1
2// This file was autogenerated by go-to-protobuf. Do not edit it manually!
3
4syntax = "proto2";
5
6package github.com.openshift.api.image.v1;
7
8import "k8s.io/api/core/v1/generated.proto";
9import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
10import "k8s.io/apimachinery/pkg/runtime/generated.proto";
11import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
12
13// Package-wide variables from generator "generated".
14option go_package = "github.com/openshift/api/image/v1";
15
16// DockerImageReference points to a container image.
17message DockerImageReference {
18 // Registry is the registry that contains the container image
19 optional string registry = 1;
20
21 // Namespace is the namespace that contains the container image
22 optional string namespace = 2;
23
24 // Name is the name of the container image
25 optional string name = 3;
26
27 // Tag is which tag of the container image is being referenced
28 optional string tag = 4;
29
30 // ID is the identifier for the container image
31 optional string iD = 5;
32}
33
34// Image is an immutable representation of a container image and metadata at a point in time.
35// Images are named by taking a hash of their contents (metadata and content) and any change
36// in format, content, or metadata results in a new name. The images resource is primarily
37// for use by cluster administrators and integrations like the cluster image registry - end
38// users instead access images via the imagestreamtags or imagestreamimages resources. While
39// image metadata is stored in the API, any integration that implements the container image
40// registry API must provide its own storage for the raw manifest data, image config, and
41// layer contents.
42//
43// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
44// +openshift:compatibility-gen:level=1
45message Image {
46 // metadata is the standard object's metadata.
47 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
48 optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
49
50 // DockerImageReference is the string that can be used to pull this image.
51 optional string dockerImageReference = 2;
52
53 // DockerImageMetadata contains metadata about this image
54 // +patchStrategy=replace
55 // +kubebuilder:pruning:PreserveUnknownFields
56 optional k8s.io.apimachinery.pkg.runtime.RawExtension dockerImageMetadata = 3;
57
58 // DockerImageMetadataVersion conveys the version of the object, which if empty defaults to "1.0"
59 optional string dockerImageMetadataVersion = 4;
60
61 // DockerImageManifest is the raw JSON of the manifest
62 optional string dockerImageManifest = 5;
63
64 // DockerImageLayers represents the layers in the image. May not be set if the image does not define that data or if the image represents a manifest list.
65 repeated ImageLayer dockerImageLayers = 6;
66
67 // Signatures holds all signatures of the image.
68 // +patchMergeKey=name
69 // +patchStrategy=merge
70 repeated ImageSignature signatures = 7;
71
72 // DockerImageSignatures provides the signatures as opaque blobs. This is a part of manifest schema v1.
73 repeated bytes dockerImageSignatures = 8;
74
75 // DockerImageManifestMediaType specifies the mediaType of manifest. This is a part of manifest schema v2.
76 optional string dockerImageManifestMediaType = 9;
77
78 // DockerImageConfig is a JSON blob that the runtime uses to set up the container. This is a part of manifest schema v2.
79 // Will not be set when the image represents a manifest list.
80 optional string dockerImageConfig = 10;
81
82 // DockerImageManifests holds information about sub-manifests when the image represents a manifest list.
83 // When this field is present, no DockerImageLayers should be specified.
84 repeated ImageManifest dockerImageManifests = 11;
85}
86
87// ImageBlobReferences describes the blob references within an image.
88message ImageBlobReferences {
89 // imageMissing is true if the image is referenced by the image stream but the image
90 // object has been deleted from the API by an administrator. When this field is set,
91 // layers and config fields may be empty and callers that depend on the image metadata
92 // should consider the image to be unavailable for download or viewing.
93 // +optional
94 optional bool imageMissing = 3;
95
96 // layers is the list of blobs that compose this image, from base layer to top layer.
97 // All layers referenced by this array will be defined in the blobs map. Some images
98 // may have zero layers.
99 // +optional
100 repeated string layers = 1;
101
102 // config, if set, is the blob that contains the image config. Some images do
103 // not have separate config blobs and this field will be set to nil if so.
104 // +optional
105 optional string config = 2;
106
107 // manifests is the list of other image names that this image points
108 // to. For a single architecture image, it is empty. For a multi-arch
109 // image, it consists of the digests of single architecture images,
110 // such images shouldn't have layers nor config.
111 // +optional
112 repeated string manifests = 4;
113}
114
115// ImageImportSpec describes a request to import a specific image.
116message ImageImportSpec {
117 // From is the source of an image to import; only kind DockerImage is allowed
118 optional k8s.io.api.core.v1.ObjectReference from = 1;
119
120 // To is a tag in the current image stream to assign the imported image to, if name is not specified the default tag from from.name will be used
121 optional k8s.io.api.core.v1.LocalObjectReference to = 2;
122
123 // ImportPolicy is the policy controlling how the image is imported
124 optional TagImportPolicy importPolicy = 3;
125
126 // ReferencePolicy defines how other components should consume the image
127 optional TagReferencePolicy referencePolicy = 5;
128
129 // IncludeManifest determines if the manifest for each image is returned in the response
130 optional bool includeManifest = 4;
131}
132
133// ImageImportStatus describes the result of an image import.
134message ImageImportStatus {
135 // Status is the status of the image import, including errors encountered while retrieving the image
136 optional k8s.io.apimachinery.pkg.apis.meta.v1.Status status = 1;
137
138 // Image is the metadata of that image, if the image was located
139 optional Image image = 2;
140
141 // Tag is the tag this image was located under, if any
142 optional string tag = 3;
143
144 // Manifests holds sub-manifests metadata when importing a manifest list
145 repeated Image manifests = 4;
146}
147
148// ImageLayer represents a single layer of the image. Some images may have multiple layers. Some may have none.
149message ImageLayer {
150 // Name of the layer as defined by the underlying store.
151 optional string name = 1;
152
153 // Size of the layer in bytes as defined by the underlying store.
154 optional int64 size = 2;
155
156 // MediaType of the referenced object.
157 optional string mediaType = 3;
158}
159
160// ImageLayerData contains metadata about an image layer.
161message ImageLayerData {
162 // Size of the layer in bytes as defined by the underlying store. This field is
163 // optional if the necessary information about size is not available.
164 optional int64 size = 1;
165
166 // MediaType of the referenced object.
167 optional string mediaType = 2;
168}
169
170// ImageList is a list of Image objects.
171//
172// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
173// +openshift:compatibility-gen:level=1
174message ImageList {
175 // metadata is the standard list's metadata.
176 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
177 optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
178
179 // Items is a list of images
180 repeated Image items = 2;
181}
182
183// ImageLookupPolicy describes how an image stream can be used to override the image references
184// used by pods, builds, and other resources in a namespace.
185message ImageLookupPolicy {
186 // local will change the docker short image references (like "mysql" or
187 // "php:latest") on objects in this namespace to the image ID whenever they match
188 // this image stream, instead of reaching out to a remote registry. The name will
189 // be fully qualified to an image ID if found. The tag's referencePolicy is taken
190 // into account on the replaced value. Only works within the current namespace.
191 optional bool local = 3;
192}
193
194// ImageManifest represents sub-manifests of a manifest list. The Digest field points to a regular
195// Image object.
196message ImageManifest {
197 // Digest is the unique identifier for the manifest. It refers to an Image object.
198 optional string digest = 1;
199
200 // MediaType defines the type of the manifest, possible values are application/vnd.oci.image.manifest.v1+json,
201 // application/vnd.docker.distribution.manifest.v2+json or application/vnd.docker.distribution.manifest.v1+json.
202 optional string mediaType = 2;
203
204 // ManifestSize represents the size of the raw object contents, in bytes.
205 optional int64 manifestSize = 3;
206
207 // Architecture specifies the supported CPU architecture, for example `amd64` or `ppc64le`.
208 optional string architecture = 4;
209
210 // OS specifies the operating system, for example `linux`.
211 optional string os = 5;
212
213 // Variant is an optional field repreenting a variant of the CPU, for example v6 to specify a particular CPU
214 // variant of the ARM CPU.
215 optional string variant = 6;
216}
217
218// ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims
219// as long as the signature is trusted. Based on this information it is possible to restrict runnable images
220// to those matching cluster-wide policy.
221// Mandatory fields should be parsed by clients doing image verification. The others are parsed from
222// signature's content by the server. They serve just an informative purpose.
223//
224// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
225// +openshift:compatibility-gen:level=1
226message ImageSignature {
227 // metadata is the standard object's metadata.
228 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
229 optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
230
231 // Required: Describes a type of stored blob.
232 optional string type = 2;
233
234 // Required: An opaque binary string which is an image's signature.
235 optional bytes content = 3;
236
237 // Conditions represent the latest available observations of a signature's current state.
238 // +patchMergeKey=type
239 // +patchStrategy=merge
240 repeated SignatureCondition conditions = 4;
241
242 // A human readable string representing image's identity. It could be a product name and version, or an
243 // image pull spec (e.g. "registry.access.redhat.com/rhel7/rhel:7.2").
244 optional string imageIdentity = 5;
245
246 // Contains claims from the signature.
247 map<string, string> signedClaims = 6;
248
249 // If specified, it is the time of signature's creation.
250 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time created = 7;
251
252 // If specified, it holds information about an issuer of signing certificate or key (a person or entity
253 // who signed the signing certificate or key).
254 optional SignatureIssuer issuedBy = 8;
255
256 // If specified, it holds information about a subject of signing certificate or key (a person or entity
257 // who signed the image).
258 optional SignatureSubject issuedTo = 9;
259}
260
261// An ImageStream stores a mapping of tags to images, metadata overrides that are applied
262// when images are tagged in a stream, and an optional reference to a container image
263// repository on a registry. Users typically update the spec.tags field to point to external
264// images which are imported from container registries using credentials in your namespace
265// with the pull secret type, or to existing image stream tags and images which are
266// immediately accessible for tagging or pulling. The history of images applied to a tag
267// is visible in the status.tags field and any user who can view an image stream is allowed
268// to tag that image into their own image streams. Access to pull images from the integrated
269// registry is granted by having the "get imagestreams/layers" permission on a given image
270// stream. Users may remove a tag by deleting the imagestreamtag resource, which causes both
271// spec and status for that tag to be removed. Image stream history is retained until an
272// administrator runs the prune operation, which removes references that are no longer in
273// use. To preserve a historical image, ensure there is a tag in spec pointing to that image
274// by its digest.
275//
276// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
277// +openshift:compatibility-gen:level=1
278message ImageStream {
279 // metadata is the standard object's metadata.
280 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
281 optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
282
283 // Spec describes the desired state of this stream
284 // +optional
285 optional ImageStreamSpec spec = 2;
286
287 // Status describes the current state of this stream
288 // +optional
289 optional ImageStreamStatus status = 3;
290}
291
292// ImageStreamImage represents an Image that is retrieved by image name from an ImageStream.
293// User interfaces and regular users can use this resource to access the metadata details of
294// a tagged image in the image stream history for viewing, since Image resources are not
295// directly accessible to end users. A not found error will be returned if no such image is
296// referenced by a tag within the ImageStream. Images are created when spec tags are set on
297// an image stream that represent an image in an external registry, when pushing to the
298// integrated registry, or when tagging an existing image from one image stream to another.
299// The name of an image stream image is in the form "<STREAM>@<DIGEST>", where the digest is
300// the content addressible identifier for the image (sha256:xxxxx...). You can use
301// ImageStreamImages as the from.kind of an image stream spec tag to reference an image
302// exactly. The only operations supported on the imagestreamimage endpoint are retrieving
303// the image.
304//
305// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
306// +openshift:compatibility-gen:level=1
307message ImageStreamImage {
308 // metadata is the standard object's metadata.
309 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
310 optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
311
312 // Image associated with the ImageStream and image name.
313 optional Image image = 2;
314}
315
316// The image stream import resource provides an easy way for a user to find and import container images
317// from other container image registries into the server. Individual images or an entire image repository may
318// be imported, and users may choose to see the results of the import prior to tagging the resulting
319// images into the specified image stream.
320//
321// This API is intended for end-user tools that need to see the metadata of the image prior to import
322// (for instance, to generate an application from it). Clients that know the desired image can continue
323// to create spec.tags directly into their image streams.
324//
325// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
326// +openshift:compatibility-gen:level=1
327message ImageStreamImport {
328 // metadata is the standard object's metadata.
329 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
330 optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
331
332 // Spec is a description of the images that the user wishes to import
333 optional ImageStreamImportSpec spec = 2;
334
335 // Status is the result of importing the image
336 optional ImageStreamImportStatus status = 3;
337}
338
339// ImageStreamImportSpec defines what images should be imported.
340message ImageStreamImportSpec {
341 // Import indicates whether to perform an import - if so, the specified tags are set on the spec
342 // and status of the image stream defined by the type meta.
343 optional bool import = 1;
344
345 // Repository is an optional import of an entire container image repository. A maximum limit on the
346 // number of tags imported this way is imposed by the server.
347 optional RepositoryImportSpec repository = 2;
348
349 // Images are a list of individual images to import.
350 repeated ImageImportSpec images = 3;
351}
352
353// ImageStreamImportStatus contains information about the status of an image stream import.
354message ImageStreamImportStatus {
355 // Import is the image stream that was successfully updated or created when 'to' was set.
356 optional ImageStream import = 1;
357
358 // Repository is set if spec.repository was set to the outcome of the import
359 optional RepositoryImportStatus repository = 2;
360
361 // Images is set with the result of importing spec.images
362 repeated ImageImportStatus images = 3;
363}
364
365// ImageStreamLayers describes information about the layers referenced by images in this
366// image stream.
367//
368// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
369// +openshift:compatibility-gen:level=1
370message ImageStreamLayers {
371 // metadata is the standard object's metadata.
372 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
373 optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
374
375 // blobs is a map of blob name to metadata about the blob.
376 map<string, ImageLayerData> blobs = 2;
377
378 // images is a map between an image name and the names of the blobs and config that
379 // comprise the image.
380 map<string, ImageBlobReferences> images = 3;
381}
382
383// ImageStreamList is a list of ImageStream objects.
384//
385// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
386// +openshift:compatibility-gen:level=1
387message ImageStreamList {
388 // metadata is the standard list's metadata.
389 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
390 optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
391
392 // Items is a list of imageStreams
393 repeated ImageStream items = 2;
394}
395
396// ImageStreamMapping represents a mapping from a single image stream tag to a container
397// image as well as the reference to the container image stream the image came from. This
398// resource is used by privileged integrators to create an image resource and to associate
399// it with an image stream in the status tags field. Creating an ImageStreamMapping will
400// allow any user who can view the image stream to tag or pull that image, so only create
401// mappings where the user has proven they have access to the image contents directly.
402// The only operation supported for this resource is create and the metadata name and
403// namespace should be set to the image stream containing the tag that should be updated.
404//
405// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
406// +openshift:compatibility-gen:level=1
407message ImageStreamMapping {
408 // metadata is the standard object's metadata.
409 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
410 optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
411
412 // Image is a container image.
413 optional Image image = 2;
414
415 // Tag is a string value this image can be located with inside the stream.
416 optional string tag = 3;
417}
418
419// ImageStreamSpec represents options for ImageStreams.
420message ImageStreamSpec {
421 // lookupPolicy controls how other resources reference images within this namespace.
422 optional ImageLookupPolicy lookupPolicy = 3;
423
424 // dockerImageRepository is optional, if specified this stream is backed by a container repository on this server
425 // Deprecated: This field is deprecated as of v3.7 and will be removed in a future release.
426 // Specify the source for the tags to be imported in each tag via the spec.tags.from reference instead.
427 optional string dockerImageRepository = 1;
428
429 // tags map arbitrary string values to specific image locators
430 // +patchMergeKey=name
431 // +patchStrategy=merge
432 repeated TagReference tags = 2;
433}
434
435// ImageStreamStatus contains information about the state of this image stream.
436message ImageStreamStatus {
437 // DockerImageRepository represents the effective location this stream may be accessed at.
438 // May be empty until the server determines where the repository is located
439 optional string dockerImageRepository = 1;
440
441 // PublicDockerImageRepository represents the public location from where the image can
442 // be pulled outside the cluster. This field may be empty if the administrator
443 // has not exposed the integrated registry externally.
444 optional string publicDockerImageRepository = 3;
445
446 // Tags are a historical record of images associated with each tag. The first entry in the
447 // TagEvent array is the currently tagged image.
448 // +patchMergeKey=tag
449 // +patchStrategy=merge
450 repeated NamedTagEventList tags = 2;
451}
452
453// ImageStreamTag represents an Image that is retrieved by tag name from an ImageStream.
454// Use this resource to interact with the tags and images in an image stream by tag, or
455// to see the image details for a particular tag. The image associated with this resource
456// is the most recently successfully tagged, imported, or pushed image (as described in the
457// image stream status.tags.items list for this tag). If an import is in progress or has
458// failed the previous image will be shown. Deleting an image stream tag clears both the
459// status and spec fields of an image stream. If no image can be retrieved for a given tag,
460// a not found error will be returned.
461//
462// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
463// +openshift:compatibility-gen:level=1
464message ImageStreamTag {
465 // metadata is the standard object's metadata.
466 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
467 optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
468
469 // tag is the spec tag associated with this image stream tag, and it may be null
470 // if only pushes have occurred to this image stream.
471 optional TagReference tag = 2;
472
473 // generation is the current generation of the tagged image - if tag is provided
474 // and this value is not equal to the tag generation, a user has requested an
475 // import that has not completed, or conditions will be filled out indicating any
476 // error.
477 optional int64 generation = 3;
478
479 // lookupPolicy indicates whether this tag will handle image references in this
480 // namespace.
481 optional ImageLookupPolicy lookupPolicy = 6;
482
483 // conditions is an array of conditions that apply to the image stream tag.
484 repeated TagEventCondition conditions = 4;
485
486 // image associated with the ImageStream and tag.
487 optional Image image = 5;
488}
489
490// ImageStreamTagList is a list of ImageStreamTag objects.
491//
492// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
493// +openshift:compatibility-gen:level=1
494message ImageStreamTagList {
495 // metadata is the standard list's metadata.
496 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
497 optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
498
499 // Items is the list of image stream tags
500 repeated ImageStreamTag items = 2;
501}
502
503// ImageTag represents a single tag within an image stream and includes the spec,
504// the status history, and the currently referenced image (if any) of the provided
505// tag. This type replaces the ImageStreamTag by providing a full view of the tag.
506// ImageTags are returned for every spec or status tag present on the image stream.
507// If no tag exists in either form a not found error will be returned by the API.
508// A create operation will succeed if no spec tag has already been defined and the
509// spec field is set. Delete will remove both spec and status elements from the
510// image stream.
511//
512// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
513// +openshift:compatibility-gen:level=1
514message ImageTag {
515 // metadata is the standard object's metadata.
516 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
517 optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
518
519 // spec is the spec tag associated with this image stream tag, and it may be null
520 // if only pushes have occurred to this image stream.
521 optional TagReference spec = 2;
522
523 // status is the status tag details associated with this image stream tag, and it
524 // may be null if no push or import has been performed.
525 optional NamedTagEventList status = 3;
526
527 // image is the details of the most recent image stream status tag, and it may be
528 // null if import has not completed or an administrator has deleted the image
529 // object. To verify this is the most recent image, you must verify the generation
530 // of the most recent status.items entry matches the spec tag (if a spec tag is
531 // set). This field will not be set when listing image tags.
532 optional Image image = 4;
533}
534
535// ImageTagList is a list of ImageTag objects. When listing image tags, the image
536// field is not populated. Tags are returned in alphabetical order by image stream
537// and then tag.
538//
539// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
540// +openshift:compatibility-gen:level=1
541message ImageTagList {
542 // metadata is the standard list's metadata.
543 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
544 optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
545
546 // Items is the list of image stream tags
547 repeated ImageTag items = 2;
548}
549
550// NamedTagEventList relates a tag to its image history.
551message NamedTagEventList {
552 // Tag is the tag for which the history is recorded
553 optional string tag = 1;
554
555 // Standard object's metadata.
556 repeated TagEvent items = 2;
557
558 // Conditions is an array of conditions that apply to the tag event list.
559 repeated TagEventCondition conditions = 3;
560}
561
562// RepositoryImportSpec describes a request to import images from a container image repository.
563message RepositoryImportSpec {
564 // From is the source for the image repository to import; only kind DockerImage and a name of a container image repository is allowed
565 optional k8s.io.api.core.v1.ObjectReference from = 1;
566
567 // ImportPolicy is the policy controlling how the image is imported
568 optional TagImportPolicy importPolicy = 2;
569
570 // ReferencePolicy defines how other components should consume the image
571 optional TagReferencePolicy referencePolicy = 4;
572
573 // IncludeManifest determines if the manifest for each image is returned in the response
574 optional bool includeManifest = 3;
575}
576
577// RepositoryImportStatus describes the result of an image repository import
578message RepositoryImportStatus {
579 // Status reflects whether any failure occurred during import
580 optional k8s.io.apimachinery.pkg.apis.meta.v1.Status status = 1;
581
582 // Images is a list of images successfully retrieved by the import of the repository.
583 repeated ImageImportStatus images = 2;
584
585 // AdditionalTags are tags that exist in the repository but were not imported because
586 // a maximum limit of automatic imports was applied.
587 repeated string additionalTags = 3;
588}
589
590// SecretList is a list of Secret.
591// +openshift:compatibility-gen:level=1
592message SecretList {
593 // Standard list metadata.
594 // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
595 // +optional
596 optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
597
598 // Items is a list of secret objects.
599 // More info: https://kubernetes.io/docs/concepts/configuration/secret
600 repeated k8s.io.api.core.v1.Secret items = 2;
601}
602
603// SignatureCondition describes an image signature condition of particular kind at particular probe time.
604message SignatureCondition {
605 // Type of signature condition, Complete or Failed.
606 optional string type = 1;
607
608 // Status of the condition, one of True, False, Unknown.
609 optional string status = 2;
610
611 // Last time the condition was checked.
612 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastProbeTime = 3;
613
614 // Last time the condition transit from one status to another.
615 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 4;
616
617 // (brief) reason for the condition's last transition.
618 optional string reason = 5;
619
620 // Human readable message indicating details about last transition.
621 optional string message = 6;
622}
623
624// SignatureGenericEntity holds a generic information about a person or entity who is an issuer or a subject
625// of signing certificate or key.
626message SignatureGenericEntity {
627 // Organization name.
628 optional string organization = 1;
629
630 // Common name (e.g. openshift-signing-service).
631 optional string commonName = 2;
632}
633
634// SignatureIssuer holds information about an issuer of signing certificate or key.
635message SignatureIssuer {
636 optional SignatureGenericEntity signatureGenericEntity = 1;
637}
638
639// SignatureSubject holds information about a person or entity who created the signature.
640message SignatureSubject {
641 optional SignatureGenericEntity signatureGenericEntity = 1;
642
643 // If present, it is a human readable key id of public key belonging to the subject used to verify image
644 // signature. It should contain at least 64 lowest bits of public key's fingerprint (e.g.
645 // 0x685ebe62bf278440).
646 optional string publicKeyID = 2;
647}
648
649// TagEvent is used by ImageStreamStatus to keep a historical record of images associated with a tag.
650message TagEvent {
651 // Created holds the time the TagEvent was created
652 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time created = 1;
653
654 // DockerImageReference is the string that can be used to pull this image
655 optional string dockerImageReference = 2;
656
657 // Image is the image
658 optional string image = 3;
659
660 // Generation is the spec tag generation that resulted in this tag being updated
661 optional int64 generation = 4;
662}
663
664// TagEventCondition contains condition information for a tag event.
665message TagEventCondition {
666 // Type of tag event condition, currently only ImportSuccess
667 optional string type = 1;
668
669 // Status of the condition, one of True, False, Unknown.
670 optional string status = 2;
671
672 // LastTransitionTIme is the time the condition transitioned from one status to another.
673 optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
674
675 // Reason is a brief machine readable explanation for the condition's last transition.
676 optional string reason = 4;
677
678 // Message is a human readable description of the details about last transition, complementing reason.
679 optional string message = 5;
680
681 // Generation is the spec tag generation that this status corresponds to
682 optional int64 generation = 6;
683}
684
685// TagImportPolicy controls how images related to this tag will be imported.
686message TagImportPolicy {
687 // Insecure is true if the server may bypass certificate verification or connect directly over HTTP during image import.
688 optional bool insecure = 1;
689
690 // Scheduled indicates to the server that this tag should be periodically checked to ensure it is up to date, and imported
691 optional bool scheduled = 2;
692
693 // ImportMode describes how to import an image manifest.
694 optional string importMode = 3;
695}
696
697// TagReference specifies optional annotations for images using this tag and an optional reference to an ImageStreamTag, ImageStreamImage, or DockerImage this tag should track.
698message TagReference {
699 // Name of the tag
700 optional string name = 1;
701
702 // Optional; if specified, annotations that are applied to images retrieved via ImageStreamTags.
703 // +optional
704 map<string, string> annotations = 2;
705
706 // Optional; if specified, a reference to another image that this tag should point to. Valid values
707 // are ImageStreamTag, ImageStreamImage, and DockerImage. ImageStreamTag references
708 // can only reference a tag within this same ImageStream.
709 optional k8s.io.api.core.v1.ObjectReference from = 3;
710
711 // Reference states if the tag will be imported. Default value is false, which means the tag will
712 // be imported.
713 optional bool reference = 4;
714
715 // Generation is a counter that tracks mutations to the spec tag (user intent). When a tag reference
716 // is changed the generation is set to match the current stream generation (which is incremented every
717 // time spec is changed). Other processes in the system like the image importer observe that the
718 // generation of spec tag is newer than the generation recorded in the status and use that as a trigger
719 // to import the newest remote tag. To trigger a new import, clients may set this value to zero which
720 // will reset the generation to the latest stream generation. Legacy clients will send this value as
721 // nil which will be merged with the current tag generation.
722 // +optional
723 optional int64 generation = 5;
724
725 // ImportPolicy is information that controls how images may be imported by the server.
726 optional TagImportPolicy importPolicy = 6;
727
728 // ReferencePolicy defines how other components should consume the image.
729 optional TagReferencePolicy referencePolicy = 7;
730}
731
732// TagReferencePolicy describes how pull-specs for images in this image stream tag are generated when
733// image change triggers in deployment configs or builds are resolved. This allows the image stream
734// author to control how images are accessed.
735message TagReferencePolicy {
736 // Type determines how the image pull spec should be transformed when the image stream tag is used in
737 // deployment config triggers or new builds. The default value is `Source`, indicating the original
738 // location of the image should be used (if imported). The user may also specify `Local`, indicating
739 // that the pull spec should point to the integrated container image registry and leverage the registry's
740 // ability to proxy the pull to an upstream registry. `Local` allows the credentials used to pull this
741 // image to be managed from the image stream's namespace, so others on the platform can access a remote
742 // image but have no access to the remote secret. It also allows the image layers to be mirrored into
743 // the local registry which the images can still be pulled even if the upstream registry is unavailable.
744 optional string type = 1;
745}
746
View as plain text