...

Text file src/edge-infra.dev/hack/build/rules/kustomize/tests/gke/gke-expected.yaml

Documentation: edge-infra.dev/hack/build/rules/kustomize/tests/gke

     1apiVersion: v1
     2kind: Namespace
     3metadata:
     4  labels:
     5    workload.edge.ncr.com: platform
     6  name: warehouse-system
     7---
     8apiVersion: apiextensions.k8s.io/v1
     9kind: CustomResourceDefinition
    10metadata:
    11  annotations:
    12    controller-gen.kubebuilder.io/version: v0.9.2
    13  name: servicemonitors.monitoring.coreos.com
    14spec:
    15  group: monitoring.coreos.com
    16  names:
    17    categories:
    18    - prometheus-operator
    19    kind: ServiceMonitor
    20    listKind: ServiceMonitorList
    21    plural: servicemonitors
    22    shortNames:
    23    - smon
    24    singular: servicemonitor
    25  scope: Namespaced
    26  versions:
    27  - name: v1
    28    schema:
    29      openAPIV3Schema:
    30        description: ServiceMonitor defines monitoring for a set of services.
    31        properties:
    32          apiVersion:
    33            description: 'APIVersion defines the versioned schema of this representation
    34              of an object. Servers should convert recognized schemas to the latest
    35              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
    36            type: string
    37          kind:
    38            description: 'Kind is a string value representing the REST resource this
    39              object represents. Servers may infer this from the endpoint the client
    40              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
    41            type: string
    42          metadata:
    43            type: object
    44          spec:
    45            description: Specification of desired Service selection for target discovery
    46              by Prometheus.
    47            properties:
    48              endpoints:
    49                description: A list of endpoints allowed as part of this ServiceMonitor.
    50                items:
    51                  description: Endpoint defines a scrapeable endpoint serving Prometheus
    52                    metrics.
    53                  properties:
    54                    authorization:
    55                      description: Authorization section for this endpoint
    56                      properties:
    57                        credentials:
    58                          description: The secret's key that contains the credentials
    59                            of the request
    60                          properties:
    61                            key:
    62                              description: The key of the secret to select from.  Must
    63                                be a valid secret key.
    64                              type: string
    65                            name:
    66                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
    67                                TODO: Add other useful fields. apiVersion, kind, uid?'
    68                              type: string
    69                            optional:
    70                              description: Specify whether the Secret or its key must
    71                                be defined
    72                              type: boolean
    73                          required:
    74                          - key
    75                          type: object
    76                          x-kubernetes-map-type: atomic
    77                        type:
    78                          description: Set the authentication type. Defaults to Bearer,
    79                            Basic will cause an error
    80                          type: string
    81                      type: object
    82                    basicAuth:
    83                      description: 'BasicAuth allow an endpoint to authenticate over
    84                        basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints'
    85                      properties:
    86                        password:
    87                          description: The secret in the service monitor namespace
    88                            that contains the password for authentication.
    89                          properties:
    90                            key:
    91                              description: The key of the secret to select from.  Must
    92                                be a valid secret key.
    93                              type: string
    94                            name:
    95                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
    96                                TODO: Add other useful fields. apiVersion, kind, uid?'
    97                              type: string
    98                            optional:
    99                              description: Specify whether the Secret or its key must
   100                                be defined
   101                              type: boolean
   102                          required:
   103                          - key
   104                          type: object
   105                          x-kubernetes-map-type: atomic
   106                        username:
   107                          description: The secret in the service monitor namespace
   108                            that contains the username for authentication.
   109                          properties:
   110                            key:
   111                              description: The key of the secret to select from.  Must
   112                                be a valid secret key.
   113                              type: string
   114                            name:
   115                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
   116                                TODO: Add other useful fields. apiVersion, kind, uid?'
   117                              type: string
   118                            optional:
   119                              description: Specify whether the Secret or its key must
   120                                be defined
   121                              type: boolean
   122                          required:
   123                          - key
   124                          type: object
   125                          x-kubernetes-map-type: atomic
   126                      type: object
   127                    bearerTokenFile:
   128                      description: File to read bearer token for scraping targets.
   129                      type: string
   130                    bearerTokenSecret:
   131                      description: Secret to mount to read bearer token for scraping
   132                        targets. The secret needs to be in the same namespace as the
   133                        service monitor and accessible by the Prometheus Operator.
   134                      properties:
   135                        key:
   136                          description: The key of the secret to select from.  Must
   137                            be a valid secret key.
   138                          type: string
   139                        name:
   140                          description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
   141                            TODO: Add other useful fields. apiVersion, kind, uid?'
   142                          type: string
   143                        optional:
   144                          description: Specify whether the Secret or its key must
   145                            be defined
   146                          type: boolean
   147                      required:
   148                      - key
   149                      type: object
   150                      x-kubernetes-map-type: atomic
   151                    enableHttp2:
   152                      description: Whether to enable HTTP2.
   153                      type: boolean
   154                    followRedirects:
   155                      description: FollowRedirects configures whether scrape requests
   156                        follow HTTP 3xx redirects.
   157                      type: boolean
   158                    honorLabels:
   159                      description: HonorLabels chooses the metric's labels on collisions
   160                        with target labels.
   161                      type: boolean
   162                    honorTimestamps:
   163                      description: HonorTimestamps controls whether Prometheus respects
   164                        the timestamps present in scraped data.
   165                      type: boolean
   166                    interval:
   167                      description: Interval at which metrics should be scraped If
   168                        not specified Prometheus' global scrape interval is used.
   169                      pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
   170                      type: string
   171                    metricRelabelings:
   172                      description: MetricRelabelConfigs to apply to samples before
   173                        ingestion.
   174                      items:
   175                        description: 'RelabelConfig allows dynamic rewriting of the
   176                          label set, being applied to samples before ingestion. It
   177                          defines `<metric_relabel_configs>`-section of Prometheus
   178                          configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
   179                        properties:
   180                          action:
   181                            default: replace
   182                            description: Action to perform based on regex matching.
   183                              Default is 'replace'. uppercase and lowercase actions
   184                              require Prometheus >= 2.36.
   185                            enum:
   186                            - replace
   187                            - Replace
   188                            - keep
   189                            - Keep
   190                            - drop
   191                            - Drop
   192                            - hashmod
   193                            - HashMod
   194                            - labelmap
   195                            - LabelMap
   196                            - labeldrop
   197                            - LabelDrop
   198                            - labelkeep
   199                            - LabelKeep
   200                            - lowercase
   201                            - Lowercase
   202                            - uppercase
   203                            - Uppercase
   204                            type: string
   205                          modulus:
   206                            description: Modulus to take of the hash of the source
   207                              label values.
   208                            format: int64
   209                            type: integer
   210                          regex:
   211                            description: Regular expression against which the extracted
   212                              value is matched. Default is '(.*)'
   213                            type: string
   214                          replacement:
   215                            description: Replacement value against which a regex replace
   216                              is performed if the regular expression matches. Regex
   217                              capture groups are available. Default is '$1'
   218                            type: string
   219                          separator:
   220                            description: Separator placed between concatenated source
   221                              label values. default is ';'.
   222                            type: string
   223                          sourceLabels:
   224                            description: The source labels select values from existing
   225                              labels. Their content is concatenated using the configured
   226                              separator and matched against the configured regular
   227                              expression for the replace, keep, and drop actions.
   228                            items:
   229                              description: LabelName is a valid Prometheus label name
   230                                which may only contain ASCII letters, numbers, as
   231                                well as underscores.
   232                              pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
   233                              type: string
   234                            type: array
   235                          targetLabel:
   236                            description: Label to which the resulting value is written
   237                              in a replace action. It is mandatory for replace actions.
   238                              Regex capture groups are available.
   239                            type: string
   240                        type: object
   241                      type: array
   242                    oauth2:
   243                      description: OAuth2 for the URL. Only valid in Prometheus versions
   244                        2.27.0 and newer.
   245                      properties:
   246                        clientId:
   247                          description: The secret or configmap containing the OAuth2
   248                            client id
   249                          properties:
   250                            configMap:
   251                              description: ConfigMap containing data to use for the
   252                                targets.
   253                              properties:
   254                                key:
   255                                  description: The key to select.
   256                                  type: string
   257                                name:
   258                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
   259                                    TODO: Add other useful fields. apiVersion, kind,
   260                                    uid?'
   261                                  type: string
   262                                optional:
   263                                  description: Specify whether the ConfigMap or its
   264                                    key must be defined
   265                                  type: boolean
   266                              required:
   267                              - key
   268                              type: object
   269                              x-kubernetes-map-type: atomic
   270                            secret:
   271                              description: Secret containing data to use for the targets.
   272                              properties:
   273                                key:
   274                                  description: The key of the secret to select from.  Must
   275                                    be a valid secret key.
   276                                  type: string
   277                                name:
   278                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
   279                                    TODO: Add other useful fields. apiVersion, kind,
   280                                    uid?'
   281                                  type: string
   282                                optional:
   283                                  description: Specify whether the Secret or its key
   284                                    must be defined
   285                                  type: boolean
   286                              required:
   287                              - key
   288                              type: object
   289                              x-kubernetes-map-type: atomic
   290                          type: object
   291                        clientSecret:
   292                          description: The secret containing the OAuth2 client secret
   293                          properties:
   294                            key:
   295                              description: The key of the secret to select from.  Must
   296                                be a valid secret key.
   297                              type: string
   298                            name:
   299                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
   300                                TODO: Add other useful fields. apiVersion, kind, uid?'
   301                              type: string
   302                            optional:
   303                              description: Specify whether the Secret or its key must
   304                                be defined
   305                              type: boolean
   306                          required:
   307                          - key
   308                          type: object
   309                          x-kubernetes-map-type: atomic
   310                        endpointParams:
   311                          additionalProperties:
   312                            type: string
   313                          description: Parameters to append to the token URL
   314                          type: object
   315                        scopes:
   316                          description: OAuth2 scopes used for the token request
   317                          items:
   318                            type: string
   319                          type: array
   320                        tokenUrl:
   321                          description: The URL to fetch the token from
   322                          minLength: 1
   323                          type: string
   324                      required:
   325                      - clientId
   326                      - clientSecret
   327                      - tokenUrl
   328                      type: object
   329                    params:
   330                      additionalProperties:
   331                        items:
   332                          type: string
   333                        type: array
   334                      description: Optional HTTP URL parameters
   335                      type: object
   336                    path:
   337                      description: HTTP path to scrape for metrics. If empty, Prometheus
   338                        uses the default value (e.g. `/metrics`).
   339                      type: string
   340                    port:
   341                      description: Name of the service port this endpoint refers to.
   342                        Mutually exclusive with targetPort.
   343                      type: string
   344                    proxyUrl:
   345                      description: ProxyURL eg http://proxyserver:2195 Directs scrapes
   346                        to proxy through this endpoint.
   347                      type: string
   348                    relabelings:
   349                      description: 'RelabelConfigs to apply to samples before scraping.
   350                        Prometheus Operator automatically adds relabelings for a few
   351                        standard Kubernetes fields. The original scrape job''s name
   352                        is available via the `__tmp_prometheus_job_name` label. More
   353                        info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
   354                      items:
   355                        description: 'RelabelConfig allows dynamic rewriting of the
   356                          label set, being applied to samples before ingestion. It
   357                          defines `<metric_relabel_configs>`-section of Prometheus
   358                          configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
   359                        properties:
   360                          action:
   361                            default: replace
   362                            description: Action to perform based on regex matching.
   363                              Default is 'replace'. uppercase and lowercase actions
   364                              require Prometheus >= 2.36.
   365                            enum:
   366                            - replace
   367                            - Replace
   368                            - keep
   369                            - Keep
   370                            - drop
   371                            - Drop
   372                            - hashmod
   373                            - HashMod
   374                            - labelmap
   375                            - LabelMap
   376                            - labeldrop
   377                            - LabelDrop
   378                            - labelkeep
   379                            - LabelKeep
   380                            - lowercase
   381                            - Lowercase
   382                            - uppercase
   383                            - Uppercase
   384                            type: string
   385                          modulus:
   386                            description: Modulus to take of the hash of the source
   387                              label values.
   388                            format: int64
   389                            type: integer
   390                          regex:
   391                            description: Regular expression against which the extracted
   392                              value is matched. Default is '(.*)'
   393                            type: string
   394                          replacement:
   395                            description: Replacement value against which a regex replace
   396                              is performed if the regular expression matches. Regex
   397                              capture groups are available. Default is '$1'
   398                            type: string
   399                          separator:
   400                            description: Separator placed between concatenated source
   401                              label values. default is ';'.
   402                            type: string
   403                          sourceLabels:
   404                            description: The source labels select values from existing
   405                              labels. Their content is concatenated using the configured
   406                              separator and matched against the configured regular
   407                              expression for the replace, keep, and drop actions.
   408                            items:
   409                              description: LabelName is a valid Prometheus label name
   410                                which may only contain ASCII letters, numbers, as
   411                                well as underscores.
   412                              pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
   413                              type: string
   414                            type: array
   415                          targetLabel:
   416                            description: Label to which the resulting value is written
   417                              in a replace action. It is mandatory for replace actions.
   418                              Regex capture groups are available.
   419                            type: string
   420                        type: object
   421                      type: array
   422                    scheme:
   423                      description: HTTP scheme to use for scraping.
   424                      type: string
   425                    scrapeTimeout:
   426                      description: Timeout after which the scrape is ended If not
   427                        specified, the Prometheus global scrape timeout is used unless
   428                        it is less than `Interval` in which the latter is used.
   429                      pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
   430                      type: string
   431                    targetPort:
   432                      anyOf:
   433                      - type: integer
   434                      - type: string
   435                      description: Name or number of the target port of the Pod behind
   436                        the Service, the port must be specified with container port
   437                        property. Mutually exclusive with port.
   438                      x-kubernetes-int-or-string: true
   439                    tlsConfig:
   440                      description: TLS configuration to use when scraping the endpoint
   441                      properties:
   442                        ca:
   443                          description: Struct containing the CA cert to use for the
   444                            targets.
   445                          properties:
   446                            configMap:
   447                              description: ConfigMap containing data to use for the
   448                                targets.
   449                              properties:
   450                                key:
   451                                  description: The key to select.
   452                                  type: string
   453                                name:
   454                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
   455                                    TODO: Add other useful fields. apiVersion, kind,
   456                                    uid?'
   457                                  type: string
   458                                optional:
   459                                  description: Specify whether the ConfigMap or its
   460                                    key must be defined
   461                                  type: boolean
   462                              required:
   463                              - key
   464                              type: object
   465                              x-kubernetes-map-type: atomic
   466                            secret:
   467                              description: Secret containing data to use for the targets.
   468                              properties:
   469                                key:
   470                                  description: The key of the secret to select from.  Must
   471                                    be a valid secret key.
   472                                  type: string
   473                                name:
   474                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
   475                                    TODO: Add other useful fields. apiVersion, kind,
   476                                    uid?'
   477                                  type: string
   478                                optional:
   479                                  description: Specify whether the Secret or its key
   480                                    must be defined
   481                                  type: boolean
   482                              required:
   483                              - key
   484                              type: object
   485                              x-kubernetes-map-type: atomic
   486                          type: object
   487                        caFile:
   488                          description: Path to the CA cert in the Prometheus container
   489                            to use for the targets.
   490                          type: string
   491                        cert:
   492                          description: Struct containing the client cert file for
   493                            the targets.
   494                          properties:
   495                            configMap:
   496                              description: ConfigMap containing data to use for the
   497                                targets.
   498                              properties:
   499                                key:
   500                                  description: The key to select.
   501                                  type: string
   502                                name:
   503                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
   504                                    TODO: Add other useful fields. apiVersion, kind,
   505                                    uid?'
   506                                  type: string
   507                                optional:
   508                                  description: Specify whether the ConfigMap or its
   509                                    key must be defined
   510                                  type: boolean
   511                              required:
   512                              - key
   513                              type: object
   514                              x-kubernetes-map-type: atomic
   515                            secret:
   516                              description: Secret containing data to use for the targets.
   517                              properties:
   518                                key:
   519                                  description: The key of the secret to select from.  Must
   520                                    be a valid secret key.
   521                                  type: string
   522                                name:
   523                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
   524                                    TODO: Add other useful fields. apiVersion, kind,
   525                                    uid?'
   526                                  type: string
   527                                optional:
   528                                  description: Specify whether the Secret or its key
   529                                    must be defined
   530                                  type: boolean
   531                              required:
   532                              - key
   533                              type: object
   534                              x-kubernetes-map-type: atomic
   535                          type: object
   536                        certFile:
   537                          description: Path to the client cert file in the Prometheus
   538                            container for the targets.
   539                          type: string
   540                        insecureSkipVerify:
   541                          description: Disable target certificate validation.
   542                          type: boolean
   543                        keyFile:
   544                          description: Path to the client key file in the Prometheus
   545                            container for the targets.
   546                          type: string
   547                        keySecret:
   548                          description: Secret containing the client key file for the
   549                            targets.
   550                          properties:
   551                            key:
   552                              description: The key of the secret to select from.  Must
   553                                be a valid secret key.
   554                              type: string
   555                            name:
   556                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
   557                                TODO: Add other useful fields. apiVersion, kind, uid?'
   558                              type: string
   559                            optional:
   560                              description: Specify whether the Secret or its key must
   561                                be defined
   562                              type: boolean
   563                          required:
   564                          - key
   565                          type: object
   566                          x-kubernetes-map-type: atomic
   567                        serverName:
   568                          description: Used to verify the hostname for the targets.
   569                          type: string
   570                      type: object
   571                  type: object
   572                type: array
   573              jobLabel:
   574                description: "JobLabel selects the label from the associated Kubernetes
   575                  service which will be used as the `job` label for all metrics. \n
   576                  For example: If in `ServiceMonitor.spec.jobLabel: foo` and in `Service.metadata.labels.foo:
   577                  bar`, then the `job=\"bar\"` label is added to all metrics. \n If
   578                  the value of this field is empty or if the label doesn't exist for
   579                  the given Service, the `job` label of the metrics defaults to the
   580                  name of the Kubernetes Service."
   581                type: string
   582              labelLimit:
   583                description: Per-scrape limit on number of labels that will be accepted
   584                  for a sample. Only valid in Prometheus versions 2.27.0 and newer.
   585                format: int64
   586                type: integer
   587              labelNameLengthLimit:
   588                description: Per-scrape limit on length of labels name that will be
   589                  accepted for a sample. Only valid in Prometheus versions 2.27.0
   590                  and newer.
   591                format: int64
   592                type: integer
   593              labelValueLengthLimit:
   594                description: Per-scrape limit on length of labels value that will
   595                  be accepted for a sample. Only valid in Prometheus versions 2.27.0
   596                  and newer.
   597                format: int64
   598                type: integer
   599              namespaceSelector:
   600                description: Selector to select which namespaces the Kubernetes Endpoints
   601                  objects are discovered from.
   602                properties:
   603                  any:
   604                    description: Boolean describing whether all namespaces are selected
   605                      in contrast to a list restricting them.
   606                    type: boolean
   607                  matchNames:
   608                    description: List of namespace names to select from.
   609                    items:
   610                      type: string
   611                    type: array
   612                type: object
   613              podTargetLabels:
   614                description: PodTargetLabels transfers labels on the Kubernetes `Pod`
   615                  onto the created metrics.
   616                items:
   617                  type: string
   618                type: array
   619              sampleLimit:
   620                description: SampleLimit defines per-scrape limit on number of scraped
   621                  samples that will be accepted.
   622                format: int64
   623                type: integer
   624              selector:
   625                description: Selector to select Endpoints objects.
   626                properties:
   627                  matchExpressions:
   628                    description: matchExpressions is a list of label selector requirements.
   629                      The requirements are ANDed.
   630                    items:
   631                      description: A label selector requirement is a selector that
   632                        contains values, a key, and an operator that relates the key
   633                        and values.
   634                      properties:
   635                        key:
   636                          description: key is the label key that the selector applies
   637                            to.
   638                          type: string
   639                        operator:
   640                          description: operator represents a key's relationship to
   641                            a set of values. Valid operators are In, NotIn, Exists
   642                            and DoesNotExist.
   643                          type: string
   644                        values:
   645                          description: values is an array of string values. If the
   646                            operator is In or NotIn, the values array must be non-empty.
   647                            If the operator is Exists or DoesNotExist, the values
   648                            array must be empty. This array is replaced during a strategic
   649                            merge patch.
   650                          items:
   651                            type: string
   652                          type: array
   653                      required:
   654                      - key
   655                      - operator
   656                      type: object
   657                    type: array
   658                  matchLabels:
   659                    additionalProperties:
   660                      type: string
   661                    description: matchLabels is a map of {key,value} pairs. A single
   662                      {key,value} in the matchLabels map is equivalent to an element
   663                      of matchExpressions, whose key field is "key", the operator
   664                      is "In", and the values array contains only "value". The requirements
   665                      are ANDed.
   666                    type: object
   667                type: object
   668                x-kubernetes-map-type: atomic
   669              targetLabels:
   670                description: TargetLabels transfers labels from the Kubernetes `Service`
   671                  onto the created metrics.
   672                items:
   673                  type: string
   674                type: array
   675              targetLimit:
   676                description: TargetLimit defines a limit on the number of scraped
   677                  targets that will be accepted.
   678                format: int64
   679                type: integer
   680            required:
   681            - endpoints
   682            - selector
   683            type: object
   684        required:
   685        - spec
   686        type: object
   687    served: true
   688    storage: true
   689---
   690apiVersion: apiextensions.k8s.io/v1
   691kind: CustomResourceDefinition
   692metadata:
   693  annotations:
   694    controller-gen.kubebuilder.io/version: (unknown)
   695  name: shipments.warehouse.edge.ncr.com
   696spec:
   697  group: warehouse.edge.ncr.com
   698  names:
   699    kind: Shipment
   700    listKind: ShipmentList
   701    plural: shipments
   702    singular: shipment
   703  scope: Cluster
   704  versions:
   705  - additionalPrinterColumns:
   706    - jsonPath: .metadata.creationTimestamp
   707      name: Age
   708      type: date
   709    - jsonPath: .status.conditions[?(@.type=="Ready")].status
   710      name: Ready
   711      type: string
   712    - jsonPath: .status.conditions[?(@.type=="Ready")].message
   713      name: Status
   714      type: string
   715    name: v1alpha1
   716    schema:
   717      openAPIV3Schema:
   718        description: Shipment is one or more Pallets that will be unpacked and scheduled
   719          to the cluster.
   720        properties:
   721          apiVersion:
   722            description: 'APIVersion defines the versioned schema of this representation
   723              of an object. Servers should convert recognized schemas to the latest
   724              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
   725            type: string
   726          kind:
   727            description: 'Kind is a string value representing the REST resource this
   728              object represents. Servers may infer this from the endpoint the client
   729              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
   730            type: string
   731          metadata:
   732            type: object
   733          spec:
   734            properties:
   735              creds:
   736                description: Credentials is an optional secret reference pointing
   737                  to a secret containing registry credentials. The secret must be
   738                  of type kubernetes.io/dockerconfigjson
   739                properties:
   740                  name:
   741                    description: name is unique within a namespace to reference a
   742                      secret resource.
   743                    type: string
   744                  namespace:
   745                    description: namespace defines the space within which the secret
   746                      name must be unique.
   747                    type: string
   748                type: object
   749              force:
   750                default: false
   751                description: Force indicates whether or not objects should be forced
   752                  by deleting and re-creating when there is a conflict due to immutable
   753                  fields changing.
   754                type: boolean
   755              interval:
   756                default: 60s
   757                description: Interval is how often the object will be reconciled,
   758                  in order to prevent drift.
   759                type: string
   760              pallets:
   761                description: "Pallets is the set of Pallet packages that will be pulled
   762                  and reconciled, without the repository string. Each Pallet reference
   763                  is completed from the Repository field. \n All Pallets are resolved
   764                  into a single, deduped graph to ensure that there is no more than
   765                  one version of a package. How conflicts are resolved is configurable
   766                  via Resolution"
   767                items:
   768                  description: BaseArtifact describes a reference to a Warehouse package
   769                    without a repository that can be embedded in a K8s resource spec.
   770                  properties:
   771                    digest:
   772                      description: Digest is the sha256 digest of the OCI artifact
   773                        to apply to the cluster. Takes precedence over tag if set.
   774                      type: string
   775                    name:
   776                      description: Name is the unique package name for the Warehouse
   777                        package. It is appended to the provided Repository to produce
   778                        the full repository string, e.g., gcr.io/foo/bar, where bar
   779                        is the name of the package and gcr.io/foo is the provided
   780                        Repository string
   781                      type: string
   782                    tag:
   783                      description: Tag is a mutable reference to the OCI artifact
   784                        to apply. Defaults to "latest" if neither Tag or Digest are
   785                        set.
   786                      type: string
   787                  required:
   788                  - name
   789                  type: object
   790                minItems: 1
   791                type: array
   792              prune:
   793                description: Prune indicates whether or not objects should be pruned
   794                  between reconciles or when the object is deleted. You may want to
   795                  use this for deployments that you really don't want deleted.
   796                type: boolean
   797              rendering:
   798                description: Rendering is the configuration controlling how the unpacked
   799                  K8s manifests are rendered before applying.
   800                items:
   801                  properties:
   802                    configMapRef:
   803                      description: ConfigMapRef references a K8s ConfigMap to pull
   804                        parameters from. Mutually exclusive with Variables.
   805                      properties:
   806                        name:
   807                          description: Name of the referent.
   808                          maxLength: 253
   809                          minLength: 1
   810                          type: string
   811                        namespace:
   812                          description: Namespace of the referent, when not specified
   813                            it acts as LocalObjectReference.
   814                          maxLength: 253
   815                          minLength: 1
   816                          type: string
   817                      required:
   818                      - name
   819                      type: object
   820                    mapping:
   821                      additionalProperties:
   822                        type: string
   823                      description: 'Mapping of rendering parameters to specific keys
   824                        in the referenced ConfigMap, e.g.: {gcp_project_id: gcp.projectId}
   825                        where ''gcp.projectId'' is a key in the ConfigMap.'
   826                      type: object
   827                    parameters:
   828                      additionalProperties:
   829                        type: string
   830                      description: Parameters are inlined parameters. Mutually exclusive
   831                        with ConfigMapRef.
   832                      type: object
   833                  type: object
   834                type: array
   835              repo:
   836                description: Repository is the image repository that all Pallets will
   837                  be pulled from. It MUST be the entire repository string up to the
   838                  Pallet package name, e.g. gcr.io/foo if packages are gcr.io/foo/bar,
   839                  gcr.io/foo/bax, ... All packages must come from the same repository
   840                  because resolving the graph of packages may discover the same digest
   841                  in multiple repositories. This controller won't make value judgements
   842                  as to which repository should be used in conflict.
   843                type: string
   844              resolution:
   845                description: Resolution is the rules for resolving conflicts in the
   846                  resolved graph for the pallets included in this shipment. By default,
   847                  a Shipment will be marked Stalled if it references a list of pallets
   848                  which don't produce a consistent (e.g., no conflicting digests)
   849                  resolved graph.
   850                properties:
   851                  acceptFirst:
   852                    description: AcceptFirst will accept the first digest it encounters
   853                      for each package during graph resolution. If the package exists
   854                      in the graph with a differing digest, it is dropped. This is
   855                      the simplest way to force a set of conflicting packages to produce
   856                      a consistent graph, but doesn't provide any additional control
   857                    type: boolean
   858                  pins:
   859                    description: Pins are a mapping of package names to digests that
   860                      are forced during graph resolution, analogous to pinning transitive
   861                      dependency versions using `replace` directives in a `go.mod`
   862                      file.
   863                    items:
   864                      description: Pin is a specific digest associated with a package
   865                        name, used to "pin" the package to that digest when resolving
   866                        package graphs or reflect the result of a resolved set of
   867                        packages.
   868                      properties:
   869                        digest:
   870                          description: Digest is the digest for the package reference
   871                            (e.g., `shoot:latest`, Pallet.Digest())
   872                          type: string
   873                        name:
   874                          type: string
   875                        resolvedDigest:
   876                          description: ResolvedDigest is the digest of the provider-specific
   877                            variant pulled from the package based on where it is being
   878                            scheduled.
   879                          type: string
   880                      required:
   881                      - digest
   882                      - name
   883                      - resolvedDigest
   884                      type: object
   885                    type: array
   886                type: object
   887              retryInterval:
   888                default: 10s
   889                description: RetryInterval is how often to retry previously failed
   890                  reconciliations. Defaults to Interval if not provided.
   891                type: string
   892              suspend:
   893                description: This flag tells the controller to suspend subsequent
   894                  reconciliations, it does not apply to already started reconciliations.
   895                  Defaults to false.
   896                type: boolean
   897              timeout:
   898                default: 120s
   899                description: Timeout is how long the controller will wait for the
   900                  applied objects to reconcile.
   901                type: string
   902              unpack:
   903                description: UnpackOptions
   904                properties:
   905                  capabilities:
   906                    description: Capabilities are additional runtime layers to apply.
   907                      If Runtime is set to false, this field must be empty.
   908                    items:
   909                      type: string
   910                    type: array
   911                  infra:
   912                    default: false
   913                    description: Infra is whether or not to schedule infrastructure
   914                      objects.
   915                    type: boolean
   916                  infraNamespace:
   917                    description: InfraNamespace is the K8s namespace the infra objects
   918                      should be scheduled to. If provided, the metadata.namespace
   919                      of unpacked infra objects is updated using Kustomize filters
   920                      on unpack.
   921                    type: string
   922                  provider:
   923                    description: Provider is the K8s cluster provider that should
   924                      be unpacked. By default, it is the same cluster provider that
   925                      Lumper was scheduled onto. If Runtime is true, this option cannot
   926                      be set to a value that conflicts with Lumper's startup configuration
   927                      (e.g., you cannot schedule non-GKE runtime resources to a GKE
   928                      cluster)
   929                    type: string
   930                  runtime:
   931                    default: false
   932                    description: Runtime determines if runtime resources should be
   933                      applied. By default, only the base runtime layer is applied.
   934                    type: boolean
   935                type: object
   936            required:
   937            - force
   938            - pallets
   939            - prune
   940            - repo
   941            type: object
   942          status:
   943            default:
   944              observedGeneration: -1
   945            description: ShipmentStatus contains the readiness of the reconciled resources
   946              and an inventory of currently applied resources.
   947            properties:
   948              conditions:
   949                items:
   950                  description: "Condition contains details for one aspect of the current
   951                    state of this API Resource. --- This struct is intended for direct
   952                    use as an array at the field path .status.conditions.  For example,
   953                    \n type FooStatus struct{ // Represents the observations of a
   954                    foo's current state. // Known .status.conditions.type are: \"Available\",
   955                    \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
   956                    // +listType=map // +listMapKey=type Conditions []metav1.Condition
   957                    `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
   958                    protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
   959                  properties:
   960                    lastTransitionTime:
   961                      description: lastTransitionTime is the last time the condition
   962                        transitioned from one status to another. This should be when
   963                        the underlying condition changed.  If that is not known, then
   964                        using the time when the API field changed is acceptable.
   965                      format: date-time
   966                      type: string
   967                    message:
   968                      description: message is a human readable message indicating
   969                        details about the transition. This may be an empty string.
   970                      maxLength: 32768
   971                      type: string
   972                    observedGeneration:
   973                      description: observedGeneration represents the .metadata.generation
   974                        that the condition was set based upon. For instance, if .metadata.generation
   975                        is currently 12, but the .status.conditions[x].observedGeneration
   976                        is 9, the condition is out of date with respect to the current
   977                        state of the instance.
   978                      format: int64
   979                      minimum: 0
   980                      type: integer
   981                    reason:
   982                      description: reason contains a programmatic identifier indicating
   983                        the reason for the condition's last transition. Producers
   984                        of specific condition types may define expected values and
   985                        meanings for this field, and whether the values are considered
   986                        a guaranteed API. The value should be a CamelCase string.
   987                        This field may not be empty.
   988                      maxLength: 1024
   989                      minLength: 1
   990                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
   991                      type: string
   992                    status:
   993                      description: status of the condition, one of True, False, Unknown.
   994                      enum:
   995                      - "True"
   996                      - "False"
   997                      - Unknown
   998                      type: string
   999                    type:
  1000                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
  1001                        --- Many .condition.type values are consistent across resources
  1002                        like Available, but because arbitrary conditions can be useful
  1003                        (see .node.status.conditions), the ability to deconflict is
  1004                        important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
  1005                      maxLength: 316
  1006                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
  1007                      type: string
  1008                  required:
  1009                  - lastTransitionTime
  1010                  - message
  1011                  - reason
  1012                  - status
  1013                  - type
  1014                  type: object
  1015                type: array
  1016              inventory:
  1017                description: Inventory is the K8s resources that this object manages.
  1018                properties:
  1019                  entries:
  1020                    description: Entries of Kubernetes resource object references.
  1021                    items:
  1022                      description: ResourceRef contains the information necessary
  1023                        to locate a resource within a cluster.
  1024                      properties:
  1025                        id:
  1026                          description: ID is the string representation of the Kubernetes
  1027                            resource object's metadata, in the format '<namespace>_<name>_<group>_<kind>'.
  1028                          type: string
  1029                        v:
  1030                          description: Version is the API version of the Kubernetes
  1031                            resource object's kind.
  1032                          type: string
  1033                      required:
  1034                      - id
  1035                      - v
  1036                      type: object
  1037                    type: array
  1038                type: object
  1039              lastApplied:
  1040                description: LastApplied is the last set of resolved artifacts that
  1041                  were applied.
  1042                items:
  1043                  description: Pin is a specific digest associated with a package
  1044                    name, used to "pin" the package to that digest when resolving
  1045                    package graphs or reflect the result of a resolved set of packages.
  1046                  properties:
  1047                    digest:
  1048                      description: Digest is the digest for the package reference
  1049                        (e.g., `shoot:latest`, Pallet.Digest())
  1050                      type: string
  1051                    name:
  1052                      type: string
  1053                    resolvedDigest:
  1054                      description: ResolvedDigest is the digest of the provider-specific
  1055                        variant pulled from the package based on where it is being
  1056                        scheduled.
  1057                      type: string
  1058                  required:
  1059                  - digest
  1060                  - name
  1061                  - resolvedDigest
  1062                  type: object
  1063                type: array
  1064              lastAttempted:
  1065                description: LastAttempted is the last set of resolved artifacts that
  1066                  the controller attempted to apply.
  1067                items:
  1068                  description: Pin is a specific digest associated with a package
  1069                    name, used to "pin" the package to that digest when resolving
  1070                    package graphs or reflect the result of a resolved set of packages.
  1071                  properties:
  1072                    digest:
  1073                      description: Digest is the digest for the package reference
  1074                        (e.g., `shoot:latest`, Pallet.Digest())
  1075                      type: string
  1076                    name:
  1077                      type: string
  1078                    resolvedDigest:
  1079                      description: ResolvedDigest is the digest of the provider-specific
  1080                        variant pulled from the package based on where it is being
  1081                        scheduled.
  1082                      type: string
  1083                  required:
  1084                  - digest
  1085                  - name
  1086                  - resolvedDigest
  1087                  type: object
  1088                type: array
  1089              lastHandledReconcileAt:
  1090                description: LastHandledReconcileAt holds the value of the most recent
  1091                  reconcile request value, so a change of the annotation value can
  1092                  be detected.
  1093                type: string
  1094              observedGeneration:
  1095                format: int64
  1096                type: integer
  1097            type: object
  1098        type: object
  1099    served: true
  1100    storage: true
  1101    subresources:
  1102      status: {}
  1103---
  1104apiVersion: apiextensions.k8s.io/v1
  1105kind: CustomResourceDefinition
  1106metadata:
  1107  annotations:
  1108    controller-gen.kubebuilder.io/version: (unknown)
  1109  name: unpackedpallets.warehouse.edge.ncr.com
  1110spec:
  1111  group: warehouse.edge.ncr.com
  1112  names:
  1113    kind: UnpackedPallet
  1114    listKind: UnpackedPalletList
  1115    plural: unpackedpallets
  1116    singular: unpackedpallet
  1117  scope: Cluster
  1118  versions:
  1119  - additionalPrinterColumns:
  1120    - jsonPath: .status.shortDigest
  1121      name: Digest
  1122      type: string
  1123    - jsonPath: .status.conditions[?(@.type=="Ready")].status
  1124      name: Ready
  1125      type: string
  1126    - jsonPath: .status.conditions[?(@.type=="Ready")].message
  1127      name: Status
  1128      type: string
  1129    - jsonPath: .status.conditions[?(@.type=="Ready")].lastTransitionTime
  1130      name: Status Age
  1131      type: date
  1132    - jsonPath: .spec.prune
  1133      name: Prune
  1134      priority: 1
  1135      type: string
  1136    - jsonPath: .spec.suspend
  1137      name: Suspend
  1138      priority: 1
  1139      type: string
  1140    - jsonPath: .status.shipment
  1141      name: Shipment
  1142      priority: 1
  1143      type: string
  1144    - jsonPath: .spec.force
  1145      name: Force
  1146      priority: 1
  1147      type: string
  1148    - jsonPath: .status.dependencies
  1149      name: Dependencies
  1150      priority: 1
  1151      type: string
  1152    - jsonPath: .metadata.creationTimestamp
  1153      name: Age
  1154      type: date
  1155    name: v1alpha1
  1156    schema:
  1157      openAPIV3Schema:
  1158        description: "UnpackedPallet is an individual package that will be unpacked
  1159          and scheduled to the cluster. \n Generally, this object shouldn't be created
  1160          directly, it should be created via Shipment objects, similarly to how a
  1161          Deployment schedules a ReplicaSet."
  1162        properties:
  1163          apiVersion:
  1164            description: 'APIVersion defines the versioned schema of this representation
  1165              of an object. Servers should convert recognized schemas to the latest
  1166              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
  1167            type: string
  1168          kind:
  1169            description: 'Kind is a string value representing the REST resource this
  1170              object represents. Servers may infer this from the endpoint the client
  1171              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
  1172            type: string
  1173          metadata:
  1174            type: object
  1175          spec:
  1176            properties:
  1177              creds:
  1178                description: Credentials is an optional secret reference pointing
  1179                  to a secret containing registry credentials. The secret must be
  1180                  of type kubernetes.io/dockerconfigjson
  1181                properties:
  1182                  name:
  1183                    description: name is unique within a namespace to reference a
  1184                      secret resource.
  1185                    type: string
  1186                  namespace:
  1187                    description: namespace defines the space within which the secret
  1188                      name must be unique.
  1189                    type: string
  1190                type: object
  1191              dependsOn:
  1192                description: DependsOn is the list of UnpackedPallets that need to
  1193                  be successfully reconciled first.
  1194                items:
  1195                  description: LocalObjectReference contains enough information to
  1196                    locate the referenced Kubernetes resource object.
  1197                  properties:
  1198                    name:
  1199                      description: Name of the referent.
  1200                      maxLength: 253
  1201                      minLength: 1
  1202                      type: string
  1203                  required:
  1204                  - name
  1205                  type: object
  1206                type: array
  1207              digest:
  1208                description: Digest is the sha256 digest of the OCI artifact to apply
  1209                  to the cluster. Takes precedence over tag if set.
  1210                type: string
  1211              force:
  1212                default: false
  1213                description: Force indicates whether or not objects should be forced
  1214                  by deleting and re-creating when there is a conflict due to immutable
  1215                  fields changing.
  1216                type: boolean
  1217              interval:
  1218                default: 60s
  1219                description: Interval is how often the object will be reconciled,
  1220                  in order to prevent drift.
  1221                type: string
  1222              name:
  1223                description: Name is the unique package name for the Warehouse package.
  1224                  It is appended to the provided Repository to produce the full repository
  1225                  string, e.g., gcr.io/foo/bar, where bar is the name of the package
  1226                  and gcr.io/foo is the provided Repository string
  1227                type: string
  1228              parameters:
  1229                additionalProperties:
  1230                  type: string
  1231                description: Parameters are the key/value pairs that will be used
  1232                  while rendering manifests from unpacked pallets.
  1233                type: object
  1234              prune:
  1235                description: Prune indicates whether or not objects should be pruned
  1236                  between reconciles or when the object is deleted. You may want to
  1237                  use this for deployments that you really don't want deleted.
  1238                type: boolean
  1239              repo:
  1240                description: Repository is the image repository that the tag or digest
  1241                  should be pulled from, e.g., gcr.io/foo
  1242                type: string
  1243              retryInterval:
  1244                default: 10s
  1245                description: RetryInterval is how often to retry previously failed
  1246                  reconciliations. Defaults to Interval if not provided.
  1247                type: string
  1248              suspend:
  1249                description: This flag tells the controller to suspend subsequent
  1250                  reconciliations, it does not apply to already started reconciliations.
  1251                  Defaults to false.
  1252                type: boolean
  1253              tag:
  1254                description: Tag is a mutable reference to the OCI artifact to apply.
  1255                  Defaults to "latest" if neither Tag or Digest are set.
  1256                type: string
  1257              timeout:
  1258                default: 120s
  1259                description: Timeout is how long the controller will wait for the
  1260                  applied objects to reconcile.
  1261                type: string
  1262              unpack:
  1263                description: UnpackOptions
  1264                properties:
  1265                  capabilities:
  1266                    description: Capabilities are additional runtime layers to apply.
  1267                      If Runtime is set to false, this field must be empty.
  1268                    items:
  1269                      type: string
  1270                    type: array
  1271                  infra:
  1272                    default: false
  1273                    description: Infra is whether or not to schedule infrastructure
  1274                      objects.
  1275                    type: boolean
  1276                  infraNamespace:
  1277                    description: InfraNamespace is the K8s namespace the infra objects
  1278                      should be scheduled to. If provided, the metadata.namespace
  1279                      of unpacked infra objects is updated using Kustomize filters
  1280                      on unpack.
  1281                    type: string
  1282                  provider:
  1283                    description: Provider is the K8s cluster provider that should
  1284                      be unpacked. By default, it is the same cluster provider that
  1285                      Lumper was scheduled onto. If Runtime is true, this option cannot
  1286                      be set to a value that conflicts with Lumper's startup configuration
  1287                      (e.g., you cannot schedule non-GKE runtime resources to a GKE
  1288                      cluster)
  1289                    type: string
  1290                  runtime:
  1291                    default: false
  1292                    description: Runtime determines if runtime resources should be
  1293                      applied. By default, only the base runtime layer is applied.
  1294                    type: boolean
  1295                type: object
  1296            required:
  1297            - force
  1298            - name
  1299            - prune
  1300            - repo
  1301            type: object
  1302          status:
  1303            default:
  1304              observedGeneration: -1
  1305            description: UnpackedPalletStatus contains the readiness of the reconciled
  1306              resources and an inventory of currently applied resources.
  1307            properties:
  1308              conditions:
  1309                items:
  1310                  description: "Condition contains details for one aspect of the current
  1311                    state of this API Resource. --- This struct is intended for direct
  1312                    use as an array at the field path .status.conditions.  For example,
  1313                    \n type FooStatus struct{ // Represents the observations of a
  1314                    foo's current state. // Known .status.conditions.type are: \"Available\",
  1315                    \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
  1316                    // +listType=map // +listMapKey=type Conditions []metav1.Condition
  1317                    `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
  1318                    protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
  1319                  properties:
  1320                    lastTransitionTime:
  1321                      description: lastTransitionTime is the last time the condition
  1322                        transitioned from one status to another. This should be when
  1323                        the underlying condition changed.  If that is not known, then
  1324                        using the time when the API field changed is acceptable.
  1325                      format: date-time
  1326                      type: string
  1327                    message:
  1328                      description: message is a human readable message indicating
  1329                        details about the transition. This may be an empty string.
  1330                      maxLength: 32768
  1331                      type: string
  1332                    observedGeneration:
  1333                      description: observedGeneration represents the .metadata.generation
  1334                        that the condition was set based upon. For instance, if .metadata.generation
  1335                        is currently 12, but the .status.conditions[x].observedGeneration
  1336                        is 9, the condition is out of date with respect to the current
  1337                        state of the instance.
  1338                      format: int64
  1339                      minimum: 0
  1340                      type: integer
  1341                    reason:
  1342                      description: reason contains a programmatic identifier indicating
  1343                        the reason for the condition's last transition. Producers
  1344                        of specific condition types may define expected values and
  1345                        meanings for this field, and whether the values are considered
  1346                        a guaranteed API. The value should be a CamelCase string.
  1347                        This field may not be empty.
  1348                      maxLength: 1024
  1349                      minLength: 1
  1350                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
  1351                      type: string
  1352                    status:
  1353                      description: status of the condition, one of True, False, Unknown.
  1354                      enum:
  1355                      - "True"
  1356                      - "False"
  1357                      - Unknown
  1358                      type: string
  1359                    type:
  1360                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
  1361                        --- Many .condition.type values are consistent across resources
  1362                        like Available, but because arbitrary conditions can be useful
  1363                        (see .node.status.conditions), the ability to deconflict is
  1364                        important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
  1365                      maxLength: 316
  1366                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
  1367                      type: string
  1368                  required:
  1369                  - lastTransitionTime
  1370                  - message
  1371                  - reason
  1372                  - status
  1373                  - type
  1374                  type: object
  1375                type: array
  1376              dependencies:
  1377                description: Dependencies is a stringified comman delimited list of
  1378                type: string
  1379              inventory:
  1380                description: ResourceInventory contains a list of Kubernetes resource
  1381                  object references that have been applied.
  1382                properties:
  1383                  entries:
  1384                    description: Entries of Kubernetes resource object references.
  1385                    items:
  1386                      description: ResourceRef contains the information necessary
  1387                        to locate a resource within a cluster.
  1388                      properties:
  1389                        id:
  1390                          description: ID is the string representation of the Kubernetes
  1391                            resource object's metadata, in the format '<namespace>_<name>_<group>_<kind>'.
  1392                          type: string
  1393                        v:
  1394                          description: Version is the API version of the Kubernetes
  1395                            resource object's kind.
  1396                          type: string
  1397                      required:
  1398                      - id
  1399                      - v
  1400                      type: object
  1401                    type: array
  1402                type: object
  1403              lastApplied:
  1404                description: LastApplied is the digest of the last artifact the controller
  1405                  successfully applied.
  1406                type: string
  1407              lastAttempted:
  1408                description: LastAttempted is the digest of the last artifact the
  1409                  controller attempted to applied.
  1410                type: string
  1411              lastHandledReconcileAt:
  1412                description: LastHandledReconcileAt holds the value of the most recent
  1413                  reconcile request value, so a change of the annotation value can
  1414                  be detected.
  1415                type: string
  1416              observedGeneration:
  1417                description: ObservedGeneration is the object.generation the last
  1418                  time that the controller reconciled the object.
  1419                format: int64
  1420                type: integer
  1421              shipment:
  1422                description: Shipment is the parent shipment that created the child
  1423                  unpackedpallet
  1424                type: string
  1425              shortDigest:
  1426                description: ShortDigest is a truncated form of the sha256 Digest.
  1427                type: string
  1428              statusAge:
  1429                description: StatusAge contains the time the status of an object was
  1430                  set.
  1431                format: date-time
  1432                type: string
  1433            type: object
  1434        type: object
  1435    served: true
  1436    storage: true
  1437    subresources:
  1438      status: {}
  1439---
  1440apiVersion: v1
  1441kind: ServiceAccount
  1442metadata:
  1443  annotations:
  1444    iam.gke.io/gcp-service-account: lumperctl-${cluster_hash}@${gcp_project_id}.iam.gserviceaccount.com
  1445  name: lumperctl
  1446  namespace: warehouse-system
  1447---
  1448apiVersion: rbac.authorization.k8s.io/v1
  1449kind: ClusterRole
  1450metadata:
  1451  name: lumperctl
  1452rules:
  1453- apiGroups:
  1454  - ""
  1455  resources:
  1456  - configmaps
  1457  - secrets
  1458  - serviceaccounts
  1459  verbs:
  1460  - get
  1461  - list
  1462  - watch
  1463- apiGroups:
  1464  - ""
  1465  resources:
  1466  - events
  1467  verbs:
  1468  - create
  1469  - patch
  1470- apiGroups:
  1471  - warehouse.edge.ncr.com
  1472  resources:
  1473  - shipments/finalizers
  1474  verbs:
  1475  - create
  1476  - delete
  1477  - get
  1478  - patch
  1479  - update
  1480- apiGroups:
  1481  - warehouse.edge.ncr.com
  1482  resources:
  1483  - unpackedpallets
  1484  verbs:
  1485  - create
  1486  - delete
  1487  - get
  1488  - list
  1489  - patch
  1490  - update
  1491  - watch
  1492- apiGroups:
  1493  - warehouse.edge.ncr.com
  1494  resources:
  1495  - unpackedpallets/finalizers
  1496  verbs:
  1497  - create
  1498  - delete
  1499  - get
  1500  - patch
  1501  - update
  1502- apiGroups:
  1503  - warehouse.edge.ncr.com
  1504  resources:
  1505  - unpackedpallets/status
  1506  verbs:
  1507  - get
  1508  - patch
  1509  - update
  1510---
  1511apiVersion: rbac.authorization.k8s.io/v1
  1512kind: ClusterRoleBinding
  1513metadata:
  1514  name: lumperctl
  1515roleRef:
  1516  apiGroup: rbac.authorization.k8s.io
  1517  kind: ClusterRole
  1518  name: lumperctl
  1519subjects:
  1520- kind: ServiceAccount
  1521  name: lumperctl
  1522  namespace: lumperctl
  1523---
  1524apiVersion: rbac.authorization.k8s.io/v1
  1525kind: ClusterRoleBinding
  1526metadata:
  1527  name: warehouse-cluster-reconciler
  1528roleRef:
  1529  apiGroup: rbac.authorization.k8s.io
  1530  kind: ClusterRole
  1531  name: cluster-admin
  1532subjects:
  1533- kind: ServiceAccount
  1534  name: lumperctl
  1535  namespace: warehouse-system
  1536---
  1537apiVersion: v1
  1538kind: Service
  1539metadata:
  1540  labels:
  1541    platform.edge.ncr.com/component: lumperctl
  1542  name: lumperctl
  1543  namespace: warehouse-system
  1544spec:
  1545  ports:
  1546  - name: metrics
  1547    port: 8080
  1548  selector:
  1549    platform.edge.ncr.com/component: lumperctl
  1550---
  1551apiVersion: apps/v1
  1552kind: Deployment
  1553metadata:
  1554  name: lumperctl
  1555  namespace: warehouse-system
  1556spec:
  1557  replicas: 1
  1558  selector:
  1559    matchLabels:
  1560      platform.edge.ncr.com/component: lumperctl
  1561  template:
  1562    metadata:
  1563      labels:
  1564        platform.edge.ncr.com/component: lumperctl
  1565    spec:
  1566      containers:
  1567      - args:
  1568        - --cluster-provider=${cluster_provider}
  1569        image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/workloads/lumperctl:dev
  1570        imagePullPolicy: IfNotPresent
  1571        name: lumperctl
  1572        ports:
  1573        - containerPort: 8080
  1574          name: metrics
  1575        resources:
  1576          limits:
  1577            cpu: 1000m
  1578            memory: 1Gi
  1579          requests:
  1580            cpu: 512m
  1581            memory: 512Mi
  1582      imagePullSecrets:
  1583      - name: edge-docker-pull-secret
  1584      serviceAccountName: lumperctl
  1585---
  1586apiVersion: iam.cnrm.cloud.google.com/v1beta1
  1587kind: IAMPolicyMember
  1588metadata:
  1589  annotations:
  1590    cnrm.cloud.google.com/project-id: ${gcp_project_id}
  1591  name: lumper-controller-artifact-read
  1592  namespace: warehouse-system
  1593spec:
  1594  member: serviceAccount:lumperctl-${cluster_hash}@${gcp_project_id}.iam.gserviceaccount.com
  1595  resourceRef:
  1596    apiVersion: artifactregistry.cnrm.cloud.google.com/v1beta1
  1597    external: projects/${foreman_gcp_project_id}/locations/us-east1/repositories/warehouse
  1598    kind: ArtifactRegistryRepository
  1599  role: roles/artifactregistry.reader
  1600---
  1601apiVersion: iam.cnrm.cloud.google.com/v1beta1
  1602kind: IAMPolicyMember
  1603metadata:
  1604  annotations:
  1605    cnrm.cloud.google.com/project-id: ${gcp_project_id}
  1606    description: |
  1607      Binds the K8s SA used by lumper-controller to the GCP IAM
  1608      service account defined in the base.
  1609  name: lumper-controller-workload-id
  1610  namespace: warehouse-system
  1611spec:
  1612  member: serviceAccount:${gcp_project_id}.svc.id.goog[warehouse-system/lumperctl]
  1613  resourceRef:
  1614    apiVersion: iam.cnrm.cloud.google.com/v1beta1
  1615    kind: IAMServiceAccount
  1616    name: lumper-controller
  1617  role: roles/iam.workloadIdentityUser
  1618---
  1619apiVersion: iam.cnrm.cloud.google.com/v1beta1
  1620kind: IAMServiceAccount
  1621metadata:
  1622  annotations:
  1623    cnrm.cloud.google.com/project-id: ${gcp_project_id}
  1624  name: lumper-controller
  1625  namespace: warehouse-system
  1626spec:
  1627  displayName: ${cluster_hash} OCI controller
  1628  resourceID: lumperctl-${cluster_hash}
  1629---
  1630apiVersion: monitoring.coreos.com/v1
  1631kind: ServiceMonitor
  1632metadata:
  1633  annotations:
  1634    monitoring.edge.ncr.com/allowed-metrics: |
  1635      edge_lpctl_reconcile_condition_status
  1636      edge_lpctl_reconcile_suspend_status
  1637      edge_lpctl_reconcile_duration_seconds_sum
  1638      edge_lpctl_reconcile_duration_seconds_count
  1639      edge_lpctl_reconcile_duration_seconds_bucket
  1640      edge_lpctl_prune_status
  1641  labels:
  1642    platform.edge.ncr.com/component: lumperctl
  1643  name: lumperctl
  1644  namespace: warehouse-system
  1645spec:
  1646  endpoints:
  1647  - port: metrics
  1648  selector:
  1649    matchLabels:
  1650      platform.edge.ncr.com/component: lumperctl

View as plain text