starred/holos
1
0
Fork 0
mirror of https://github.com/holos-run/holos.git synced 2026-03-19 08:44:58 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

Compare commits

base: starred:v0.101.4
Branches Tags
starred:main starred:dependabot/go_modules/go_modules-a258281abc starred:dependabot/npm_and_yarn/doc/website/npm_and_yarn-495cad6dbb starred:dependabot/npm_and_yarn/doc/website/npm_and_yarn-31e1e7acf6 starred:jeff/v1alpha6-executor starred:jeff/435-examples starred:jeff/gemini-compare starred:jeff/compile-backup starred:jeff/xcue starred:jeff/command starred:kubeslice starred:jeff/406-unify-values starred:gl/embed-timoni-for-tests starred:jeff/378-kargo-topic starred:gl/helm-values-test-fixes starred:test starred:jeff/370-private-helm-repositories starred:jeff/371-helm-sdk starred:jeff/readme starred:jeff/327-brew-install starred:release starred:gl/311-setup-and-hello-holos starred:301-docs-structure-refactor starred:jeff/225-ko-release starred:jeff/try-holos
starred:v0.106.0 starred:v0.105.1 starred:v0.105.0 starred:v0.104.3 starred:v0.104.2 starred:v0.104.1 starred:v0.104.0 starred:v0.103.0 starred:v0.102.5 starred:v0.102.4 starred:v0.102.3 starred:v0.102.2 starred:v0.102.1 starred:v0.102.0 starred:v0.1.1 starred:v0.1.0 starred:v0.101.8 starred:v0.101.7 starred:v0.101.6 starred:v0.101.5 starred:v0.101.4 starred:v0.101.3 starred:v0.101.2 starred:v0.101.1 starred:v0.101.0 starred:v0.100.1 starred:v0.100.0 starred:v0.99.3 starred:v0.99.2 starred:v0.99.1 starred:v0.99.0 starred:v0.98.2 starred:v0.98.1 starred:v0.98.0 starred:v0.97.3 starred:v0.97.2 starred:v0.97.1 starred:v0.97.0 starred:v0.96.0 starred:v0.95.3 starred:v0.95.2 starred:v0.95.1 starred:v0.95.0 starred:v0.94.0 starred:v0.93.4 starred:v0.93.3 starred:v0.93.2 starred:v0.93.1 starred:v0.93.0 starred:v0.92.0 starred:v0.91.1 starred:v0.91.0 starred:v0.90.0 starred:v0.89.1 starred:v0.89.0 starred:v0.87.2 starred:v0.87.1 starred:v0.87.0 starred:v0.86.0 starred:v0.85.1 starred:v0.85.0 starred:v0.84.1 starred:v0.84.0 starred:v0.83.1 starred:v0.83.0 starred:v0.82.2 starred:v0.82.1 starred:v0.81.2 starred:v0.81.0 starred:v0.80.2 starred:v0.80.1 starred:v0.80.0 starred:v0.79.0 starred:v0.78.0 starred:v0.77.0 starred:v0.76.1 starred:v0.76.0 starred:v0.75.1 starred:v0.75.0 starred:v0.74.0 starred:v0.73.3 starred:v0.73.1 starred:v0.73.0 starred:v0.72.1 starred:v0.70.4 starred:v0.70.1 starred:v0.70.0 starred:v0.69.0 starred:v0.68.1 starred:v0.68.0 starred:v0.67.0 starred:v0.66.0 starred:v0.65.2 starred:v0.65.1 starred:v0.65.0 starred:v0.64.5 starred:v0.64.4 starred:v0.64.3 starred:v0.64.2 starred:v0.64.1 starred:v0.64.0 starred:v0.63.5 starred:v0.63.4 starred:v0.63.3 starred:v0.63.2 starred:v0.63.1 starred:v0.63.0 starred:v0.62.1 starred:v0.62.0 starred:v0.61.7 starred:v0.61.6 starred:v0.61.5 starred:v0.61.4 starred:v0.61.3 starred:v0.61.1 starred:v0.61.0 starred:v0.60.4 starred:v0.60.3 starred:v0.60.2 starred:v0.60.1 starred:v0.60.0 starred:v0.59.0 starred:v0.58.3 starred:v0.58.2 starred:v0.58.1 starred:v0.58.0 starred:v0.57.0 starred:v0.56.0 starred:v0.55.4 starred:v0.55.3 starred:v0.55.2 starred:v0.55.1 starred:v0.55.0 starred:v0.54.1 starred:v0.53.4 starred:v0.53.3 starred:v0.53.2 starred:v0.53.1 starred:v0.52.0 starred:v0.51.2 starred:v0.51.1 starred:v0.51.0 starred:v0.50.2 starred:v0.50.1 starred:v0.50.0 starred:v0.49.7 starred:v0.49.6 starred:v0.49.5 starred:v0.49.4 starred:v0.49.3 starred:v0.49.2 starred:v0.49.1 starred:v0.49.0 starred:v0.48.3 starred:v0.48.2 starred:v0.48.1 starred:v0.48.0 starred:v0.47.2 starred:v0.47.1 starred:v0.47.0 starred:v0.46.3 starred:v0.46.2 starred:v0.46.1 starred:v0.46.0 starred:v0.45.3 starred:v0.45.2 starred:v0.45.1 starred:v0.45.0 starred:v0.44.0 starred:v0.43.2 starred:v0.43.1 starred:v0.43.0 starred:v0.42.1 starred:v0.42.0 starred:v0.41.0 starred:v0.40.4 starred:v0.40.3 starred:v0.40.2 starred:v0.40.1 starred:v0.40.0
..
compare: starred:v0.101.5
Branches Tags
starred:dependabot/go_modules/go_modules-a258281abc starred:dependabot/npm_and_yarn/doc/website/npm_and_yarn-495cad6dbb starred:main starred:dependabot/npm_and_yarn/doc/website/npm_and_yarn-31e1e7acf6 starred:jeff/v1alpha6-executor starred:jeff/435-examples starred:jeff/gemini-compare starred:jeff/compile-backup starred:jeff/xcue starred:jeff/command starred:kubeslice starred:jeff/406-unify-values starred:gl/embed-timoni-for-tests starred:jeff/378-kargo-topic starred:gl/helm-values-test-fixes starred:test starred:jeff/370-private-helm-repositories starred:jeff/371-helm-sdk starred:jeff/readme starred:jeff/327-brew-install starred:release starred:gl/311-setup-and-hello-holos starred:301-docs-structure-refactor starred:jeff/225-ko-release starred:jeff/try-holos
starred:v0.106.0 starred:v0.105.1 starred:v0.105.0 starred:v0.104.3 starred:v0.104.2 starred:v0.104.1 starred:v0.104.0 starred:v0.103.0 starred:v0.102.5 starred:v0.102.4 starred:v0.102.3 starred:v0.102.2 starred:v0.102.1 starred:v0.102.0 starred:v0.1.1 starred:v0.1.0 starred:v0.101.8 starred:v0.101.7 starred:v0.101.6 starred:v0.101.5 starred:v0.101.4 starred:v0.101.3 starred:v0.101.2 starred:v0.101.1 starred:v0.101.0 starred:v0.100.1 starred:v0.100.0 starred:v0.99.3 starred:v0.99.2 starred:v0.99.1 starred:v0.99.0 starred:v0.98.2 starred:v0.98.1 starred:v0.98.0 starred:v0.97.3 starred:v0.97.2 starred:v0.97.1 starred:v0.97.0 starred:v0.96.0 starred:v0.95.3 starred:v0.95.2 starred:v0.95.1 starred:v0.95.0 starred:v0.94.0 starred:v0.93.4 starred:v0.93.3 starred:v0.93.2 starred:v0.93.1 starred:v0.93.0 starred:v0.92.0 starred:v0.91.1 starred:v0.91.0 starred:v0.90.0 starred:v0.89.1 starred:v0.89.0 starred:v0.87.2 starred:v0.87.1 starred:v0.87.0 starred:v0.86.0 starred:v0.85.1 starred:v0.85.0 starred:v0.84.1 starred:v0.84.0 starred:v0.83.1 starred:v0.83.0 starred:v0.82.2 starred:v0.82.1 starred:v0.81.2 starred:v0.81.0 starred:v0.80.2 starred:v0.80.1 starred:v0.80.0 starred:v0.79.0 starred:v0.78.0 starred:v0.77.0 starred:v0.76.1 starred:v0.76.0 starred:v0.75.1 starred:v0.75.0 starred:v0.74.0 starred:v0.73.3 starred:v0.73.1 starred:v0.73.0 starred:v0.72.1 starred:v0.70.4 starred:v0.70.1 starred:v0.70.0 starred:v0.69.0 starred:v0.68.1 starred:v0.68.0 starred:v0.67.0 starred:v0.66.0 starred:v0.65.2 starred:v0.65.1 starred:v0.65.0 starred:v0.64.5 starred:v0.64.4 starred:v0.64.3 starred:v0.64.2 starred:v0.64.1 starred:v0.64.0 starred:v0.63.5 starred:v0.63.4 starred:v0.63.3 starred:v0.63.2 starred:v0.63.1 starred:v0.63.0 starred:v0.62.1 starred:v0.62.0 starred:v0.61.7 starred:v0.61.6 starred:v0.61.5 starred:v0.61.4 starred:v0.61.3 starred:v0.61.1 starred:v0.61.0 starred:v0.60.4 starred:v0.60.3 starred:v0.60.2 starred:v0.60.1 starred:v0.60.0 starred:v0.59.0 starred:v0.58.3 starred:v0.58.2 starred:v0.58.1 starred:v0.58.0 starred:v0.57.0 starred:v0.56.0 starred:v0.55.4 starred:v0.55.3 starred:v0.55.2 starred:v0.55.1 starred:v0.55.0 starred:v0.54.1 starred:v0.53.4 starred:v0.53.3 starred:v0.53.2 starred:v0.53.1 starred:v0.52.0 starred:v0.51.2 starred:v0.51.1 starred:v0.51.0 starred:v0.50.2 starred:v0.50.1 starred:v0.50.0 starred:v0.49.7 starred:v0.49.6 starred:v0.49.5 starred:v0.49.4 starred:v0.49.3 starred:v0.49.2 starred:v0.49.1 starred:v0.49.0 starred:v0.48.3 starred:v0.48.2 starred:v0.48.1 starred:v0.48.0 starred:v0.47.2 starred:v0.47.1 starred:v0.47.0 starred:v0.46.3 starred:v0.46.2 starred:v0.46.1 starred:v0.46.0 starred:v0.45.3 starred:v0.45.2 starred:v0.45.1 starred:v0.45.0 starred:v0.44.0 starred:v0.43.2 starred:v0.43.1 starred:v0.43.0 starred:v0.42.1 starred:v0.42.0 starred:v0.41.0 starred:v0.40.4 starred:v0.40.3 starred:v0.40.2 starred:v0.40.1 starred:v0.40.0

3 Commits
v0.101.4 ... v0.101.5

Author SHA1 Message Date
Jeff McCune
5f658e0ba0 docs: add flux kustomization example (#374) 
Almost identical to the ArgoCD Application example.
 2024-12-08 19:20:12 -08:00
Jeff McCune
18b2850d3c platform: import flux custom resources 
kustomize build https://github.com/fluxcd/flux2/manifests/crds\?ref=v2.4.0 \
      timoni mod vendor crds -f-
 2024-12-08 19:03:18 -08:00
Jeff McCune
366a7fe93d docs: private helm repos need updated schemas (#370) 
Document the need to run holos init platform v1alpha5 --force to use the
private helm repository feature.
 2024-12-08 17:13:56 -08:00
38 changed files with 7268 additions and 1 deletions
Expand all files Collapse all files

1
.cspell.json
View File

@@ -99,6 +99,7 @@
"fieldmaskpb",
"fieldspec",
"flushcache",
"fluxcd",
"fullname",
"gatewayclass",
"gatewayclasses",

218
doc/md/topics/gitops/flux-kustomization.mdx Normal file
View File

@@ -0,0 +1,218 @@
---
slug: flux-kustomization
title: Flux Kustomization
description: Configuring a Kustomization for each Component.
sidebar_position: 120
---
import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';
import CommonComponent from '../../common/example-component.mdx';
import CommonComponentIntegrate from '../../common/example-component-integrate.mdx';
# Flux Kustomization
## Overview
This topic covers how to mix in a Flux Kustomization to all components. We'll
use the `Artifacts` field of [ComponentConfig] defined by the author schema.
## The Code
### Generating the structure
Use `holos` to generate a minimal platform directory structure. Start by
creating a blank directory to hold the platform configuration.
```shell
mkdir holos-flux-kustomization && cd holos-flux-kustomization
```
```shell
holos init platform v1alpha5
```
### Creating an example Component
<CommonComponent />
<CommonComponentIntegrate />
## Adding Flux Kustomizations
Configure Holos to render a [Kustomization] by defining an [Artifact] for it in
every BuildPlan holos produces. We're unifying our custom configuration with
the existing `#ComponentConfig` defined in `schema.cue`.
```bash
cat <<EOF >flux-kustomization.cue
```
```cue showLineNumbers
package holos
import (
"path"
flux "kustomize.toolkit.fluxcd.io/kustomization/v1"
)
#ComponentConfig: {
Name: _
OutputBaseDir: _
let ArtifactPath = path.Join([OutputBaseDir, "gitops", "\(Name).kustomization.gen.yaml"], path.Unix)
let ResourcesPath = path.Join(["deploy", OutputBaseDir, "components", Name], path.Unix)
Artifacts: "\(Name)-kustomization": {
artifact: ArtifactPath
generators: [{
kind: "Resources"
output: artifact
resources: Kustomization: (Name): flux.#Kustomization & {
metadata: name: Name
metadata: namespace: "default"
spec: {
interval: "5m"
timeout: "1m"
prune: true
path: ResourcesPath
sourceRef: {
kind: "GitRepository"
name: "webapp"
}
}
}
}]
}
}
```
```bash
EOF
```
## Inspecting the BuildPlan
Our customized `#ComponentConfig` results in the following `BuildPlan`.
:::note
The second artifact around line 40 contains the configured `Kustomization`
resource.
:::
<Tabs groupId="55075C71-02E8-4222-88C0-2D52C82D18FC">
<TabItem value="command" label="Command">
```bash
holos cue export --expression holos --out=yaml ./components/podinfo
```
</TabItem>
<TabItem value="output" label="Output">
```yaml showLineNumbers
kind: BuildPlan
apiVersion: v1alpha5
metadata:
name: podinfo
spec:
artifacts:
- artifact: components/podinfo/podinfo.gen.yaml
generators:
- kind: Helm
output: helm.gen.yaml
helm:
chart:
name: podinfo
version: 6.6.2
release: podinfo
repository:
name: podinfo
url: https://stefanprodan.github.io/podinfo
values:
ui:
message: Hello World
enableHooks: false
- kind: Resources
output: resources.gen.yaml
resources: {}
validators: []
transformers:
- kind: Kustomize
inputs:
- helm.gen.yaml
- resources.gen.yaml
output: components/podinfo/podinfo.gen.yaml
kustomize:
kustomization:
resources:
- helm.gen.yaml
- resources.gen.yaml
kind: Kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
- artifact: gitops/podinfo.kustomization.gen.yaml
generators:
- kind: Resources
output: gitops/podinfo.kustomization.gen.yaml
resources:
Kustomization:
podinfo:
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: podinfo
namespace: default
spec:
interval: 5m
path: deploy/components/podinfo
prune: true
sourceRef:
kind: GitRepository
name: webapp
timeout: 1m
```
</TabItem>
</Tabs>
## Rendering manifests
<Tabs groupId="E150C802-7162-4FBF-82A7-77D9ADAEE847">
<TabItem value="command" label="Command">
```bash
holos render platform
```
</TabItem>
<TabItem value="output" label="Output">
```
rendered podinfo in 140.341417ms
rendered platform in 140.441333ms
```
</TabItem>
</Tabs>
## Reviewing the Kustomization
The Artifact we added to `#ComponentConfig` will produce a Flux Kustomization
resource for every component in the platform. The output in this example is
located at:
```txt
deploy/gitops/podinfo.kustomization.gen.yaml
```
```yaml showLineNumbers
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: podinfo
namespace: default
spec:
interval: 5m
path: deploy/components/podinfo
prune: true
sourceRef:
kind: GitRepository
name: webapp
timeout: 1m
```
[podinfo]: https://github.com/stefanprodan/podinfo
[CUE Module]: https://cuelang.org/docs/reference/modules/
[CUE Tags]: https://cuelang.org/docs/howto/inject-value-into-evaluation-using-tag-attribute/
[Kustomization]: https://fluxcd.io/flux/components/kustomize/kustomizations/
[Platform]: ../../api/author.md#Platform
[ComponentConfig]: ../../api/author.md#ComponentConfig
[Artifact]: ../../api/core.md#Artifact

8
doc/md/topics/private-helm.mdx
View File

@@ -6,6 +6,14 @@ sidebar_position: 999
# Private Helm
Holos supports private Helm repositories accessed with http basic authentication
since `v0.101.4`. Use the following command to update your author and core
schemas to support this configuration.
```bash
holos init platform v1alpha5 --force
```
## Configuration
Holos uses the Helm SDK and defers to it for authentication to private

753
internal/generate/platforms/cue.mod/gen/helm.toolkit.fluxcd.io/helmrelease/v2/types_gen.cue Normal file
View File

@@ -0,0 +1,753 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v2
import "strings"
// HelmRelease is the Schema for the helmreleases API
#HelmRelease: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "helm.toolkit.fluxcd.io/v2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "HelmRelease"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// HelmReleaseSpec defines the desired state of a Helm release.
spec!: #HelmReleaseSpec
}
// HelmReleaseSpec defines the desired state of a Helm release.
#HelmReleaseSpec: {
// Chart defines the template of the v1.HelmChart that should be
// created
// for this HelmRelease.
chart?: {
// ObjectMeta holds the template for metadata like labels and
// annotations.
metadata?: {
// Annotations is an unstructured key value map stored with a
// resource that may be
// set by external tools to store and retrieve arbitrary metadata.
// They are not
// queryable and should be preserved when modifying objects.
// More info:
// https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
annotations?: {
[string]: string
}
// Map of string keys and values that can be used to organize and
// categorize
// (scope and select) objects.
// More info:
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
labels?: {
[string]: string
}
}
// Spec holds the template for the v1.HelmChartSpec for this
// HelmRelease.
spec: {
// The name or path the Helm chart is available at in the
// SourceRef.
chart: strings.MaxRunes(2048) & strings.MinRunes(1)
// IgnoreMissingValuesFiles controls whether to silently ignore
// missing values files rather than failing.
ignoreMissingValuesFiles?: bool
// Interval at which to check the v1.Source for updates. Defaults
// to
// 'HelmReleaseSpec.Interval'.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Determines what enables the creation of a new artifact. Valid
// values are
// ('ChartVersion', 'Revision').
// See the documentation of the values for an explanation on their
// behavior.
// Defaults to ChartVersion when omitted.
reconcileStrategy?: "ChartVersion" | "Revision" | *"ChartVersion"
// The name and namespace of the v1.Source the chart is available
// at.
sourceRef: {
// APIVersion of the referent.
apiVersion?: string
// Kind of the referent.
kind: "HelmRepository" | "GitRepository" | "Bucket"
// Name of the referent.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Namespace of the referent.
namespace?: strings.MaxRunes(63) & strings.MinRunes(1)
}
// Alternative list of values files to use as the chart values
// (values.yaml
// is not included by default), expected to be a relative path in
// the SourceRef.
// Values files are merged in the order of this list with the last
// file overriding
// the first. Ignored when omitted.
valuesFiles?: [...string]
// Verify contains the secret name containing the trusted public
// keys
// used to verify the signature and specifies which provider to
// use to check
// whether OCI image is authentic.
// This field is only supported for OCI sources.
// Chart dependencies, which are not bundled in the umbrella chart
// artifact,
// are not verified.
verify?: {
// Provider specifies the technology used to sign the OCI Helm
// chart.
provider: "cosign" | "notation" | *"cosign"
secretRef?: {
// Name of the referent.
name: string
}
}
// Version semver expression, ignored for charts from
// v1.GitRepository and
// v1beta2.Bucket sources. Defaults to latest when omitted.
version?: string | *"*"
}
}
// ChartRef holds a reference to a source controller resource
// containing the
// Helm chart artifact.
chartRef?: {
// APIVersion of the referent.
apiVersion?: string
// Kind of the referent.
kind: "OCIRepository" | "HelmChart"
// Name of the referent.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Namespace of the referent, defaults to the namespace of the
// Kubernetes
// resource object that contains the reference.
namespace?: strings.MaxRunes(63) & strings.MinRunes(1)
}
// DependsOn may contain a meta.NamespacedObjectReference slice
// with
// references to HelmRelease resources that must be ready before
// this HelmRelease
// can be reconciled.
dependsOn?: [...{
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// DriftDetection holds the configuration for detecting and
// handling
// differences between the manifest in the Helm storage and the
// resources
// currently existing in the cluster.
driftDetection?: {
// Ignore contains a list of rules for specifying which changes to
// ignore
// during diffing.
ignore?: [...{
// Paths is a list of JSON Pointer (RFC 6901) paths to be excluded
// from
// consideration in a Kubernetes object.
paths: [...string]
// Target is a selector for specifying Kubernetes objects to which
// this
// rule applies.
// If Target is not set, the Paths will be ignored for all
// Kubernetes
// objects within the manifest of the Helm release.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Mode defines how differences should be handled between the Helm
// manifest
// and the manifest currently applied to the cluster.
// If not explicitly set, it defaults to DiffModeDisabled.
mode?: "enabled" | "warn" | "disabled"
}
// Install holds the configuration for Helm install actions for
// this HelmRelease.
install?: {
// CRDs upgrade CRDs from the Helm Chart's crds directory
// according
// to the CRD upgrade policy provided here. Valid values are
// `Skip`,
// `Create` or `CreateReplace`. Default is `Create` and if omitted
// CRDs are installed but not updated.
//
// Skip: do neither install nor replace (update) any CRDs.
//
// Create: new CRDs are created, existing CRDs are neither updated
// nor deleted.
//
// CreateReplace: new CRDs are created, existing CRDs are updated
// (replaced)
// but not deleted.
//
// By default, CRDs are applied (installed) during Helm install
// action.
// With this option users can opt in to CRD replace existing CRDs
// on Helm
// install actions, which is not (yet) natively supported by Helm.
// https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
crds?: "Skip" | "Create" | "CreateReplace"
// CreateNamespace tells the Helm install action to create the
// HelmReleaseSpec.TargetNamespace if it does not exist yet.
// On uninstall, the namespace will not be garbage collected.
createNamespace?: bool
// DisableHooks prevents hooks from running during the Helm
// install action.
disableHooks?: bool
// DisableOpenAPIValidation prevents the Helm install action from
// validating
// rendered templates against the Kubernetes OpenAPI Schema.
disableOpenAPIValidation?: bool
// DisableSchemaValidation prevents the Helm install action from
// validating
// the values against the JSON Schema.
disableSchemaValidation?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// install has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// install has been performed.
disableWaitForJobs?: bool
// Remediation holds the remediation configuration for when the
// Helm install
// action for the HelmRelease fails. The default is to not perform
// any action.
remediation?: {
// IgnoreTestFailures tells the controller to skip remediation
// when the Helm
// tests are run after an install action but fail. Defaults to
// 'Test.IgnoreFailures'.
ignoreTestFailures?: bool
// RemediateLastFailure tells the controller to remediate the last
// failure, when
// no retries remain. Defaults to 'false'.
remediateLastFailure?: bool
// Retries is the number of retries that should be attempted on
// failures before
// bailing. Remediation, using an uninstall, is performed between
// each attempt.
// Defaults to '0', a negative integer equals to unlimited
// retries.
retries?: int
}
// Replace tells the Helm install action to re-use the
// 'ReleaseName', but only
// if that name is a deleted release which remains in the history.
replace?: bool
// SkipCRDs tells the Helm install action to not install any CRDs.
// By default,
// CRDs are installed if not already present.
//
// Deprecated use CRD policy (`crds`) attribute with value `Skip`
// instead.
skipCRDs?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm install
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Interval at which to reconcile the Helm release.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
kubeConfig?: {
// SecretRef holds the name of a secret that contains a key with
// the kubeconfig file as the value. If no key is set, the key
// will default
// to 'value'.
// It is recommended that the kubeconfig is self-contained, and
// the secret
// is regularly updated if credentials such as a
// cloud-access-token expire.
// Cloud specific `cmd-path` auth helpers will not function
// without adding
// binaries and credentials to the Pod that is responsible for
// reconciling
// Kubernetes resources.
secretRef: {
// Key in the Secret, when not specified an
// implementation-specific default key is used.
key?: string
// Name of the Secret.
name: string
}
}
// MaxHistory is the number of revisions saved by Helm for this
// HelmRelease.
// Use '0' for an unlimited number of revisions; defaults to '5'.
maxHistory?: int
// PersistentClient tells the controller to use a persistent
// Kubernetes
// client for this release. When enabled, the client will be
// reused for the
// duration of the reconciliation, instead of being created and
// destroyed
// for each (step of a) Helm action.
//
// This can improve performance, but may cause issues with some
// Helm charts
// that for example do create Custom Resource Definitions during
// installation
// outside Helm's CRD lifecycle hooks, which are then not observed
// to be
// available by e.g. post-install hooks.
//
// If not set, it defaults to true.
persistentClient?: bool
// PostRenderers holds an array of Helm PostRenderers, which will
// be applied in order
// of their definition.
postRenderers?: [...{
// Kustomization to apply as PostRenderer.
kustomize?: {
// Images is a list of (image name, new name, new tag or digest)
// for changing image names, tags or digests. This can also be
// achieved with a
// patch, but this operator is simpler to specify.
images?: [...{
// Digest is the value used to replace the original image tag.
// If digest is present NewTag value is ignored.
digest?: string
// Name is a tag-less image name.
name: string
// NewName is the value used to replace the original name.
newName?: string
// NewTag is the value used to replace the original tag.
newTag?: string
}]
// Strategic merge and JSON patches, defined as inline YAML
// objects,
// capable of targeting objects based on kind, label and
// annotation selectors.
patches?: [...{
// Patch contains an inline StrategicMerge patch or an inline
// JSON6902 patch with
// an array of operation objects.
patch: string
// Target points to the resources that the patch document should
// be applied to.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
}
}]
// ReleaseName used for the Helm release. Defaults to a
// composition of
// '[TargetNamespace-]Name'.
releaseName?: strings.MaxRunes(53) & strings.MinRunes(1)
// Rollback holds the configuration for Helm rollback actions for
// this HelmRelease.
rollback?: {
// CleanupOnFail allows deletion of new resources created during
// the Helm
// rollback action when it fails.
cleanupOnFail?: bool
// DisableHooks prevents hooks from running during the Helm
// rollback action.
disableHooks?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// rollback has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// rollback has been performed.
disableWaitForJobs?: bool
// Force forces resource updates through a replacement strategy.
force?: bool
// Recreate performs pod restarts for the resource if applicable.
recreate?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm rollback
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// The name of the Kubernetes service account to impersonate
// when reconciling this HelmRelease.
serviceAccountName?: strings.MaxRunes(253) & strings.MinRunes(1)
// StorageNamespace used for the Helm storage.
// Defaults to the namespace of the HelmRelease.
storageNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Suspend tells the controller to suspend reconciliation for this
// HelmRelease,
// it does not apply to already started reconciliations. Defaults
// to false.
suspend?: bool
// TargetNamespace to target when performing operations for the
// HelmRelease.
// Defaults to the namespace of the HelmRelease.
targetNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Test holds the configuration for Helm test actions for this
// HelmRelease.
test?: {
// Enable enables Helm test actions for this HelmRelease after an
// Helm install
// or upgrade action has been performed.
enable?: bool
// Filters is a list of tests to run or exclude from running.
filters?: [...{
// Exclude specifies whether the named test should be excluded.
exclude?: bool
// Name is the name of the test.
name: strings.MaxRunes(253) & strings.MinRunes(1)
}]
// IgnoreFailures tells the controller to skip remediation when
// the Helm tests
// are run but fail. Can be overwritten for tests run after
// install or upgrade
// actions in 'Install.IgnoreTestFailures' and
// 'Upgrade.IgnoreTestFailures'.
ignoreFailures?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation during
// the performance of a Helm test action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Timeout is the time to wait for any individual Kubernetes
// operation (like Jobs
// for hooks) during the performance of a Helm action. Defaults to
// '5m0s'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Uninstall holds the configuration for Helm uninstall actions
// for this HelmRelease.
uninstall?: {
// DeletionPropagation specifies the deletion propagation policy
// when
// a Helm uninstall is performed.
deletionPropagation?: "background" | "foreground" | "orphan" | *"background"
// DisableHooks prevents hooks from running during the Helm
// rollback action.
disableHooks?: bool
// DisableWait disables waiting for all the resources to be
// deleted after
// a Helm uninstall is performed.
disableWait?: bool
// KeepHistory tells Helm to remove all associated resources and
// mark the
// release as deleted, but retain the release history.
keepHistory?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm uninstall
// action. Defaults
// to 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Upgrade holds the configuration for Helm upgrade actions for
// this HelmRelease.
upgrade?: {
// CleanupOnFail allows deletion of new resources created during
// the Helm
// upgrade action when it fails.
cleanupOnFail?: bool
// CRDs upgrade CRDs from the Helm Chart's crds directory
// according
// to the CRD upgrade policy provided here. Valid values are
// `Skip`,
// `Create` or `CreateReplace`. Default is `Skip` and if omitted
// CRDs are neither installed nor upgraded.
//
// Skip: do neither install nor replace (update) any CRDs.
//
// Create: new CRDs are created, existing CRDs are neither updated
// nor deleted.
//
// CreateReplace: new CRDs are created, existing CRDs are updated
// (replaced)
// but not deleted.
//
// By default, CRDs are not applied during Helm upgrade action.
// With this
// option users can opt-in to CRD upgrade, which is not (yet)
// natively supported by Helm.
// https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
crds?: "Skip" | "Create" | "CreateReplace"
// DisableHooks prevents hooks from running during the Helm
// upgrade action.
disableHooks?: bool
// DisableOpenAPIValidation prevents the Helm upgrade action from
// validating
// rendered templates against the Kubernetes OpenAPI Schema.
disableOpenAPIValidation?: bool
// DisableSchemaValidation prevents the Helm upgrade action from
// validating
// the values against the JSON Schema.
disableSchemaValidation?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// upgrade has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// upgrade has been performed.
disableWaitForJobs?: bool
// Force forces resource updates through a replacement strategy.
force?: bool
// PreserveValues will make Helm reuse the last release's values
// and merge in
// overrides from 'Values'. Setting this flag makes the
// HelmRelease
// non-declarative.
preserveValues?: bool
// Remediation holds the remediation configuration for when the
// Helm upgrade
// action for the HelmRelease fails. The default is to not perform
// any action.
remediation?: {
// IgnoreTestFailures tells the controller to skip remediation
// when the Helm
// tests are run after an upgrade action but fail.
// Defaults to 'Test.IgnoreFailures'.
ignoreTestFailures?: bool
// RemediateLastFailure tells the controller to remediate the last
// failure, when
// no retries remain. Defaults to 'false' unless 'Retries' is
// greater than 0.
remediateLastFailure?: bool
// Retries is the number of retries that should be attempted on
// failures before
// bailing. Remediation, using 'Strategy', is performed between
// each attempt.
// Defaults to '0', a negative integer equals to unlimited
// retries.
retries?: int
// Strategy to use for failure remediation. Defaults to
// 'rollback'.
strategy?: "rollback" | "uninstall"
}
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm upgrade
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Values holds the values for this Helm release.
values?: _
// ValuesFrom holds references to resources containing Helm values
// for this HelmRelease,
// and information about how they should be merged.
valuesFrom?: [...{
// Kind of the values referent, valid values are ('Secret',
// 'ConfigMap').
kind: "Secret" | "ConfigMap"
// Name of the values referent. Should reside in the same
// namespace as the
// referring resource.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Optional marks this ValuesReference as optional. When set, a
// not found error
// for the values reference is ignored, but any ValuesKey,
// TargetPath or
// transient error will still result in a reconciliation failure.
optional?: bool
// TargetPath is the YAML dot notation path the value should be
// merged at. When
// set, the ValuesKey is expected to be a single flat value.
// Defaults to 'None',
// which results in the values getting merged at the root.
targetPath?: strings.MaxRunes(250) & {
=~"^([a-zA-Z0-9_\\-.\\\\\\/]|\\[[0-9]{1,5}\\])+$"
}
// ValuesKey is the data key where the values.yaml or a specific
// value can be
// found at. Defaults to 'values.yaml'.
valuesKey?: strings.MaxRunes(253) & {
=~"^[\\-._a-zA-Z0-9]+$"
}
}]
}

825
internal/generate/platforms/cue.mod/gen/helm.toolkit.fluxcd.io/helmrelease/v2beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,825 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v2beta1
import "strings"
// HelmRelease is the Schema for the helmreleases API
#HelmRelease: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "helm.toolkit.fluxcd.io/v2beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "HelmRelease"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// HelmReleaseSpec defines the desired state of a Helm release.
spec!: #HelmReleaseSpec
}
// HelmReleaseSpec defines the desired state of a Helm release.
#HelmReleaseSpec: {
// Chart defines the template of the v1beta2.HelmChart that should
// be created
// for this HelmRelease.
chart: {
// ObjectMeta holds the template for metadata like labels and
// annotations.
metadata?: {
// Annotations is an unstructured key value map stored with a
// resource that may be
// set by external tools to store and retrieve arbitrary metadata.
// They are not
// queryable and should be preserved when modifying objects.
// More info:
// https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
annotations?: {
[string]: string
}
// Map of string keys and values that can be used to organize and
// categorize
// (scope and select) objects.
// More info:
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
labels?: {
[string]: string
}
}
// Spec holds the template for the v1beta2.HelmChartSpec for this
// HelmRelease.
spec: {
// The name or path the Helm chart is available at in the
// SourceRef.
chart: string
// Interval at which to check the v1beta2.Source for updates.
// Defaults to
// 'HelmReleaseSpec.Interval'.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Determines what enables the creation of a new artifact. Valid
// values are
// ('ChartVersion', 'Revision').
// See the documentation of the values for an explanation on their
// behavior.
// Defaults to ChartVersion when omitted.
reconcileStrategy?: "ChartVersion" | "Revision" | *"ChartVersion"
// The name and namespace of the v1beta2.Source the chart is
// available at.
sourceRef: {
// APIVersion of the referent.
apiVersion?: string
// Kind of the referent.
kind: "HelmRepository" | "GitRepository" | "Bucket"
// Name of the referent.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Namespace of the referent.
namespace?: strings.MaxRunes(63) & strings.MinRunes(1)
}
// Alternative values file to use as the default chart values,
// expected to
// be a relative path in the SourceRef. Deprecated in favor of
// ValuesFiles,
// for backwards compatibility the file defined here is merged
// before the
// ValuesFiles items. Ignored when omitted.
valuesFile?: string
// Alternative list of values files to use as the chart values
// (values.yaml
// is not included by default), expected to be a relative path in
// the SourceRef.
// Values files are merged in the order of this list with the last
// file overriding
// the first. Ignored when omitted.
valuesFiles?: [...string]
// Verify contains the secret name containing the trusted public
// keys
// used to verify the signature and specifies which provider to
// use to check
// whether OCI image is authentic.
// This field is only supported for OCI sources.
// Chart dependencies, which are not bundled in the umbrella chart
// artifact, are not verified.
verify?: {
// Provider specifies the technology used to sign the OCI Helm
// chart.
provider: "cosign" | *"cosign"
secretRef?: {
// Name of the referent.
name: string
}
}
// Version semver expression, ignored for charts from
// v1beta2.GitRepository and
// v1beta2.Bucket sources. Defaults to latest when omitted.
version?: string | *"*"
}
}
// ChartRef holds a reference to a source controller resource
// containing the
// Helm chart artifact.
//
// Note: this field is provisional to the v2 API, and not actively
// used
// by v2beta1 HelmReleases.
chartRef?: {
// APIVersion of the referent.
apiVersion?: string
// Kind of the referent.
kind: "OCIRepository" | "HelmChart"
// Name of the referent.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Namespace of the referent, defaults to the namespace of the
// Kubernetes
// resource object that contains the reference.
namespace?: strings.MaxRunes(63) & strings.MinRunes(1)
}
// DependsOn may contain a meta.NamespacedObjectReference slice
// with
// references to HelmRelease resources that must be ready before
// this HelmRelease
// can be reconciled.
dependsOn?: [...{
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// DriftDetection holds the configuration for detecting and
// handling
// differences between the manifest in the Helm storage and the
// resources
// currently existing in the cluster.
//
// Note: this field is provisional to the v2beta2 API, and not
// actively used
// by v2beta1 HelmReleases.
driftDetection?: {
// Ignore contains a list of rules for specifying which changes to
// ignore
// during diffing.
ignore?: [...{
// Paths is a list of JSON Pointer (RFC 6901) paths to be excluded
// from
// consideration in a Kubernetes object.
paths: [...string]
// Target is a selector for specifying Kubernetes objects to which
// this
// rule applies.
// If Target is not set, the Paths will be ignored for all
// Kubernetes
// objects within the manifest of the Helm release.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Mode defines how differences should be handled between the Helm
// manifest
// and the manifest currently applied to the cluster.
// If not explicitly set, it defaults to DiffModeDisabled.
mode?: "enabled" | "warn" | "disabled"
}
// Install holds the configuration for Helm install actions for
// this HelmRelease.
install?: {
// CRDs upgrade CRDs from the Helm Chart's crds directory
// according
// to the CRD upgrade policy provided here. Valid values are
// `Skip`,
// `Create` or `CreateReplace`. Default is `Create` and if omitted
// CRDs are installed but not updated.
//
// Skip: do neither install nor replace (update) any CRDs.
//
// Create: new CRDs are created, existing CRDs are neither updated
// nor deleted.
//
// CreateReplace: new CRDs are created, existing CRDs are updated
// (replaced)
// but not deleted.
//
// By default, CRDs are applied (installed) during Helm install
// action.
// With this option users can opt-in to CRD replace existing CRDs
// on Helm
// install actions, which is not (yet) natively supported by Helm.
// https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
crds?: "Skip" | "Create" | "CreateReplace"
// CreateNamespace tells the Helm install action to create the
// HelmReleaseSpec.TargetNamespace if it does not exist yet.
// On uninstall, the namespace will not be garbage collected.
createNamespace?: bool
// DisableHooks prevents hooks from running during the Helm
// install action.
disableHooks?: bool
// DisableOpenAPIValidation prevents the Helm install action from
// validating
// rendered templates against the Kubernetes OpenAPI Schema.
disableOpenAPIValidation?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// install has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// install has been performed.
disableWaitForJobs?: bool
// Remediation holds the remediation configuration for when the
// Helm install
// action for the HelmRelease fails. The default is to not perform
// any action.
remediation?: {
// IgnoreTestFailures tells the controller to skip remediation
// when the Helm
// tests are run after an install action but fail. Defaults to
// 'Test.IgnoreFailures'.
ignoreTestFailures?: bool
// RemediateLastFailure tells the controller to remediate the last
// failure, when
// no retries remain. Defaults to 'false'.
remediateLastFailure?: bool
// Retries is the number of retries that should be attempted on
// failures before
// bailing. Remediation, using an uninstall, is performed between
// each attempt.
// Defaults to '0', a negative integer equals to unlimited
// retries.
retries?: int
}
// Replace tells the Helm install action to re-use the
// 'ReleaseName', but only
// if that name is a deleted release which remains in the history.
replace?: bool
// SkipCRDs tells the Helm install action to not install any CRDs.
// By default,
// CRDs are installed if not already present.
//
// Deprecated use CRD policy (`crds`) attribute with value `Skip`
// instead.
skipCRDs?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm install
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Interval at which to reconcile the Helm release.
// This interval is approximate and may be subject to jitter to
// ensure
// efficient use of resources.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
kubeConfig?: {
// SecretRef holds the name of a secret that contains a key with
// the kubeconfig file as the value. If no key is set, the key
// will default
// to 'value'.
// It is recommended that the kubeconfig is self-contained, and
// the secret
// is regularly updated if credentials such as a
// cloud-access-token expire.
// Cloud specific `cmd-path` auth helpers will not function
// without adding
// binaries and credentials to the Pod that is responsible for
// reconciling
// Kubernetes resources.
secretRef: {
// Key in the Secret, when not specified an
// implementation-specific default key is used.
key?: string
// Name of the Secret.
name: string
}
}
// MaxHistory is the number of revisions saved by Helm for this
// HelmRelease.
// Use '0' for an unlimited number of revisions; defaults to '10'.
maxHistory?: int
// PersistentClient tells the controller to use a persistent
// Kubernetes
// client for this release. When enabled, the client will be
// reused for the
// duration of the reconciliation, instead of being created and
// destroyed
// for each (step of a) Helm action.
//
// This can improve performance, but may cause issues with some
// Helm charts
// that for example do create Custom Resource Definitions during
// installation
// outside Helm's CRD lifecycle hooks, which are then not observed
// to be
// available by e.g. post-install hooks.
//
// If not set, it defaults to true.
persistentClient?: bool
// PostRenderers holds an array of Helm PostRenderers, which will
// be applied in order
// of their definition.
postRenderers?: [...{
// Kustomization to apply as PostRenderer.
kustomize?: {
// Images is a list of (image name, new name, new tag or digest)
// for changing image names, tags or digests. This can also be
// achieved with a
// patch, but this operator is simpler to specify.
images?: [...{
// Digest is the value used to replace the original image tag.
// If digest is present NewTag value is ignored.
digest?: string
// Name is a tag-less image name.
name: string
// NewName is the value used to replace the original name.
newName?: string
// NewTag is the value used to replace the original tag.
newTag?: string
}]
// Strategic merge and JSON patches, defined as inline YAML
// objects,
// capable of targeting objects based on kind, label and
// annotation selectors.
patches?: [...{
// Patch contains an inline StrategicMerge patch or an inline
// JSON6902 patch with
// an array of operation objects.
patch: string
// Target points to the resources that the patch document should
// be applied to.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// JSON 6902 patches, defined as inline YAML objects.
patchesJson6902?: [...{
// Patch contains the JSON6902 patch document with an array of
// operation objects.
patch: [...{
// From contains a JSON-pointer value that references a location
// within the target document where the operation is
// performed. The meaning of the value depends on the value of Op,
// and is NOT taken into account by all operations.
from?: string
// Op indicates the operation to perform. Its value MUST be one of
// "add", "remove", "replace", "move", "copy", or
// "test".
// https://datatracker.ietf.org/doc/html/rfc6902#section-4
op: "test" | "remove" | "add" | "replace" | "move" | "copy"
// Path contains the JSON-pointer value that references a location
// within the target document where the operation
// is performed. The meaning of the value depends on the value of
// Op.
path: string
// Value contains a valid JSON structure. The meaning of the value
// depends on the value of Op, and is NOT taken into
// account by all operations.
value?: _
}]
// Target points to the resources that the patch document should
// be applied to.
target: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Strategic merge patches, defined as inline YAML objects.
patchesStrategicMerge?: [...]
}
}]
// ReleaseName used for the Helm release. Defaults to a
// composition of
// '[TargetNamespace-]Name'.
releaseName?: strings.MaxRunes(53) & strings.MinRunes(1)
// Rollback holds the configuration for Helm rollback actions for
// this HelmRelease.
rollback?: {
// CleanupOnFail allows deletion of new resources created during
// the Helm
// rollback action when it fails.
cleanupOnFail?: bool
// DisableHooks prevents hooks from running during the Helm
// rollback action.
disableHooks?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// rollback has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// rollback has been performed.
disableWaitForJobs?: bool
// Force forces resource updates through a replacement strategy.
force?: bool
// Recreate performs pod restarts for the resource if applicable.
recreate?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm rollback
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// The name of the Kubernetes service account to impersonate
// when reconciling this HelmRelease.
serviceAccountName?: string
// StorageNamespace used for the Helm storage.
// Defaults to the namespace of the HelmRelease.
storageNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Suspend tells the controller to suspend reconciliation for this
// HelmRelease,
// it does not apply to already started reconciliations. Defaults
// to false.
suspend?: bool
// TargetNamespace to target when performing operations for the
// HelmRelease.
// Defaults to the namespace of the HelmRelease.
targetNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Test holds the configuration for Helm test actions for this
// HelmRelease.
test?: {
// Enable enables Helm test actions for this HelmRelease after an
// Helm install
// or upgrade action has been performed.
enable?: bool
// IgnoreFailures tells the controller to skip remediation when
// the Helm tests
// are run but fail. Can be overwritten for tests run after
// install or upgrade
// actions in 'Install.IgnoreTestFailures' and
// 'Upgrade.IgnoreTestFailures'.
ignoreFailures?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation during
// the performance of a Helm test action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Timeout is the time to wait for any individual Kubernetes
// operation (like Jobs
// for hooks) during the performance of a Helm action. Defaults to
// '5m0s'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Uninstall holds the configuration for Helm uninstall actions
// for this HelmRelease.
uninstall?: {
// DeletionPropagation specifies the deletion propagation policy
// when
// a Helm uninstall is performed.
deletionPropagation?: "background" | "foreground" | "orphan" | *"background"
// DisableHooks prevents hooks from running during the Helm
// rollback action.
disableHooks?: bool
// DisableWait disables waiting for all the resources to be
// deleted after
// a Helm uninstall is performed.
disableWait?: bool
// KeepHistory tells Helm to remove all associated resources and
// mark the
// release as deleted, but retain the release history.
keepHistory?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm uninstall
// action. Defaults
// to 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Upgrade holds the configuration for Helm upgrade actions for
// this HelmRelease.
upgrade?: {
// CleanupOnFail allows deletion of new resources created during
// the Helm
// upgrade action when it fails.
cleanupOnFail?: bool
// CRDs upgrade CRDs from the Helm Chart's crds directory
// according
// to the CRD upgrade policy provided here. Valid values are
// `Skip`,
// `Create` or `CreateReplace`. Default is `Skip` and if omitted
// CRDs are neither installed nor upgraded.
//
// Skip: do neither install nor replace (update) any CRDs.
//
// Create: new CRDs are created, existing CRDs are neither updated
// nor deleted.
//
// CreateReplace: new CRDs are created, existing CRDs are updated
// (replaced)
// but not deleted.
//
// By default, CRDs are not applied during Helm upgrade action.
// With this
// option users can opt-in to CRD upgrade, which is not (yet)
// natively supported by Helm.
// https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
crds?: "Skip" | "Create" | "CreateReplace"
// DisableHooks prevents hooks from running during the Helm
// upgrade action.
disableHooks?: bool
// DisableOpenAPIValidation prevents the Helm upgrade action from
// validating
// rendered templates against the Kubernetes OpenAPI Schema.
disableOpenAPIValidation?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// upgrade has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// upgrade has been performed.
disableWaitForJobs?: bool
// Force forces resource updates through a replacement strategy.
force?: bool
// PreserveValues will make Helm reuse the last release's values
// and merge in
// overrides from 'Values'. Setting this flag makes the
// HelmRelease
// non-declarative.
preserveValues?: bool
// Remediation holds the remediation configuration for when the
// Helm upgrade
// action for the HelmRelease fails. The default is to not perform
// any action.
remediation?: {
// IgnoreTestFailures tells the controller to skip remediation
// when the Helm
// tests are run after an upgrade action but fail.
// Defaults to 'Test.IgnoreFailures'.
ignoreTestFailures?: bool
// RemediateLastFailure tells the controller to remediate the last
// failure, when
// no retries remain. Defaults to 'false' unless 'Retries' is
// greater than 0.
remediateLastFailure?: bool
// Retries is the number of retries that should be attempted on
// failures before
// bailing. Remediation, using 'Strategy', is performed between
// each attempt.
// Defaults to '0', a negative integer equals to unlimited
// retries.
retries?: int
// Strategy to use for failure remediation. Defaults to
// 'rollback'.
strategy?: "rollback" | "uninstall"
}
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm upgrade
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Values holds the values for this Helm release.
values?: _
// ValuesFrom holds references to resources containing Helm values
// for this HelmRelease,
// and information about how they should be merged.
valuesFrom?: [...{
// Kind of the values referent, valid values are ('Secret',
// 'ConfigMap').
kind: "Secret" | "ConfigMap"
// Name of the values referent. Should reside in the same
// namespace as the
// referring resource.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Optional marks this ValuesReference as optional. When set, a
// not found error
// for the values reference is ignored, but any ValuesKey,
// TargetPath or
// transient error will still result in a reconciliation failure.
optional?: bool
// TargetPath is the YAML dot notation path the value should be
// merged at. When
// set, the ValuesKey is expected to be a single flat value.
// Defaults to 'None',
// which results in the values getting merged at the root.
targetPath?: strings.MaxRunes(250) & {
=~"^([a-zA-Z0-9_\\-.\\\\\\/]|\\[[0-9]{1,5}\\])+$"
}
// ValuesKey is the data key where the values.yaml or a specific
// value can be
// found at. Defaults to 'values.yaml'.
// When set, must be a valid Data Key, consisting of alphanumeric
// characters,
// '-', '_' or '.'.
valuesKey?: strings.MaxRunes(253) & {
=~"^[\\-._a-zA-Z0-9]+$"
}
}]
}

831
internal/generate/platforms/cue.mod/gen/helm.toolkit.fluxcd.io/helmrelease/v2beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,831 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v2beta2
import "strings"
// HelmRelease is the Schema for the helmreleases API
#HelmRelease: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "helm.toolkit.fluxcd.io/v2beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "HelmRelease"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// HelmReleaseSpec defines the desired state of a Helm release.
spec!: #HelmReleaseSpec
}
// HelmReleaseSpec defines the desired state of a Helm release.
#HelmReleaseSpec: {
// Chart defines the template of the v1beta2.HelmChart that should
// be created
// for this HelmRelease.
chart?: {
// ObjectMeta holds the template for metadata like labels and
// annotations.
metadata?: {
// Annotations is an unstructured key value map stored with a
// resource that may be
// set by external tools to store and retrieve arbitrary metadata.
// They are not
// queryable and should be preserved when modifying objects.
// More info:
// https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
annotations?: {
[string]: string
}
// Map of string keys and values that can be used to organize and
// categorize
// (scope and select) objects.
// More info:
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
labels?: {
[string]: string
}
}
// Spec holds the template for the v1beta2.HelmChartSpec for this
// HelmRelease.
spec: {
// The name or path the Helm chart is available at in the
// SourceRef.
chart: strings.MaxRunes(2048) & strings.MinRunes(1)
// IgnoreMissingValuesFiles controls whether to silently ignore
// missing values files rather than failing.
ignoreMissingValuesFiles?: bool
// Interval at which to check the v1.Source for updates. Defaults
// to
// 'HelmReleaseSpec.Interval'.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Determines what enables the creation of a new artifact. Valid
// values are
// ('ChartVersion', 'Revision').
// See the documentation of the values for an explanation on their
// behavior.
// Defaults to ChartVersion when omitted.
reconcileStrategy?: "ChartVersion" | "Revision" | *"ChartVersion"
// The name and namespace of the v1.Source the chart is available
// at.
sourceRef: {
// APIVersion of the referent.
apiVersion?: string
// Kind of the referent.
kind: "HelmRepository" | "GitRepository" | "Bucket"
// Name of the referent.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Namespace of the referent.
namespace?: strings.MaxRunes(63) & strings.MinRunes(1)
}
// Alternative values file to use as the default chart values,
// expected to
// be a relative path in the SourceRef. Deprecated in favor of
// ValuesFiles,
// for backwards compatibility the file defined here is merged
// before the
// ValuesFiles items. Ignored when omitted.
valuesFile?: string
// Alternative list of values files to use as the chart values
// (values.yaml
// is not included by default), expected to be a relative path in
// the SourceRef.
// Values files are merged in the order of this list with the last
// file overriding
// the first. Ignored when omitted.
valuesFiles?: [...string]
// Verify contains the secret name containing the trusted public
// keys
// used to verify the signature and specifies which provider to
// use to check
// whether OCI image is authentic.
// This field is only supported for OCI sources.
// Chart dependencies, which are not bundled in the umbrella chart
// artifact,
// are not verified.
verify?: {
// Provider specifies the technology used to sign the OCI Helm
// chart.
provider: "cosign" | "notation" | *"cosign"
secretRef?: {
// Name of the referent.
name: string
}
}
// Version semver expression, ignored for charts from
// v1beta2.GitRepository and
// v1beta2.Bucket sources. Defaults to latest when omitted.
version?: string | *"*"
}
}
// ChartRef holds a reference to a source controller resource
// containing the
// Helm chart artifact.
//
// Note: this field is provisional to the v2 API, and not actively
// used
// by v2beta2 HelmReleases.
chartRef?: {
// APIVersion of the referent.
apiVersion?: string
// Kind of the referent.
kind: "OCIRepository" | "HelmChart"
// Name of the referent.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Namespace of the referent, defaults to the namespace of the
// Kubernetes
// resource object that contains the reference.
namespace?: strings.MaxRunes(63) & strings.MinRunes(1)
}
// DependsOn may contain a meta.NamespacedObjectReference slice
// with
// references to HelmRelease resources that must be ready before
// this HelmRelease
// can be reconciled.
dependsOn?: [...{
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// DriftDetection holds the configuration for detecting and
// handling
// differences between the manifest in the Helm storage and the
// resources
// currently existing in the cluster.
driftDetection?: {
// Ignore contains a list of rules for specifying which changes to
// ignore
// during diffing.
ignore?: [...{
// Paths is a list of JSON Pointer (RFC 6901) paths to be excluded
// from
// consideration in a Kubernetes object.
paths: [...string]
// Target is a selector for specifying Kubernetes objects to which
// this
// rule applies.
// If Target is not set, the Paths will be ignored for all
// Kubernetes
// objects within the manifest of the Helm release.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Mode defines how differences should be handled between the Helm
// manifest
// and the manifest currently applied to the cluster.
// If not explicitly set, it defaults to DiffModeDisabled.
mode?: "enabled" | "warn" | "disabled"
}
// Install holds the configuration for Helm install actions for
// this HelmRelease.
install?: {
// CRDs upgrade CRDs from the Helm Chart's crds directory
// according
// to the CRD upgrade policy provided here. Valid values are
// `Skip`,
// `Create` or `CreateReplace`. Default is `Create` and if omitted
// CRDs are installed but not updated.
//
// Skip: do neither install nor replace (update) any CRDs.
//
// Create: new CRDs are created, existing CRDs are neither updated
// nor deleted.
//
// CreateReplace: new CRDs are created, existing CRDs are updated
// (replaced)
// but not deleted.
//
// By default, CRDs are applied (installed) during Helm install
// action.
// With this option users can opt in to CRD replace existing CRDs
// on Helm
// install actions, which is not (yet) natively supported by Helm.
// https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
crds?: "Skip" | "Create" | "CreateReplace"
// CreateNamespace tells the Helm install action to create the
// HelmReleaseSpec.TargetNamespace if it does not exist yet.
// On uninstall, the namespace will not be garbage collected.
createNamespace?: bool
// DisableHooks prevents hooks from running during the Helm
// install action.
disableHooks?: bool
// DisableOpenAPIValidation prevents the Helm install action from
// validating
// rendered templates against the Kubernetes OpenAPI Schema.
disableOpenAPIValidation?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// install has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// install has been performed.
disableWaitForJobs?: bool
// Remediation holds the remediation configuration for when the
// Helm install
// action for the HelmRelease fails. The default is to not perform
// any action.
remediation?: {
// IgnoreTestFailures tells the controller to skip remediation
// when the Helm
// tests are run after an install action but fail. Defaults to
// 'Test.IgnoreFailures'.
ignoreTestFailures?: bool
// RemediateLastFailure tells the controller to remediate the last
// failure, when
// no retries remain. Defaults to 'false'.
remediateLastFailure?: bool
// Retries is the number of retries that should be attempted on
// failures before
// bailing. Remediation, using an uninstall, is performed between
// each attempt.
// Defaults to '0', a negative integer equals to unlimited
// retries.
retries?: int
}
// Replace tells the Helm install action to re-use the
// 'ReleaseName', but only
// if that name is a deleted release which remains in the history.
replace?: bool
// SkipCRDs tells the Helm install action to not install any CRDs.
// By default,
// CRDs are installed if not already present.
//
// Deprecated use CRD policy (`crds`) attribute with value `Skip`
// instead.
skipCRDs?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm install
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Interval at which to reconcile the Helm release.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
kubeConfig?: {
// SecretRef holds the name of a secret that contains a key with
// the kubeconfig file as the value. If no key is set, the key
// will default
// to 'value'.
// It is recommended that the kubeconfig is self-contained, and
// the secret
// is regularly updated if credentials such as a
// cloud-access-token expire.
// Cloud specific `cmd-path` auth helpers will not function
// without adding
// binaries and credentials to the Pod that is responsible for
// reconciling
// Kubernetes resources.
secretRef: {
// Key in the Secret, when not specified an
// implementation-specific default key is used.
key?: string
// Name of the Secret.
name: string
}
}
// MaxHistory is the number of revisions saved by Helm for this
// HelmRelease.
// Use '0' for an unlimited number of revisions; defaults to '5'.
maxHistory?: int
// PersistentClient tells the controller to use a persistent
// Kubernetes
// client for this release. When enabled, the client will be
// reused for the
// duration of the reconciliation, instead of being created and
// destroyed
// for each (step of a) Helm action.
//
// This can improve performance, but may cause issues with some
// Helm charts
// that for example do create Custom Resource Definitions during
// installation
// outside Helm's CRD lifecycle hooks, which are then not observed
// to be
// available by e.g. post-install hooks.
//
// If not set, it defaults to true.
persistentClient?: bool
// PostRenderers holds an array of Helm PostRenderers, which will
// be applied in order
// of their definition.
postRenderers?: [...{
// Kustomization to apply as PostRenderer.
kustomize?: {
// Images is a list of (image name, new name, new tag or digest)
// for changing image names, tags or digests. This can also be
// achieved with a
// patch, but this operator is simpler to specify.
images?: [...{
// Digest is the value used to replace the original image tag.
// If digest is present NewTag value is ignored.
digest?: string
// Name is a tag-less image name.
name: string
// NewName is the value used to replace the original name.
newName?: string
// NewTag is the value used to replace the original tag.
newTag?: string
}]
// Strategic merge and JSON patches, defined as inline YAML
// objects,
// capable of targeting objects based on kind, label and
// annotation selectors.
patches?: [...{
// Patch contains an inline StrategicMerge patch or an inline
// JSON6902 patch with
// an array of operation objects.
patch: string
// Target points to the resources that the patch document should
// be applied to.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// JSON 6902 patches, defined as inline YAML objects.
// Deprecated: use Patches instead.
patchesJson6902?: [...{
// Patch contains the JSON6902 patch document with an array of
// operation objects.
patch: [...{
// From contains a JSON-pointer value that references a location
// within the target document where the operation is
// performed. The meaning of the value depends on the value of Op,
// and is NOT taken into account by all operations.
from?: string
// Op indicates the operation to perform. Its value MUST be one of
// "add", "remove", "replace", "move", "copy", or
// "test".
// https://datatracker.ietf.org/doc/html/rfc6902#section-4
op: "test" | "remove" | "add" | "replace" | "move" | "copy"
// Path contains the JSON-pointer value that references a location
// within the target document where the operation
// is performed. The meaning of the value depends on the value of
// Op.
path: string
// Value contains a valid JSON structure. The meaning of the value
// depends on the value of Op, and is NOT taken into
// account by all operations.
value?: _
}]
// Target points to the resources that the patch document should
// be applied to.
target: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Strategic merge patches, defined as inline YAML objects.
// Deprecated: use Patches instead.
patchesStrategicMerge?: [...]
}
}]
// ReleaseName used for the Helm release. Defaults to a
// composition of
// '[TargetNamespace-]Name'.
releaseName?: strings.MaxRunes(53) & strings.MinRunes(1)
// Rollback holds the configuration for Helm rollback actions for
// this HelmRelease.
rollback?: {
// CleanupOnFail allows deletion of new resources created during
// the Helm
// rollback action when it fails.
cleanupOnFail?: bool
// DisableHooks prevents hooks from running during the Helm
// rollback action.
disableHooks?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// rollback has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// rollback has been performed.
disableWaitForJobs?: bool
// Force forces resource updates through a replacement strategy.
force?: bool
// Recreate performs pod restarts for the resource if applicable.
recreate?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm rollback
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// The name of the Kubernetes service account to impersonate
// when reconciling this HelmRelease.
serviceAccountName?: strings.MaxRunes(253) & strings.MinRunes(1)
// StorageNamespace used for the Helm storage.
// Defaults to the namespace of the HelmRelease.
storageNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Suspend tells the controller to suspend reconciliation for this
// HelmRelease,
// it does not apply to already started reconciliations. Defaults
// to false.
suspend?: bool
// TargetNamespace to target when performing operations for the
// HelmRelease.
// Defaults to the namespace of the HelmRelease.
targetNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Test holds the configuration for Helm test actions for this
// HelmRelease.
test?: {
// Enable enables Helm test actions for this HelmRelease after an
// Helm install
// or upgrade action has been performed.
enable?: bool
// Filters is a list of tests to run or exclude from running.
filters?: [...{
// Exclude specifies whether the named test should be excluded.
exclude?: bool
// Name is the name of the test.
name: strings.MaxRunes(253) & strings.MinRunes(1)
}]
// IgnoreFailures tells the controller to skip remediation when
// the Helm tests
// are run but fail. Can be overwritten for tests run after
// install or upgrade
// actions in 'Install.IgnoreTestFailures' and
// 'Upgrade.IgnoreTestFailures'.
ignoreFailures?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation during
// the performance of a Helm test action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Timeout is the time to wait for any individual Kubernetes
// operation (like Jobs
// for hooks) during the performance of a Helm action. Defaults to
// '5m0s'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Uninstall holds the configuration for Helm uninstall actions
// for this HelmRelease.
uninstall?: {
// DeletionPropagation specifies the deletion propagation policy
// when
// a Helm uninstall is performed.
deletionPropagation?: "background" | "foreground" | "orphan" | *"background"
// DisableHooks prevents hooks from running during the Helm
// rollback action.
disableHooks?: bool
// DisableWait disables waiting for all the resources to be
// deleted after
// a Helm uninstall is performed.
disableWait?: bool
// KeepHistory tells Helm to remove all associated resources and
// mark the
// release as deleted, but retain the release history.
keepHistory?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm uninstall
// action. Defaults
// to 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Upgrade holds the configuration for Helm upgrade actions for
// this HelmRelease.
upgrade?: {
// CleanupOnFail allows deletion of new resources created during
// the Helm
// upgrade action when it fails.
cleanupOnFail?: bool
// CRDs upgrade CRDs from the Helm Chart's crds directory
// according
// to the CRD upgrade policy provided here. Valid values are
// `Skip`,
// `Create` or `CreateReplace`. Default is `Skip` and if omitted
// CRDs are neither installed nor upgraded.
//
// Skip: do neither install nor replace (update) any CRDs.
//
// Create: new CRDs are created, existing CRDs are neither updated
// nor deleted.
//
// CreateReplace: new CRDs are created, existing CRDs are updated
// (replaced)
// but not deleted.
//
// By default, CRDs are not applied during Helm upgrade action.
// With this
// option users can opt-in to CRD upgrade, which is not (yet)
// natively supported by Helm.
// https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
crds?: "Skip" | "Create" | "CreateReplace"
// DisableHooks prevents hooks from running during the Helm
// upgrade action.
disableHooks?: bool
// DisableOpenAPIValidation prevents the Helm upgrade action from
// validating
// rendered templates against the Kubernetes OpenAPI Schema.
disableOpenAPIValidation?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// upgrade has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// upgrade has been performed.
disableWaitForJobs?: bool
// Force forces resource updates through a replacement strategy.
force?: bool
// PreserveValues will make Helm reuse the last release's values
// and merge in
// overrides from 'Values'. Setting this flag makes the
// HelmRelease
// non-declarative.
preserveValues?: bool
// Remediation holds the remediation configuration for when the
// Helm upgrade
// action for the HelmRelease fails. The default is to not perform
// any action.
remediation?: {
// IgnoreTestFailures tells the controller to skip remediation
// when the Helm
// tests are run after an upgrade action but fail.
// Defaults to 'Test.IgnoreFailures'.
ignoreTestFailures?: bool
// RemediateLastFailure tells the controller to remediate the last
// failure, when
// no retries remain. Defaults to 'false' unless 'Retries' is
// greater than 0.
remediateLastFailure?: bool
// Retries is the number of retries that should be attempted on
// failures before
// bailing. Remediation, using 'Strategy', is performed between
// each attempt.
// Defaults to '0', a negative integer equals to unlimited
// retries.
retries?: int
// Strategy to use for failure remediation. Defaults to
// 'rollback'.
strategy?: "rollback" | "uninstall"
}
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm upgrade
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Values holds the values for this Helm release.
values?: _
// ValuesFrom holds references to resources containing Helm values
// for this HelmRelease,
// and information about how they should be merged.
valuesFrom?: [...{
// Kind of the values referent, valid values are ('Secret',
// 'ConfigMap').
kind: "Secret" | "ConfigMap"
// Name of the values referent. Should reside in the same
// namespace as the
// referring resource.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Optional marks this ValuesReference as optional. When set, a
// not found error
// for the values reference is ignored, but any ValuesKey,
// TargetPath or
// transient error will still result in a reconciliation failure.
optional?: bool
// TargetPath is the YAML dot notation path the value should be
// merged at. When
// set, the ValuesKey is expected to be a single flat value.
// Defaults to 'None',
// which results in the values getting merged at the root.
targetPath?: strings.MaxRunes(250) & {
=~"^([a-zA-Z0-9_\\-.\\\\\\/]|\\[[0-9]{1,5}\\])+$"
}
// ValuesKey is the data key where the values.yaml or a specific
// value can be
// found at. Defaults to 'values.yaml'.
valuesKey?: strings.MaxRunes(253) & {
=~"^[\\-._a-zA-Z0-9]+$"
}
}]
}

105
internal/generate/platforms/cue.mod/gen/image.toolkit.fluxcd.io/imagepolicy/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,105 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// ImagePolicy is the Schema for the imagepolicies API
#ImagePolicy: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "image.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "ImagePolicy"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ImagePolicySpec defines the parameters for calculating the
// ImagePolicy
spec!: #ImagePolicySpec
}
// ImagePolicySpec defines the parameters for calculating the
// ImagePolicy
#ImagePolicySpec: {
// FilterTags enables filtering for only a subset of tags based on
// a set of
// rules. If no rules are provided, all the tags from the
// repository will be
// ordered and compared.
filterTags?: {
// Extract allows a capture group to be extracted from the
// specified regular
// expression pattern, useful before tag evaluation.
extract?: string
// Pattern specifies a regular expression pattern used to filter
// for image
// tags.
pattern?: string
}
// ImageRepositoryRef points at the object specifying the image
// being scanned
imageRepositoryRef: {
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}
// Policy gives the particulars of the policy to be followed in
// selecting the most recent image
policy: {
alphabetical?: {
// Order specifies the sorting order of the tags. Given the
// letters of the
// alphabet as tags, ascending order would select Z, and
// descending order
// would select A.
order?: "asc" | "desc" | *"asc"
}
numerical?: {
// Order specifies the sorting order of the tags. Given the
// integer values
// from 0 to 9 as tags, ascending order would select 9, and
// descending order
// would select 0.
order?: "asc" | "desc" | *"asc"
}
semver?: {
// Range gives a semver range for the image tag; the highest
// version within the range that's a tag yields the latest image.
range: string
}
}
}

105
internal/generate/platforms/cue.mod/gen/image.toolkit.fluxcd.io/imagepolicy/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,105 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// ImagePolicy is the Schema for the imagepolicies API
#ImagePolicy: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "image.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "ImagePolicy"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ImagePolicySpec defines the parameters for calculating the
// ImagePolicy.
spec!: #ImagePolicySpec
}
// ImagePolicySpec defines the parameters for calculating the
// ImagePolicy.
#ImagePolicySpec: {
// FilterTags enables filtering for only a subset of tags based on
// a set of
// rules. If no rules are provided, all the tags from the
// repository will be
// ordered and compared.
filterTags?: {
// Extract allows a capture group to be extracted from the
// specified regular
// expression pattern, useful before tag evaluation.
extract?: string
// Pattern specifies a regular expression pattern used to filter
// for image
// tags.
pattern?: string
}
// ImageRepositoryRef points at the object specifying the image
// being scanned
imageRepositoryRef: {
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}
// Policy gives the particulars of the policy to be followed in
// selecting the most recent image
policy: {
alphabetical?: {
// Order specifies the sorting order of the tags. Given the
// letters of the
// alphabet as tags, ascending order would select Z, and
// descending order
// would select A.
order?: "asc" | "desc" | *"asc"
}
numerical?: {
// Order specifies the sorting order of the tags. Given the
// integer values
// from 0 to 9 as tags, ascending order would select 9, and
// descending order
// would select 0.
order?: "asc" | "desc" | *"asc"
}
semver?: {
// Range gives a semver range for the image tag; the highest
// version within the range that's a tag yields the latest image.
range: string
}
}
}

105
internal/generate/platforms/cue.mod/gen/image.toolkit.fluxcd.io/imagerepository/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,105 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// ImageRepository is the Schema for the imagerepositories API
#ImageRepository: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "image.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "ImageRepository"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ImageRepositorySpec defines the parameters for scanning an
// image
// repository, e.g., `fluxcd/flux`.
spec!: #ImageRepositorySpec
}
// ImageRepositorySpec defines the parameters for scanning an
// image
// repository, e.g., `fluxcd/flux`.
#ImageRepositorySpec: {
accessFrom?: {
// NamespaceSelectors is the list of namespace selectors to which
// this ACL applies.
// Items in this list are evaluated using a logical OR operation.
namespaceSelectors: [...{
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
}]
}
certSecretRef?: {
// Name of the referent.
name: string
}
// ExclusionList is a list of regex strings used to exclude
// certain tags
// from being stored in the database.
exclusionList?: [...string]
// Image is the name of the image repository
image: string
// Interval is the length of time to wait between
// scans of the image repository.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
secretRef?: {
// Name of the referent.
name: string
}
// ServiceAccountName is the name of the Kubernetes ServiceAccount
// used to authenticate
// the image pull if the service account has attached pull
// secrets.
serviceAccountName?: strings.MaxRunes(253)
// This flag tells the controller to suspend subsequent image
// scans.
// It does not apply to already started scans. Defaults to false.
suspend?: bool
// Timeout for image scanning.
// Defaults to 'Interval' duration.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
}

121
internal/generate/platforms/cue.mod/gen/image.toolkit.fluxcd.io/imagerepository/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,121 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import (
"strings"
"list"
)
// ImageRepository is the Schema for the imagerepositories API
#ImageRepository: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "image.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "ImageRepository"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ImageRepositorySpec defines the parameters for scanning an
// image
// repository, e.g., `fluxcd/flux`.
spec!: #ImageRepositorySpec
}
// ImageRepositorySpec defines the parameters for scanning an
// image
// repository, e.g., `fluxcd/flux`.
#ImageRepositorySpec: {
accessFrom?: {
// NamespaceSelectors is the list of namespace selectors to which
// this ACL applies.
// Items in this list are evaluated using a logical OR operation.
namespaceSelectors: [...{
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
}]
}
certSecretRef?: {
// Name of the referent.
name: string
}
// ExclusionList is a list of regex strings used to exclude
// certain tags
// from being stored in the database.
exclusionList?: list.MaxItems(25) & [...string] | *["^.*\\.sig$"]
// Image is the name of the image repository
image: string
// Insecure allows connecting to a non-TLS HTTP container
// registry.
insecure?: bool
// Interval is the length of time to wait between
// scans of the image repository.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// The provider used for authentication, can be 'aws', 'azure',
// 'gcp' or 'generic'.
// When not specified, defaults to 'generic'.
provider?: "generic" | "aws" | "azure" | "gcp" | *"generic"
proxySecretRef?: {
// Name of the referent.
name: string
}
secretRef?: {
// Name of the referent.
name: string
}
// ServiceAccountName is the name of the Kubernetes ServiceAccount
// used to authenticate
// the image pull if the service account has attached pull
// secrets.
serviceAccountName?: strings.MaxRunes(253)
// This flag tells the controller to suspend subsequent image
// scans.
// It does not apply to already started scans. Defaults to false.
suspend?: bool
// Timeout for image scanning.
// Defaults to 'Interval' duration.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
}

179
internal/generate/platforms/cue.mod/gen/image.toolkit.fluxcd.io/imageupdateautomation/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,179 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// ImageUpdateAutomation is the Schema for the
// imageupdateautomations API
#ImageUpdateAutomation: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "image.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "ImageUpdateAutomation"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ImageUpdateAutomationSpec defines the desired state of
// ImageUpdateAutomation
spec!: #ImageUpdateAutomationSpec
}
// ImageUpdateAutomationSpec defines the desired state of
// ImageUpdateAutomation
#ImageUpdateAutomationSpec: {
// GitSpec contains all the git-specific definitions. This is
// technically optional, but in practice mandatory until there are
// other kinds of source allowed.
git?: {
checkout?: {
// Reference gives a branch, tag or commit to clone from the Git
// repository.
ref: {
// Branch to check out, defaults to 'master' if no other field is
// defined.
branch?: string
// Commit SHA to check out, takes precedence over all reference
// fields.
//
// This can be combined with Branch to shallow clone the branch,
// in which
// the commit is expected to exist.
commit?: string
// Name of the reference to check out; takes precedence over
// Branch, Tag and SemVer.
//
// It must be a valid Git reference:
// https://git-scm.com/docs/git-check-ref-format#_description
// Examples: "refs/heads/main", "refs/tags/v0.1.0",
// "refs/pull/420/head", "refs/merge-requests/1/head"
name?: string
// SemVer tag expression to check out, takes precedence over Tag.
semver?: string
// Tag to check out, takes precedence over Branch.
tag?: string
}
}
// Commit specifies how to commit to the git repository.
commit: {
// Author gives the email and optionally the name to use as the
// author of commits.
author: {
// Email gives the email to provide when making a commit.
email: string
// Name gives the name to provide when making a commit.
name?: string
}
// MessageTemplate provides a template for the commit message,
// into which will be interpolated the details of the change made.
messageTemplate?: string
signingKey?: {
secretRef: {
// Name of the referent.
name: string
}
}
}
// Push specifies how and where to push commits made by the
// automation. If missing, commits are pushed (back) to
// `.spec.checkout.branch` or its default.
push?: {
// Branch specifies that commits should be pushed to the branch
// named. The branch is created using `.spec.checkout.branch` as
// the
// starting point, if it doesn't already exist.
branch?: string
// Options specifies the push options that are sent to the Git
// server when performing a push operation. For details, see:
// https://git-scm.com/docs/git-push#Documentation/git-push.txt---push-optionltoptiongt
options?: {
[string]: string
}
// Refspec specifies the Git Refspec to use for a push operation.
// If both Branch and Refspec are provided, then the commit is
// pushed
// to the branch and also using the specified refspec.
// For more details about Git Refspecs, see:
// https://git-scm.com/book/en/v2/Git-Internals-The-Refspec
refspec?: string
}
}
// Interval gives an lower bound for how often the automation
// run should be attempted.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// SourceRef refers to the resource giving access details
// to a git repository.
sourceRef: {
// API version of the referent.
apiVersion?: string
// Kind of the referent.
kind: "GitRepository" | *"GitRepository"
// Name of the referent.
name: string
// Namespace of the referent, defaults to the namespace of the
// Kubernetes resource object that contains the reference.
namespace?: string
}
// Suspend tells the controller to not run this automation, until
// it is unset (or set to false). Defaults to false.
suspend?: bool
// Update gives the specification for how to update the files in
// the repository. This can be left empty, to use the default
// value.
update?: {
// Path to the directory containing the manifests to be updated.
// Defaults to 'None', which translates to the root path
// of the GitRepositoryRef.
path?: string
// Strategy names the strategy to be used.
strategy: "Setters" | *"Setters"
} | *{
strategy: "Setters"
}
}

214
internal/generate/platforms/cue.mod/gen/image.toolkit.fluxcd.io/imageupdateautomation/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,214 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// ImageUpdateAutomation is the Schema for the
// imageupdateautomations API
#ImageUpdateAutomation: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "image.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "ImageUpdateAutomation"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ImageUpdateAutomationSpec defines the desired state of
// ImageUpdateAutomation
spec!: #ImageUpdateAutomationSpec
}
// ImageUpdateAutomationSpec defines the desired state of
// ImageUpdateAutomation
#ImageUpdateAutomationSpec: {
// GitSpec contains all the git-specific definitions. This is
// technically optional, but in practice mandatory until there are
// other kinds of source allowed.
git?: {
checkout?: {
// Reference gives a branch, tag or commit to clone from the Git
// repository.
ref: {
// Branch to check out, defaults to 'master' if no other field is
// defined.
branch?: string
// Commit SHA to check out, takes precedence over all reference
// fields.
//
// This can be combined with Branch to shallow clone the branch,
// in which
// the commit is expected to exist.
commit?: string
// Name of the reference to check out; takes precedence over
// Branch, Tag and SemVer.
//
// It must be a valid Git reference:
// https://git-scm.com/docs/git-check-ref-format#_description
// Examples: "refs/heads/main", "refs/tags/v0.1.0",
// "refs/pull/420/head", "refs/merge-requests/1/head"
name?: string
// SemVer tag expression to check out, takes precedence over Tag.
semver?: string
// Tag to check out, takes precedence over Branch.
tag?: string
}
}
// Commit specifies how to commit to the git repository.
commit: {
// Author gives the email and optionally the name to use as the
// author of commits.
author: {
// Email gives the email to provide when making a commit.
email: string
// Name gives the name to provide when making a commit.
name?: string
}
// MessageTemplate provides a template for the commit message,
// into which will be interpolated the details of the change made.
messageTemplate?: string
signingKey?: {
secretRef: {
// Name of the referent.
name: string
}
}
}
// Push specifies how and where to push commits made by the
// automation. If missing, commits are pushed (back) to
// `.spec.checkout.branch` or its default.
push?: {
// Branch specifies that commits should be pushed to the branch
// named. The branch is created using `.spec.checkout.branch` as
// the
// starting point, if it doesn't already exist.
branch?: string
// Options specifies the push options that are sent to the Git
// server when performing a push operation. For details, see:
// https://git-scm.com/docs/git-push#Documentation/git-push.txt---push-optionltoptiongt
options?: {
[string]: string
}
// Refspec specifies the Git Refspec to use for a push operation.
// If both Branch and Refspec are provided, then the commit is
// pushed
// to the branch and also using the specified refspec.
// For more details about Git Refspecs, see:
// https://git-scm.com/book/en/v2/Git-Internals-The-Refspec
refspec?: string
}
}
// Interval gives an lower bound for how often the automation
// run should be attempted.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// PolicySelector allows to filter applied policies based on
// labels.
// By default includes all policies in namespace.
policySelector?: {
// matchExpressions is a list of label selector requirements. The
// requirements are ANDed.
matchExpressions?: [...{
// key is the label key that the selector applies to.
key: string
// operator represents a key's relationship to a set of values.
// Valid operators are In, NotIn, Exists and DoesNotExist.
operator: string
// values is an array of string values. If the operator is In or
// NotIn,
// the values array must be non-empty. If the operator is Exists
// or DoesNotExist,
// the values array must be empty. This array is replaced during a
// strategic
// merge patch.
values?: [...string]
}]
// matchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
}
// SourceRef refers to the resource giving access details
// to a git repository.
sourceRef: {
// API version of the referent.
apiVersion?: string
// Kind of the referent.
kind: "GitRepository" | *"GitRepository"
// Name of the referent.
name: string
// Namespace of the referent, defaults to the namespace of the
// Kubernetes resource object that contains the reference.
namespace?: string
}
// Suspend tells the controller to not run this automation, until
// it is unset (or set to false). Defaults to false.
suspend?: bool
// Update gives the specification for how to update the files in
// the repository. This can be left empty, to use the default
// value.
update?: {
// Path to the directory containing the manifests to be updated.
// Defaults to 'None', which translates to the root path
// of the GitRepositoryRef.
path?: string
// Strategy names the strategy to be used.
strategy: "Setters" | *"Setters"
} | *{
strategy: "Setters"
}
}

326
internal/generate/platforms/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1/types_gen.cue Normal file
View File

@@ -0,0 +1,326 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1
import "strings"
// Kustomization is the Schema for the kustomizations API.
#Kustomization: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "kustomize.toolkit.fluxcd.io/v1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Kustomization"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// KustomizationSpec defines the configuration to calculate the
// desired state
// from a Source using Kustomize.
spec!: #KustomizationSpec
}
// KustomizationSpec defines the configuration to calculate the
// desired state
// from a Source using Kustomize.
#KustomizationSpec: {
// CommonMetadata specifies the common labels and annotations that
// are
// applied to all resources. Any existing label or annotation will
// be
// overridden if its key matches a common one.
commonMetadata?: {
// Annotations to be added to the object's metadata.
annotations?: {
[string]: string
}
// Labels to be added to the object's metadata.
labels?: {
[string]: string
}
}
// Components specifies relative paths to specifications of other
// Components.
components?: [...string]
// Decrypt Kubernetes secrets before applying them on the cluster.
decryption?: {
// Provider is the name of the decryption engine.
provider: "sops"
secretRef?: {
// Name of the referent.
name: string
}
}
// DependsOn may contain a meta.NamespacedObjectReference slice
// with references to Kustomization resources that must be ready
// before this
// Kustomization can be reconciled.
dependsOn?: [...{
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// Force instructs the controller to recreate resources
// when patching fails due to an immutable field change.
force?: bool | *false
// A list of resources to be included in the health assessment.
healthChecks?: [...{
// API version of the referent, if not specified the Kubernetes
// preferred version will be used.
apiVersion?: string
// Kind of the referent.
kind: string
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// Images is a list of (image name, new name, new tag or digest)
// for changing image names, tags or digests. This can also be
// achieved with a
// patch, but this operator is simpler to specify.
images?: [...{
// Digest is the value used to replace the original image tag.
// If digest is present NewTag value is ignored.
digest?: string
// Name is a tag-less image name.
name: string
// NewName is the value used to replace the original name.
newName?: string
// NewTag is the value used to replace the original tag.
newTag?: string
}]
// The interval at which to reconcile the Kustomization.
// This interval is approximate and may be subject to jitter to
// ensure
// efficient use of resources.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
kubeConfig?: {
// SecretRef holds the name of a secret that contains a key with
// the kubeconfig file as the value. If no key is set, the key
// will default
// to 'value'.
// It is recommended that the kubeconfig is self-contained, and
// the secret
// is regularly updated if credentials such as a
// cloud-access-token expire.
// Cloud specific `cmd-path` auth helpers will not function
// without adding
// binaries and credentials to the Pod that is responsible for
// reconciling
// Kubernetes resources.
secretRef: {
// Key in the Secret, when not specified an
// implementation-specific default key is used.
key?: string
// Name of the Secret.
name: string
}
}
// NamePrefix will prefix the names of all managed resources.
namePrefix?: strings.MaxRunes(200) & strings.MinRunes(1)
// NameSuffix will suffix the names of all managed resources.
nameSuffix?: strings.MaxRunes(200) & strings.MinRunes(1)
// Strategic merge and JSON patches, defined as inline YAML
// objects,
// capable of targeting objects based on kind, label and
// annotation selectors.
patches?: [...{
// Patch contains an inline StrategicMerge patch or an inline
// JSON6902 patch with
// an array of operation objects.
patch: string
// Target points to the resources that the patch document should
// be applied to.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Path to the directory containing the kustomization.yaml file,
// or the
// set of plain YAMLs a kustomization.yaml should be generated
// for.
// Defaults to 'None', which translates to the root path of the
// SourceRef.
path?: string
// PostBuild describes which actions to perform on the YAML
// manifest
// generated by building the kustomize overlay.
postBuild?: {
// Substitute holds a map of key/value pairs.
// The variables defined in your YAML manifests that match any of
// the keys
// defined in the map will be substituted with the set value.
// Includes support for bash string replacement functions
// e.g. ${var:=default}, ${var:position} and
// ${var/substring/replacement}.
substitute?: {
[string]: string
}
// SubstituteFrom holds references to ConfigMaps and Secrets
// containing
// the variables and their values to be substituted in the YAML
// manifests.
// The ConfigMap and the Secret data keys represent the var names,
// and they
// must match the vars declared in the manifests for the
// substitution to
// happen.
substituteFrom?: [...{
// Kind of the values referent, valid values are ('Secret',
// 'ConfigMap').
kind: "Secret" | "ConfigMap"
// Name of the values referent. Should reside in the same
// namespace as the
// referring resource.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Optional indicates whether the referenced resource must exist,
// or whether to
// tolerate its absence. If true and the referenced resource is
// absent, proceed
// as if the resource was present but empty, without any variables
// defined.
optional?: bool | *false
}]
}
// Prune enables garbage collection.
prune: bool
// The interval at which to retry a previously failed
// reconciliation.
// When not specified, the controller uses the
// KustomizationSpec.Interval
// value to retry failures.
retryInterval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// The name of the Kubernetes service account to impersonate
// when reconciling this Kustomization.
serviceAccountName?: string
// Reference of the source where the kustomization file is.
sourceRef: {
// API version of the referent.
apiVersion?: string
// Kind of the referent.
kind: "OCIRepository" | "GitRepository" | "Bucket"
// Name of the referent.
name: string
// Namespace of the referent, defaults to the namespace of the
// Kubernetes
// resource object that contains the reference.
namespace?: string
}
// This flag tells the controller to suspend subsequent kustomize
// executions,
// it does not apply to already started executions. Defaults to
// false.
suspend?: bool
// TargetNamespace sets or overrides the namespace in the
// kustomization.yaml file.
targetNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Timeout for validation, apply and health checking operations.
// Defaults to 'Interval' duration.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Wait instructs the controller to check the health of all the
// reconciled
// resources. When enabled, the HealthChecks are ignored. Defaults
// to false.
wait?: bool
}

343
internal/generate/platforms/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,343 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// Kustomization is the Schema for the kustomizations API.
#Kustomization: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "kustomize.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Kustomization"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// KustomizationSpec defines the desired state of a kustomization.
spec!: #KustomizationSpec
}
// KustomizationSpec defines the desired state of a kustomization.
#KustomizationSpec: {
// Decrypt Kubernetes secrets before applying them on the cluster.
decryption?: {
// Provider is the name of the decryption engine.
provider: "sops"
secretRef?: {
// Name of the referent.
name: string
}
}
// DependsOn may contain a meta.NamespacedObjectReference slice
// with references to Kustomization resources that must be ready
// before this
// Kustomization can be reconciled.
dependsOn?: [...{
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// Force instructs the controller to recreate resources
// when patching fails due to an immutable field change.
force?: bool | *false
// A list of resources to be included in the health assessment.
healthChecks?: [...{
// API version of the referent, if not specified the Kubernetes
// preferred version will be used.
apiVersion?: string
// Kind of the referent.
kind: string
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// Images is a list of (image name, new name, new tag or digest)
// for changing image names, tags or digests. This can also be
// achieved with a
// patch, but this operator is simpler to specify.
images?: [...{
// Digest is the value used to replace the original image tag.
// If digest is present NewTag value is ignored.
digest?: string
// Name is a tag-less image name.
name: string
// NewName is the value used to replace the original name.
newName?: string
// NewTag is the value used to replace the original tag.
newTag?: string
}]
// The interval at which to reconcile the Kustomization.
interval: string
kubeConfig?: {
secretRef: {
// Name of the referent.
name: string
}
}
// Strategic merge and JSON patches, defined as inline YAML
// objects,
// capable of targeting objects based on kind, label and
// annotation selectors.
patches?: [...{
// Patch contains an inline StrategicMerge patch or an inline
// JSON6902 patch with
// an array of operation objects.
patch: string
// Target points to the resources that the patch document should
// be applied to.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// JSON 6902 patches, defined as inline YAML objects.
patchesJson6902?: [...{
// Patch contains the JSON6902 patch document with an array of
// operation objects.
patch: [...{
// From contains a JSON-pointer value that references a location
// within the target document where the operation is
// performed. The meaning of the value depends on the value of Op,
// and is NOT taken into account by all operations.
from?: string
// Op indicates the operation to perform. Its value MUST be one of
// "add", "remove", "replace", "move", "copy", or
// "test".
// https://datatracker.ietf.org/doc/html/rfc6902#section-4
op: "test" | "remove" | "add" | "replace" | "move" | "copy"
// Path contains the JSON-pointer value that references a location
// within the target document where the operation
// is performed. The meaning of the value depends on the value of
// Op.
path: string
// Value contains a valid JSON structure. The meaning of the value
// depends on the value of Op, and is NOT taken into
// account by all operations.
value?: _
}]
// Target points to the resources that the patch document should
// be applied to.
target: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Strategic merge patches, defined as inline YAML objects.
patchesStrategicMerge?: [...]
// Path to the directory containing the kustomization.yaml file,
// or the
// set of plain YAMLs a kustomization.yaml should be generated
// for.
// Defaults to 'None', which translates to the root path of the
// SourceRef.
path?: string
// PostBuild describes which actions to perform on the YAML
// manifest
// generated by building the kustomize overlay.
postBuild?: {
// Substitute holds a map of key/value pairs.
// The variables defined in your YAML manifests
// that match any of the keys defined in the map
// will be substituted with the set value.
// Includes support for bash string replacement functions
// e.g. ${var:=default}, ${var:position} and
// ${var/substring/replacement}.
substitute?: {
[string]: string
}
// SubstituteFrom holds references to ConfigMaps and Secrets
// containing
// the variables and their values to be substituted in the YAML
// manifests.
// The ConfigMap and the Secret data keys represent the var names
// and they
// must match the vars declared in the manifests for the
// substitution to happen.
substituteFrom?: [...{
// Kind of the values referent, valid values are ('Secret',
// 'ConfigMap').
kind: "Secret" | "ConfigMap"
// Name of the values referent. Should reside in the same
// namespace as the
// referring resource.
name: strings.MaxRunes(253) & strings.MinRunes(1)
}]
}
// Prune enables garbage collection.
prune: bool
// The interval at which to retry a previously failed
// reconciliation.
// When not specified, the controller uses the
// KustomizationSpec.Interval
// value to retry failures.
retryInterval?: string
// The name of the Kubernetes service account to impersonate
// when reconciling this Kustomization.
serviceAccountName?: string
// Reference of the source where the kustomization file is.
sourceRef: {
// API version of the referent
apiVersion?: string
// Kind of the referent
kind: "GitRepository" | "Bucket"
// Name of the referent
name: string
// Namespace of the referent, defaults to the Kustomization
// namespace
namespace?: string
}
// This flag tells the controller to suspend subsequent kustomize
// executions,
// it does not apply to already started executions. Defaults to
// false.
suspend?: bool
// TargetNamespace sets or overrides the namespace in the
// kustomization.yaml file.
targetNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Timeout for validation, apply and health checking operations.
// Defaults to 'Interval' duration.
timeout?: string
// Validate the Kubernetes objects before applying them on the
// cluster.
// The validation strategy can be 'client' (local dry-run),
// 'server'
// (APIServer dry-run) or 'none'.
// When 'Force' is 'true', validation will fallback to 'client' if
// set to
// 'server' because server-side validation is not supported in
// this scenario.
validation?: "none" | "client" | "server"
}

389
internal/generate/platforms/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,389 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// Kustomization is the Schema for the kustomizations API.
#Kustomization: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "kustomize.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Kustomization"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// KustomizationSpec defines the configuration to calculate the
// desired state from a Source using Kustomize.
spec!: #KustomizationSpec
}
// KustomizationSpec defines the configuration to calculate the
// desired state from a Source using Kustomize.
#KustomizationSpec: {
// CommonMetadata specifies the common labels and annotations that
// are applied to all resources.
// Any existing label or annotation will be overridden if its key
// matches a common one.
commonMetadata?: {
// Annotations to be added to the object's metadata.
annotations?: {
[string]: string
}
// Labels to be added to the object's metadata.
labels?: {
[string]: string
}
}
// Components specifies relative paths to specifications of other
// Components.
components?: [...string]
// Decrypt Kubernetes secrets before applying them on the cluster.
decryption?: {
// Provider is the name of the decryption engine.
provider: "sops"
secretRef?: {
// Name of the referent.
name: string
}
}
// DependsOn may contain a meta.NamespacedObjectReference slice
// with references to Kustomization resources that must be ready
// before this
// Kustomization can be reconciled.
dependsOn?: [...{
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// Force instructs the controller to recreate resources
// when patching fails due to an immutable field change.
force?: bool | *false
// A list of resources to be included in the health assessment.
healthChecks?: [...{
// API version of the referent, if not specified the Kubernetes
// preferred version will be used.
apiVersion?: string
// Kind of the referent.
kind: string
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// Images is a list of (image name, new name, new tag or digest)
// for changing image names, tags or digests. This can also be
// achieved with a
// patch, but this operator is simpler to specify.
images?: [...{
// Digest is the value used to replace the original image tag.
// If digest is present NewTag value is ignored.
digest?: string
// Name is a tag-less image name.
name: string
// NewName is the value used to replace the original name.
newName?: string
// NewTag is the value used to replace the original tag.
newTag?: string
}]
// The interval at which to reconcile the Kustomization.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
kubeConfig?: {
// SecretRef holds the name of a secret that contains a key with
// the kubeconfig file as the value. If no key is set, the key
// will default
// to 'value'.
// It is recommended that the kubeconfig is self-contained, and
// the secret
// is regularly updated if credentials such as a
// cloud-access-token expire.
// Cloud specific `cmd-path` auth helpers will not function
// without adding
// binaries and credentials to the Pod that is responsible for
// reconciling
// Kubernetes resources.
secretRef: {
// Key in the Secret, when not specified an
// implementation-specific default key is used.
key?: string
// Name of the Secret.
name: string
}
}
// Strategic merge and JSON patches, defined as inline YAML
// objects,
// capable of targeting objects based on kind, label and
// annotation selectors.
patches?: [...{
// Patch contains an inline StrategicMerge patch or an inline
// JSON6902 patch with
// an array of operation objects.
patch: string
// Target points to the resources that the patch document should
// be applied to.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// JSON 6902 patches, defined as inline YAML objects.
// Deprecated: Use Patches instead.
patchesJson6902?: [...{
// Patch contains the JSON6902 patch document with an array of
// operation objects.
patch: [...{
// From contains a JSON-pointer value that references a location
// within the target document where the operation is
// performed. The meaning of the value depends on the value of Op,
// and is NOT taken into account by all operations.
from?: string
// Op indicates the operation to perform. Its value MUST be one of
// "add", "remove", "replace", "move", "copy", or
// "test".
// https://datatracker.ietf.org/doc/html/rfc6902#section-4
op: "test" | "remove" | "add" | "replace" | "move" | "copy"
// Path contains the JSON-pointer value that references a location
// within the target document where the operation
// is performed. The meaning of the value depends on the value of
// Op.
path: string
// Value contains a valid JSON structure. The meaning of the value
// depends on the value of Op, and is NOT taken into
// account by all operations.
value?: _
}]
// Target points to the resources that the patch document should
// be applied to.
target: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Strategic merge patches, defined as inline YAML objects.
// Deprecated: Use Patches instead.
patchesStrategicMerge?: [...]
// Path to the directory containing the kustomization.yaml file,
// or the
// set of plain YAMLs a kustomization.yaml should be generated
// for.
// Defaults to 'None', which translates to the root path of the
// SourceRef.
path?: string
// PostBuild describes which actions to perform on the YAML
// manifest
// generated by building the kustomize overlay.
postBuild?: {
// Substitute holds a map of key/value pairs.
// The variables defined in your YAML manifests
// that match any of the keys defined in the map
// will be substituted with the set value.
// Includes support for bash string replacement functions
// e.g. ${var:=default}, ${var:position} and
// ${var/substring/replacement}.
substitute?: {
[string]: string
}
// SubstituteFrom holds references to ConfigMaps and Secrets
// containing
// the variables and their values to be substituted in the YAML
// manifests.
// The ConfigMap and the Secret data keys represent the var names
// and they
// must match the vars declared in the manifests for the
// substitution to happen.
substituteFrom?: [...{
// Kind of the values referent, valid values are ('Secret',
// 'ConfigMap').
kind: "Secret" | "ConfigMap"
// Name of the values referent. Should reside in the same
// namespace as the
// referring resource.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Optional indicates whether the referenced resource must exist,
// or whether to
// tolerate its absence. If true and the referenced resource is
// absent, proceed
// as if the resource was present but empty, without any variables
// defined.
optional?: bool | *false
}]
}
// Prune enables garbage collection.
prune: bool
// The interval at which to retry a previously failed
// reconciliation.
// When not specified, the controller uses the
// KustomizationSpec.Interval
// value to retry failures.
retryInterval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// The name of the Kubernetes service account to impersonate
// when reconciling this Kustomization.
serviceAccountName?: string
// Reference of the source where the kustomization file is.
sourceRef: {
// API version of the referent.
apiVersion?: string
// Kind of the referent.
kind: "OCIRepository" | "GitRepository" | "Bucket"
// Name of the referent.
name: string
// Namespace of the referent, defaults to the namespace of the
// Kubernetes resource object that contains the reference.
namespace?: string
}
// This flag tells the controller to suspend subsequent kustomize
// executions,
// it does not apply to already started executions. Defaults to
// false.
suspend?: bool
// TargetNamespace sets or overrides the namespace in the
// kustomization.yaml file.
targetNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Timeout for validation, apply and health checking operations.
// Defaults to 'Interval' duration.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Deprecated: Not used in v1beta2.
validation?: "none" | "client" | "server"
// Wait instructs the controller to check the health of all the
// reconciled resources.
// When enabled, the HealthChecks are ignored. Defaults to false.
wait?: bool
}

96
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/alert/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,96 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// Alert is the Schema for the alerts API
#Alert: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Alert"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// AlertSpec defines an alerting rule for events involving a list
// of objects
spec!: #AlertSpec
}
// AlertSpec defines an alerting rule for events involving a list
// of objects
#AlertSpec: {
// Filter events based on severity, defaults to ('info').
// If set to 'info' no events will be filtered.
eventSeverity?: "info" | "error" | *"info"
// Filter events based on the involved objects.
eventSources: [...{
// API version of the referent
apiVersion?: string
// Kind of the referent
kind: "Bucket" | "GitRepository" | "Kustomization" | "HelmRelease" | "HelmChart" | "HelmRepository" | "ImageRepository" | "ImagePolicy" | "ImageUpdateAutomation" | "OCIRepository"
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
// Name of the referent
name: strings.MaxRunes(53) & strings.MinRunes(1)
// Namespace of the referent
namespace?: strings.MaxRunes(53) & strings.MinRunes(1)
}]
// A list of Golang regular expressions to be used for excluding
// messages.
exclusionList?: [...string]
providerRef: {
// Name of the referent.
name: string
}
// Short description of the impact and affected cluster.
summary?: string
// This flag tells the controller to suspend subsequent events
// dispatching.
// Defaults to false.
suspend?: bool
}

116
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/alert/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,116 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// Alert is the Schema for the alerts API
#Alert: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Alert"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// AlertSpec defines an alerting rule for events involving a list
// of objects.
spec!: #AlertSpec
}
// AlertSpec defines an alerting rule for events involving a list
// of objects.
#AlertSpec: {
// EventMetadata is an optional field for adding metadata to
// events dispatched by the
// controller. This can be used for enhancing the context of the
// event. If a field
// would override one already present on the original event as
// generated by the emitter,
// then the override doesn't happen, i.e. the original value is
// preserved, and an info
// log is printed.
eventMetadata?: {
[string]: string
}
// EventSeverity specifies how to filter events based on severity.
// If set to 'info' no events will be filtered.
eventSeverity?: "info" | "error" | *"info"
// EventSources specifies how to filter events based
// on the involved object kind, name and namespace.
eventSources: [...{
// API version of the referent
apiVersion?: string
// Kind of the referent
kind: "Bucket" | "GitRepository" | "Kustomization" | "HelmRelease" | "HelmChart" | "HelmRepository" | "ImageRepository" | "ImagePolicy" | "ImageUpdateAutomation" | "OCIRepository"
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
// MatchLabels requires the name to be set to `*`.
matchLabels?: {
[string]: string
}
// Name of the referent
// If multiple resources are targeted `*` may be set.
name: strings.MaxRunes(53) & strings.MinRunes(1)
// Namespace of the referent
namespace?: strings.MaxRunes(53) & strings.MinRunes(1)
}]
// ExclusionList specifies a list of Golang regular expressions
// to be used for excluding messages.
exclusionList?: [...string]
// InclusionList specifies a list of Golang regular expressions
// to be used for including messages.
inclusionList?: [...string]
providerRef: {
// Name of the referent.
name: string
}
// Summary holds a short description of the impact and affected
// cluster.
summary?: strings.MaxRunes(255)
// Suspend tells the controller to suspend subsequent
// events handling for this Alert.
suspend?: bool
}

116
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/alert/v1beta3/types_gen.cue Normal file
View File

@@ -0,0 +1,116 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta3
import "strings"
// Alert is the Schema for the alerts API
#Alert: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta3"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Alert"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// AlertSpec defines an alerting rule for events involving a list
// of objects.
spec!: #AlertSpec
}
// AlertSpec defines an alerting rule for events involving a list
// of objects.
#AlertSpec: {
// EventMetadata is an optional field for adding metadata to
// events dispatched by the
// controller. This can be used for enhancing the context of the
// event. If a field
// would override one already present on the original event as
// generated by the emitter,
// then the override doesn't happen, i.e. the original value is
// preserved, and an info
// log is printed.
eventMetadata?: {
[string]: string
}
// EventSeverity specifies how to filter events based on severity.
// If set to 'info' no events will be filtered.
eventSeverity?: "info" | "error" | *"info"
// EventSources specifies how to filter events based
// on the involved object kind, name and namespace.
eventSources: [...{
// API version of the referent
apiVersion?: string
// Kind of the referent
kind: "Bucket" | "GitRepository" | "Kustomization" | "HelmRelease" | "HelmChart" | "HelmRepository" | "ImageRepository" | "ImagePolicy" | "ImageUpdateAutomation" | "OCIRepository"
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
// MatchLabels requires the name to be set to `*`.
matchLabels?: {
[string]: string
}
// Name of the referent
// If multiple resources are targeted `*` may be set.
name: strings.MaxRunes(53) & strings.MinRunes(1)
// Namespace of the referent
namespace?: strings.MaxRunes(53) & strings.MinRunes(1)
}]
// ExclusionList specifies a list of Golang regular expressions
// to be used for excluding messages.
exclusionList?: [...string]
// InclusionList specifies a list of Golang regular expressions
// to be used for including messages.
inclusionList?: [...string]
providerRef: {
// Name of the referent.
name: string
}
// Summary holds a short description of the impact and affected
// cluster.
summary?: strings.MaxRunes(255)
// Suspend tells the controller to suspend subsequent
// events handling for this Alert.
suspend?: bool
}

80
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/provider/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,80 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// Provider is the Schema for the providers API
#Provider: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Provider"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ProviderSpec defines the desired state of Provider
spec!: #ProviderSpec
}
// ProviderSpec defines the desired state of Provider
#ProviderSpec: {
// HTTP/S webhook address of this provider
address?: =~"^(http|https)://"
certSecretRef?: {
// Name of the referent.
name: string
}
// Alert channel for this provider
channel?: string
// HTTP/S address of the proxy
proxy?: =~"^(http|https)://"
secretRef?: {
// Name of the referent.
name: string
}
// This flag tells the controller to suspend subsequent events
// handling.
// Defaults to false.
suspend?: bool
// Timeout for sending alerts to the provider.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
// Type of provider
type: "slack" | "discord" | "msteams" | "rocket" | "generic" | "generic-hmac" | "github" | "gitlab" | "bitbucket" | "azuredevops" | "googlechat" | "webex" | "sentry" | "azureeventhub" | "telegram" | "lark" | "matrix" | "opsgenie" | "alertmanager" | "grafana" | "githubdispatch"
// Bot username for this provider
username?: string
}

93
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/provider/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,93 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// Provider is the Schema for the providers API.
#Provider: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Provider"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ProviderSpec defines the desired state of the Provider.
spec!: #ProviderSpec
}
// ProviderSpec defines the desired state of the Provider.
#ProviderSpec: {
// Address specifies the endpoint, in a generic sense, to where
// alerts are sent.
// What kind of endpoint depends on the specific Provider type
// being used.
// For the generic Provider, for example, this is an HTTP/S
// address.
// For other Provider types this could be a project ID or a
// namespace.
address?: strings.MaxRunes(2048)
certSecretRef?: {
// Name of the referent.
name: string
}
// Channel specifies the destination channel where events should
// be posted.
channel?: strings.MaxRunes(2048)
// Interval at which to reconcile the Provider with its Secret
// references.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Proxy the HTTP/S address of the proxy server.
proxy?: strings.MaxRunes(2048) & {
=~"^(http|https)://.*$"
}
secretRef?: {
// Name of the referent.
name: string
}
// Suspend tells the controller to suspend subsequent
// events handling for this Provider.
suspend?: bool
// Timeout for sending alerts to the Provider.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
// Type specifies which Provider implementation to use.
type: "slack" | "discord" | "msteams" | "rocket" | "generic" | "generic-hmac" | "github" | "gitlab" | "gitea" | "bitbucketserver" | "bitbucket" | "azuredevops" | "googlechat" | "googlepubsub" | "webex" | "sentry" | "azureeventhub" | "telegram" | "lark" | "matrix" | "opsgenie" | "alertmanager" | "grafana" | "githubdispatch" | "pagerduty" | "datadog"
// Username specifies the name under which events are posted.
username?: strings.MaxRunes(2048)
}

94
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/provider/v1beta3/types_gen.cue Normal file
View File

@@ -0,0 +1,94 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta3
import "strings"
// Provider is the Schema for the providers API
#Provider: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta3"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Provider"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ProviderSpec defines the desired state of the Provider.
spec!: #ProviderSpec
}
// ProviderSpec defines the desired state of the Provider.
#ProviderSpec: {
// Address specifies the endpoint, in a generic sense, to where
// alerts are sent.
// What kind of endpoint depends on the specific Provider type
// being used.
// For the generic Provider, for example, this is an HTTP/S
// address.
// For other Provider types this could be a project ID or a
// namespace.
address?: strings.MaxRunes(2048)
certSecretRef?: {
// Name of the referent.
name: string
}
// Channel specifies the destination channel where events should
// be posted.
channel?: strings.MaxRunes(2048)
// Interval at which to reconcile the Provider with its Secret
// references.
// Deprecated and not used in v1beta3.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Proxy the HTTP/S address of the proxy server.
proxy?: strings.MaxRunes(2048) & {
=~"^(http|https)://.*$"
}
secretRef?: {
// Name of the referent.
name: string
}
// Suspend tells the controller to suspend subsequent
// events handling for this Provider.
suspend?: bool
// Timeout for sending alerts to the Provider.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
// Type specifies which Provider implementation to use.
type: "slack" | "discord" | "msteams" | "rocket" | "generic" | "generic-hmac" | "github" | "gitlab" | "gitea" | "bitbucketserver" | "bitbucket" | "azuredevops" | "googlechat" | "googlepubsub" | "webex" | "sentry" | "azureeventhub" | "telegram" | "lark" | "matrix" | "opsgenie" | "alertmanager" | "grafana" | "githubdispatch" | "pagerduty" | "datadog" | "nats"
// Username specifies the name under which events are posted.
username?: strings.MaxRunes(2048)
}

96
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/receiver/v1/types_gen.cue Normal file
View File

@@ -0,0 +1,96 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1
import "strings"
// Receiver is the Schema for the receivers API.
#Receiver: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Receiver"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ReceiverSpec defines the desired state of the Receiver.
spec!: #ReceiverSpec
}
// ReceiverSpec defines the desired state of the Receiver.
#ReceiverSpec: {
// Events specifies the list of event types to handle,
// e.g. 'push' for GitHub or 'Push Hook' for GitLab.
events?: [...string]
// Interval at which to reconcile the Receiver with its Secret
// references.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$" | *"10m"
// A list of resources to be notified about changes.
resources: [...{
// API version of the referent
apiVersion?: string
// Kind of the referent
kind: "Bucket" | "GitRepository" | "Kustomization" | "HelmRelease" | "HelmChart" | "HelmRepository" | "ImageRepository" | "ImagePolicy" | "ImageUpdateAutomation" | "OCIRepository"
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
// MatchLabels requires the name to be set to `*`.
matchLabels?: {
[string]: string
}
// Name of the referent
// If multiple resources are targeted `*` may be set.
name: strings.MaxRunes(53) & strings.MinRunes(1)
// Namespace of the referent
namespace?: strings.MaxRunes(53) & strings.MinRunes(1)
}]
secretRef: {
// Name of the referent.
name: string
}
// Suspend tells the controller to suspend subsequent
// events handling for this receiver.
suspend?: bool
// Type of webhook sender, used to determine
// the validation procedure and payload deserialization.
type: "generic" | "generic-hmac" | "github" | "gitlab" | "bitbucket" | "harbor" | "dockerhub" | "quay" | "gcr" | "nexus" | "acr" | "cdevents"
}

91
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/receiver/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,91 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// Receiver is the Schema for the receivers API
#Receiver: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Receiver"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ReceiverSpec defines the desired state of Receiver
spec!: #ReceiverSpec
}
// ReceiverSpec defines the desired state of Receiver
#ReceiverSpec: {
// A list of events to handle,
// e.g. 'push' for GitHub or 'Push Hook' for GitLab.
events?: [...string]
// A list of resources to be notified about changes.
resources: [...{
// API version of the referent
apiVersion?: string
// Kind of the referent
kind: "Bucket" | "GitRepository" | "Kustomization" | "HelmRelease" | "HelmChart" | "HelmRepository" | "ImageRepository" | "ImagePolicy" | "ImageUpdateAutomation" | "OCIRepository"
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
// Name of the referent
name: strings.MaxRunes(53) & strings.MinRunes(1)
// Namespace of the referent
namespace?: strings.MaxRunes(53) & strings.MinRunes(1)
}]
secretRef: {
// Name of the referent.
name: string
}
// This flag tells the controller to suspend subsequent events
// handling.
// Defaults to false.
suspend?: bool
// Type of webhook sender, used to determine
// the validation procedure and payload deserialization.
type: "generic" | "generic-hmac" | "github" | "gitlab" | "bitbucket" | "harbor" | "dockerhub" | "quay" | "gcr" | "nexus" | "acr"
}

96
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/receiver/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,96 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// Receiver is the Schema for the receivers API.
#Receiver: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Receiver"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ReceiverSpec defines the desired state of the Receiver.
spec!: #ReceiverSpec
}
// ReceiverSpec defines the desired state of the Receiver.
#ReceiverSpec: {
// Events specifies the list of event types to handle,
// e.g. 'push' for GitHub or 'Push Hook' for GitLab.
events?: [...string]
// Interval at which to reconcile the Receiver with its Secret
// references.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// A list of resources to be notified about changes.
resources: [...{
// API version of the referent
apiVersion?: string
// Kind of the referent
kind: "Bucket" | "GitRepository" | "Kustomization" | "HelmRelease" | "HelmChart" | "HelmRepository" | "ImageRepository" | "ImagePolicy" | "ImageUpdateAutomation" | "OCIRepository"
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
// MatchLabels requires the name to be set to `*`.
matchLabels?: {
[string]: string
}
// Name of the referent
// If multiple resources are targeted `*` may be set.
name: strings.MaxRunes(53) & strings.MinRunes(1)
// Namespace of the referent
namespace?: strings.MaxRunes(53) & strings.MinRunes(1)
}]
secretRef: {
// Name of the referent.
name: string
}
// Suspend tells the controller to suspend subsequent
// events handling for this receiver.
suspend?: bool
// Type of webhook sender, used to determine
// the validation procedure and payload deserialization.
type: "generic" | "generic-hmac" | "github" | "gitlab" | "bitbucket" | "harbor" | "dockerhub" | "quay" | "gcr" | "nexus" | "acr"
}

135
internal/generate/platforms/cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1/types_gen.cue Normal file
View File

@@ -0,0 +1,135 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1
import "strings"
// Bucket is the Schema for the buckets API.
#Bucket: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "source.toolkit.fluxcd.io/v1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Bucket"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// BucketSpec specifies the required configuration to produce an
// Artifact for
// an object storage bucket.
spec!: #BucketSpec
}
// BucketSpec specifies the required configuration to produce an
// Artifact for
// an object storage bucket.
#BucketSpec: {
// BucketName is the name of the object storage bucket.
bucketName: string
certSecretRef?: {
// Name of the referent.
name: string
}
// Endpoint is the object storage address the BucketName is
// located at.
endpoint: string
// Ignore overrides the set of excluded patterns in the
// .sourceignore format
// (which is the same as .gitignore). If not provided, a default
// will be used,
// consult the documentation for your version to find out what
// those are.
ignore?: string
// Insecure allows connecting to a non-TLS HTTP Endpoint.
insecure?: bool
// Interval at which the Bucket Endpoint is checked for updates.
// This interval is approximate and may be subject to jitter to
// ensure
// efficient use of resources.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Prefix to use for server-side filtering of files in the Bucket.
prefix?: string
// Provider of the object storage bucket.
// Defaults to 'generic', which expects an S3 (API) compatible
// object
// storage.
provider?: "generic" | "aws" | "gcp" | "azure" | *"generic"
proxySecretRef?: {
// Name of the referent.
name: string
}
// Region of the Endpoint where the BucketName is located in.
region?: string
secretRef?: {
// Name of the referent.
name: string
}
// STS specifies the required configuration to use a Security
// Token
// Service for fetching temporary credentials to authenticate in a
// Bucket provider.
//
// This field is only supported for the `aws` and `generic`
// providers.
sts?: {
certSecretRef?: {
// Name of the referent.
name: string
}
// Endpoint is the HTTP/S endpoint of the Security Token Service
// from
// where temporary credentials will be fetched.
endpoint: =~"^(http|https)://.*$"
// Provider of the Security Token Service.
provider: "aws" | "ldap"
secretRef?: {
// Name of the referent.
name: string
}
}
// Suspend tells the controller to suspend the reconciliation of
// this
// Bucket.
suspend?: bool
// Timeout for fetch operations, defaults to 60s.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$" | *"60s"
}

103
internal/generate/platforms/cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,103 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// Bucket is the Schema for the buckets API
#Bucket: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "source.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Bucket"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// BucketSpec defines the desired state of an S3 compatible bucket
spec!: #BucketSpec
}
// BucketSpec defines the desired state of an S3 compatible bucket
#BucketSpec: {
accessFrom?: {
// NamespaceSelectors is the list of namespace selectors to which
// this ACL applies.
// Items in this list are evaluated using a logical OR operation.
namespaceSelectors: [...{
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
}]
}
// The bucket name.
bucketName: string
// The bucket endpoint address.
endpoint: string
// Ignore overrides the set of excluded patterns in the
// .sourceignore format
// (which is the same as .gitignore). If not provided, a default
// will be used,
// consult the documentation for your version to find out what
// those are.
ignore?: string
// Insecure allows connecting to a non-TLS S3 HTTP endpoint.
insecure?: bool
// The interval at which to check for bucket updates.
interval: string
// The S3 compatible storage provider name, default ('generic').
provider?: "generic" | "aws" | "gcp" | *"generic"
// The bucket region.
region?: string
secretRef?: {
// Name of the referent.
name: string
}
// This flag tells the controller to suspend the reconciliation of
// this source.
suspend?: bool
// The timeout for download operations, defaults to 60s.
timeout?: string | *"60s"
}

152
internal/generate/platforms/cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,152 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// Bucket is the Schema for the buckets API.
#Bucket: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "source.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Bucket"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// BucketSpec specifies the required configuration to produce an
// Artifact for
// an object storage bucket.
spec!: #BucketSpec
}
// BucketSpec specifies the required configuration to produce an
// Artifact for
// an object storage bucket.
#BucketSpec: {
accessFrom?: {
// NamespaceSelectors is the list of namespace selectors to which
// this ACL applies.
// Items in this list are evaluated using a logical OR operation.
namespaceSelectors: [...{
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
}]
}
// BucketName is the name of the object storage bucket.
bucketName: string
certSecretRef?: {
// Name of the referent.
name: string
}
// Endpoint is the object storage address the BucketName is
// located at.
endpoint: string
// Ignore overrides the set of excluded patterns in the
// .sourceignore format
// (which is the same as .gitignore). If not provided, a default
// will be used,
// consult the documentation for your version to find out what
// those are.
ignore?: string
// Insecure allows connecting to a non-TLS HTTP Endpoint.
insecure?: bool
// Interval at which the Bucket Endpoint is checked for updates.
// This interval is approximate and may be subject to jitter to
// ensure
// efficient use of resources.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Prefix to use for server-side filtering of files in the Bucket.
prefix?: string
// Provider of the object storage bucket.
// Defaults to 'generic', which expects an S3 (API) compatible
// object
// storage.
provider?: "generic" | "aws" | "gcp" | "azure" | *"generic"
proxySecretRef?: {
// Name of the referent.
name: string
}
// Region of the Endpoint where the BucketName is located in.
region?: string
secretRef?: {
// Name of the referent.
name: string
}
// STS specifies the required configuration to use a Security
// Token
// Service for fetching temporary credentials to authenticate in a
// Bucket provider.
//
// This field is only supported for the `aws` and `generic`
// providers.
sts?: {
certSecretRef?: {
// Name of the referent.
name: string
}
// Endpoint is the HTTP/S endpoint of the Security Token Service
// from
// where temporary credentials will be fetched.
endpoint: =~"^(http|https)://.*$"
// Provider of the Security Token Service.
provider: "aws" | "ldap"
secretRef?: {
// Name of the referent.
name: string
}
}
// Suspend tells the controller to suspend the reconciliation of
// this
// Bucket.
suspend?: bool
// Timeout for fetch operations, defaults to 60s.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$" | *"60s"
}

167
internal/generate/platforms/cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1/types_gen.cue Normal file
View File

@@ -0,0 +1,167 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1
import "strings"
// GitRepository is the Schema for the gitrepositories API.
#GitRepository: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "source.toolkit.fluxcd.io/v1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "GitRepository"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// GitRepositorySpec specifies the required configuration to
// produce an
// Artifact for a Git repository.
spec!: #GitRepositorySpec
}
// GitRepositorySpec specifies the required configuration to
// produce an
// Artifact for a Git repository.
#GitRepositorySpec: {
// Ignore overrides the set of excluded patterns in the
// .sourceignore format
// (which is the same as .gitignore). If not provided, a default
// will be used,
// consult the documentation for your version to find out what
// those are.
ignore?: string
// Include specifies a list of GitRepository resources which
// Artifacts
// should be included in the Artifact produced for this
// GitRepository.
include?: [...{
// FromPath specifies the path to copy contents from, defaults to
// the root
// of the Artifact.
fromPath?: string
repository: {
// Name of the referent.
name: string
}
// ToPath specifies the path to copy contents to, defaults to the
// name of
// the GitRepositoryRef.
toPath?: string
}]
// Interval at which the GitRepository URL is checked for updates.
// This interval is approximate and may be subject to jitter to
// ensure
// efficient use of resources.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Provider used for authentication, can be 'azure', 'generic'.
// When not specified, defaults to 'generic'.
provider?: "generic" | "azure"
proxySecretRef?: {
// Name of the referent.
name: string
}
// RecurseSubmodules enables the initialization of all submodules
// within
// the GitRepository as cloned from the URL, using their default
// settings.
recurseSubmodules?: bool
// Reference specifies the Git reference to resolve and monitor
// for
// changes, defaults to the 'master' branch.
ref?: {
// Branch to check out, defaults to 'master' if no other field is
// defined.
branch?: string
// Commit SHA to check out, takes precedence over all reference
// fields.
//
// This can be combined with Branch to shallow clone the branch,
// in which
// the commit is expected to exist.
commit?: string
// Name of the reference to check out; takes precedence over
// Branch, Tag and SemVer.
//
// It must be a valid Git reference:
// https://git-scm.com/docs/git-check-ref-format#_description
// Examples: "refs/heads/main", "refs/tags/v0.1.0",
// "refs/pull/420/head", "refs/merge-requests/1/head"
name?: string
// SemVer tag expression to check out, takes precedence over Tag.
semver?: string
// Tag to check out, takes precedence over Branch.
tag?: string
}
secretRef?: {
// Name of the referent.
name: string
}
// Suspend tells the controller to suspend the reconciliation of
// this
// GitRepository.
suspend?: bool
// Timeout for Git operations like cloning, defaults to 60s.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$" | *"60s"
// URL specifies the Git repository URL, it can be an HTTP/S or
// SSH address.
url: =~"^(http|https|ssh)://.*$"
// Verification specifies the configuration to verify the Git
// commit
// signature(s).
verify?: {
// Mode specifies which Git object(s) should be verified.
//
// The variants "head" and "HEAD" both imply the same thing, i.e.
// verify
// the commit that the HEAD of the Git repository points to. The
// variant
// "head" solely exists to ensure backwards compatibility.
mode?: "head" | "HEAD" | "Tag" | "TagAndHEAD" | *"HEAD"
secretRef: {
// Name of the referent.
name: string
}
}
}

148
internal/generate/platforms/cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,148 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// GitRepository is the Schema for the gitrepositories API
#GitRepository: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "source.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "GitRepository"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// GitRepositorySpec defines the desired state of a Git
// repository.
spec!: #GitRepositorySpec
}
// GitRepositorySpec defines the desired state of a Git
// repository.
#GitRepositorySpec: {
accessFrom?: {
// NamespaceSelectors is the list of namespace selectors to which
// this ACL applies.
// Items in this list are evaluated using a logical OR operation.
namespaceSelectors: [...{
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
}]
}
// Determines which git client library to use.
// Defaults to go-git, valid values are ('go-git', 'libgit2').
gitImplementation?: "go-git" | "libgit2" | *"go-git"
// Ignore overrides the set of excluded patterns in the
// .sourceignore format
// (which is the same as .gitignore). If not provided, a default
// will be used,
// consult the documentation for your version to find out what
// those are.
ignore?: string
// Extra git repositories to map into the repository
include?: [...{
// The path to copy contents from, defaults to the root directory.
fromPath?: string
repository: {
// Name of the referent.
name: string
}
// The path to copy contents to, defaults to the name of the
// source ref.
toPath?: string
}]
// The interval at which to check for repository updates.
interval: string
// When enabled, after the clone is created, initializes all
// submodules within,
// using their default settings.
// This option is available only when using the 'go-git'
// GitImplementation.
recurseSubmodules?: bool
// The Git reference to checkout and monitor for changes, defaults
// to
// master branch.
ref?: {
// The Git branch to checkout, defaults to master.
branch?: string
// The Git commit SHA to checkout, if specified Tag filters will
// be ignored.
commit?: string
// The Git tag semver expression, takes precedence over Tag.
semver?: string
// The Git tag to checkout, takes precedence over Branch.
tag?: string
}
secretRef?: {
// Name of the referent.
name: string
}
// This flag tells the controller to suspend the reconciliation of
// this source.
suspend?: bool
// The timeout for remote Git operations like cloning, defaults to
// 60s.
timeout?: string | *"60s"
// The repository URL, can be a HTTP/S or SSH address.
url: =~"^(http|https|ssh)://.*$"
// Verify OpenPGP signature for the Git commit HEAD points to.
verify?: {
// Mode describes what git object should be verified, currently
// ('head').
mode: "head"
secretRef?: {
// Name of the referent.
name: string
}
}
}

177
internal/generate/platforms/cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,177 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// GitRepository is the Schema for the gitrepositories API.
#GitRepository: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "source.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "GitRepository"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// GitRepositorySpec specifies the required configuration to
// produce an
// Artifact for a Git repository.
spec!: #GitRepositorySpec
}
// GitRepositorySpec specifies the required configuration to
// produce an
// Artifact for a Git repository.
#GitRepositorySpec: {
accessFrom?: {
// NamespaceSelectors is the list of namespace selectors to which
// this ACL applies.
// Items in this list are evaluated using a logical OR operation.
namespaceSelectors: [...{
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
}]
}
// GitImplementation specifies which Git client library
// implementation to
// use. Defaults to 'go-git', valid values are ('go-git',
// 'libgit2').
// Deprecated: gitImplementation is deprecated now that 'go-git'
// is the
// only supported implementation.
gitImplementation?: "go-git" | "libgit2" | *"go-git"
// Ignore overrides the set of excluded patterns in the
// .sourceignore format
// (which is the same as .gitignore). If not provided, a default
// will be used,
// consult the documentation for your version to find out what
// those are.
ignore?: string
// Include specifies a list of GitRepository resources which
// Artifacts
// should be included in the Artifact produced for this
// GitRepository.
include?: [...{
// FromPath specifies the path to copy contents from, defaults to
// the root
// of the Artifact.
fromPath?: string
repository: {
// Name of the referent.
name: string
}
// ToPath specifies the path to copy contents to, defaults to the
// name of
// the GitRepositoryRef.
toPath?: string
}]
// Interval at which to check the GitRepository for updates.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// RecurseSubmodules enables the initialization of all submodules
// within
// the GitRepository as cloned from the URL, using their default
// settings.
recurseSubmodules?: bool
// Reference specifies the Git reference to resolve and monitor
// for
// changes, defaults to the 'master' branch.
ref?: {
// Branch to check out, defaults to 'master' if no other field is
// defined.
branch?: string
// Commit SHA to check out, takes precedence over all reference
// fields.
//
// This can be combined with Branch to shallow clone the branch,
// in which
// the commit is expected to exist.
commit?: string
// Name of the reference to check out; takes precedence over
// Branch, Tag and SemVer.
//
// It must be a valid Git reference:
// https://git-scm.com/docs/git-check-ref-format#_description
// Examples: "refs/heads/main", "refs/tags/v0.1.0",
// "refs/pull/420/head", "refs/merge-requests/1/head"
name?: string
// SemVer tag expression to check out, takes precedence over Tag.
semver?: string
// Tag to check out, takes precedence over Branch.
tag?: string
}
secretRef?: {
// Name of the referent.
name: string
}
// Suspend tells the controller to suspend the reconciliation of
// this
// GitRepository.
suspend?: bool
// Timeout for Git operations like cloning, defaults to 60s.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$" | *"60s"
// URL specifies the Git repository URL, it can be an HTTP/S or
// SSH address.
url: =~"^(http|https|ssh)://.*$"
// Verification specifies the configuration to verify the Git
// commit
// signature(s).
verify?: {
// Mode specifies what Git object should be verified, currently
// ('head').
mode: "head"
secretRef: {
// Name of the referent.
name: string
}
}
}

149
internal/generate/platforms/cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1/types_gen.cue Normal file
View File

@@ -0,0 +1,149 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1
import "strings"
// HelmChart is the Schema for the helmcharts API.
#HelmChart: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "source.toolkit.fluxcd.io/v1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "HelmChart"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// HelmChartSpec specifies the desired state of a Helm chart.
spec!: #HelmChartSpec
}
// HelmChartSpec specifies the desired state of a Helm chart.
#HelmChartSpec: {
// Chart is the name or path the Helm chart is available at in the
// SourceRef.
chart: string
// IgnoreMissingValuesFiles controls whether to silently ignore
// missing values
// files rather than failing.
ignoreMissingValuesFiles?: bool
// Interval at which the HelmChart SourceRef is checked for
// updates.
// This interval is approximate and may be subject to jitter to
// ensure
// efficient use of resources.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// ReconcileStrategy determines what enables the creation of a new
// artifact.
// Valid values are ('ChartVersion', 'Revision').
// See the documentation of the values for an explanation on their
// behavior.
// Defaults to ChartVersion when omitted.
reconcileStrategy?: "ChartVersion" | "Revision" | *"ChartVersion"
// SourceRef is the reference to the Source the chart is available
// at.
sourceRef: {
// APIVersion of the referent.
apiVersion?: string
// Kind of the referent, valid values are ('HelmRepository',
// 'GitRepository',
// 'Bucket').
kind: "HelmRepository" | "GitRepository" | "Bucket"
// Name of the referent.
name: string
}
// Suspend tells the controller to suspend the reconciliation of
// this
// source.
suspend?: bool
// ValuesFiles is an alternative list of values files to use as
// the chart
// values (values.yaml is not included by default), expected to be
// a
// relative path in the SourceRef.
// Values files are merged in the order of this list with the last
// file
// overriding the first. Ignored when omitted.
valuesFiles?: [...string]
// Verify contains the secret name containing the trusted public
// keys
// used to verify the signature and specifies which provider to
// use to check
// whether OCI image is authentic.
// This field is only supported when using HelmRepository source
// with spec.type 'oci'.
// Chart dependencies, which are not bundled in the umbrella chart
// artifact, are not verified.
verify?: {
// MatchOIDCIdentity specifies the identity matching criteria to
// use
// while verifying an OCI artifact which was signed using Cosign
// keyless
// signing. The artifact's identity is deemed to be verified if
// any of the
// specified matchers match against the identity.
matchOIDCIdentity?: [...{
// Issuer specifies the regex pattern to match against to verify
// the OIDC issuer in the Fulcio certificate. The pattern must be
// a
// valid Go regular expression.
issuer: string
// Subject specifies the regex pattern to match against to verify
// the identity subject in the Fulcio certificate. The pattern
// must
// be a valid Go regular expression.
subject: string
}]
// Provider specifies the technology used to sign the OCI
// Artifact.
provider: "cosign" | "notation" | *"cosign"
secretRef?: {
// Name of the referent.
name: string
}
}
// Version is the chart version semver expression, ignored for
// charts from
// GitRepository and Bucket sources. Defaults to latest when
// omitted.
version?: string | *"*"
}

122
internal/generate/platforms/cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,122 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// HelmChart is the Schema for the helmcharts API
#HelmChart: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "source.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "HelmChart"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// HelmChartSpec defines the desired state of a Helm chart.
spec!: #HelmChartSpec
}
// HelmChartSpec defines the desired state of a Helm chart.
#HelmChartSpec: {
accessFrom?: {
// NamespaceSelectors is the list of namespace selectors to which
// this ACL applies.
// Items in this list are evaluated using a logical OR operation.
namespaceSelectors: [...{
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
}]
}
// The name or path the Helm chart is available at in the
// SourceRef.
chart: string
// The interval at which to check the Source for updates.
interval: string
// Determines what enables the creation of a new artifact. Valid
// values are
// ('ChartVersion', 'Revision').
// See the documentation of the values for an explanation on their
// behavior.
// Defaults to ChartVersion when omitted.
reconcileStrategy?: "ChartVersion" | "Revision" | *"ChartVersion"
// The reference to the Source the chart is available at.
sourceRef: {
// APIVersion of the referent.
apiVersion?: string
// Kind of the referent, valid values are ('HelmRepository',
// 'GitRepository',
// 'Bucket').
kind: "HelmRepository" | "GitRepository" | "Bucket"
// Name of the referent.
name: string
}
// This flag tells the controller to suspend the reconciliation of
// this source.
suspend?: bool
// Alternative values file to use as the default chart values,
// expected to
// be a relative path in the SourceRef. Deprecated in favor of
// ValuesFiles,
// for backwards compatibility the file defined here is merged
// before the
// ValuesFiles items. Ignored when omitted.
valuesFile?: string
// Alternative list of values files to use as the chart values
// (values.yaml
// is not included by default), expected to be a relative path in
// the SourceRef.
// Values files are merged in the order of this list with the last
// file overriding
// the first. Ignored when omitted.
valuesFiles?: [...string]
// The chart version semver expression, ignored for charts from
// GitRepository
// and Bucket sources. Defaults to latest when omitted.
version?: string | *"*"
}

175
internal/generate/platforms/cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,175 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// HelmChart is the Schema for the helmcharts API.
#HelmChart: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "source.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "HelmChart"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// HelmChartSpec specifies the desired state of a Helm chart.
spec!: #HelmChartSpec
}
// HelmChartSpec specifies the desired state of a Helm chart.
#HelmChartSpec: {
accessFrom?: {
// NamespaceSelectors is the list of namespace selectors to which
// this ACL applies.
// Items in this list are evaluated using a logical OR operation.
namespaceSelectors: [...{
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
}]
}
// Chart is the name or path the Helm chart is available at in the
// SourceRef.
chart: string
// IgnoreMissingValuesFiles controls whether to silently ignore
// missing values
// files rather than failing.
ignoreMissingValuesFiles?: bool
// Interval at which the HelmChart SourceRef is checked for
// updates.
// This interval is approximate and may be subject to jitter to
// ensure
// efficient use of resources.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// ReconcileStrategy determines what enables the creation of a new
// artifact.
// Valid values are ('ChartVersion', 'Revision').
// See the documentation of the values for an explanation on their
// behavior.
// Defaults to ChartVersion when omitted.
reconcileStrategy?: "ChartVersion" | "Revision" | *"ChartVersion"
// SourceRef is the reference to the Source the chart is available
// at.
sourceRef: {
// APIVersion of the referent.
apiVersion?: string
// Kind of the referent, valid values are ('HelmRepository',
// 'GitRepository',
// 'Bucket').
kind: "HelmRepository" | "GitRepository" | "Bucket"
// Name of the referent.
name: string
}
// Suspend tells the controller to suspend the reconciliation of
// this
// source.
suspend?: bool
// ValuesFile is an alternative values file to use as the default
// chart
// values, expected to be a relative path in the SourceRef.
// Deprecated in
// favor of ValuesFiles, for backwards compatibility the file
// specified here
// is merged before the ValuesFiles items. Ignored when omitted.
valuesFile?: string
// ValuesFiles is an alternative list of values files to use as
// the chart
// values (values.yaml is not included by default), expected to be
// a
// relative path in the SourceRef.
// Values files are merged in the order of this list with the last
// file
// overriding the first. Ignored when omitted.
valuesFiles?: [...string]
// Verify contains the secret name containing the trusted public
// keys
// used to verify the signature and specifies which provider to
// use to check
// whether OCI image is authentic.
// This field is only supported when using HelmRepository source
// with spec.type 'oci'.
// Chart dependencies, which are not bundled in the umbrella chart
// artifact, are not verified.
verify?: {
// MatchOIDCIdentity specifies the identity matching criteria to
// use
// while verifying an OCI artifact which was signed using Cosign
// keyless
// signing. The artifact's identity is deemed to be verified if
// any of the
// specified matchers match against the identity.
matchOIDCIdentity?: [...{
// Issuer specifies the regex pattern to match against to verify
// the OIDC issuer in the Fulcio certificate. The pattern must be
// a
// valid Go regular expression.
issuer: string
// Subject specifies the regex pattern to match against to verify
// the identity subject in the Fulcio certificate. The pattern
// must
// be a valid Go regular expression.
subject: string
}]
// Provider specifies the technology used to sign the OCI
// Artifact.
provider: "cosign" | "notation" | *"cosign"
secretRef?: {
// Name of the referent.
name: string
}
}
// Version is the chart version semver expression, ignored for
// charts from
// GitRepository and Bucket sources. Defaults to latest when
// omitted.
version?: string | *"*"
}

132
internal/generate/platforms/cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1/types_gen.cue Normal file
View File

@@ -0,0 +1,132 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1
import "strings"
// HelmRepository is the Schema for the helmrepositories API.
#HelmRepository: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "source.toolkit.fluxcd.io/v1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "HelmRepository"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// HelmRepositorySpec specifies the required configuration to
// produce an
// Artifact for a Helm repository index YAML.
spec!: #HelmRepositorySpec
}
// HelmRepositorySpec specifies the required configuration to
// produce an
// Artifact for a Helm repository index YAML.
#HelmRepositorySpec: {
accessFrom?: {
// NamespaceSelectors is the list of namespace selectors to which
// this ACL applies.
// Items in this list are evaluated using a logical OR operation.
namespaceSelectors: [...{
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
}]
}
certSecretRef?: {
// Name of the referent.
name: string
}
// Insecure allows connecting to a non-TLS HTTP container
// registry.
// This field is only taken into account if the .spec.type field
// is set to 'oci'.
insecure?: bool
// Interval at which the HelmRepository URL is checked for
// updates.
// This interval is approximate and may be subject to jitter to
// ensure
// efficient use of resources.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// PassCredentials allows the credentials from the SecretRef to be
// passed
// on to a host that does not match the host as defined in URL.
// This may be required if the host of the advertised chart URLs
// in the
// index differ from the defined URL.
// Enabling this should be done with caution, as it can
// potentially result
// in credentials getting stolen in a MITM-attack.
passCredentials?: bool
// Provider used for authentication, can be 'aws', 'azure', 'gcp'
// or 'generic'.
// This field is optional, and only taken into account if the
// .spec.type field is set to 'oci'.
// When not specified, defaults to 'generic'.
provider?: "generic" | "aws" | "azure" | "gcp" | *"generic"
secretRef?: {
// Name of the referent.
name: string
}
// Suspend tells the controller to suspend the reconciliation of
// this
// HelmRepository.
suspend?: bool
// Timeout is used for the index fetch operation for an HTTPS helm
// repository,
// and for remote OCI Repository operations like pulling for an
// OCI helm
// chart by the associated HelmChart.
// Its default value is 60s.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
// Type of the HelmRepository.
// When this field is set to "oci", the URL field value must be
// prefixed with "oci://".
type?: "default" | "oci"
// URL of the Helm repository, a valid URL contains at least a
// protocol and
// host.
url: =~"^(http|https|oci)://.*$"
}

95
internal/generate/platforms/cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,95 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// HelmRepository is the Schema for the helmrepositories API
#HelmRepository: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "source.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "HelmRepository"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// HelmRepositorySpec defines the reference to a Helm repository.
spec!: #HelmRepositorySpec
}
// HelmRepositorySpec defines the reference to a Helm repository.
#HelmRepositorySpec: {
accessFrom?: {
// NamespaceSelectors is the list of namespace selectors to which
// this ACL applies.
// Items in this list are evaluated using a logical OR operation.
namespaceSelectors: [...{
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
}]
}
// The interval at which to check the upstream for updates.
interval: string
// PassCredentials allows the credentials from the SecretRef to be
// passed on to
// a host that does not match the host as defined in URL.
// This may be required if the host of the advertised chart URLs
// in the index
// differ from the defined URL.
// Enabling this should be done with caution, as it can
// potentially result in
// credentials getting stolen in a MITM-attack.
passCredentials?: bool
secretRef?: {
// Name of the referent.
name: string
}
// This flag tells the controller to suspend the reconciliation of
// this source.
suspend?: bool
// The timeout of index downloading, defaults to 60s.
timeout?: string | *"60s"
// The Helm repository URL, a valid URL contains at least a
// protocol and host.
url: string
}

132
internal/generate/platforms/cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,132 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// HelmRepository is the Schema for the helmrepositories API.
#HelmRepository: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "source.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "HelmRepository"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// HelmRepositorySpec specifies the required configuration to
// produce an
// Artifact for a Helm repository index YAML.
spec!: #HelmRepositorySpec
}
// HelmRepositorySpec specifies the required configuration to
// produce an
// Artifact for a Helm repository index YAML.
#HelmRepositorySpec: {
accessFrom?: {
// NamespaceSelectors is the list of namespace selectors to which
// this ACL applies.
// Items in this list are evaluated using a logical OR operation.
namespaceSelectors: [...{
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
}]
}
certSecretRef?: {
// Name of the referent.
name: string
}
// Insecure allows connecting to a non-TLS HTTP container
// registry.
// This field is only taken into account if the .spec.type field
// is set to 'oci'.
insecure?: bool
// Interval at which the HelmRepository URL is checked for
// updates.
// This interval is approximate and may be subject to jitter to
// ensure
// efficient use of resources.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// PassCredentials allows the credentials from the SecretRef to be
// passed
// on to a host that does not match the host as defined in URL.
// This may be required if the host of the advertised chart URLs
// in the
// index differ from the defined URL.
// Enabling this should be done with caution, as it can
// potentially result
// in credentials getting stolen in a MITM-attack.
passCredentials?: bool
// Provider used for authentication, can be 'aws', 'azure', 'gcp'
// or 'generic'.
// This field is optional, and only taken into account if the
// .spec.type field is set to 'oci'.
// When not specified, defaults to 'generic'.
provider?: "generic" | "aws" | "azure" | "gcp" | *"generic"
secretRef?: {
// Name of the referent.
name: string
}
// Suspend tells the controller to suspend the reconciliation of
// this
// HelmRepository.
suspend?: bool
// Timeout is used for the index fetch operation for an HTTPS helm
// repository,
// and for remote OCI Repository operations like pulling for an
// OCI helm
// chart by the associated HelmChart.
// Its default value is 60s.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
// Type of the HelmRepository.
// When this field is set to "oci", the URL field value must be
// prefixed with "oci://".
type?: "default" | "oci"
// URL of the Helm repository, a valid URL contains at least a
// protocol and
// host.
url: =~"^(http|https|oci)://.*$"
}

179
internal/generate/platforms/cue.mod/gen/source.toolkit.fluxcd.io/ocirepository/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,179 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// OCIRepository is the Schema for the ocirepositories API
#OCIRepository: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "source.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "OCIRepository"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// OCIRepositorySpec defines the desired state of OCIRepository
spec!: #OCIRepositorySpec
}
// OCIRepositorySpec defines the desired state of OCIRepository
#OCIRepositorySpec: {
certSecretRef?: {
// Name of the referent.
name: string
}
// Ignore overrides the set of excluded patterns in the
// .sourceignore format
// (which is the same as .gitignore). If not provided, a default
// will be used,
// consult the documentation for your version to find out what
// those are.
ignore?: string
// Insecure allows connecting to a non-TLS HTTP container
// registry.
insecure?: bool
// Interval at which the OCIRepository URL is checked for updates.
// This interval is approximate and may be subject to jitter to
// ensure
// efficient use of resources.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// LayerSelector specifies which layer should be extracted from
// the OCI artifact.
// When not specified, the first layer found in the artifact is
// selected.
layerSelector?: {
// MediaType specifies the OCI media type of the layer
// which should be extracted from the OCI Artifact. The
// first layer matching this type is selected.
mediaType?: string
// Operation specifies how the selected layer should be processed.
// By default, the layer compressed content is extracted to
// storage.
// When the operation is set to 'copy', the layer compressed
// content
// is persisted to storage as it is.
operation?: "extract" | "copy"
}
// The provider used for authentication, can be 'aws', 'azure',
// 'gcp' or 'generic'.
// When not specified, defaults to 'generic'.
provider?: "generic" | "aws" | "azure" | "gcp" | *"generic"
proxySecretRef?: {
// Name of the referent.
name: string
}
// The OCI reference to pull and monitor for changes,
// defaults to the latest tag.
ref?: {
// Digest is the image digest to pull, takes precedence over
// SemVer.
// The value should be in the format 'sha256:<HASH>'.
digest?: string
// SemVer is the range of tags to pull selecting the latest within
// the range, takes precedence over Tag.
semver?: string
// SemverFilter is a regex pattern to filter the tags within the
// SemVer range.
semverFilter?: string
// Tag is the image tag to pull, defaults to latest.
tag?: string
}
secretRef?: {
// Name of the referent.
name: string
}
// ServiceAccountName is the name of the Kubernetes ServiceAccount
// used to authenticate
// the image pull if the service account has attached pull
// secrets. For more information:
// https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account
serviceAccountName?: string
// This flag tells the controller to suspend the reconciliation of
// this source.
suspend?: bool
// The timeout for remote OCI Repository operations like pulling,
// defaults to 60s.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$" | *"60s"
// URL is a reference to an OCI artifact repository hosted
// on a remote container registry.
url: =~"^oci://.*$"
// Verify contains the secret name containing the trusted public
// keys
// used to verify the signature and specifies which provider to
// use to check
// whether OCI image is authentic.
verify?: {
// MatchOIDCIdentity specifies the identity matching criteria to
// use
// while verifying an OCI artifact which was signed using Cosign
// keyless
// signing. The artifact's identity is deemed to be verified if
// any of the
// specified matchers match against the identity.
matchOIDCIdentity?: [...{
// Issuer specifies the regex pattern to match against to verify
// the OIDC issuer in the Fulcio certificate. The pattern must be
// a
// valid Go regular expression.
issuer: string
// Subject specifies the regex pattern to match against to verify
// the identity subject in the Fulcio certificate. The pattern
// must
// be a valid Go regular expression.
subject: string
}]
// Provider specifies the technology used to sign the OCI
// Artifact.
provider: "cosign" | "notation" | *"cosign"
secretRef?: {
// Name of the referent.
name: string
}
}
}

2
version/embedded/patch
View File

@@ -1 +1 @@
4
5