Skip to content

API Reference

Packages

solar.opendefense.cloud/v1alpha1

Package v1alpha1 is the v1alpha1 version of the API.

BootstrapConfig

BootstrapConfig defines the render config for a bootstrap.

Appears in: - RenderTaskSpec - RendererConfig

Field Description Default Validation
chart ChartConfig Chart is the ChartConfig for the rendered chart.
input BootstrapInput Input is the input of the bootstrap.

BootstrapInput

BootstrapInput defines the inputs to render a bootstrap.

Appears in: - BootstrapConfig

Field Description Default Validation
releases object (keys:string, values:ResolvedResourceAccess)
userdata RawExtension Userdata is additional data to be rendered into the bootstrap chart values.

ChartConfig

ChartConfig defines parameters for the rendered chart.

Appears in: - BootstrapConfig - ReleaseConfig

Field Description Default Validation
name string Name is the name of the chart.
description string Description is the description of the chart.
version string Version is the version of the chart.
appVersion string AppVersion is the version of the app.

Component

Component represents an OCM component available in the solution catalog.

Appears in: - ComponentList

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata.
spec ComponentSpec
status ComponentStatus

ComponentList

ComponentList contains a list of Component resources.

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ListMeta Refer to Kubernetes API documentation for fields of metadata.
items Component array

ComponentSpec

ComponentSpec defines the desired state of a Component. It contains metadata about an OCM component's repository location

Appears in: - Component

Field Description Default Validation
scheme string Scheme is the scheme to access the component.
registry string Registry is the registry where the component is stored.
repository string Repository is the repository where the component is stored.

ComponentStatus

ComponentStatus defines the observed state of a Component.

Appears in: - Component

ComponentVersion

ComponentVersion represents an OCM component available in the solution catalog.

Appears in: - ComponentVersionList

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata.
spec ComponentVersionSpec
status ComponentVersionStatus

ComponentVersionList

ComponentVersionList contains a list of ComponentVersion resources.

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ListMeta Refer to Kubernetes API documentation for fields of metadata.
items ComponentVersion array

ComponentVersionSpec

ComponentVersionSpec defines the desired state of a ComponentVersion.

Appears in: - ComponentVersion

Field Description Default Validation
componentRef LocalObjectReference ComponentRef is a reference to the parent Component.
tag string Tag is a version of the component.
resources object (keys:string, values:ResourceAccess) Resources are Resources that are within the ComponentVersion.
entrypoint Entrypoint Entrypoint is the entrypoint for deploying a ComponentVersion.

ComponentVersionStatus

ComponentVersionStatus defines the observed state of a ComponentVersion.

Appears in: - ComponentVersion

Entrypoint

Entrypoint defines the entrypoint for deploying a ComponentVersion.

Appears in: - ComponentVersionSpec - ReleaseInput

Field Description Default Validation
resourceName string ResourceName is the Name of the Resource to use as the entrypoint.
type EntrypointType Type of entrypoint.

EntrypointType

Underlying type: string

EntrypointType is the Type of Entrypoint.

Appears in: - Entrypoint

Field Description
kro
helm

HelmResourceMetadata

HelmResourceMetadata contains metadata extracted from a Helm chart resource during discovery.

Appears in: - ResolvedResourceAccess - ResourceAccess

Field Description Default Validation
name string Name of the Helm chart.
description string Description of the Helm chart.
version string Version of the Helm chart.
appVersion string AppVersion of the application deployed by the chart.
valuesTemplate string ValuesTemplate contains the rendered helm values template, if present in the OCM package.

Profile

Profile represents the link between a Release and a set of matching Targets the Release is intended to be deployed to.

Deletion is a destructive, cascading operation: deleting a Profile deletes all owned ReleaseBindings. To remove a Profile without triggering undeployment, first remove or relabel all matching Targets so the Profile controller deletes the ReleaseBindings itself, then delete the Profile once it has no owned bindings.

Appears in: - ProfileList

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata.
spec ProfileSpec
status ProfileStatus

ProfileList

ProfileList contains a list of Profile resources.

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ListMeta Refer to Kubernetes API documentation for fields of metadata.
items Profile array

ProfileSpec

ProfileSpec defines the desired state of a Profile. It points to a Release and defines target selection criteria for Targets this Release is intended to be deployed to.

Appears in: - Profile

Field Description Default Validation
releaseRef LocalObjectReference ReleaseRef is a reference to a Release.
It points to the Release that is intended to be deployed to all Targets identified
by the TargetSelector.
Required: {}
targetSelector LabelSelector TargetSelector is a label-based filter to identify the Targets this Release is
intended to be deployed to.
Optional: {}
userdata RawExtension Userdata contains arbitrary custom data or configuration which is passed to all
Targets associated with this Profile.
Optional: {}

ProfileStatus

ProfileStatus defines the observed state of a Profile.

Appears in: - Profile

Field Description Default Validation
matchedTargets integer MatchedTargets is the total number of Targets matching the target selection criteria. Optional: {}
conditions Condition array Conditions represent the latest available observations of the Profile's state.

ReferenceGrant

ReferenceGrant grants namespaces listed in From permission to reference resource types listed in To within the namespace where this ReferenceGrant lives.

This enables cross-namespace use-cases such as a Profile in one namespace matching Targets in another namespace, or a ReleaseBinding referencing a Registry defined in a shared infrastructure namespace.

Appears in: - ReferenceGrantList

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata.
spec ReferenceGrantSpec

ReferenceGrantFromSubject

ReferenceGrantFromSubject identifies the group, kind, and namespace of a resource that is permitted to reference resources in the namespace where the ReferenceGrant lives.

Appears in: - ReferenceGrantSpec

Field Description Default Validation
group string Group is the API group of the referencing resource.
Use "" for the core API group.
Required: {}
kind string Kind is the kind of the referencing resource (e.g. "Profile", "Target"). Required: {}
namespace string Namespace is the namespace of the referencing resource.
A single namespace is allowed per From entry to avoid overly broad grants.
Required: {}

ReferenceGrantList

ReferenceGrantList contains a list of ReferenceGrant resources.

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ListMeta Refer to Kubernetes API documentation for fields of metadata.
items ReferenceGrant array

ReferenceGrantSpec

ReferenceGrantSpec defines the desired state of a ReferenceGrant.

Appears in: - ReferenceGrant

Field Description Default Validation
from ReferenceGrantFromSubject array From is the list of resources that are permitted to reference resources in this namespace.
Each entry specifies the group, kind, and namespace of an allowed referencing resource.
MinItems: 1
to ReferenceGrantToTarget array To is the list of resource types in this namespace that may be referenced from the
resources listed in From.
MinItems: 1

ReferenceGrantToTarget

ReferenceGrantToTarget specifies the group and kind of resource that may be referenced. Resource names are intentionally excluded: a namespace-scoped grant already limits the blast radius, and name restrictions rarely provide meaningful security.

Appears in: - ReferenceGrantSpec

Field Description Default Validation
group string Group is the API group of the referenced resource.
Use "" for the core API group.
Required: {}
kind string Kind is the kind of the referenced resource (e.g. "Target", "Registry"). Required: {}

Registry

Registry represents an OCI registry that can be used as a source or destination for artifacts.

Appears in: - RegistryList

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata.
spec RegistrySpec
status RegistryStatus

RegistryBinding

RegistryBinding declares that a specific Target is allowed to use a specific Registry.

Appears in: - RegistryBindingList

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata.
spec RegistryBindingSpec
status RegistryBindingStatus

RegistryBindingList

RegistryBindingList contains a list of RegistryBinding resources.

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ListMeta Refer to Kubernetes API documentation for fields of metadata.
items RegistryBinding array

RegistryBindingSpec

RegistryBindingSpec defines the desired state of a RegistryBinding.

Appears in: - RegistryBinding

Field Description Default Validation
targetRef LocalObjectReference TargetRef references the Target this binding applies to.
targetNamespace string TargetNamespace is the namespace of the Target when it resides in a different namespace
than this RegistryBinding. If empty, the Target is assumed to be in the same namespace.
Cross-namespace references require a ReferenceGrant in the Target's namespace that permits
this RegistryBinding's namespace.
Optional: {}
registryRef LocalObjectReference RegistryRef references the Registry being bound.

RegistryBindingStatus

RegistryBindingStatus defines the observed state of a RegistryBinding.

Appears in: - RegistryBinding

Field Description Default Validation
conditions Condition array Conditions represent the latest available observations of a RegistryBinding's state. Optional: {}

RegistryList

RegistryList contains a list of Registry resources.

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ListMeta Refer to Kubernetes API documentation for fields of metadata.
items Registry array

RegistrySpec

RegistrySpec defines the desired state of a Registry.

Appears in: - Registry

Field Description Default Validation
hostname string Hostname is the registry endpoint (e.g. "registry.example.com:5000").
plainHTTP boolean PlainHTTP uses HTTP instead of HTTPS for connections to this registry. Optional: {}
solarSecretRef LocalObjectReference SolarSecretRef references a Secret in the same namespace with credentials
to access this registry from the SolAr cluster. Required if this registry
is used as a render target.
Optional: {}
targetPullSecretName string TargetPullSecretName is the name of the Secret on the target cluster that
contains credentials to pull from this registry. SolAr renders this name
into target manifests (e.g. Flux OCIRepository.spec.secretRef.name) but
never reads the Secret itself. The cluster maintainer must provision a
Secret with this name on each target. Omit for anonymous pull.
Optional: {}
flavor string Flavor identifies the registry type for discovery webhook routing (e.g. "zot").
Required when WebhookPath is set.
Optional: {}
webhookPath string WebhookPath is the HTTP path on which the discovery worker listens for
push notifications from this registry. Leave empty to disable webhook-based
discovery; set ScanInterval to enable scan mode instead.
Optional: {}
scanInterval Duration ScanInterval controls how often the discovery worker performs a full scan
of this registry. Leave unset to disable scan mode entirely.
Optional: {}

RegistryStatus

RegistryStatus defines the observed state of a Registry.

Appears in: - Registry

Field Description Default Validation
conditions Condition array Conditions represent the latest available observations of a Registry's state. Optional: {}

Release

Release represents a specific deployment instance of a component. It combines a component version with deployment values and configuration for a particular use case.

Appears in: - ReleaseList

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata.
spec ReleaseSpec
status ReleaseStatus

ReleaseBinding

ReleaseBinding declares that a Release should be deployed to a Target.

Appears in: - ReleaseBindingList

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata.
spec ReleaseBindingSpec
status ReleaseBindingStatus

ReleaseBindingList

ReleaseBindingList contains a list of ReleaseBinding resources.

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ListMeta Refer to Kubernetes API documentation for fields of metadata.
items ReleaseBinding array

ReleaseBindingSpec

ReleaseBindingSpec defines the desired state of a ReleaseBinding.

Appears in: - ReleaseBinding

Field Description Default Validation
targetRef LocalObjectReference TargetRef references the Target this release is bound to.
targetNamespace string TargetNamespace is the namespace of the Target when it resides in a different namespace
than this ReleaseBinding. If empty, the Target is assumed to be in the same namespace.
Cross-namespace references require a ReferenceGrant in the target's namespace that grants
access to this ReleaseBinding's namespace.
Optional: {}
releaseRef LocalObjectReference ReleaseRef references the Release to deploy.

ReleaseBindingStatus

ReleaseBindingStatus defines the observed state of a ReleaseBinding.

Appears in: - ReleaseBinding

Field Description Default Validation
conditions Condition array Conditions represent the latest available observations of a ReleaseBinding's state. Optional: {}

ReleaseComponent

ReleaseComponent is a reference to a component.

Appears in: - ReleaseInput

Field Description Default Validation
name string Name is the name of the component.

ReleaseConfig

ReleaseConfig defines the render config for a release.

Appears in: - RenderTaskSpec - RendererConfig

Field Description Default Validation
chart ChartConfig Chart is the ChartConfig for the rendered chart.
input ReleaseInput Input is the input of the release.
targetNamespace string TargetNamespace is the namespace the Component gets deployed to.
values RawExtension Values are additional values to be rendered into the release chart.

ReleaseInput

ReleaseInput defines the inputs to render a release.

Appears in: - ReleaseConfig

Field Description Default Validation
component ReleaseComponent Component is a reference to the component.
resources object (keys:string, values:ResolvedResourceAccess) Resources is the map of resolved resources in the component.
entrypoint Entrypoint Entrypoint is the resource to be used as an entrypoint for deployment.

ReleaseList

ReleaseList contains a list of Release resources.

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ListMeta Refer to Kubernetes API documentation for fields of metadata.
items Release array

ReleaseSpec

ReleaseSpec defines the desired state of a Release. It specifies which component version to release and its deployment configuration.

Appears in: - Release

Field Description Default Validation
componentVersionRef LocalObjectReference ComponentVersionRef is a reference to the ComponentVersion to be released.
It points to the specific version of a component that this release is based on.
componentVersionNamespace string ComponentVersionNamespace is the namespace where ComponentVersionRef is resolved.
When set, the Release references a ComponentVersion in another namespace.
Cross-namespace references require a ReferenceGrant in the ComponentVersion's namespace
that grants access to this Release's namespace.
Optional: {}
targetNamespace string TargetNamespace is the namespace the ComponentVersion gets deployed to. Optional: {}
uniqueName string UniqueName is a logical identifier that ensures only one Release of this
component is deployed per Target when multiple Profiles match.
If not set, it defaults to the parent Component name (derived from the
referenced ComponentVersion). Immutable once set.
Optional: {}
antiAffinity LabelSelector AntiAffinity defines exclusion rules. If another Release matching this
label selector is already bound to the same Target, this Release should
not be deployed there (or a conflict condition should be raised).
Optional: {}
values RawExtension Values contains deployment-specific values or configuration for the release.
These values override defaults from the component version and are used during deployment.
Optional: {}
failedJobTTL integer failedJobTTL is the TTL in seconds after which a failed render job and its secrets are cleaned up.
After this duration, the Kubernetes TTL controller will delete the Job and the controller will delete
the Secrets (ConfigSecret, AuthSecret). On success, Job and Secrets are deleted immediately.
If not set, defaults to 3600 (1 hour).
Optional: {}
priority integer Priority determines which Release takes precedence when multiple Releases
share the same unique name on a Target. Higher values indicate higher priority.
If not set, defaults to 0.
Optional: {}

ReleaseStatus

ReleaseStatus defines the observed state of a Release.

Appears in: - Release

Field Description Default Validation
conditions Condition array Conditions represent the latest available observations of a Release's state. Optional: {}
renderTaskRef ObjectReference RenderTaskRef is a reference to the RenderTask responsible for this Release. Optional: {}
effectiveUniqueName string EffectiveUniqueName is the unique name used for deduplication on Targets.
Equals Spec.UniqueName when set; otherwise the parent Component name derived
from the referenced ComponentVersion.
Optional: {}

RenderArtifact

RenderArtifact represents a successfully pushed OCI artifact produced by a RenderTask.

Appears in: - RenderArtifactList

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata.
spec RenderArtifactSpec
status RenderArtifactStatus

RenderArtifactList

RenderArtifactList contains a list of RenderArtifact resources.

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ListMeta Refer to Kubernetes API documentation for fields of metadata.
items RenderArtifact array

RenderArtifactSpec

RenderArtifactSpec holds the OCI coordinates of a successfully pushed artifact.

Appears in: - RenderArtifact

Field Description Default Validation
baseURL string BaseURL is the registry's base URL (e.g. "registry.example.com:5000"). MinLength: 1
repository string Repository is the repository path within the registry. MinLength: 1
tag string Tag is the OCI tag that was pushed. MinLength: 1
renderTaskRef string RenderTaskRef is the name of the RenderTask that produced this artifact.
pushSecretRef LocalObjectReference PushSecretRef references a Secret with push credentials. Used for tag deletion during GC. Optional: {}
pushSecretNamespace string PushSecretNamespace is the namespace of the Secret referenced by PushSecretRef.
When empty, defaults to the RenderArtifact's own namespace.
Set when the Registry lives in a different namespace from the Target (cross-namespace).
Optional: {}
registryFlavor string RegistryFlavor identifies the registry implementation (e.g. "zot", "harbor"). Optional: {}

RenderArtifactStatus

RenderArtifactStatus holds the observed state of a RenderArtifact.

Appears in: - RenderArtifact

Field Description Default Validation
chartURL string ChartURL is the fully-qualified OCI reference for this artifact. Optional: {}
conditions Condition array Conditions represent the latest available observations of a RenderArtifact's state. Optional: {}

RenderBinding

RenderBinding declares that a consumer resource (e.g. a Target) is using a RenderArtifact.

Appears in: - RenderBindingList

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata.
spec RenderBindingSpec

RenderBindingList

RenderBindingList contains a list of RenderBinding resources.

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ListMeta Refer to Kubernetes API documentation for fields of metadata.
items RenderBinding array

RenderBindingSpec

RenderBindingSpec links a consumer resource to a RenderArtifact for ref-counting.

Appears in: - RenderBinding

Field Description Default Validation
renderArtifactRef LocalObjectReference RenderArtifactRef is the name of the RenderArtifact in the same namespace.
ownerKind string OwnerKind is the kind of the consuming resource (e.g. "Target"). MinLength: 1
ownerName string OwnerName is the name of the consuming resource. MinLength: 1
ownerNamespace string OwnerNamespace is the namespace of the consuming resource. MinLength: 1

RenderTask

RenderTask manages a rendering job

Appears in: - RenderTaskList

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata.
spec RenderTaskSpec
status RenderTaskStatus

RenderTaskList

RenderTaskList contains a list of RenderTask resources.

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ListMeta Refer to Kubernetes API documentation for fields of metadata.
items RenderTask array

RenderTaskSpec

RenderTaskSpec holds the specification for a RenderTask

Appears in: - RenderTask

Field Description Default Validation
type RendererConfigType Type defines the output type of the renderer.
release ReleaseConfig ReleaseConfig is a config for a release.
bootstrap BootstrapConfig BootstrapConfig is a config for a bootstrap.
repository string Repository is the Repository where the chart will be pushed to (e.g. charts/mychart)
tag string Tag is the Tag of the helm chart to be pushed.
Make sure that the tag matches the version in Chart.yaml, otherwise helm
will error before pushing.
baseURL string BaseURL is the registry URL to push the rendered chart to (e.g. "registry.example.com:5000").
pushSecretRef LocalObjectReference PushSecretRef references a Secret in the same namespace with registry credentials
for pushing the rendered chart.
Optional: {}
failedJobTTL integer failedJobTTL is the TTL in seconds after which a failed render job and its secrets are cleaned up.
After this duration, the Kubernetes TTL controller will delete the Job and the controller will delete
the Secrets (ConfigSecret, AuthSecret). On success, Job and Secrets are deleted immediately.
If not set, defaults to 3600 (1 hour).
Optional: {}
ownerName string OwnerName is the name of the resource that created this RenderTask. MinLength: 1
ownerNamespace string OwnerNamespace is the namespace of the resource that created this RenderTask. MinLength: 1
ownerKind string OwnerKind is the kind of the resource that created this RenderTask (e.g. Release, Target). MinLength: 1

RenderTaskStatus

RenderTaskStatus holds the status of the rendering process

Appears in: - RenderTask

Field Description Default Validation
conditions Condition array Conditions represent the latest available observations of a RenderTask's state. Optional: {}
jobRef ObjectReference JobRef is a reference to the Job that is executing the rendering. Optional: {}
configSecretRef ObjectReference ConfigSecretRef is a reference to the Secret containing the renderer configuration. Optional: {}
chartURL string ChartURL represents the URL of where the rendered chart was pushed to. Optional: {}

RendererConfig

RendererConfig defines the configuration for the renderer.

Appears in: - RenderTaskSpec

Field Description Default Validation
type RendererConfigType Type defines the output type of the renderer.
release ReleaseConfig ReleaseConfig is a config for a release.
bootstrap BootstrapConfig BootstrapConfig is a config for a bootstrap.

RendererConfigType

Underlying type: string

RendererConfigType is the output type of the renderer.

Appears in: - RenderTaskSpec - RendererConfig

Field Description
bootstrap
release
profile

ResolvedResourceAccess

ResolvedResourceAccess extends ResourceAccess with pull secret information resolved from RegistryBindings at render time.

Appears in: - BootstrapInput - ReleaseInput

Field Description Default Validation
repository string Repository of the Resource.
insecure boolean Insecure switches TLS/HTTPS off if true
tag string Tag of the Resource.
helm HelmResourceMetadata Helm contains metadata for Helm chart resources, populated during discovery.
pullSecretName string PullSecretName is the name of the pull secret on the target cluster for
this resource's registry. Resolved from Registry.spec.targetPullSecretName
via RegistryBinding. Empty means anonymous pull.

ResourceAccess

ResourceAccess defines how a Resource can be accessed along with optional metadata.

Appears in: - ComponentVersionSpec

Field Description Default Validation
repository string Repository of the Resource.
insecure boolean Insecure switches TLS/HTTPS off if true
tag string Tag of the Resource.
helm HelmResourceMetadata Helm contains metadata for Helm chart resources, populated during discovery.

Target

Target represents a deployment target environment. It defines the intended state of releases and configuration for a specific deployment target, such as a cluster or environment.

Appears in: - TargetList

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata.
spec TargetSpec
status TargetStatus

TargetList

TargetList contains a list of Target resources.

Field Description Default Validation
kind string Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
Optional: {}
apiVersion string APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
Optional: {}
metadata ListMeta Refer to Kubernetes API documentation for fields of metadata.
items Target array

TargetSpec

TargetSpec defines the desired state of a Target. It specifies the render registry and configuration for this deployment target.

Appears in: - Target

Field Description Default Validation
renderRegistryRef LocalObjectReference RenderRegistryRef references the Registry to push rendered desired state to.
The referenced Registry must have SolarSecretRef set for rendering to succeed.
renderRegistryNamespace string RenderRegistryNamespace is the namespace of the Registry when it resides in a different
namespace than this Target. If empty, the Registry is assumed to be in the same namespace.
Cross-namespace references require a ReferenceGrant in the registry's namespace that grants
access to this Target's namespace.
Optional: {}
userdata RawExtension Userdata contains arbitrary custom data or configuration specific to this target.
This enables target-specific customization and deployment parameters.
Optional: {}

TargetStatus

TargetStatus defines the observed state of a Target.

Appears in: - Target

Field Description Default Validation
bootstrapVersion integer BootstrapVersion is a monotonically increasing counter used as the bootstrap
chart version. It is incremented each time the bootstrap chart is re-rendered,
e.g. when the set of bound releases changes.
Optional: {}
conditions Condition array Conditions represent the latest available observations of a Target's state. Optional: {}