1 package v1
2
3
4
5
6
7
8
9
10
11
12
13
14 var map_ActiveDirectoryConfig = map[string]string{
15 "": "ActiveDirectoryConfig holds the necessary configuration options to define how an LDAP group sync interacts with an LDAP server using the Active Directory schema",
16 "usersQuery": "AllUsersQuery holds the template for an LDAP query that returns user entries.",
17 "userNameAttributes": "UserNameAttributes defines which attributes on an LDAP user entry will be interpreted as its OpenShift user name.",
18 "groupMembershipAttributes": "GroupMembershipAttributes defines which attributes on an LDAP user entry will be interpreted as the groups it is a member of",
19 }
20
21 func (ActiveDirectoryConfig) SwaggerDoc() map[string]string {
22 return map_ActiveDirectoryConfig
23 }
24
25 var map_AdmissionConfig = map[string]string{
26 "": "AdmissionConfig holds the necessary configuration options for admission",
27 "pluginConfig": "PluginConfig allows specifying a configuration file per admission control plugin",
28 "pluginOrderOverride": "PluginOrderOverride is a list of admission control plugin names that will be installed on the master. Order is significant. If empty, a default list of plugins is used.",
29 }
30
31 func (AdmissionConfig) SwaggerDoc() map[string]string {
32 return map_AdmissionConfig
33 }
34
35 var map_AdmissionPluginConfig = map[string]string{
36 "": "AdmissionPluginConfig holds the necessary configuration options for admission plugins",
37 "location": "Location is the path to a configuration file that contains the plugin's configuration",
38 "configuration": "Configuration is an embedded configuration object to be used as the plugin's configuration. If present, it will be used instead of the path to the configuration file.",
39 }
40
41 func (AdmissionPluginConfig) SwaggerDoc() map[string]string {
42 return map_AdmissionPluginConfig
43 }
44
45 var map_AggregatorConfig = map[string]string{
46 "": "AggregatorConfig holds information required to make the aggregator function.",
47 "proxyClientInfo": "ProxyClientInfo specifies the client cert/key to use when proxying to aggregated API servers",
48 }
49
50 func (AggregatorConfig) SwaggerDoc() map[string]string {
51 return map_AggregatorConfig
52 }
53
54 var map_AllowAllPasswordIdentityProvider = map[string]string{
55 "": "AllowAllPasswordIdentityProvider provides identities for users authenticating using non-empty passwords\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
56 }
57
58 func (AllowAllPasswordIdentityProvider) SwaggerDoc() map[string]string {
59 return map_AllowAllPasswordIdentityProvider
60 }
61
62 var map_AuditConfig = map[string]string{
63 "": "AuditConfig holds configuration for the audit capabilities",
64 "enabled": "If this flag is set, audit log will be printed in the logs. The logs contains, method, user and a requested URL.",
65 "auditFilePath": "All requests coming to the apiserver will be logged to this file.",
66 "maximumFileRetentionDays": "Maximum number of days to retain old log files based on the timestamp encoded in their filename.",
67 "maximumRetainedFiles": "Maximum number of old log files to retain.",
68 "maximumFileSizeMegabytes": "Maximum size in megabytes of the log file before it gets rotated. Defaults to 100MB.",
69 "policyFile": "PolicyFile is a path to the file that defines the audit policy configuration.",
70 "policyConfiguration": "PolicyConfiguration is an embedded policy configuration object to be used as the audit policy configuration. If present, it will be used instead of the path to the policy file.",
71 "logFormat": "Format of saved audits (legacy or json).",
72 "webHookKubeConfig": "Path to a .kubeconfig formatted file that defines the audit webhook configuration.",
73 "webHookMode": "Strategy for sending audit events (block or batch).",
74 }
75
76 func (AuditConfig) SwaggerDoc() map[string]string {
77 return map_AuditConfig
78 }
79
80 var map_AugmentedActiveDirectoryConfig = map[string]string{
81 "": "AugmentedActiveDirectoryConfig holds the necessary configuration options to define how an LDAP group sync interacts with an LDAP server using the augmented Active Directory schema",
82 "usersQuery": "AllUsersQuery holds the template for an LDAP query that returns user entries.",
83 "userNameAttributes": "UserNameAttributes defines which attributes on an LDAP user entry will be interpreted as its OpenShift user name.",
84 "groupMembershipAttributes": "GroupMembershipAttributes defines which attributes on an LDAP user entry will be interpreted as the groups it is a member of",
85 "groupsQuery": "AllGroupsQuery holds the template for an LDAP query that returns group entries.",
86 "groupUIDAttribute": "GroupUIDAttributes defines which attribute on an LDAP group entry will be interpreted as its unique identifier. (ldapGroupUID)",
87 "groupNameAttributes": "GroupNameAttributes defines which attributes on an LDAP group entry will be interpreted as its name to use for an OpenShift group",
88 }
89
90 func (AugmentedActiveDirectoryConfig) SwaggerDoc() map[string]string {
91 return map_AugmentedActiveDirectoryConfig
92 }
93
94 var map_BasicAuthPasswordIdentityProvider = map[string]string{
95 "": "BasicAuthPasswordIdentityProvider provides identities for users authenticating using HTTP basic auth credentials\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
96 }
97
98 func (BasicAuthPasswordIdentityProvider) SwaggerDoc() map[string]string {
99 return map_BasicAuthPasswordIdentityProvider
100 }
101
102 var map_BuildDefaultsConfig = map[string]string{
103 "": "BuildDefaultsConfig controls the default information for Builds\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
104 "gitHTTPProxy": "gitHTTPProxy is the location of the HTTPProxy for Git source",
105 "gitHTTPSProxy": "gitHTTPSProxy is the location of the HTTPSProxy for Git source",
106 "gitNoProxy": "gitNoProxy is the list of domains for which the proxy should not be used",
107 "env": "env is a set of default environment variables that will be applied to the build if the specified variables do not exist on the build",
108 "sourceStrategyDefaults": "sourceStrategyDefaults are default values that apply to builds using the source strategy.",
109 "imageLabels": "imageLabels is a list of labels that are applied to the resulting image. User can override a default label by providing a label with the same name in their Build/BuildConfig.",
110 "nodeSelector": "nodeSelector is a selector which must be true for the build pod to fit on a node",
111 "annotations": "annotations are annotations that will be added to the build pod",
112 "resources": "resources defines resource requirements to execute the build.",
113 }
114
115 func (BuildDefaultsConfig) SwaggerDoc() map[string]string {
116 return map_BuildDefaultsConfig
117 }
118
119 var map_BuildOverridesConfig = map[string]string{
120 "": "BuildOverridesConfig controls override settings for builds\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
121 "forcePull": "forcePull indicates whether the build strategy should always be set to ForcePull=true",
122 "imageLabels": "imageLabels is a list of labels that are applied to the resulting image. If user provided a label in their Build/BuildConfig with the same name as one in this list, the user's label will be overwritten.",
123 "nodeSelector": "nodeSelector is a selector which must be true for the build pod to fit on a node",
124 "annotations": "annotations are annotations that will be added to the build pod",
125 "tolerations": "tolerations is a list of Tolerations that will override any existing tolerations set on a build pod.",
126 }
127
128 func (BuildOverridesConfig) SwaggerDoc() map[string]string {
129 return map_BuildOverridesConfig
130 }
131
132 var map_CertInfo = map[string]string{
133 "": "CertInfo relates a certificate with a private key",
134 "certFile": "CertFile is a file containing a PEM-encoded certificate",
135 "keyFile": "KeyFile is a file containing a PEM-encoded private key for the certificate specified by CertFile",
136 }
137
138 func (CertInfo) SwaggerDoc() map[string]string {
139 return map_CertInfo
140 }
141
142 var map_ClientConnectionOverrides = map[string]string{
143 "": "ClientConnectionOverrides are a set of overrides to the default client connection settings.",
144 "acceptContentTypes": "AcceptContentTypes defines the Accept header sent by clients when connecting to a server, overriding the default value of 'application/json'. This field will control all connections to the server used by a particular client.",
145 "contentType": "ContentType is the content type used when sending data to the server from this client.",
146 "qps": "QPS controls the number of queries per second allowed for this connection.",
147 "burst": "Burst allows extra queries to accumulate when a client is exceeding its rate.",
148 }
149
150 func (ClientConnectionOverrides) SwaggerDoc() map[string]string {
151 return map_ClientConnectionOverrides
152 }
153
154 var map_ClusterNetworkEntry = map[string]string{
155 "": "ClusterNetworkEntry defines an individual cluster network. The CIDRs cannot overlap with other cluster network CIDRs, CIDRs reserved for external ips, CIDRs reserved for service networks, and CIDRs reserved for ingress ips.",
156 "cidr": "CIDR defines the total range of a cluster networks address space.",
157 "hostSubnetLength": "HostSubnetLength is the number of bits of the accompanying CIDR address to allocate to each node. eg, 8 would mean that each node would have a /24 slice of the overlay network for its pod.",
158 }
159
160 func (ClusterNetworkEntry) SwaggerDoc() map[string]string {
161 return map_ClusterNetworkEntry
162 }
163
164 var map_ControllerConfig = map[string]string{
165 "": "ControllerConfig holds configuration values for controllers",
166 "controllers": "Controllers is a list of controllers to enable. '*' enables all on-by-default controllers, 'foo' enables the controller \"+ named 'foo', '-foo' disables the controller named 'foo'. Defaults to \"*\".",
167 "election": "Election defines the configuration for electing a controller instance to make changes to the cluster. If unspecified, the ControllerTTL value is checked to determine whether the legacy direct etcd election code will be used.",
168 "serviceServingCert": "ServiceServingCert holds configuration for service serving cert signer which creates cert/key pairs for pods fulfilling a service to serve with.",
169 }
170
171 func (ControllerConfig) SwaggerDoc() map[string]string {
172 return map_ControllerConfig
173 }
174
175 var map_ControllerElectionConfig = map[string]string{
176 "": "ControllerElectionConfig contains configuration values for deciding how a controller will be elected to act as leader.",
177 "lockName": "LockName is the resource name used to act as the lock for determining which controller instance should lead.",
178 "lockNamespace": "LockNamespace is the resource namespace used to act as the lock for determining which controller instance should lead. It defaults to \"kube-system\"",
179 "lockResource": "LockResource is the group and resource name to use to coordinate for the controller lock. If unset, defaults to \"configmaps\".",
180 }
181
182 func (ControllerElectionConfig) SwaggerDoc() map[string]string {
183 return map_ControllerElectionConfig
184 }
185
186 var map_DNSConfig = map[string]string{
187 "": "DNSConfig holds the necessary configuration options for DNS",
188 "bindAddress": "BindAddress is the ip:port to serve DNS on",
189 "bindNetwork": "BindNetwork is the type of network to bind to - defaults to \"tcp4\", accepts \"tcp\", \"tcp4\", and \"tcp6\"",
190 "allowRecursiveQueries": "AllowRecursiveQueries allows the DNS server on the master to answer queries recursively. Note that open resolvers can be used for DNS amplification attacks and the master DNS should not be made accessible to public networks.",
191 }
192
193 func (DNSConfig) SwaggerDoc() map[string]string {
194 return map_DNSConfig
195 }
196
197 var map_DefaultAdmissionConfig = map[string]string{
198 "": "DefaultAdmissionConfig can be used to enable or disable various admission plugins. When this type is present as the `configuration` object under `pluginConfig` and *if* the admission plugin supports it, this will cause an \"off by default\" admission plugin to be enabled\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
199 "disable": "Disable turns off an admission plugin that is enabled by default.",
200 }
201
202 func (DefaultAdmissionConfig) SwaggerDoc() map[string]string {
203 return map_DefaultAdmissionConfig
204 }
205
206 var map_DenyAllPasswordIdentityProvider = map[string]string{
207 "": "DenyAllPasswordIdentityProvider provides no identities for users\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
208 }
209
210 func (DenyAllPasswordIdentityProvider) SwaggerDoc() map[string]string {
211 return map_DenyAllPasswordIdentityProvider
212 }
213
214 var map_DockerConfig = map[string]string{
215 "": "DockerConfig holds Docker related configuration options.",
216 "execHandlerName": "ExecHandlerName is the name of the handler to use for executing commands in containers.",
217 "dockerShimSocket": "DockerShimSocket is the location of the dockershim socket the kubelet uses. Currently unix socket is supported on Linux, and tcp is supported on windows. Examples:'unix:///var/run/dockershim.sock', 'tcp://localhost:3735'",
218 "dockerShimRootDirectory": "DockershimRootDirectory is the dockershim root directory.",
219 }
220
221 func (DockerConfig) SwaggerDoc() map[string]string {
222 return map_DockerConfig
223 }
224
225 var map_EtcdConfig = map[string]string{
226 "": "EtcdConfig holds the necessary configuration options for connecting with an etcd database",
227 "servingInfo": "ServingInfo describes how to start serving the etcd master",
228 "address": "Address is the advertised host:port for client connections to etcd",
229 "peerServingInfo": "PeerServingInfo describes how to start serving the etcd peer",
230 "peerAddress": "PeerAddress is the advertised host:port for peer connections to etcd",
231 "storageDirectory": "StorageDir is the path to the etcd storage directory",
232 }
233
234 func (EtcdConfig) SwaggerDoc() map[string]string {
235 return map_EtcdConfig
236 }
237
238 var map_EtcdConnectionInfo = map[string]string{
239 "": "EtcdConnectionInfo holds information necessary for connecting to an etcd server",
240 "urls": "URLs are the URLs for etcd",
241 "ca": "CA is a file containing trusted roots for the etcd server certificates",
242 }
243
244 func (EtcdConnectionInfo) SwaggerDoc() map[string]string {
245 return map_EtcdConnectionInfo
246 }
247
248 var map_EtcdStorageConfig = map[string]string{
249 "": "EtcdStorageConfig holds the necessary configuration options for the etcd storage underlying OpenShift and Kubernetes",
250 "kubernetesStorageVersion": "KubernetesStorageVersion is the API version that Kube resources in etcd should be serialized to. This value should *not* be advanced until all clients in the cluster that read from etcd have code that allows them to read the new version.",
251 "kubernetesStoragePrefix": "KubernetesStoragePrefix is the path within etcd that the Kubernetes resources will be rooted under. This value, if changed, will mean existing objects in etcd will no longer be located. The default value is 'kubernetes.io'.",
252 "openShiftStorageVersion": "OpenShiftStorageVersion is the API version that OS resources in etcd should be serialized to. This value should *not* be advanced until all clients in the cluster that read from etcd have code that allows them to read the new version.",
253 "openShiftStoragePrefix": "OpenShiftStoragePrefix is the path within etcd that the OpenShift resources will be rooted under. This value, if changed, will mean existing objects in etcd will no longer be located. The default value is 'openshift.io'.",
254 }
255
256 func (EtcdStorageConfig) SwaggerDoc() map[string]string {
257 return map_EtcdStorageConfig
258 }
259
260 var map_GitHubIdentityProvider = map[string]string{
261 "": "GitHubIdentityProvider provides identities for users authenticating using GitHub credentials\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
262 "clientID": "ClientID is the oauth client ID",
263 "clientSecret": "ClientSecret is the oauth client secret",
264 "organizations": "Organizations optionally restricts which organizations are allowed to log in",
265 "teams": "Teams optionally restricts which teams are allowed to log in. Format is <org>/<team>.",
266 "hostname": "Hostname is the optional domain (e.g. \"mycompany.com\") for use with a hosted instance of GitHub Enterprise. It must match the GitHub Enterprise settings value that is configured at /setup/settings#hostname.",
267 "ca": "CA is the optional trusted certificate authority bundle to use when making requests to the server. If empty, the default system roots are used. This can only be configured when hostname is set to a non-empty value.",
268 }
269
270 func (GitHubIdentityProvider) SwaggerDoc() map[string]string {
271 return map_GitHubIdentityProvider
272 }
273
274 var map_GitLabIdentityProvider = map[string]string{
275 "": "GitLabIdentityProvider provides identities for users authenticating using GitLab credentials\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
276 "ca": "CA is the optional trusted certificate authority bundle to use when making requests to the server If empty, the default system roots are used",
277 "url": "URL is the oauth server base URL",
278 "clientID": "ClientID is the oauth client ID",
279 "clientSecret": "ClientSecret is the oauth client secret",
280 "legacy": "Legacy determines if OAuth2 or OIDC should be used If true, OAuth2 is used If false, OIDC is used If nil and the URL's host is gitlab.com, OIDC is used Otherwise, OAuth2 is used In a future release, nil will default to using OIDC Eventually this flag will be removed and only OIDC will be used",
281 }
282
283 func (GitLabIdentityProvider) SwaggerDoc() map[string]string {
284 return map_GitLabIdentityProvider
285 }
286
287 var map_GoogleIdentityProvider = map[string]string{
288 "": "GoogleIdentityProvider provides identities for users authenticating using Google credentials\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
289 "clientID": "ClientID is the oauth client ID",
290 "clientSecret": "ClientSecret is the oauth client secret",
291 "hostedDomain": "HostedDomain is the optional Google App domain (e.g. \"mycompany.com\") to restrict logins to",
292 }
293
294 func (GoogleIdentityProvider) SwaggerDoc() map[string]string {
295 return map_GoogleIdentityProvider
296 }
297
298 var map_GrantConfig = map[string]string{
299 "": "GrantConfig holds the necessary configuration options for grant handlers",
300 "method": "Method determines the default strategy to use when an OAuth client requests a grant. This method will be used only if the specific OAuth client doesn't provide a strategy of their own. Valid grant handling methods are:\n - auto: always approves grant requests, useful for trusted clients\n - prompt: prompts the end user for approval of grant requests, useful for third-party clients\n - deny: always denies grant requests, useful for black-listed clients",
301 "serviceAccountMethod": "ServiceAccountMethod is used for determining client authorization for service account oauth client. It must be either: deny, prompt",
302 }
303
304 func (GrantConfig) SwaggerDoc() map[string]string {
305 return map_GrantConfig
306 }
307
308 var map_GroupResource = map[string]string{
309 "": "GroupResource points to a resource by its name and API group.",
310 "group": "Group is the name of an API group",
311 "resource": "Resource is the name of a resource.",
312 }
313
314 func (GroupResource) SwaggerDoc() map[string]string {
315 return map_GroupResource
316 }
317
318 var map_HTPasswdPasswordIdentityProvider = map[string]string{
319 "": "HTPasswdPasswordIdentityProvider provides identities for users authenticating using htpasswd credentials\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
320 "file": "File is a reference to your htpasswd file",
321 }
322
323 func (HTPasswdPasswordIdentityProvider) SwaggerDoc() map[string]string {
324 return map_HTPasswdPasswordIdentityProvider
325 }
326
327 var map_HTTPServingInfo = map[string]string{
328 "": "HTTPServingInfo holds configuration for serving HTTP",
329 "maxRequestsInFlight": "MaxRequestsInFlight is the number of concurrent requests allowed to the server. If zero, no limit.",
330 "requestTimeoutSeconds": "RequestTimeoutSeconds is the number of seconds before requests are timed out. The default is 60 minutes, if -1 there is no limit on requests.",
331 }
332
333 func (HTTPServingInfo) SwaggerDoc() map[string]string {
334 return map_HTTPServingInfo
335 }
336
337 var map_IdentityProvider = map[string]string{
338 "": "IdentityProvider provides identities for users authenticating using credentials",
339 "name": "Name is used to qualify the identities returned by this provider",
340 "challenge": "UseAsChallenger indicates whether to issue WWW-Authenticate challenges for this provider",
341 "login": "UseAsLogin indicates whether to use this identity provider for unauthenticated browsers to login against",
342 "mappingMethod": "MappingMethod determines how identities from this provider are mapped to users",
343 "provider": "Provider contains the information about how to set up a specific identity provider",
344 }
345
346 func (IdentityProvider) SwaggerDoc() map[string]string {
347 return map_IdentityProvider
348 }
349
350 var map_ImageConfig = map[string]string{
351 "": "ImageConfig holds the necessary configuration options for building image names for system components",
352 "format": "Format is the format of the name to be built for the system component",
353 "latest": "Latest determines if the latest tag will be pulled from the registry",
354 }
355
356 func (ImageConfig) SwaggerDoc() map[string]string {
357 return map_ImageConfig
358 }
359
360 var map_ImagePolicyConfig = map[string]string{
361 "": "ImagePolicyConfig holds the necessary configuration options for limits and behavior for importing images",
362 "maxImagesBulkImportedPerRepository": "MaxImagesBulkImportedPerRepository controls the number of images that are imported when a user does a bulk import of a container repository. This number defaults to 50 to prevent users from importing large numbers of images accidentally. Set -1 for no limit.",
363 "disableScheduledImport": "DisableScheduledImport allows scheduled background import of images to be disabled.",
364 "scheduledImageImportMinimumIntervalSeconds": "ScheduledImageImportMinimumIntervalSeconds is the minimum number of seconds that can elapse between when image streams scheduled for background import are checked against the upstream repository. The default value is 15 minutes.",
365 "maxScheduledImageImportsPerMinute": "MaxScheduledImageImportsPerMinute is the maximum number of scheduled image streams that will be imported in the background per minute. The default value is 60. Set to -1 for unlimited.",
366 "allowedRegistriesForImport": "AllowedRegistriesForImport limits the container image registries that normal users may import images from. Set this list to the registries that you trust to contain valid Docker images and that you want applications to be able to import from. Users with permission to create Images or ImageStreamMappings via the API are not affected by this policy - typically only administrators or system integrations will have those permissions.",
367 "internalRegistryHostname": "InternalRegistryHostname sets the hostname for the default internal image registry. The value must be in \"hostname[:port]\" format. For backward compatibility, users can still use OPENSHIFT_DEFAULT_REGISTRY environment variable but this setting overrides the environment variable.",
368 "externalRegistryHostname": "ExternalRegistryHostname sets the hostname for the default external image registry. The external hostname should be set only when the image registry is exposed externally. The value is used in 'publicDockerImageRepository' field in ImageStreams. The value must be in \"hostname[:port]\" format.",
369 "additionalTrustedCA": "AdditionalTrustedCA is a path to a pem bundle file containing additional CAs that should be trusted during imagestream import.",
370 }
371
372 func (ImagePolicyConfig) SwaggerDoc() map[string]string {
373 return map_ImagePolicyConfig
374 }
375
376 var map_JenkinsPipelineConfig = map[string]string{
377 "": "JenkinsPipelineConfig holds configuration for the Jenkins pipeline strategy",
378 "autoProvisionEnabled": "AutoProvisionEnabled determines whether a Jenkins server will be spawned from the provided template when the first build config in the project with type JenkinsPipeline is created. When not specified this option defaults to true.",
379 "templateNamespace": "TemplateNamespace contains the namespace name where the Jenkins template is stored",
380 "templateName": "TemplateName is the name of the default Jenkins template",
381 "serviceName": "ServiceName is the name of the Jenkins service OpenShift uses to detect whether a Jenkins pipeline handler has already been installed in a project. This value *must* match a service name in the provided template.",
382 "parameters": "Parameters specifies a set of optional parameters to the Jenkins template.",
383 }
384
385 func (JenkinsPipelineConfig) SwaggerDoc() map[string]string {
386 return map_JenkinsPipelineConfig
387 }
388
389 var map_KeystonePasswordIdentityProvider = map[string]string{
390 "": "KeystonePasswordIdentityProvider provides identities for users authenticating using keystone password credentials\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
391 "domainName": "Domain Name is required for keystone v3",
392 "useKeystoneIdentity": "UseKeystoneIdentity flag indicates that user should be authenticated by keystone ID, not by username",
393 }
394
395 func (KeystonePasswordIdentityProvider) SwaggerDoc() map[string]string {
396 return map_KeystonePasswordIdentityProvider
397 }
398
399 var map_KubeletConnectionInfo = map[string]string{
400 "": "KubeletConnectionInfo holds information necessary for connecting to a kubelet",
401 "port": "Port is the port to connect to kubelets on",
402 "ca": "CA is the CA for verifying TLS connections to kubelets",
403 }
404
405 func (KubeletConnectionInfo) SwaggerDoc() map[string]string {
406 return map_KubeletConnectionInfo
407 }
408
409 var map_KubernetesMasterConfig = map[string]string{
410 "": "KubernetesMasterConfig holds the necessary configuration options for the Kubernetes master",
411 "apiLevels": "APILevels is a list of API levels that should be enabled on startup: v1 as examples",
412 "disabledAPIGroupVersions": "DisabledAPIGroupVersions is a map of groups to the versions (or *) that should be disabled.",
413 "masterIP": "MasterIP is the public IP address of kubernetes stuff. If empty, the first result from net.InterfaceAddrs will be used.",
414 "masterEndpointReconcileTTL": "MasterEndpointReconcileTTL sets the time to live in seconds of an endpoint record recorded by each master. The endpoints are checked at an interval that is 2/3 of this value and this value defaults to 15s if unset. In very large clusters, this value may be increased to reduce the possibility that the master endpoint record expires (due to other load on the etcd server) and causes masters to drop in and out of the kubernetes service record. It is not recommended to set this value below 15s.",
415 "servicesSubnet": "ServicesSubnet is the subnet to use for assigning service IPs",
416 "servicesNodePortRange": "ServicesNodePortRange is the range to use for assigning service public ports on a host.",
417 "schedulerConfigFile": "SchedulerConfigFile points to a file that describes how to set up the scheduler. If empty, you get the default scheduling rules.",
418 "podEvictionTimeout": "PodEvictionTimeout controls grace period for deleting pods on failed nodes. It takes valid time duration string. If empty, you get the default pod eviction timeout.",
419 "proxyClientInfo": "ProxyClientInfo specifies the client cert/key to use when proxying to pods",
420 "apiServerArguments": "APIServerArguments are key value pairs that will be passed directly to the Kube apiserver that match the apiservers's command line arguments. These are not migrated, but if you reference a value that does not exist the server will not start. These values may override other settings in KubernetesMasterConfig which may cause invalid configurations.",
421 "controllerArguments": "ControllerArguments are key value pairs that will be passed directly to the Kube controller manager that match the controller manager's command line arguments. These are not migrated, but if you reference a value that does not exist the server will not start. These values may override other settings in KubernetesMasterConfig which may cause invalid configurations.",
422 "schedulerArguments": "SchedulerArguments are key value pairs that will be passed directly to the Kube scheduler that match the scheduler's command line arguments. These are not migrated, but if you reference a value that does not exist the server will not start. These values may override other settings in KubernetesMasterConfig which may cause invalid configurations.",
423 }
424
425 func (KubernetesMasterConfig) SwaggerDoc() map[string]string {
426 return map_KubernetesMasterConfig
427 }
428
429 var map_LDAPAttributeMapping = map[string]string{
430 "": "LDAPAttributeMapping maps LDAP attributes to OpenShift identity fields",
431 "id": "ID is the list of attributes whose values should be used as the user ID. Required. LDAP standard identity attribute is \"dn\"",
432 "preferredUsername": "PreferredUsername is the list of attributes whose values should be used as the preferred username. LDAP standard login attribute is \"uid\"",
433 "name": "Name is the list of attributes whose values should be used as the display name. Optional. If unspecified, no display name is set for the identity LDAP standard display name attribute is \"cn\"",
434 "email": "Email is the list of attributes whose values should be used as the email address. Optional. If unspecified, no email is set for the identity",
435 }
436
437 func (LDAPAttributeMapping) SwaggerDoc() map[string]string {
438 return map_LDAPAttributeMapping
439 }
440
441 var map_LDAPPasswordIdentityProvider = map[string]string{
442 "": "LDAPPasswordIdentityProvider provides identities for users authenticating using LDAP credentials\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
443 "url": "URL is an RFC 2255 URL which specifies the LDAP search parameters to use. The syntax of the URL is\n ldap://host:port/basedn?attribute?scope?filter",
444 "bindDN": "BindDN is an optional DN to bind with during the search phase.",
445 "bindPassword": "BindPassword is an optional password to bind with during the search phase.",
446 "insecure": "Insecure, if true, indicates the connection should not use TLS. Cannot be set to true with a URL scheme of \"ldaps://\" If false, \"ldaps://\" URLs connect using TLS, and \"ldap://\" URLs are upgraded to a TLS connection using StartTLS as specified in https://tools.ietf.org/html/rfc2830",
447 "ca": "CA is the optional trusted certificate authority bundle to use when making requests to the server If empty, the default system roots are used",
448 "attributes": "Attributes maps LDAP attributes to identities",
449 }
450
451 func (LDAPPasswordIdentityProvider) SwaggerDoc() map[string]string {
452 return map_LDAPPasswordIdentityProvider
453 }
454
455 var map_LDAPQuery = map[string]string{
456 "": "LDAPQuery holds the options necessary to build an LDAP query",
457 "baseDN": "The DN of the branch of the directory where all searches should start from",
458 "scope": "The (optional) scope of the search. Can be: base: only the base object, one: all object on the base level, sub: the entire subtree Defaults to the entire subtree if not set",
459 "derefAliases": "The (optional) behavior of the search with regards to alisases. Can be: never: never dereference aliases, search: only dereference in searching, base: only dereference in finding the base object, always: always dereference Defaults to always dereferencing if not set",
460 "timeout": "TimeLimit holds the limit of time in seconds that any request to the server can remain outstanding before the wait for a response is given up. If this is 0, no client-side limit is imposed",
461 "filter": "Filter is a valid LDAP search filter that retrieves all relevant entries from the LDAP server with the base DN",
462 "pageSize": "PageSize is the maximum preferred page size, measured in LDAP entries. A page size of 0 means no paging will be done.",
463 }
464
465 func (LDAPQuery) SwaggerDoc() map[string]string {
466 return map_LDAPQuery
467 }
468
469 var map_LDAPSyncConfig = map[string]string{
470 "": "LDAPSyncConfig holds the necessary configuration options to define an LDAP group sync\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
471 "url": "Host is the scheme, host and port of the LDAP server to connect to: scheme://host:port",
472 "bindDN": "BindDN is an optional DN to bind to the LDAP server with",
473 "bindPassword": "BindPassword is an optional password to bind with during the search phase.",
474 "insecure": "Insecure, if true, indicates the connection should not use TLS. Cannot be set to true with a URL scheme of \"ldaps://\" If false, \"ldaps://\" URLs connect using TLS, and \"ldap://\" URLs are upgraded to a TLS connection using StartTLS as specified in https://tools.ietf.org/html/rfc2830",
475 "ca": "CA is the optional trusted certificate authority bundle to use when making requests to the server If empty, the default system roots are used",
476 "groupUIDNameMapping": "LDAPGroupUIDToOpenShiftGroupNameMapping is an optional direct mapping of LDAP group UIDs to OpenShift Group names",
477 "rfc2307": "RFC2307Config holds the configuration for extracting data from an LDAP server set up in a fashion similar to RFC2307: first-class group and user entries, with group membership determined by a multi-valued attribute on the group entry listing its members",
478 "activeDirectory": "ActiveDirectoryConfig holds the configuration for extracting data from an LDAP server set up in a fashion similar to that used in Active Directory: first-class user entries, with group membership determined by a multi-valued attribute on members listing groups they are a member of",
479 "augmentedActiveDirectory": "AugmentedActiveDirectoryConfig holds the configuration for extracting data from an LDAP server set up in a fashion similar to that used in Active Directory as described above, with one addition: first-class group entries exist and are used to hold metadata but not group membership",
480 }
481
482 func (LDAPSyncConfig) SwaggerDoc() map[string]string {
483 return map_LDAPSyncConfig
484 }
485
486 var map_LocalQuota = map[string]string{
487 "": "LocalQuota contains options for controlling local volume quota on the node.",
488 "perFSGroup": "FSGroup can be specified to enable a quota on local storage use per unique FSGroup ID. At present this is only implemented for emptyDir volumes, and if the underlying volumeDirectory is on an XFS filesystem.",
489 }
490
491 func (LocalQuota) SwaggerDoc() map[string]string {
492 return map_LocalQuota
493 }
494
495 var map_MasterAuthConfig = map[string]string{
496 "": "MasterAuthConfig configures authentication options in addition to the standard oauth token and client certificate authenticators",
497 "requestHeader": "RequestHeader holds options for setting up a front proxy against the API. It is optional.",
498 "webhookTokenAuthenticators": "WebhookTokenAuthnConfig, if present configures remote token reviewers",
499 "oauthMetadataFile": "OAuthMetadataFile is a path to a file containing the discovery endpoint for OAuth 2.0 Authorization Server Metadata for an external OAuth server. See IETF Draft: // https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 This option is mutually exclusive with OAuthConfig",
500 }
501
502 func (MasterAuthConfig) SwaggerDoc() map[string]string {
503 return map_MasterAuthConfig
504 }
505
506 var map_MasterClients = map[string]string{
507 "": "MasterClients holds references to `.kubeconfig` files that qualify master clients for OpenShift and Kubernetes",
508 "openshiftLoopbackKubeConfig": "OpenShiftLoopbackKubeConfig is a .kubeconfig filename for system components to loopback to this master",
509 "openshiftLoopbackClientConnectionOverrides": "OpenShiftLoopbackClientConnectionOverrides specifies client overrides for system components to loop back to this master.",
510 }
511
512 func (MasterClients) SwaggerDoc() map[string]string {
513 return map_MasterClients
514 }
515
516 var map_MasterConfig = map[string]string{
517 "": "MasterConfig holds the necessary configuration options for the OpenShift master\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
518 "servingInfo": "ServingInfo describes how to start serving",
519 "authConfig": "AuthConfig configures authentication options in addition to the standard oauth token and client certificate authenticators",
520 "aggregatorConfig": "AggregatorConfig has options for configuring the aggregator component of the API server.",
521 "corsAllowedOrigins": "CORSAllowedOrigins",
522 "apiLevels": "APILevels is a list of API levels that should be enabled on startup: v1 as examples",
523 "masterPublicURL": "MasterPublicURL is how clients can access the OpenShift API server",
524 "controllers": "Controllers is a list of the controllers that should be started. If set to \"none\", no controllers will start automatically. The default value is \"*\" which will start all controllers. When using \"*\", you may exclude controllers by prepending a \"-\" in front of their name. No other values are recognized at this time.",
525 "admissionConfig": "AdmissionConfig contains admission control plugin configuration.",
526 "controllerConfig": "ControllerConfig holds configuration values for controllers",
527 "etcdStorageConfig": "EtcdStorageConfig contains information about how API resources are stored in Etcd. These values are only relevant when etcd is the backing store for the cluster.",
528 "etcdClientInfo": "EtcdClientInfo contains information about how to connect to etcd",
529 "kubeletClientInfo": "KubeletClientInfo contains information about how to connect to kubelets",
530 "kubernetesMasterConfig": "KubernetesMasterConfig, if present start the kubernetes master in this process",
531 "etcdConfig": "EtcdConfig, if present start etcd in this process",
532 "oauthConfig": "OAuthConfig, if present start the /oauth endpoint in this process",
533 "dnsConfig": "DNSConfig, if present start the DNS server in this process",
534 "serviceAccountConfig": "ServiceAccountConfig holds options related to service accounts",
535 "masterClients": "MasterClients holds all the client connection information for controllers and other system components",
536 "imageConfig": "ImageConfig holds options that describe how to build image names for system components",
537 "imagePolicyConfig": "ImagePolicyConfig controls limits and behavior for importing images",
538 "policyConfig": "PolicyConfig holds information about where to locate critical pieces of bootstrapping policy",
539 "projectConfig": "ProjectConfig holds information about project creation and defaults",
540 "routingConfig": "RoutingConfig holds information about routing and route generation",
541 "networkConfig": "NetworkConfig to be passed to the compiled in network plugin",
542 "volumeConfig": "MasterVolumeConfig contains options for configuring volume plugins in the master node.",
543 "jenkinsPipelineConfig": "JenkinsPipelineConfig holds information about the default Jenkins template used for JenkinsPipeline build strategy.",
544 "auditConfig": "AuditConfig holds information related to auditing capabilities.",
545 }
546
547 func (MasterConfig) SwaggerDoc() map[string]string {
548 return map_MasterConfig
549 }
550
551 var map_MasterNetworkConfig = map[string]string{
552 "": "MasterNetworkConfig to be passed to the compiled in network plugin",
553 "networkPluginName": "NetworkPluginName is the name of the network plugin to use",
554 "clusterNetworkCIDR": "ClusterNetworkCIDR is the CIDR string to specify the global overlay network's L3 space. Deprecated, but maintained for backwards compatibility, use ClusterNetworks instead.",
555 "clusterNetworks": "ClusterNetworks is a list of ClusterNetwork objects that defines the global overlay network's L3 space by specifying a set of CIDR and netmasks that the SDN can allocate addressed from. If this is specified, then ClusterNetworkCIDR and HostSubnetLength may not be set.",
556 "hostSubnetLength": "HostSubnetLength is the number of bits to allocate to each host's subnet e.g. 8 would mean a /24 network on the host. Deprecated, but maintained for backwards compatibility, use ClusterNetworks instead.",
557 "serviceNetworkCIDR": "ServiceNetwork is the CIDR string to specify the service networks",
558 "externalIPNetworkCIDRs": "ExternalIPNetworkCIDRs controls what values are acceptable for the service external IP field. If empty, no externalIP may be set. It may contain a list of CIDRs which are checked for access. If a CIDR is prefixed with !, IPs in that CIDR will be rejected. Rejections will be applied first, then the IP checked against one of the allowed CIDRs. You should ensure this range does not overlap with your nodes, pods, or service CIDRs for security reasons.",
559 "ingressIPNetworkCIDR": "IngressIPNetworkCIDR controls the range to assign ingress ips from for services of type LoadBalancer on bare metal. If empty, ingress ips will not be assigned. It may contain a single CIDR that will be allocated from. For security reasons, you should ensure that this range does not overlap with the CIDRs reserved for external ips, nodes, pods, or services.",
560 "vxlanPort": "VXLANPort is the VXLAN port used by the cluster defaults. If it is not set, 4789 is the default value",
561 }
562
563 func (MasterNetworkConfig) SwaggerDoc() map[string]string {
564 return map_MasterNetworkConfig
565 }
566
567 var map_MasterVolumeConfig = map[string]string{
568 "": "MasterVolumeConfig contains options for configuring volume plugins in the master node.",
569 "dynamicProvisioningEnabled": "DynamicProvisioningEnabled is a boolean that toggles dynamic provisioning off when false, defaults to true",
570 }
571
572 func (MasterVolumeConfig) SwaggerDoc() map[string]string {
573 return map_MasterVolumeConfig
574 }
575
576 var map_NamedCertificate = map[string]string{
577 "": "NamedCertificate specifies a certificate/key, and the names it should be served for",
578 "names": "Names is a list of DNS names this certificate should be used to secure A name can be a normal DNS name, or can contain leading wildcard segments.",
579 }
580
581 func (NamedCertificate) SwaggerDoc() map[string]string {
582 return map_NamedCertificate
583 }
584
585 var map_NodeAuthConfig = map[string]string{
586 "": "NodeAuthConfig holds authn/authz configuration options",
587 "authenticationCacheTTL": "AuthenticationCacheTTL indicates how long an authentication result should be cached. It takes a valid time duration string (e.g. \"5m\"). If empty, you get the default timeout. If zero (e.g. \"0m\"), caching is disabled",
588 "authenticationCacheSize": "AuthenticationCacheSize indicates how many authentication results should be cached. If 0, the default cache size is used.",
589 "authorizationCacheTTL": "AuthorizationCacheTTL indicates how long an authorization result should be cached. It takes a valid time duration string (e.g. \"5m\"). If empty, you get the default timeout. If zero (e.g. \"0m\"), caching is disabled",
590 "authorizationCacheSize": "AuthorizationCacheSize indicates how many authorization results should be cached. If 0, the default cache size is used.",
591 }
592
593 func (NodeAuthConfig) SwaggerDoc() map[string]string {
594 return map_NodeAuthConfig
595 }
596
597 var map_NodeConfig = map[string]string{
598 "": "NodeConfig is the fully specified config starting an OpenShift node\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
599 "nodeName": "NodeName is the value used to identify this particular node in the cluster. If possible, this should be your fully qualified hostname. If you're describing a set of static nodes to the master, this value must match one of the values in the list",
600 "nodeIP": "Node may have multiple IPs, specify the IP to use for pod traffic routing If not specified, network parse/lookup on the nodeName is performed and the first non-loopback address is used",
601 "servingInfo": "ServingInfo describes how to start serving",
602 "masterKubeConfig": "MasterKubeConfig is a filename for the .kubeconfig file that describes how to connect this node to the master",
603 "masterClientConnectionOverrides": "MasterClientConnectionOverrides provides overrides to the client connection used to connect to the master.",
604 "dnsDomain": "DNSDomain holds the domain suffix that will be used for the DNS search path inside each container. Defaults to 'cluster.local'.",
605 "dnsIP": "DNSIP is the IP address that pods will use to access cluster DNS. Defaults to the service IP of the Kubernetes master. This IP must be listening on port 53 for compatibility with libc resolvers (which cannot be configured to resolve names from any other port). When running more complex local DNS configurations, this is often set to the local address of a DNS proxy like dnsmasq, which then will consult either the local DNS (see dnsBindAddress) or the master DNS.",
606 "dnsBindAddress": "DNSBindAddress is the ip:port to serve DNS on. If this is not set, the DNS server will not be started. Because most DNS resolvers will only listen on port 53, if you select an alternative port you will need a DNS proxy like dnsmasq to answer queries for containers. A common configuration is dnsmasq configured on a node IP listening on 53 and delegating queries for dnsDomain to this process, while sending other queries to the host environments nameservers.",
607 "dnsNameservers": "DNSNameservers is a list of ip:port values of recursive nameservers to forward queries to when running a local DNS server if dnsBindAddress is set. If this value is empty, the DNS server will default to the nameservers listed in /etc/resolv.conf. If you have configured dnsmasq or another DNS proxy on the system, this value should be set to the upstream nameservers dnsmasq resolves with.",
608 "dnsRecursiveResolvConf": "DNSRecursiveResolvConf is a path to a resolv.conf file that contains settings for an upstream server. Only the nameservers and port fields are used. The file must exist and parse correctly. It adds extra nameservers to DNSNameservers if set.",
609 "networkPluginName": "Deprecated and maintained for backward compatibility, use NetworkConfig.NetworkPluginName instead",
610 "networkConfig": "NetworkConfig provides network options for the node",
611 "volumeDirectory": "VolumeDirectory is the directory that volumes will be stored under",
612 "imageConfig": "ImageConfig holds options that describe how to build image names for system components",
613 "allowDisabledDocker": "AllowDisabledDocker if true, the Kubelet will ignore errors from Docker. This means that a node can start on a machine that doesn't have docker started.",
614 "podManifestConfig": "PodManifestConfig holds the configuration for enabling the Kubelet to create pods based from a manifest file(s) placed locally on the node",
615 "authConfig": "AuthConfig holds authn/authz configuration options",
616 "dockerConfig": "DockerConfig holds Docker related configuration options.",
617 "kubeletArguments": "KubeletArguments are key value pairs that will be passed directly to the Kubelet that match the Kubelet's command line arguments. These are not migrated or validated, so if you use them they may become invalid. These values override other settings in NodeConfig which may cause invalid configurations.",
618 "proxyArguments": "ProxyArguments are key value pairs that will be passed directly to the Proxy that match the Proxy's command line arguments. These are not migrated or validated, so if you use them they may become invalid. These values override other settings in NodeConfig which may cause invalid configurations.",
619 "iptablesSyncPeriod": "IPTablesSyncPeriod is how often iptable rules are refreshed",
620 "enableUnidling": "EnableUnidling controls whether or not the hybrid unidling proxy will be set up",
621 "volumeConfig": "VolumeConfig contains options for configuring volumes on the node.",
622 }
623
624 func (NodeConfig) SwaggerDoc() map[string]string {
625 return map_NodeConfig
626 }
627
628 var map_NodeNetworkConfig = map[string]string{
629 "": "NodeNetworkConfig provides network options for the node",
630 "networkPluginName": "NetworkPluginName is a string specifying the networking plugin",
631 "mtu": "Maximum transmission unit for the network packets",
632 }
633
634 func (NodeNetworkConfig) SwaggerDoc() map[string]string {
635 return map_NodeNetworkConfig
636 }
637
638 var map_NodeVolumeConfig = map[string]string{
639 "": "NodeVolumeConfig contains options for configuring volumes on the node.",
640 "localQuota": "LocalQuota contains options for controlling local volume quota on the node.",
641 }
642
643 func (NodeVolumeConfig) SwaggerDoc() map[string]string {
644 return map_NodeVolumeConfig
645 }
646
647 var map_OAuthConfig = map[string]string{
648 "": "OAuthConfig holds the necessary configuration options for OAuth authentication",
649 "masterCA": "MasterCA is the CA for verifying the TLS connection back to the MasterURL.",
650 "masterURL": "MasterURL is used for making server-to-server calls to exchange authorization codes for access tokens",
651 "masterPublicURL": "MasterPublicURL is used for building valid client redirect URLs for internal and external access",
652 "assetPublicURL": "AssetPublicURL is used for building valid client redirect URLs for external access",
653 "alwaysShowProviderSelection": "AlwaysShowProviderSelection will force the provider selection page to render even when there is only a single provider.",
654 "identityProviders": "IdentityProviders is an ordered list of ways for a user to identify themselves",
655 "grantConfig": "GrantConfig describes how to handle grants",
656 "sessionConfig": "SessionConfig hold information about configuring sessions.",
657 "tokenConfig": "TokenConfig contains options for authorization and access tokens",
658 "templates": "Templates allow you to customize pages like the login page.",
659 }
660
661 func (OAuthConfig) SwaggerDoc() map[string]string {
662 return map_OAuthConfig
663 }
664
665 var map_OAuthTemplates = map[string]string{
666 "": "OAuthTemplates allow for customization of pages like the login page",
667 "login": "Login is a path to a file containing a go template used to render the login page. If unspecified, the default login page is used.",
668 "providerSelection": "ProviderSelection is a path to a file containing a go template used to render the provider selection page. If unspecified, the default provider selection page is used.",
669 "error": "Error is a path to a file containing a go template used to render error pages during the authentication or grant flow If unspecified, the default error page is used.",
670 }
671
672 func (OAuthTemplates) SwaggerDoc() map[string]string {
673 return map_OAuthTemplates
674 }
675
676 var map_OpenIDClaims = map[string]string{
677 "": "OpenIDClaims contains a list of OpenID claims to use when authenticating with an OpenID identity provider",
678 "id": "ID is the list of claims whose values should be used as the user ID. Required. OpenID standard identity claim is \"sub\"",
679 "preferredUsername": "PreferredUsername is the list of claims whose values should be used as the preferred username. If unspecified, the preferred username is determined from the value of the id claim",
680 "name": "Name is the list of claims whose values should be used as the display name. Optional. If unspecified, no display name is set for the identity",
681 "email": "Email is the list of claims whose values should be used as the email address. Optional. If unspecified, no email is set for the identity",
682 }
683
684 func (OpenIDClaims) SwaggerDoc() map[string]string {
685 return map_OpenIDClaims
686 }
687
688 var map_OpenIDIdentityProvider = map[string]string{
689 "": "OpenIDIdentityProvider provides identities for users authenticating using OpenID credentials\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
690 "ca": "CA is the optional trusted certificate authority bundle to use when making requests to the server If empty, the default system roots are used",
691 "clientID": "ClientID is the oauth client ID",
692 "clientSecret": "ClientSecret is the oauth client secret",
693 "extraScopes": "ExtraScopes are any scopes to request in addition to the standard \"openid\" scope.",
694 "extraAuthorizeParameters": "ExtraAuthorizeParameters are any custom parameters to add to the authorize request.",
695 "urls": "URLs to use to authenticate",
696 "claims": "Claims mappings",
697 }
698
699 func (OpenIDIdentityProvider) SwaggerDoc() map[string]string {
700 return map_OpenIDIdentityProvider
701 }
702
703 var map_OpenIDURLs = map[string]string{
704 "": "OpenIDURLs are URLs to use when authenticating with an OpenID identity provider",
705 "authorize": "Authorize is the oauth authorization URL",
706 "token": "Token is the oauth token granting URL",
707 "userInfo": "UserInfo is the optional userinfo URL. If present, a granted access_token is used to request claims If empty, a granted id_token is parsed for claims",
708 }
709
710 func (OpenIDURLs) SwaggerDoc() map[string]string {
711 return map_OpenIDURLs
712 }
713
714 var map_PodManifestConfig = map[string]string{
715 "": "PodManifestConfig holds the necessary configuration options for using pod manifests",
716 "path": "Path specifies the path for the pod manifest file or directory If its a directory, its expected to contain on or more manifest files This is used by the Kubelet to create pods on the node",
717 "fileCheckIntervalSeconds": "FileCheckIntervalSeconds is the interval in seconds for checking the manifest file(s) for new data The interval needs to be a positive value",
718 }
719
720 func (PodManifestConfig) SwaggerDoc() map[string]string {
721 return map_PodManifestConfig
722 }
723
724 var map_PolicyConfig = map[string]string{
725 "": "\n holds the necessary configuration options for",
726 "userAgentMatchingConfig": "UserAgentMatchingConfig controls how API calls from *voluntarily* identifying clients will be handled. THIS DOES NOT DEFEND AGAINST MALICIOUS CLIENTS!",
727 }
728
729 func (PolicyConfig) SwaggerDoc() map[string]string {
730 return map_PolicyConfig
731 }
732
733 var map_ProjectConfig = map[string]string{
734 "": "\n holds the necessary configuration options for",
735 "defaultNodeSelector": "DefaultNodeSelector holds default project node label selector",
736 "projectRequestMessage": "ProjectRequestMessage is the string presented to a user if they are unable to request a project via the projectrequest api endpoint",
737 "projectRequestTemplate": "ProjectRequestTemplate is the template to use for creating projects in response to projectrequest. It is in the format namespace/template and it is optional. If it is not specified, a default template is used.",
738 "securityAllocator": "SecurityAllocator controls the automatic allocation of UIDs and MCS labels to a project. If nil, allocation is disabled.",
739 }
740
741 func (ProjectConfig) SwaggerDoc() map[string]string {
742 return map_ProjectConfig
743 }
744
745 var map_RFC2307Config = map[string]string{
746 "": "RFC2307Config holds the necessary configuration options to define how an LDAP group sync interacts with an LDAP server using the RFC2307 schema",
747 "groupsQuery": "AllGroupsQuery holds the template for an LDAP query that returns group entries.",
748 "groupUIDAttribute": "GroupUIDAttributes defines which attribute on an LDAP group entry will be interpreted as its unique identifier. (ldapGroupUID)",
749 "groupNameAttributes": "GroupNameAttributes defines which attributes on an LDAP group entry will be interpreted as its name to use for an OpenShift group",
750 "groupMembershipAttributes": "GroupMembershipAttributes defines which attributes on an LDAP group entry will be interpreted as its members. The values contained in those attributes must be queryable by your UserUIDAttribute",
751 "usersQuery": "AllUsersQuery holds the template for an LDAP query that returns user entries.",
752 "userUIDAttribute": "UserUIDAttribute defines which attribute on an LDAP user entry will be interpreted as its unique identifier. It must correspond to values that will be found from the GroupMembershipAttributes",
753 "userNameAttributes": "UserNameAttributes defines which attributes on an LDAP user entry will be used, in order, as its OpenShift user name. The first attribute with a non-empty value is used. This should match your PreferredUsername setting for your LDAPPasswordIdentityProvider",
754 "tolerateMemberNotFoundErrors": "TolerateMemberNotFoundErrors determines the behavior of the LDAP sync job when missing user entries are encountered. If 'true', an LDAP query for users that doesn't find any will be tolerated and an only and error will be logged. If 'false', the LDAP sync job will fail if a query for users doesn't find any. The default value is 'false'. Misconfigured LDAP sync jobs with this flag set to 'true' can cause group membership to be removed, so it is recommended to use this flag with caution.",
755 "tolerateMemberOutOfScopeErrors": "TolerateMemberOutOfScopeErrors determines the behavior of the LDAP sync job when out-of-scope user entries are encountered. If 'true', an LDAP query for a user that falls outside of the base DN given for the all user query will be tolerated and only an error will be logged. If 'false', the LDAP sync job will fail if a user query would search outside of the base DN specified by the all user query. Misconfigured LDAP sync jobs with this flag set to 'true' can result in groups missing users, so it is recommended to use this flag with caution.",
756 }
757
758 func (RFC2307Config) SwaggerDoc() map[string]string {
759 return map_RFC2307Config
760 }
761
762 var map_RegistryLocation = map[string]string{
763 "": "RegistryLocation contains a location of the registry specified by the registry domain name. The domain name might include wildcards, like '*' or '??'.",
764 "domainName": "DomainName specifies a domain name for the registry In case the registry use non-standard (80 or 443) port, the port should be included in the domain name as well.",
765 "insecure": "Insecure indicates whether the registry is secure (https) or insecure (http) By default (if not specified) the registry is assumed as secure.",
766 }
767
768 func (RegistryLocation) SwaggerDoc() map[string]string {
769 return map_RegistryLocation
770 }
771
772 var map_RemoteConnectionInfo = map[string]string{
773 "": "RemoteConnectionInfo holds information necessary for establishing a remote connection",
774 "url": "URL is the remote URL to connect to",
775 "ca": "CA is the CA for verifying TLS connections",
776 }
777
778 func (RemoteConnectionInfo) SwaggerDoc() map[string]string {
779 return map_RemoteConnectionInfo
780 }
781
782 var map_RequestHeaderAuthenticationOptions = map[string]string{
783 "": "RequestHeaderAuthenticationOptions provides options for setting up a front proxy against the entire API instead of against the /oauth endpoint.",
784 "clientCA": "ClientCA is a file with the trusted signer certs. It is required.",
785 "clientCommonNames": "ClientCommonNames is a required list of common names to require a match from.",
786 "usernameHeaders": "UsernameHeaders is the list of headers to check for user information. First hit wins.",
787 "groupHeaders": "GroupNameHeader is the set of headers to check for group information. All are unioned.",
788 "extraHeaderPrefixes": "ExtraHeaderPrefixes is the set of request header prefixes to inspect for user extra. X-Remote-Extra- is suggested.",
789 }
790
791 func (RequestHeaderAuthenticationOptions) SwaggerDoc() map[string]string {
792 return map_RequestHeaderAuthenticationOptions
793 }
794
795 var map_RequestHeaderIdentityProvider = map[string]string{
796 "": "RequestHeaderIdentityProvider provides identities for users authenticating using request header credentials\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
797 "loginURL": "LoginURL is a URL to redirect unauthenticated /authorize requests to Unauthenticated requests from OAuth clients which expect interactive logins will be redirected here ${url} is replaced with the current URL, escaped to be safe in a query parameter\n https://www.example.com/sso-login?then=${url}\n${query} is replaced with the current query string\n https://www.example.com/auth-proxy/oauth/authorize?${query}",
798 "challengeURL": "ChallengeURL is a URL to redirect unauthenticated /authorize requests to Unauthenticated requests from OAuth clients which expect WWW-Authenticate challenges will be redirected here ${url} is replaced with the current URL, escaped to be safe in a query parameter\n https://www.example.com/sso-login?then=${url}\n${query} is replaced with the current query string\n https://www.example.com/auth-proxy/oauth/authorize?${query}",
799 "clientCA": "ClientCA is a file with the trusted signer certs. If empty, no request verification is done, and any direct request to the OAuth server can impersonate any identity from this provider, merely by setting a request header.",
800 "clientCommonNames": "ClientCommonNames is an optional list of common names to require a match from. If empty, any client certificate validated against the clientCA bundle is considered authoritative.",
801 "headers": "Headers is the set of headers to check for identity information",
802 "preferredUsernameHeaders": "PreferredUsernameHeaders is the set of headers to check for the preferred username",
803 "nameHeaders": "NameHeaders is the set of headers to check for the display name",
804 "emailHeaders": "EmailHeaders is the set of headers to check for the email address",
805 }
806
807 func (RequestHeaderIdentityProvider) SwaggerDoc() map[string]string {
808 return map_RequestHeaderIdentityProvider
809 }
810
811 var map_RoutingConfig = map[string]string{
812 "": "RoutingConfig holds the necessary configuration options for routing to subdomains",
813 "subdomain": "Subdomain is the suffix appended to $service.$namespace. to form the default route hostname DEPRECATED: This field is being replaced by routers setting their own defaults. This is the \"default\" route.",
814 }
815
816 func (RoutingConfig) SwaggerDoc() map[string]string {
817 return map_RoutingConfig
818 }
819
820 var map_SecurityAllocator = map[string]string{
821 "": "SecurityAllocator controls the automatic allocation of UIDs and MCS labels to a project. If nil, allocation is disabled.",
822 "uidAllocatorRange": "UIDAllocatorRange defines the total set of Unix user IDs (UIDs) that will be allocated to projects automatically, and the size of the block each namespace gets. For example, 1000-1999/10 will allocate ten UIDs per namespace, and will be able to allocate up to 100 blocks before running out of space. The default is to allocate from 1 billion to 2 billion in 10k blocks (which is the expected size of the ranges container images will use once user namespaces are started).",
823 "mcsAllocatorRange": "MCSAllocatorRange defines the range of MCS categories that will be assigned to namespaces. The format is \"<prefix>/<numberOfLabels>[,<maxCategory>]\". The default is \"s0/2\" and will allocate from c0 -> c1023, which means a total of 535k labels are available (1024 choose 2 ~ 535k). If this value is changed after startup, new projects may receive labels that are already allocated to other projects. Prefix may be any valid SELinux set of terms (including user, role, and type), although leaving them as the default will allow the server to set them automatically.\n\nExamples: * s0:/2 - Allocate labels from s0:c0,c0 to s0:c511,c511 * s0:/2,512 - Allocate labels from s0:c0,c0,c0 to s0:c511,c511,511",
824 "mcsLabelsPerProject": "MCSLabelsPerProject defines the number of labels that should be reserved per project. The default is 5 to match the default UID and MCS ranges (100k namespaces, 535k/5 labels).",
825 }
826
827 func (SecurityAllocator) SwaggerDoc() map[string]string {
828 return map_SecurityAllocator
829 }
830
831 var map_ServiceAccountConfig = map[string]string{
832 "": "ServiceAccountConfig holds the necessary configuration options for a service account",
833 "managedNames": "ManagedNames is a list of service account names that will be auto-created in every namespace. If no names are specified, the ServiceAccountsController will not be started.",
834 "limitSecretReferences": "LimitSecretReferences controls whether or not to allow a service account to reference any secret in a namespace without explicitly referencing them",
835 "privateKeyFile": "PrivateKeyFile is a file containing a PEM-encoded private RSA key, used to sign service account tokens. If no private key is specified, the service account TokensController will not be started.",
836 "publicKeyFiles": "PublicKeyFiles is a list of files, each containing a PEM-encoded public RSA key. (If any file contains a private key, the public portion of the key is used) The list of public keys is used to verify presented service account tokens. Each key is tried in order until the list is exhausted or verification succeeds. If no keys are specified, no service account authentication will be available.",
837 "masterCA": "MasterCA is the CA for verifying the TLS connection back to the master. The service account controller will automatically inject the contents of this file into pods so they can verify connections to the master.",
838 }
839
840 func (ServiceAccountConfig) SwaggerDoc() map[string]string {
841 return map_ServiceAccountConfig
842 }
843
844 var map_ServiceServingCert = map[string]string{
845 "": "ServiceServingCert holds configuration for service serving cert signer which creates cert/key pairs for pods fulfilling a service to serve with.",
846 "signer": "Signer holds the signing information used to automatically sign serving certificates. If this value is nil, then certs are not signed automatically.",
847 }
848
849 func (ServiceServingCert) SwaggerDoc() map[string]string {
850 return map_ServiceServingCert
851 }
852
853 var map_ServingInfo = map[string]string{
854 "": "ServingInfo holds information about serving web pages",
855 "bindAddress": "BindAddress is the ip:port to serve on",
856 "bindNetwork": "BindNetwork is the type of network to bind to - defaults to \"tcp4\", accepts \"tcp\", \"tcp4\", and \"tcp6\"",
857 "clientCA": "ClientCA is the certificate bundle for all the signers that you'll recognize for incoming client certificates",
858 "namedCertificates": "NamedCertificates is a list of certificates to use to secure requests to specific hostnames",
859 "minTLSVersion": "MinTLSVersion is the minimum TLS version supported. Values must match version names from https://golang.org/pkg/crypto/tls/#pkg-constants",
860 "cipherSuites": "CipherSuites contains an overridden list of ciphers for the server to support. Values must match cipher suite IDs from https://golang.org/pkg/crypto/tls/#pkg-constants",
861 }
862
863 func (ServingInfo) SwaggerDoc() map[string]string {
864 return map_ServingInfo
865 }
866
867 var map_SessionConfig = map[string]string{
868 "": "SessionConfig specifies options for cookie-based sessions. Used by AuthRequestHandlerSession",
869 "sessionSecretsFile": "SessionSecretsFile is a reference to a file containing a serialized SessionSecrets object If no file is specified, a random signing and encryption key are generated at each server start",
870 "sessionMaxAgeSeconds": "SessionMaxAgeSeconds specifies how long created sessions last. Used by AuthRequestHandlerSession",
871 "sessionName": "SessionName is the cookie name used to store the session",
872 }
873
874 func (SessionConfig) SwaggerDoc() map[string]string {
875 return map_SessionConfig
876 }
877
878 var map_SessionSecret = map[string]string{
879 "": "SessionSecret is a secret used to authenticate/decrypt cookie-based sessions",
880 "authentication": "Authentication is used to authenticate sessions using HMAC. Recommended to use a secret with 32 or 64 bytes.",
881 "encryption": "Encryption is used to encrypt sessions. Must be 16, 24, or 32 characters long, to select AES-128, AES-",
882 }
883
884 func (SessionSecret) SwaggerDoc() map[string]string {
885 return map_SessionSecret
886 }
887
888 var map_SessionSecrets = map[string]string{
889 "": "SessionSecrets list the secrets to use to sign/encrypt and authenticate/decrypt created sessions.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.",
890 "secrets": "Secrets is a list of secrets New sessions are signed and encrypted using the first secret. Existing sessions are decrypted/authenticated by each secret until one succeeds. This allows rotating secrets.",
891 }
892
893 func (SessionSecrets) SwaggerDoc() map[string]string {
894 return map_SessionSecrets
895 }
896
897 var map_SourceStrategyDefaultsConfig = map[string]string{
898 "": "SourceStrategyDefaultsConfig contains values that apply to builds using the source strategy.",
899 "incremental": "incremental indicates if s2i build strategies should perform an incremental build or not",
900 }
901
902 func (SourceStrategyDefaultsConfig) SwaggerDoc() map[string]string {
903 return map_SourceStrategyDefaultsConfig
904 }
905
906 var map_StringSource = map[string]string{
907 "": "StringSource allows specifying a string inline, or externally via env var or file. When it contains only a string value, it marshals to a simple JSON string.",
908 }
909
910 func (StringSource) SwaggerDoc() map[string]string {
911 return map_StringSource
912 }
913
914 var map_StringSourceSpec = map[string]string{
915 "": "StringSourceSpec specifies a string value, or external location",
916 "value": "Value specifies the cleartext value, or an encrypted value if keyFile is specified.",
917 "env": "Env specifies an envvar containing the cleartext value, or an encrypted value if the keyFile is specified.",
918 "file": "File references a file containing the cleartext value, or an encrypted value if a keyFile is specified.",
919 "keyFile": "KeyFile references a file containing the key to use to decrypt the value.",
920 }
921
922 func (StringSourceSpec) SwaggerDoc() map[string]string {
923 return map_StringSourceSpec
924 }
925
926 var map_TokenConfig = map[string]string{
927 "": "TokenConfig holds the necessary configuration options for authorization and access tokens",
928 "authorizeTokenMaxAgeSeconds": "AuthorizeTokenMaxAgeSeconds defines the maximum age of authorize tokens",
929 "accessTokenMaxAgeSeconds": "AccessTokenMaxAgeSeconds defines the maximum age of access tokens",
930 "accessTokenInactivityTimeoutSeconds": "AccessTokenInactivityTimeoutSeconds defined the default token inactivity timeout for tokens granted by any client. Setting it to nil means the feature is completely disabled (default) The default setting can be overriden on OAuthClient basis. The value represents the maximum amount of time that can occur between consecutive uses of the token. Tokens become invalid if they are not used within this temporal window. The user will need to acquire a new token to regain access once a token times out. Valid values are: - 0: Tokens never time out - X: Tokens time out if there is no activity for X seconds The current minimum allowed value for X is 300 (5 minutes)",
931 }
932
933 func (TokenConfig) SwaggerDoc() map[string]string {
934 return map_TokenConfig
935 }
936
937 var map_UserAgentDenyRule = map[string]string{
938 "": "UserAgentDenyRule adds a rejection message that can be used to help a user figure out how to get an approved client",
939 "rejectionMessage": "RejectionMessage is the message shown when rejecting a client. If it is not a set, the default message is used.",
940 }
941
942 func (UserAgentDenyRule) SwaggerDoc() map[string]string {
943 return map_UserAgentDenyRule
944 }
945
946 var map_UserAgentMatchRule = map[string]string{
947 "": "UserAgentMatchRule describes how to match a given request based on User-Agent and HTTPVerb",
948 "regex": "UserAgentRegex is a regex that is checked against the User-Agent. Known variants of oc clients 1. oc accessing kube resources: oc/v1.2.0 (linux/amd64) kubernetes/bc4550d 2. oc accessing openshift resources: oc/v1.1.3 (linux/amd64) openshift/b348c2f 3. openshift kubectl accessing kube resources: openshift/v1.2.0 (linux/amd64) kubernetes/bc4550d 4. openshift kubectl accessing openshift resources: openshift/v1.1.3 (linux/amd64) openshift/b348c2f 5. oadm accessing kube resources: oadm/v1.2.0 (linux/amd64) kubernetes/bc4550d 6. oadm accessing openshift resources: oadm/v1.1.3 (linux/amd64) openshift/b348c2f 7. openshift cli accessing kube resources: openshift/v1.2.0 (linux/amd64) kubernetes/bc4550d 8. openshift cli accessing openshift resources: openshift/v1.1.3 (linux/amd64) openshift/b348c2f",
949 "httpVerbs": "HTTPVerbs specifies which HTTP verbs should be matched. An empty list means \"match all verbs\".",
950 }
951
952 func (UserAgentMatchRule) SwaggerDoc() map[string]string {
953 return map_UserAgentMatchRule
954 }
955
956 var map_UserAgentMatchingConfig = map[string]string{
957 "": "UserAgentMatchingConfig controls how API calls from *voluntarily* identifying clients will be handled. THIS DOES NOT DEFEND AGAINST MALICIOUS CLIENTS!",
958 "requiredClients": "If this list is non-empty, then a User-Agent must match one of the UserAgentRegexes to be allowed",
959 "deniedClients": "If this list is non-empty, then a User-Agent must not match any of the UserAgentRegexes",
960 "defaultRejectionMessage": "DefaultRejectionMessage is the message shown when rejecting a client. If it is not a set, a generic message is given.",
961 }
962
963 func (UserAgentMatchingConfig) SwaggerDoc() map[string]string {
964 return map_UserAgentMatchingConfig
965 }
966
967 var map_WebhookTokenAuthenticator = map[string]string{
968 "": "WebhookTokenAuthenticators holds the necessary configuation options for external token authenticators",
969 "configFile": "ConfigFile is a path to a Kubeconfig file with the webhook configuration",
970 "cacheTTL": "CacheTTL indicates how long an authentication result should be cached. It takes a valid time duration string (e.g. \"5m\"). If empty, you get a default timeout of 2 minutes. If zero (e.g. \"0m\"), caching is disabled",
971 }
972
973 func (WebhookTokenAuthenticator) SwaggerDoc() map[string]string {
974 return map_WebhookTokenAuthenticator
975 }
976
977
978
View as plain text