API Reference¶
Packages¶
solar.opendefense.cloud/v1alpha1¶
Package v1alpha1 is the v1alpha1 version of the API.
BootstrapConfig¶
BootstrapConfig defines the render config for a bootstrap.
Appears in: - RenderTaskSpec - RendererConfig
| Field | Description | Default | Validation |
|---|---|---|---|
chart ChartConfig |
Chart is the ChartConfig for the rendered chart. | ||
input BootstrapInput |
Input is the input of the bootstrap. |
BootstrapInput¶
BootstrapInput defines the inputs to render a bootstrap.
Appears in: - BootstrapConfig
| Field | Description | Default | Validation |
|---|---|---|---|
releases object (keys:string, values:ResolvedResourceAccess) |
|||
userdata RawExtension |
Userdata is additional data to be rendered into the bootstrap chart values. |
ChartConfig¶
ChartConfig defines parameters for the rendered chart.
Appears in: - BootstrapConfig - ReleaseConfig
| Field | Description | Default | Validation |
|---|---|---|---|
name string |
Name is the name of the chart. | ||
description string |
Description is the description of the chart. | ||
version string |
Version is the version of the chart. | ||
appVersion string |
AppVersion is the version of the app. |
Component¶
Component represents an OCM component available in the solution catalog.
Appears in: - ComponentList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec ComponentSpec |
|||
status ComponentStatus |
ComponentList¶
ComponentList contains a list of Component resources.
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
items Component array |
ComponentSpec¶
ComponentSpec defines the desired state of a Component. It contains metadata about an OCM component's repository location
Appears in: - Component
| Field | Description | Default | Validation |
|---|---|---|---|
scheme string |
Scheme is the scheme to access the component. | ||
registry string |
Registry is the registry where the component is stored. | ||
repository string |
Repository is the repository where the component is stored. |
ComponentStatus¶
ComponentStatus defines the observed state of a Component.
Appears in: - Component
ComponentVersion¶
ComponentVersion represents an OCM component available in the solution catalog.
Appears in: - ComponentVersionList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec ComponentVersionSpec |
|||
status ComponentVersionStatus |
ComponentVersionList¶
ComponentVersionList contains a list of ComponentVersion resources.
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
items ComponentVersion array |
ComponentVersionSpec¶
ComponentVersionSpec defines the desired state of a ComponentVersion.
Appears in: - ComponentVersion
| Field | Description | Default | Validation |
|---|---|---|---|
componentRef LocalObjectReference |
ComponentRef is a reference to the parent Component. | ||
tag string |
Tag is a version of the component. | ||
resources object (keys:string, values:ResourceAccess) |
Resources are Resources that are within the ComponentVersion. | ||
entrypoint Entrypoint |
Entrypoint is the entrypoint for deploying a ComponentVersion. |
ComponentVersionStatus¶
ComponentVersionStatus defines the observed state of a ComponentVersion.
Appears in: - ComponentVersion
Entrypoint¶
Entrypoint defines the entrypoint for deploying a ComponentVersion.
Appears in: - ComponentVersionSpec - ReleaseInput
| Field | Description | Default | Validation |
|---|---|---|---|
resourceName string |
ResourceName is the Name of the Resource to use as the entrypoint. | ||
type EntrypointType |
Type of entrypoint. |
EntrypointType¶
Underlying type: string
EntrypointType is the Type of Entrypoint.
Appears in: - Entrypoint
| Field | Description |
|---|---|
kro |
|
helm |
HelmResourceMetadata¶
HelmResourceMetadata contains metadata extracted from a Helm chart resource during discovery.
Appears in: - ResolvedResourceAccess - ResourceAccess
| Field | Description | Default | Validation |
|---|---|---|---|
name string |
Name of the Helm chart. | ||
description string |
Description of the Helm chart. | ||
version string |
Version of the Helm chart. | ||
appVersion string |
AppVersion of the application deployed by the chart. | ||
valuesTemplate string |
ValuesTemplate contains the rendered helm values template, if present in the OCM package. |
Profile¶
Profile represents the link between a Release and a set of matching Targets the Release is intended to be deployed to.
Deletion is a destructive, cascading operation: deleting a Profile deletes all owned ReleaseBindings. To remove a Profile without triggering undeployment, first remove or relabel all matching Targets so the Profile controller deletes the ReleaseBindings itself, then delete the Profile once it has no owned bindings.
Appears in: - ProfileList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec ProfileSpec |
|||
status ProfileStatus |
ProfileList¶
ProfileList contains a list of Profile resources.
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
items Profile array |
ProfileSpec¶
ProfileSpec defines the desired state of a Profile. It points to a Release and defines target selection criteria for Targets this Release is intended to be deployed to.
Appears in: - Profile
| Field | Description | Default | Validation |
|---|---|---|---|
releaseRef LocalObjectReference |
ReleaseRef is a reference to a Release. It points to the Release that is intended to be deployed to all Targets identified by the TargetSelector. |
Required: {} |
|
targetSelector LabelSelector |
TargetSelector is a label-based filter to identify the Targets this Release is intended to be deployed to. |
Optional: {} |
|
userdata RawExtension |
Userdata contains arbitrary custom data or configuration which is passed to all Targets associated with this Profile. |
Optional: {} |
ProfileStatus¶
ProfileStatus defines the observed state of a Profile.
Appears in: - Profile
| Field | Description | Default | Validation |
|---|---|---|---|
matchedTargets integer |
MatchedTargets is the total number of Targets matching the target selection criteria. | Optional: {} |
|
conditions Condition array |
Conditions represent the latest available observations of the Profile's state. |
ReferenceGrant¶
ReferenceGrant grants namespaces listed in From permission to reference resource types listed in To within the namespace where this ReferenceGrant lives.
This enables cross-namespace use-cases such as a Profile in one namespace matching Targets in another namespace, or a ReleaseBinding referencing a Registry defined in a shared infrastructure namespace.
Appears in: - ReferenceGrantList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec ReferenceGrantSpec |
ReferenceGrantFromSubject¶
ReferenceGrantFromSubject identifies the group, kind, and namespace of a resource that is permitted to reference resources in the namespace where the ReferenceGrant lives.
Appears in: - ReferenceGrantSpec
| Field | Description | Default | Validation |
|---|---|---|---|
group string |
Group is the API group of the referencing resource. Use "" for the core API group. |
Required: {} |
|
kind string |
Kind is the kind of the referencing resource (e.g. "Profile", "Target"). | Required: {} |
|
namespace string |
Namespace is the namespace of the referencing resource. A single namespace is allowed per From entry to avoid overly broad grants. |
Required: {} |
ReferenceGrantList¶
ReferenceGrantList contains a list of ReferenceGrant resources.
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
items ReferenceGrant array |
ReferenceGrantSpec¶
ReferenceGrantSpec defines the desired state of a ReferenceGrant.
Appears in: - ReferenceGrant
| Field | Description | Default | Validation |
|---|---|---|---|
from ReferenceGrantFromSubject array |
From is the list of resources that are permitted to reference resources in this namespace. Each entry specifies the group, kind, and namespace of an allowed referencing resource. |
MinItems: 1 |
|
to ReferenceGrantToTarget array |
To is the list of resource types in this namespace that may be referenced from the resources listed in From. |
MinItems: 1 |
ReferenceGrantToTarget¶
ReferenceGrantToTarget specifies the group and kind of resource that may be referenced. Resource names are intentionally excluded: a namespace-scoped grant already limits the blast radius, and name restrictions rarely provide meaningful security.
Appears in: - ReferenceGrantSpec
| Field | Description | Default | Validation |
|---|---|---|---|
group string |
Group is the API group of the referenced resource. Use "" for the core API group. |
Required: {} |
|
kind string |
Kind is the kind of the referenced resource (e.g. "Target", "Registry"). | Required: {} |
Registry¶
Registry represents an OCI registry that can be used as a source or destination for artifacts.
Appears in: - RegistryList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec RegistrySpec |
|||
status RegistryStatus |
RegistryBinding¶
RegistryBinding declares that a specific Target is allowed to use a specific Registry.
Appears in: - RegistryBindingList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec RegistryBindingSpec |
|||
status RegistryBindingStatus |
RegistryBindingList¶
RegistryBindingList contains a list of RegistryBinding resources.
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
items RegistryBinding array |
RegistryBindingSpec¶
RegistryBindingSpec defines the desired state of a RegistryBinding.
Appears in: - RegistryBinding
| Field | Description | Default | Validation |
|---|---|---|---|
targetRef LocalObjectReference |
TargetRef references the Target this binding applies to. | ||
targetNamespace string |
TargetNamespace is the namespace of the Target when it resides in a different namespace than this RegistryBinding. If empty, the Target is assumed to be in the same namespace. Cross-namespace references require a ReferenceGrant in the Target's namespace that permits this RegistryBinding's namespace. |
Optional: {} |
|
registryRef LocalObjectReference |
RegistryRef references the Registry being bound. |
RegistryBindingStatus¶
RegistryBindingStatus defines the observed state of a RegistryBinding.
Appears in: - RegistryBinding
| Field | Description | Default | Validation |
|---|---|---|---|
conditions Condition array |
Conditions represent the latest available observations of a RegistryBinding's state. | Optional: {} |
RegistryList¶
RegistryList contains a list of Registry resources.
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
items Registry array |
RegistrySpec¶
RegistrySpec defines the desired state of a Registry.
Appears in: - Registry
| Field | Description | Default | Validation |
|---|---|---|---|
hostname string |
Hostname is the registry endpoint (e.g. "registry.example.com:5000"). | ||
plainHTTP boolean |
PlainHTTP uses HTTP instead of HTTPS for connections to this registry. | Optional: {} |
|
solarSecretRef LocalObjectReference |
SolarSecretRef references a Secret in the same namespace with credentials to access this registry from the SolAr cluster. Required if this registry is used as a render target. |
Optional: {} |
|
targetPullSecretName string |
TargetPullSecretName is the name of the Secret on the target cluster that contains credentials to pull from this registry. SolAr renders this name into target manifests (e.g. Flux OCIRepository.spec.secretRef.name) but never reads the Secret itself. The cluster maintainer must provision a Secret with this name on each target. Omit for anonymous pull. |
Optional: {} |
|
flavor string |
Flavor identifies the registry type for discovery webhook routing (e.g. "zot"). Required when WebhookPath is set. |
Optional: {} |
|
webhookPath string |
WebhookPath is the HTTP path on which the discovery worker listens for push notifications from this registry. Leave empty to disable webhook-based discovery; set ScanInterval to enable scan mode instead. |
Optional: {} |
|
scanInterval Duration |
ScanInterval controls how often the discovery worker performs a full scan of this registry. Leave unset to disable scan mode entirely. |
Optional: {} |
RegistryStatus¶
RegistryStatus defines the observed state of a Registry.
Appears in: - Registry
| Field | Description | Default | Validation |
|---|---|---|---|
conditions Condition array |
Conditions represent the latest available observations of a Registry's state. | Optional: {} |
Release¶
Release represents a specific deployment instance of a component. It combines a component version with deployment values and configuration for a particular use case.
Appears in: - ReleaseList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec ReleaseSpec |
|||
status ReleaseStatus |
ReleaseBinding¶
ReleaseBinding declares that a Release should be deployed to a Target.
Appears in: - ReleaseBindingList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec ReleaseBindingSpec |
|||
status ReleaseBindingStatus |
ReleaseBindingList¶
ReleaseBindingList contains a list of ReleaseBinding resources.
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
items ReleaseBinding array |
ReleaseBindingSpec¶
ReleaseBindingSpec defines the desired state of a ReleaseBinding.
Appears in: - ReleaseBinding
| Field | Description | Default | Validation |
|---|---|---|---|
targetRef LocalObjectReference |
TargetRef references the Target this release is bound to. | ||
targetNamespace string |
TargetNamespace is the namespace of the Target when it resides in a different namespace than this ReleaseBinding. If empty, the Target is assumed to be in the same namespace. Cross-namespace references require a ReferenceGrant in the target's namespace that grants access to this ReleaseBinding's namespace. |
Optional: {} |
|
releaseRef LocalObjectReference |
ReleaseRef references the Release to deploy. |
ReleaseBindingStatus¶
ReleaseBindingStatus defines the observed state of a ReleaseBinding.
Appears in: - ReleaseBinding
| Field | Description | Default | Validation |
|---|---|---|---|
conditions Condition array |
Conditions represent the latest available observations of a ReleaseBinding's state. | Optional: {} |
ReleaseComponent¶
ReleaseComponent is a reference to a component.
Appears in: - ReleaseInput
| Field | Description | Default | Validation |
|---|---|---|---|
name string |
Name is the name of the component. |
ReleaseConfig¶
ReleaseConfig defines the render config for a release.
Appears in: - RenderTaskSpec - RendererConfig
| Field | Description | Default | Validation |
|---|---|---|---|
chart ChartConfig |
Chart is the ChartConfig for the rendered chart. | ||
input ReleaseInput |
Input is the input of the release. | ||
targetNamespace string |
TargetNamespace is the namespace the Component gets deployed to. | ||
values RawExtension |
Values are additional values to be rendered into the release chart. |
ReleaseInput¶
ReleaseInput defines the inputs to render a release.
Appears in: - ReleaseConfig
| Field | Description | Default | Validation |
|---|---|---|---|
component ReleaseComponent |
Component is a reference to the component. | ||
resources object (keys:string, values:ResolvedResourceAccess) |
Resources is the map of resolved resources in the component. | ||
entrypoint Entrypoint |
Entrypoint is the resource to be used as an entrypoint for deployment. |
ReleaseList¶
ReleaseList contains a list of Release resources.
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
items Release array |
ReleaseSpec¶
ReleaseSpec defines the desired state of a Release. It specifies which component version to release and its deployment configuration.
Appears in: - Release
| Field | Description | Default | Validation |
|---|---|---|---|
componentVersionRef LocalObjectReference |
ComponentVersionRef is a reference to the ComponentVersion to be released. It points to the specific version of a component that this release is based on. |
||
componentVersionNamespace string |
ComponentVersionNamespace is the namespace where ComponentVersionRef is resolved. When set, the Release references a ComponentVersion in another namespace. Cross-namespace references require a ReferenceGrant in the ComponentVersion's namespace that grants access to this Release's namespace. |
Optional: {} |
|
targetNamespace string |
TargetNamespace is the namespace the ComponentVersion gets deployed to. | Optional: {} |
|
uniqueName string |
UniqueName is a logical identifier that ensures only one Release of this component is deployed per Target when multiple Profiles match. If not set, it defaults to the parent Component name (derived from the referenced ComponentVersion). Immutable once set. |
Optional: {} |
|
antiAffinity LabelSelector |
AntiAffinity defines exclusion rules. If another Release matching this label selector is already bound to the same Target, this Release should not be deployed there (or a conflict condition should be raised). |
Optional: {} |
|
values RawExtension |
Values contains deployment-specific values or configuration for the release. These values override defaults from the component version and are used during deployment. |
Optional: {} |
|
failedJobTTL integer |
failedJobTTL is the TTL in seconds after which a failed render job and its secrets are cleaned up. After this duration, the Kubernetes TTL controller will delete the Job and the controller will delete the Secrets (ConfigSecret, AuthSecret). On success, Job and Secrets are deleted immediately. If not set, defaults to 3600 (1 hour). |
Optional: {} |
|
priority integer |
Priority determines which Release takes precedence when multiple Releases share the same unique name on a Target. Higher values indicate higher priority. If not set, defaults to 0. |
Optional: {} |
ReleaseStatus¶
ReleaseStatus defines the observed state of a Release.
Appears in: - Release
| Field | Description | Default | Validation |
|---|---|---|---|
conditions Condition array |
Conditions represent the latest available observations of a Release's state. | Optional: {} |
|
renderTaskRef ObjectReference |
RenderTaskRef is a reference to the RenderTask responsible for this Release. | Optional: {} |
|
effectiveUniqueName string |
EffectiveUniqueName is the unique name used for deduplication on Targets. Equals Spec.UniqueName when set; otherwise the parent Component name derived from the referenced ComponentVersion. |
Optional: {} |
RenderArtifact¶
RenderArtifact represents a successfully pushed OCI artifact produced by a RenderTask.
Appears in: - RenderArtifactList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec RenderArtifactSpec |
|||
status RenderArtifactStatus |
RenderArtifactList¶
RenderArtifactList contains a list of RenderArtifact resources.
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
items RenderArtifact array |
RenderArtifactSpec¶
RenderArtifactSpec holds the OCI coordinates of a successfully pushed artifact.
Appears in: - RenderArtifact
| Field | Description | Default | Validation |
|---|---|---|---|
baseURL string |
BaseURL is the registry's base URL (e.g. "registry.example.com:5000"). | MinLength: 1 |
|
repository string |
Repository is the repository path within the registry. | MinLength: 1 |
|
tag string |
Tag is the OCI tag that was pushed. | MinLength: 1 |
|
renderTaskRef string |
RenderTaskRef is the name of the RenderTask that produced this artifact. | ||
pushSecretRef LocalObjectReference |
PushSecretRef references a Secret with push credentials. Used for tag deletion during GC. | Optional: {} |
|
pushSecretNamespace string |
PushSecretNamespace is the namespace of the Secret referenced by PushSecretRef. When empty, defaults to the RenderArtifact's own namespace. Set when the Registry lives in a different namespace from the Target (cross-namespace). |
Optional: {} |
|
registryFlavor string |
RegistryFlavor identifies the registry implementation (e.g. "zot", "harbor"). | Optional: {} |
RenderArtifactStatus¶
RenderArtifactStatus holds the observed state of a RenderArtifact.
Appears in: - RenderArtifact
| Field | Description | Default | Validation |
|---|---|---|---|
chartURL string |
ChartURL is the fully-qualified OCI reference for this artifact. | Optional: {} |
|
conditions Condition array |
Conditions represent the latest available observations of a RenderArtifact's state. | Optional: {} |
RenderBinding¶
RenderBinding declares that a consumer resource (e.g. a Target) is using a RenderArtifact.
Appears in: - RenderBindingList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec RenderBindingSpec |
RenderBindingList¶
RenderBindingList contains a list of RenderBinding resources.
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
items RenderBinding array |
RenderBindingSpec¶
RenderBindingSpec links a consumer resource to a RenderArtifact for ref-counting.
Appears in: - RenderBinding
| Field | Description | Default | Validation |
|---|---|---|---|
renderArtifactRef LocalObjectReference |
RenderArtifactRef is the name of the RenderArtifact in the same namespace. | ||
ownerKind string |
OwnerKind is the kind of the consuming resource (e.g. "Target"). | MinLength: 1 |
|
ownerName string |
OwnerName is the name of the consuming resource. | MinLength: 1 |
|
ownerNamespace string |
OwnerNamespace is the namespace of the consuming resource. | MinLength: 1 |
RenderTask¶
RenderTask manages a rendering job
Appears in: - RenderTaskList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec RenderTaskSpec |
|||
status RenderTaskStatus |
RenderTaskList¶
RenderTaskList contains a list of RenderTask resources.
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
items RenderTask array |
RenderTaskSpec¶
RenderTaskSpec holds the specification for a RenderTask
Appears in: - RenderTask
| Field | Description | Default | Validation |
|---|---|---|---|
type RendererConfigType |
Type defines the output type of the renderer. | ||
release ReleaseConfig |
ReleaseConfig is a config for a release. | ||
bootstrap BootstrapConfig |
BootstrapConfig is a config for a bootstrap. | ||
repository string |
Repository is the Repository where the chart will be pushed to (e.g. charts/mychart) | ||
tag string |
Tag is the Tag of the helm chart to be pushed. Make sure that the tag matches the version in Chart.yaml, otherwise helm will error before pushing. |
||
baseURL string |
BaseURL is the registry URL to push the rendered chart to (e.g. "registry.example.com:5000"). | ||
pushSecretRef LocalObjectReference |
PushSecretRef references a Secret in the same namespace with registry credentials for pushing the rendered chart. |
Optional: {} |
|
failedJobTTL integer |
failedJobTTL is the TTL in seconds after which a failed render job and its secrets are cleaned up. After this duration, the Kubernetes TTL controller will delete the Job and the controller will delete the Secrets (ConfigSecret, AuthSecret). On success, Job and Secrets are deleted immediately. If not set, defaults to 3600 (1 hour). |
Optional: {} |
|
ownerName string |
OwnerName is the name of the resource that created this RenderTask. | MinLength: 1 |
|
ownerNamespace string |
OwnerNamespace is the namespace of the resource that created this RenderTask. | MinLength: 1 |
|
ownerKind string |
OwnerKind is the kind of the resource that created this RenderTask (e.g. Release, Target). | MinLength: 1 |
RenderTaskStatus¶
RenderTaskStatus holds the status of the rendering process
Appears in: - RenderTask
| Field | Description | Default | Validation |
|---|---|---|---|
conditions Condition array |
Conditions represent the latest available observations of a RenderTask's state. | Optional: {} |
|
jobRef ObjectReference |
JobRef is a reference to the Job that is executing the rendering. | Optional: {} |
|
configSecretRef ObjectReference |
ConfigSecretRef is a reference to the Secret containing the renderer configuration. | Optional: {} |
|
chartURL string |
ChartURL represents the URL of where the rendered chart was pushed to. | Optional: {} |
RendererConfig¶
RendererConfig defines the configuration for the renderer.
Appears in: - RenderTaskSpec
| Field | Description | Default | Validation |
|---|---|---|---|
type RendererConfigType |
Type defines the output type of the renderer. | ||
release ReleaseConfig |
ReleaseConfig is a config for a release. | ||
bootstrap BootstrapConfig |
BootstrapConfig is a config for a bootstrap. |
RendererConfigType¶
Underlying type: string
RendererConfigType is the output type of the renderer.
Appears in: - RenderTaskSpec - RendererConfig
| Field | Description |
|---|---|
bootstrap |
|
release |
|
profile |
ResolvedResourceAccess¶
ResolvedResourceAccess extends ResourceAccess with pull secret information resolved from RegistryBindings at render time.
Appears in: - BootstrapInput - ReleaseInput
| Field | Description | Default | Validation |
|---|---|---|---|
repository string |
Repository of the Resource. | ||
insecure boolean |
Insecure switches TLS/HTTPS off if true | ||
tag string |
Tag of the Resource. | ||
helm HelmResourceMetadata |
Helm contains metadata for Helm chart resources, populated during discovery. | ||
pullSecretName string |
PullSecretName is the name of the pull secret on the target cluster for this resource's registry. Resolved from Registry.spec.targetPullSecretName via RegistryBinding. Empty means anonymous pull. |
ResourceAccess¶
ResourceAccess defines how a Resource can be accessed along with optional metadata.
Appears in: - ComponentVersionSpec
| Field | Description | Default | Validation |
|---|---|---|---|
repository string |
Repository of the Resource. | ||
insecure boolean |
Insecure switches TLS/HTTPS off if true | ||
tag string |
Tag of the Resource. | ||
helm HelmResourceMetadata |
Helm contains metadata for Helm chart resources, populated during discovery. |
Target¶
Target represents a deployment target environment. It defines the intended state of releases and configuration for a specific deployment target, such as a cluster or environment.
Appears in: - TargetList
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec TargetSpec |
|||
status TargetStatus |
TargetList¶
TargetList contains a list of Target resources.
| Field | Description | Default | Validation |
|---|---|---|---|
kind string |
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
Optional: {} |
|
apiVersion string |
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
Optional: {} |
|
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
items Target array |
TargetSpec¶
TargetSpec defines the desired state of a Target. It specifies the render registry and configuration for this deployment target.
Appears in: - Target
| Field | Description | Default | Validation |
|---|---|---|---|
renderRegistryRef LocalObjectReference |
RenderRegistryRef references the Registry to push rendered desired state to. The referenced Registry must have SolarSecretRef set for rendering to succeed. |
||
renderRegistryNamespace string |
RenderRegistryNamespace is the namespace of the Registry when it resides in a different namespace than this Target. If empty, the Registry is assumed to be in the same namespace. Cross-namespace references require a ReferenceGrant in the registry's namespace that grants access to this Target's namespace. |
Optional: {} |
|
userdata RawExtension |
Userdata contains arbitrary custom data or configuration specific to this target. This enables target-specific customization and deployment parameters. |
Optional: {} |
TargetStatus¶
TargetStatus defines the observed state of a Target.
Appears in: - Target
| Field | Description | Default | Validation |
|---|---|---|---|
bootstrapVersion integer |
BootstrapVersion is a monotonically increasing counter used as the bootstrap chart version. It is incremented each time the bootstrap chart is re-rendered, e.g. when the set of bound releases changes. |
Optional: {} |
|
conditions Condition array |
Conditions represent the latest available observations of a Target's state. | Optional: {} |