API Reference¶
Packages¶
solar.opendefense.cloud/v1alpha1¶
Package v1alpha1 is the v1alpha1 version of the API.
AuthenticationType¶
Underlying type: string
AuthenticationType
Appears in: - WebhookAuth
| Field | Description |
|---|---|
Basic |
|
Token |
ChartConfig¶
ChartConfig defines parameters for the rendered chart.
Appears in: - HydratedTargetConfig - ReleaseConfig
| Field | Description | Default | Validation |
|---|---|---|---|
name string |
Name is the name of the chart. | ||
description string |
Description is the description of the chart. | ||
version string |
Version is the version of the chart. | ||
appVersion string |
AppVersion is the version of the app. |
Component¶
Component represents an OCM component available in the solution catalog.
Appears in: - ComponentList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
||
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
||
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec ComponentSpec |
|||
status ComponentStatus |
ComponentSpec¶
ComponentSpec defines the desired state of a Component. It contains metadata about an OCM component's repository location
Appears in: - Component
| Field | Description | Default | Validation |
|---|---|---|---|
scheme string |
Scheme is the scheme to access the component. | ||
registry string |
Registry is the registry where the component is stored. | ||
repository string |
Repository is the repository where the component is stored. |
ComponentStatus¶
ComponentStatus defines the observed state of a Component.
Appears in: - Component
ComponentVersion¶
ComponentVersion represents an OCM component available in the solution catalog.
Appears in: - ComponentVersionList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
||
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
||
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec ComponentVersionSpec |
|||
status ComponentVersionStatus |
ComponentVersionSpec¶
ComponentVersionSpec defines the desired state of a ComponentVersion.
Appears in: - ComponentVersion
| Field | Description | Default | Validation |
|---|---|---|---|
componentRef LocalObjectReference |
ComponentRef is a reference to the parent Component. | ||
tag string |
Tag is a version of the component. | ||
resources object (keys:string, values:ResourceAccess) |
Resources are Resources that are within the ComponentVersion. | ||
entrypoint Entrypoint |
Entrypoint is the entrypoint for deploying a ComponentVersion. |
ComponentVersionStatus¶
ComponentVersionStatus defines the observed state of a ComponentVersion.
Appears in: - ComponentVersion
Discovery¶
Discovery represents a configuration for a registry to discover.
Appears in: - DiscoveryList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
||
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
||
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec DiscoverySpec |
|||
status DiscoveryStatus |
DiscoverySpec¶
DiscoverySpec defines the desired state of a Discovery.
Appears in: - Discovery
| Field | Description | Default | Validation |
|---|---|---|---|
registry Registry |
Registry specifies the registry that should be scanned by the discovery process. | ||
webhook Webhook |
Webhook specifies the configuration for a webhook that is called by the registry on created, updated or deleted images/repositories. | ||
filter Filter |
Filter specifies the filter that should be applied when scanning for components. If not specified, all components will be scanned. | Optional: {} |
|
discoveryInterval Duration |
DiscoveryInterval is the amount of time between two full scans of the registry. Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h" May be set to zero to fetch and create it once. Defaults to 24h. |
24h | Optional: {} |
disableStartupDiscovery boolean |
DisableStartupDiscovery defines whether the discovery should not be run on startup of the discovery process. If true it will only run on schedule, see .spec.cron. |
DiscoveryStatus¶
DiscoveryStatus defines the observed state of a Discovery.
Appears in: - Discovery
| Field | Description | Default | Validation |
|---|---|---|---|
podGeneration integer |
PodGeneration is the generation of the discovery object at the time the worker was instantiated. |
Entrypoint¶
Entrypoint defines the entrypoint for deploying a ComponentVersion.
Appears in: - ComponentVersionSpec - ReleaseInput
| Field | Description | Default | Validation |
|---|---|---|---|
resourceName string |
ResourceName is the Name of the Resource to use as the entrypoint. | ||
type EntrypointType |
Type of entrypoint. |
EntrypointType¶
Underlying type: string
EntrypointType is the Type of Entrypoint.
Appears in: - Entrypoint
| Field | Description |
|---|---|
kro |
|
helm |
Filter¶
Filter defines the filter criteria used to determine which components should be scanned.
Appears in: - DiscoverySpec
| Field | Description | Default | Validation |
|---|---|---|---|
repositoryPatterns string array |
RepositoryPatterns defines which repositories should be scanned for components. The default value is empty, which means that all repositories will be scanned. Wildcards are supported, e.g. "foo-" or "-dev". |
HydratedTarget¶
HydratedTarget represents a fully resolved and configured deployment target. It resolves the implicit matching of profiles to produce a concrete set of releases and profiles.
Appears in: - HydratedTargetList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
||
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
||
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec HydratedTargetSpec |
|||
status HydratedTargetStatus |
HydratedTargetConfig¶
HydratedTargetConfig defines the render config for a hydrated-target.
Appears in: - RenderTaskSpec - RendererConfig
| Field | Description | Default | Validation |
|---|---|---|---|
chart ChartConfig |
Chart is the ChartConfig for the rendered chart. | ||
input HydratedTargetInput |
Input is the input of the hydrated-target. |
HydratedTargetInput¶
HydratedTargetInput defines the inputs to render a hydrated-target.
Appears in: - HydratedTargetConfig
| Field | Description | Default | Validation |
|---|---|---|---|
releases object (keys:string, values:ResourceAccess) |
|||
userdata RawExtension |
Userdata is additional data to be rendered into the hydrated-target chart values. |
HydratedTargetSpec¶
HydratedTargetSpec defines the desired state of a HydratedTarget. It contains the concrete releases, profiles, and deployment configuration for a target environment.
Appears in: - HydratedTarget
| Field | Description | Default | Validation |
|---|---|---|---|
releases object (keys:string, values:LocalObjectReference) |
Releases is a map of release names to their corresponding Release object references. Each entry represents a component release that will be deployed to the target. |
||
profiles object (keys:string, values:LocalObjectReference) |
Profiles is a map of profile names to their corresponding Profile object references. It points to profiles that match the target, e.g. through the label selector of the Profile |
||
userdata RawExtension |
Userdata contains arbitrary custom data or configuration for the target deployment. This allows providing target-specific parameters or settings. |
HydratedTargetStatus¶
HydratedTargetStatus defines the observed state of a HydratedTarget.
Appears in: - HydratedTarget
| Field | Description | Default | Validation |
|---|---|---|---|
conditions Condition array |
Conditions represent the latest available observations of a HydratedTarget's state. | ||
renderTaskRef ObjectReference |
RenderTaskRef is a reference to the RenderTask responsible for this HydratedTarget. |
Profile¶
Profile represents the link between a Release and a set of matching Targets the Release is intended to be deployed to.
Appears in: - ProfileList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
||
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
||
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec ProfileSpec |
|||
status ProfileStatus |
ProfileSpec¶
ProfileSpec defines the desired state of a Profile. It points to a Release and defines target selection criteria for Targets this Release is intended to be deployed to.
Appears in: - Profile
| Field | Description | Default | Validation |
|---|---|---|---|
releaseRef LocalObjectReference |
ReleaseRef is a reference to a Release. It points to the Release that is intended to be deployed to all Targets identified by the TargetSelector. |
Required: {} |
|
targetSelector LabelSelector |
TargetSelector is a label-based filter to identify the Targets this Release is intended to be deployed to. |
||
userdata RawExtension |
Userdata contains arbitrary custom data or configuration which is passed to all Targets associated with this Profile. |
ProfileStatus¶
ProfileStatus defines the observed state of a Profile.
Appears in: - Profile
| Field | Description | Default | Validation |
|---|---|---|---|
matchedTargets integer |
MatchedTargets is the total number of Targets matching the target selection criteria. | ||
conditions Condition array |
Conditions represent the latest available observations of the Profile's state. |
Registry¶
Registry defines the configuration for a registry.
Appears in: - DiscoverySpec
| Field | Description | Default | Validation |
|---|---|---|---|
registryURL string |
RegistryURL defines the URL which is used to connect to the registry. | ||
secretRef LocalObjectReference |
SecretRef specifies the secret containing the relevant credentials for the registry that should be used during discovery. | ||
caConfigMapRef LocalObjectReference |
CAConfigMapRef contains CA bundle for registry connections (e.g., trust-manager's root-bundle). Key is expected to be "trust-bundle.pem". | ||
plainHTTP boolean |
PlainHTTP defines whether the registry should be accessed via plain HTTP instead of HTTPS. |
Release¶
Release represents a specific deployment instance of a component. It combines a component version with deployment values and configuration for a particular use case.
Appears in: - ReleaseList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
||
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
||
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec ReleaseSpec |
|||
status ReleaseStatus |
ReleaseComponent¶
ReleaseComponent is a reference to a component.
Appears in: - ReleaseInput
| Field | Description | Default | Validation |
|---|---|---|---|
name string |
Name is the name of the component. |
ReleaseConfig¶
ReleaseConfig defines the render config for a release.
Appears in: - RenderTaskSpec - RendererConfig
| Field | Description | Default | Validation |
|---|---|---|---|
chart ChartConfig |
Chart is the ChartConfig for the rendered chart. | ||
input ReleaseInput |
Input is the input of the release. | ||
values RawExtension |
Values are additional values to be rendered into the release chart. |
ReleaseInput¶
ReleaseInput defines the inputs to render a release.
Appears in: - ReleaseConfig
| Field | Description | Default | Validation |
|---|---|---|---|
component ReleaseComponent |
Component is a reference to the component. | ||
resources object (keys:string, values:ResourceAccess) |
Resources is the map of resources in the component. | ||
entrypoint Entrypoint |
Entrypoint is the resource to be used as an entrypoint for deployment. |
ReleaseSpec¶
ReleaseSpec defines the desired state of a Release. It specifies which component version to release and its deployment configuration.
Appears in: - Release
| Field | Description | Default | Validation |
|---|---|---|---|
componentRef LocalObjectReference |
ComponentVersionRef is a reference to the ComponentVersion to be released. It points to the specific version of a component that this release is based on. |
||
values RawExtension |
Values contains deployment-specific values or configuration for the release. These values override defaults from the component version and are used during deployment. |
ReleaseStatus¶
ReleaseStatus defines the observed state of a Release.
Appears in: - Release
| Field | Description | Default | Validation |
|---|---|---|---|
conditions Condition array |
Conditions represent the latest available observations of a Release's state. | ||
renderTaskRef ObjectReference |
RenderTaskRef is a reference to the RenderTask responsible for this Release. | ||
chartURL string |
ChartURL represents the URL of where the rendered chart was pushed to. |
RenderTask¶
RenderTask manages a rendering job
Appears in: - RenderTaskList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
||
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
||
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec RenderTaskSpec |
|||
status RenderTaskStatus |
RenderTaskSpec¶
RenderTaskSpec holds the specification for a RenderTask
Appears in: - RenderTask
| Field | Description | Default | Validation |
|---|---|---|---|
type RendererConfigType |
Type defines the output type of the renderer. | ||
release ReleaseConfig |
ReleaseConfig is a config for a release. | ||
hydrated-target HydratedTargetConfig |
HydratedTargetConfig is a config for a hydrated-target. | ||
repository string |
Repository is the Repository where the chart will be pushed to (e.g. charts/mychart) Keep in mind that the repository gets automatically prefixed with the registry by the rendertask-controller. |
||
tag string |
Tag is the Tag of the helm chart to be pushed. Make sure that the tag matches the version in Chart.yaml, otherwise helm will error before pushing. |
RenderTaskStatus¶
RenderTaskStatus holds the status of the rendering process
Appears in: - RenderTask
| Field | Description | Default | Validation |
|---|---|---|---|
conditions Condition array |
Conditions represent the latest available observations of a RenderTask's state. | ||
jobRef ObjectReference |
JobRef is a reference to the Job that is executing the rendering. | ||
configSecretRef ObjectReference |
ConfigSecretRef is a reference to the Secret containing the renderer configuration. | ||
chartURL string |
ChartURL represents the URL of where the rendered chart was pushed to. |
RendererConfig¶
RendererConfig defines the configuration for the renderer.
Appears in: - RenderTaskSpec
| Field | Description | Default | Validation |
|---|---|---|---|
type RendererConfigType |
Type defines the output type of the renderer. | ||
release ReleaseConfig |
ReleaseConfig is a config for a release. | ||
hydrated-target HydratedTargetConfig |
HydratedTargetConfig is a config for a hydrated-target. |
RendererConfigType¶
Underlying type: string
RendererConfigType is the output type of the renderer.
Appears in: - RenderTaskSpec - RendererConfig
| Field | Description |
|---|---|
hydrated-target |
|
release |
|
profile |
ResourceAccess¶
ResourceAccess defines how a Resource can be accessed.
Appears in: - ComponentVersionSpec - HydratedTargetInput - ReleaseInput
| Field | Description | Default | Validation |
|---|---|---|---|
repository string |
Repository of the Resource. | ||
tag string |
Tag of the Resource. |
Target¶
Target represents a deployment target environment. It defines the intended state of releases and configuration for a specific deployment target, such as a cluster or environment.
Appears in: - TargetList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
||
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
||
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec TargetSpec |
|||
status TargetStatus |
TargetSpec¶
TargetSpec defines the desired state of a Target. It specifies the releases and configuration intended for this deployment target.
Appears in: - Target
| Field | Description | Default | Validation |
|---|---|---|---|
releases object (keys:string, values:LocalObjectReference) |
Releases is a map of release names to their corresponding Release object references. Each entry represents a component release intended for deployment on this target. |
||
userdata RawExtension |
Userdata contains arbitrary custom data or configuration specific to this target. This enables target-specific customization and deployment parameters. |
TargetStatus¶
TargetStatus defines the observed state of a Target.
Appears in: - Target
Webhook¶
Webhook represents the configuration for a webhook.
Appears in: - DiscoverySpec
| Field | Description | Default | Validation |
|---|---|---|---|
flavor string |
Flavor is the webhook implementation to use. | Pattern: ^(@(zot)$ |
|
path string |
Path is where the webhook should listen. | ||
auth WebhookAuth |
Auth is the authentication information to use with the webhook. |
WebhookAuth¶
Appears in: - Webhook
| Field | Description | Default | Validation |
|---|---|---|---|
type AuthenticationType |
Type represents the type of authentication to use. Currently, only "token" is supported. | ||
authSecretRef LocalObjectReference |
AuthSecretRef is the reference to the secret which contains the authentication information for the webhook. |