen, i.e. the original value is preserved, and an info
|
|
log is printed.
|
|
type: object
|
|
eventSeverity:
|
|
default: info
|
|
description: |-
|
|
EventSeverity specifies how to filter events based on severity.
|
|
If set to 'info' no events will be filtered.
|
|
enum:
|
|
- info
|
|
- error
|
|
type: string
|
|
eventSources:
|
|
description: |-
|
|
EventSources specifies how to filter events based
|
|
on the involved object kind, name and namespace.
|
|
items:
|
|
description: |-
|
|
CrossNamespaceObjectReference contains enough information to let you locate the
|
|
typed referenced object at cluster level
|
|
properties:
|
|
apiVersion:
|
|
description: API version of the referent
|
|
type: string
|
|
kind:
|
|
description: Kind of the referent
|
|
enum:
|
|
- Bucket
|
|
- GitRepository
|
|
- Kustomization
|
|
- HelmRelease
|
|
- HelmChart
|
|
- HelmRepository
|
|
- ImageRepository
|
|
- ImagePolicy
|
|
- ImageUpdateAutomation
|
|
- OCIRepository
|
|
type: string
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
description: |-
|
|
MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
|
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
|
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
|
MatchLabels requires the name to be set to `*`.
|
|
type: object
|
|
name:
|
|
description: |-
|
|
Name of the referent
|
|
If multiple resources are targeted `*` may be set.
|
|
maxLength: 253
|
|
minLength: 1
|
|
type: string
|
|
namespace:
|
|
description: Namespace of the referent
|
|
maxLength: 253
|
|
minLength: 1
|
|
type: string
|
|
required:
|
|
- kind
|
|
- name
|
|
type: object
|
|
type: array
|
|
exclusionList:
|
|
description: |-
|
|
ExclusionList specifies a list of Golang regular expressions
|
|
to be used for excluding messages.
|
|
items:
|
|
type: string
|
|
type: array
|
|
inclusionList:
|
|
description: |-
|
|
InclusionList specifies a list of Golang regular expressions
|
|
to be used for including messages.
|
|
items:
|
|
type: string
|
|
type: array
|
|
providerRef:
|
|
description: ProviderRef specifies which Provider this Alert should
|
|
use.
|
|
properties:
|
|
name:
|
|
description: Name of the referent.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
summary:
|
|
description: |-
|
|
Summary holds a short description of the impact and affected cluster.
|
|
Deprecated: Use EventMetadata instead.
|
|
maxLength: 255
|
|
type: string
|
|
suspend:
|
|
description: |-
|
|
Suspend tells the controller to suspend subsequent
|
|
events handling for this Alert.
|
|
type: boolean
|
|
required:
|
|
- eventSources
|
|
- providerRef
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources: {}
|
|
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.19.0
|
|
name: providers.notification.toolkit.fluxcd.io
|
|
spec:
|
|
group: notification.toolkit.fluxcd.io
|
|
names:
|
|
kind: Provider
|
|
listKind: ProviderList
|
|
plural: providers
|
|
singular: provider
|
|
scope: Namespaced
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- jsonPath: .metadata.creationTimestamp
|
|
name: Age
|
|
type: date
|
|
- jsonPath: .status.conditions[?(@.type=="Ready")].status
|
|
name: Ready
|
|
type: string
|
|
- jsonPath: .status.conditions[?(@.type=="Ready")].message
|
|
name: Status
|
|
type: string
|
|
deprecated: true
|
|
deprecationWarning: v1beta2 Provider is deprecated, upgrade to v1beta3
|
|
name: v1beta2
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Provider is the Schema for the providers API.
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: ProviderSpec defines the desired state of the Provider.
|
|
properties:
|
|
address:
|
|
description: |-
|
|
Address specifies the endpoint, in a generic sense, to where alerts are sent.
|
|
What kind of endpoint depends on the specific Provider type being used.
|
|
For the generic Provider, for example, this is an HTTP/S address.
|
|
For other Provider types this could be a project ID or a namespace.
|
|
maxLength: 2048
|
|
type: string
|
|
certSecretRef:
|
|
description: |-
|
|
CertSecretRef specifies the Secret containing
|
|
a PEM-encoded CA certificate (in the `ca.crt` key).
|
|
|
|
Note: Support for the `caFile` key has
|
|
been deprecated.
|
|
properties:
|
|
name:
|
|
description: Name of the referent.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
channel:
|
|
description: Channel specifies the destination channel where events
|
|
should be posted.
|
|
maxLength: 2048
|
|
type: string
|
|
interval:
|
|
description: Interval at which to reconcile the Provider with its
|
|
Secret references.
|
|
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
|
|
type: string
|
|
proxy:
|
|
description: Proxy the HTTP/S address of the proxy server.
|
|
maxLength: 2048
|
|
pattern: ^(http|https)://.*$
|
|
type: string
|
|
secretRef:
|
|
description: |-
|
|
SecretRef specifies the Secret containing the authentication
|
|
credentials for this Provider.
|
|
properties:
|
|
name:
|
|
description: Name of the referent.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
suspend:
|
|
description: |-
|
|
Suspend tells the controller to suspend subsequent
|
|
events handling for this Provider.
|
|
type: boolean
|
|
timeout:
|
|
description: Timeout for sending alerts to the Provider.
|
|
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
|
|
type: string
|
|
type:
|
|
description: Type specifies which Provider implementation to use.
|
|
enum:
|
|
- slack
|
|
- discord
|
|
- msteams
|
|
- rocket
|
|
- generic
|
|
- generic-hmac
|
|
- github
|
|
- gitlab
|
|
- gitea
|
|
- bitbucketserver
|
|
- bitbucket
|
|
- azuredevops
|
|
- googlechat
|
|
- googlepubsub
|
|
- webex
|
|
- sentry
|
|
- azureeventhub
|
|
- telegram
|
|
- lark
|
|
- matrix
|
|
- opsgenie
|
|
- alertmanager
|
|
- grafana
|
|
- githubdispatch
|
|
- pagerduty
|
|
- datadog
|
|
type: string
|
|
username:
|
|
description: Username specifies the name under which events are posted.
|
|
maxLength: 2048
|
|
type: string
|
|
required:
|
|
- type
|
|
type: object
|
|
status:
|
|
default:
|
|
observedGeneration: -1
|
|
description: ProviderStatus defines the observed state of the Provider.
|
|
properties:
|
|
conditions:
|
|
description: Conditions holds the conditions for the Provider.
|
|
items:
|
|
description: Condition contains details for one aspect of the current
|
|
state of this API Resource.
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
minLength: 1
|
|
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- reason
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
lastHandledReconcileAt:
|
|
description: |-
|
|
LastHandledReconcileAt holds the value of the most recent
|
|
reconcile request value, so a change of the annotation value
|
|
can be detected.
|
|
type: string
|
|
observedGeneration:
|
|
description: ObservedGeneration is the last reconciled generation.
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: false
|
|
subresources:
|
|
status: {}
|
|
- additionalPrinterColumns:
|
|
- jsonPath: .metadata.creationTimestamp
|
|
name: Age
|
|
type: date
|
|
name: v1beta3
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Provider is the Schema for the providers API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: ProviderSpec defines the desired state of the Provider.
|
|
properties:
|
|
address:
|
|
description: |-
|
|
Address specifies the endpoint, in a generic sense, to where alerts are sent.
|
|
What kind of endpoint depends on the specific Provider type being used.
|
|
For the generic Provider, for example, this is an HTTP/S address.
|
|
For other Provider types this could be a project ID or a namespace.
|
|
maxLength: 2048
|
|
type: string
|
|
certSecretRef:
|
|
description: |-
|
|
CertSecretRef specifies the Secret containing TLS certificates
|
|
for secure communication.
|
|
|
|
Supported configurations:
|
|
- CA-only: Server authentication (provide ca.crt only)
|
|
- mTLS: Mutual authentication (provide ca.crt + tls.crt + tls.key)
|
|
- Client-only: Client authentication with system CA (provide tls.crt + tls.key only)
|
|
|
|
Legacy keys "caFile", "certFile", "keyFile" are supported but deprecated. Use "ca.crt", "tls.crt", "tls.key" instead.
|
|
properties:
|
|
name:
|
|
description: Name of the referent.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
channel:
|
|
description: Channel specifies the destination channel where events
|
|
should be posted.
|
|
maxLength: 2048
|
|
type: string
|
|
commitStatusExpr:
|
|
description: |-
|
|
CommitStatusExpr is a CEL expression that evaluates to a string value
|
|
that can be used to generate a custom commit status message for use
|
|
with eligible Provider types (github, gitlab, gitea, bitbucketserver,
|
|
bitbucket, azuredevops). Supported variables are: event, provider,
|
|
and alert.
|
|
type: string
|
|
interval:
|
|
description: |-
|
|
Interval at which to reconcile the Provider with its Secret references.
|
|
Deprecated and not used in v1beta3.
|
|
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
|
|
type: string
|
|
proxy:
|
|
description: |-
|
|
Proxy the HTTP/S address of the proxy server.
|
|
Deprecated: Use ProxySecretRef instead. Will be removed in v1.
|
|
maxLength: 2048
|
|
pattern: ^(http|https)://.*$
|
|
type: string
|
|
proxySecretRef:
|
|
description: |-
|
|
ProxySecretRef specifies the Secret containing the proxy configuration
|
|
for this Provider. The Secret should contain an 'address' key with the
|
|
HTTP/S address of the proxy server. Optional 'username' and 'password'
|
|
keys can be provided for proxy authentication.
|
|
properties:
|
|
name:
|
|
description: Name of the referent.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
secretRef:
|
|
description: |-
|
|
SecretRef specifies the Secret containing the authentication
|
|
credentials for this Provider.
|
|
properties:
|
|
name:
|
|
description: Name of the referent.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
serviceAccountName:
|
|
description: |-
|
|
ServiceAccountName is the name of the Kubernetes ServiceAccount used to
|
|
authenticate with cloud provider services through workload identity.
|
|
This enables multi-tenant authentication without storing static credentials.
|
|
|
|
Supported provider types: azureeventhub, azuredevops, googlepubsub
|
|
|
|
When specified, the controller will:
|
|
1. Create an OIDC token for the specified ServiceAccount
|
|
2. Exchange it for cloud provider credentials via STS
|
|
3. Use the obtained credentials for API authentication
|
|
|
|
When unspecified, controller-level authentication is used (single-tenant).
|
|
|
|
An error is thrown if static credentials are also defined in SecretRef.
|
|
This field requires the ObjectLevelWorkloadIdentity feature gate to be enabled.
|
|
type: string
|
|
suspend:
|
|
description: |-
|
|
Suspend tells the controller to suspend subsequent
|
|
events handling for this Provider.
|
|
type: boolean
|
|
timeout:
|
|
description: Timeout for sending alerts to the Provider.
|
|
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
|
|
type: string
|
|
type:
|
|
description: Type specifies which Provider implementation to use.
|
|
enum:
|
|
- slack
|
|
- discord
|
|
- msteams
|
|
- rocket
|
|
- generic
|
|
- generic-hmac
|
|
- github
|
|
- gitlab
|
|
- gitea
|
|
- bitbucketserver
|
|
- bitbucket
|
|
- azuredevops
|
|
- googlechat
|
|
- googlepubsub
|
|
- webex
|
|
- sentry
|
|
- azureeventhub
|
|
- telegram
|
|
- lark
|
|
- matrix
|
|
- opsgenie
|
|
- alertmanager
|
|
- grafana
|
|
- githubdispatch
|
|
- pagerduty
|
|
- datadog
|
|
- nats
|
|
- zulip
|
|
- otel
|
|
type: string
|
|
username:
|
|
description: Username specifies the name under which events are posted.
|
|
maxLength: 2048
|
|
type: string
|
|
required:
|
|
- type
|
|
type: object
|
|
x-kubernetes-validations:
|
|
- message: spec.commitStatusExpr is only supported for the 'github', 'gitlab',
|
|
'gitea', 'bitbucketserver', 'bitbucket', 'azuredevops' provider types
|
|
rule: self.type == 'github' || self.type == 'gitlab' || self.type ==
|
|
'gitea' || self.type == 'bitbucketserver' || self.type == 'bitbucket'
|
|
|| self.type == 'azuredevops' || !has(self.commitStatusExpr)
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources: {}
|
|
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.19.0
|
|
name: receivers.notification.toolkit.fluxcd.io
|
|
spec:
|
|
group: notification.toolkit.fluxcd.io
|
|
names:
|
|
kind: Receiver
|
|
listKind: ReceiverList
|
|
plural: receivers
|
|
singular: receiver
|
|
scope: Namespaced
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- jsonPath: .metadata.creationTimestamp
|
|
name: Age
|
|
type: date
|
|
- jsonPath: .status.conditions[?(@.type=="Ready")].status
|
|
name: Ready
|
|
type: string
|
|
- jsonPath: .status.conditions[?(@.type=="Ready")].message
|
|
name: Status
|
|
type: string
|
|
name: v1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Receiver is the Schema for the receivers API.
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: ReceiverSpec defines the desired state of the Receiver.
|
|
properties:
|
|
events:
|
|
description: |-
|
|
Events specifies the list of event types to handle,
|
|
e.g. 'push' for GitHub or 'Push Hook' for GitLab.
|
|
items:
|
|
type: string
|
|
type: array
|
|
interval:
|
|
default: 10m
|
|
description: Interval at which to reconcile the Receiver with its
|
|
Secret references.
|
|
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
|
|
type: string
|
|
resourceFilter:
|
|
description: |-
|
|
ResourceFilter is a CEL expression expected to return a boolean that is
|
|
evaluated for each resource referenced in the Resources field when a
|
|
webhook is received. If the expression returns false then the controller
|
|
will not request a reconciliation for the resource.
|
|
When the expression is specified the controller will parse it and mark
|
|
the object as terminally failed if the expression is invalid or does not
|
|
return a boolean.
|
|
type: string
|
|
resources:
|
|
description: A list of resources to be notified about changes.
|
|
items:
|
|
description: |-
|
|
CrossNamespaceObjectReference contains enough information to let you locate the
|
|
typed referenced object at cluster level
|
|
properties:
|
|
apiVersion:
|
|
description: API version of the referent
|
|
type: string
|
|
kind:
|
|
description: Kind of the referent
|
|
enum:
|
|
- Bucket
|
|
- GitRepository
|
|
- Kustomization
|
|
- HelmRelease
|
|
- HelmChart
|
|
- HelmRepository
|
|
- ImageRepository
|
|
- ImagePolicy
|
|
- ImageUpdateAutomation
|
|
- OCIRepository
|
|
type: string
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
description: |-
|
|
MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
|
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
|
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
|
MatchLabels requires the name to be set to `*`.
|
|
type: object
|
|
name:
|
|
description: |-
|
|
Name of the referent
|
|
If multiple resources are targeted `*` may be set.
|
|
maxLength: 253
|
|
minLength: 1
|
|
type: string
|
|
namespace:
|
|
description: Namespace of the referent
|
|
maxLength: 253
|
|
minLength: 1
|
|
type: string
|
|
required:
|
|
- kind
|
|
- name
|
|
type: object
|
|
type: array
|
|
secretRef:
|
|
description: |-
|
|
SecretRef specifies the Secret containing the token used
|
|
to validate the payload authenticity.
|
|
properties:
|
|
name:
|
|
description: Name of the referent.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
suspend:
|
|
description: |-
|
|
Suspend tells the controller to suspend subsequent
|
|
events handling for this receiver.
|
|
type: boolean
|
|
type:
|
|
description: |-
|
|
Type of webhook sender, used to determine
|
|
the validation procedure and payload deserialization.
|
|
enum:
|
|
- generic
|
|
- generic-hmac
|
|
- github
|
|
- gitlab
|
|
- bitbucket
|
|
- harbor
|
|
- dockerhub
|
|
- quay
|
|
- gcr
|
|
- nexus
|
|
- acr
|
|
- cdevents
|
|
type: string
|
|
required:
|
|
- resources
|
|
- secretRef
|
|
- type
|
|
type: object
|
|
status:
|
|
default:
|
|
observedGeneration: -1
|
|
description: ReceiverStatus defines the observed state of the Receiver.
|
|
properties:
|
|
conditions:
|
|
description: Conditions holds the conditions for the Receiver.
|
|
items:
|
|
description: Condition contains details for one aspect of the current
|
|
state of this API Resource.
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
minLength: 1
|
|
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- reason
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
lastHandledReconcileAt:
|
|
description: |-
|
|
LastHandledReconcileAt holds the value of the most recent
|
|
reconcile request value, so a change of the annotation value
|
|
can be detected.
|
|
type: string
|
|
observedGeneration:
|
|
description: ObservedGeneration is the last observed generation of
|
|
the Receiver object.
|
|
format: int64
|
|
type: integer
|
|
webhookPath:
|
|
description: |-
|
|
WebhookPath is the generated incoming webhook address in the format
|
|
of '/hook/sha256sum(token+name+namespace)'.
|
|
type: string
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
- additionalPrinterColumns:
|
|
- jsonPath: .metadata.creationTimestamp
|
|
name: Age
|
|
type: date
|
|
- jsonPath: .status.conditions[?(@.type=="Ready")].status
|
|
name: Ready
|
|
type: string
|
|
- jsonPath: .status.conditions[?(@.type=="Ready")].message
|
|
name: Status
|
|
type: string
|
|
deprecated: true
|
|
deprecationWarning: v1beta2 Receiver is deprecated, upgrade to v1
|
|
name: v1beta2
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Receiver is the Schema for the receivers API.
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: ReceiverSpec defines the desired state of the Receiver.
|
|
properties:
|
|
events:
|
|
description: |-
|
|
Events specifies the list of event types to handle,
|
|
e.g. 'push' for GitHub or 'Push Hook' for GitLab.
|
|
items:
|
|
type: string
|
|
type: array
|
|
interval:
|
|
description: Interval at which to reconcile the Receiver with its
|
|
Secret references.
|
|
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
|
|
type: string
|
|
resources:
|
|
description: A list of resources to be notified about changes.
|
|
items:
|
|
description: |-
|
|
CrossNamespaceObjectReference contains enough information to let you locate the
|
|
typed referenced object at cluster level
|
|
properties:
|
|
apiVersion:
|
|
description: API version of the referent
|
|
type: string
|
|
kind:
|
|
description: Kind of the referent
|
|
enum:
|
|
- Bucket
|
|
- GitRepository
|
|
- Kustomization
|
|
- HelmRelease
|
|
- HelmChart
|
|
- HelmRepository
|
|
- ImageRepository
|
|
- ImagePolicy
|
|
- ImageUpdateAutomation
|
|
- OCIRepository
|
|
type: string
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
description: |-
|
|
MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
|
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
|
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
|
MatchLabels requires the name to be set to `*`.
|
|
type: object
|
|
name:
|
|
description: |-
|
|
Name of the referent
|
|
If multiple resources are targeted `*` may be set.
|
|
maxLength: 253
|
|
minLength: 1
|
|
type: string
|
|
namespace:
|
|
description: Namespace of the referent
|
|
maxLength: 253
|
|
minLength: 1
|
|
type: string
|
|
required:
|
|
- kind
|
|
- name
|
|
type: object
|
|
type: array
|
|
secretRef:
|
|
description: |-
|
|
SecretRef specifies the Secret containing the token used
|
|
to validate the payload authenticity.
|
|
properties:
|
|
name:
|
|
description: Name of the referent.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
suspend:
|
|
description: |-
|
|
Suspend tells the controller to suspend subsequent
|
|
events handling for this receiver.
|
|
type: boolean
|
|
type:
|
|
description: |-
|
|
Type of webhook sender, used to determine
|
|
the validation procedure and payload deserialization.
|
|
enum:
|
|
- generic
|
|
- generic-hmac
|
|
- github
|
|
- gitlab
|
|
- bitbucket
|
|
- harbor
|
|
- dockerhub
|
|
- quay
|
|
- gcr
|
|
- nexus
|
|
- acr
|
|
type: string
|
|
required:
|
|
- resources
|
|
- secretRef
|
|
- type
|
|
type: object
|
|
status:
|
|
default:
|
|
observedGeneration: -1
|
|
description: ReceiverStatus defines the observed state of the Receiver.
|
|
properties:
|
|
conditions:
|
|
description: Conditions holds the conditions for the Receiver.
|
|
items:
|
|
description: Condition contains details for one aspect of the current
|
|
state of this API Resource.
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
minLength: 1
|
|
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- reason
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
lastHandledReconcileAt:
|
|
description: |-
|
|
LastHandledReconcileAt holds the value of the most recent
|
|
reconcile request value, so a change of the annotation value
|
|
can be detected.
|
|
type: string
|
|
observedGeneration:
|
|
description: ObservedGeneration is the last observed generation of
|
|
the Receiver object.
|
|
format: int64
|
|
type: integer
|
|
url:
|
|
description: |-
|
|
URL is the generated incoming webhook address in the format
|
|
of '/hook/sha256sum(token+name+namespace)'.
|
|
Deprecated: Replaced by WebhookPath.
|
|
type: string
|
|
webhookPath:
|
|
description: |-
|
|
WebhookPath is the generated incoming webhook address in the format
|
|
of '/hook/sha256sum(token+name+namespace)'.
|
|
type: string
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: false
|
|
subresources:
|
|
status: {}
|