Custom Resources Spec

Sub Resources

GitRepo

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specGitRepoSpecfalse
statusGitRepoStatusfalse

Back to Custom Resources

GitRepoDisplay

FieldDescriptionSchemeRequired
readyBundleDeploymentsstringfalse
statestringfalse
messagestringfalse
errorboolfalse

Back to Custom Resources

GitRepoResource

FieldDescriptionSchemeRequired
apiVersionstringfalse
kindstringfalse
typestringfalse
idstringfalse
namespacestringfalse
namestringfalse
incompleteStateboolfalse
statestringfalse
errorboolfalse
transitioningboolfalse
messagestringfalse
perClusterState[]ResourcePerClusterStatefalse

Back to Custom Resources

GitRepoResourceCounts

FieldDescriptionSchemeRequired
readyinttrue
desiredReadyinttrue
waitAppliedinttrue
modifiedinttrue
orphanedinttrue
missinginttrue
unknowninttrue
notReadyinttrue

Back to Custom Resources

GitRepoRestriction

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
defaultServiceAccountstringfalse
allowedServiceAccounts[]stringfalse
allowedRepoPatterns[]stringfalse
defaultClientSecretNamestringfalse
allowedClientSecretNames[]stringfalse
allowedTargetNamespaces[]stringfalse

Back to Custom Resources

GitRepoSpec

FieldDescriptionSchemeRequired
repoRepo is a URL to a git repo to clone and indexstringfalse
branchBranch The git branch to followstringfalse
revisionRevision A specific commit or tag to operate onstringfalse
targetNamespaceEnsure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demandstringfalse
clientSecretNameClientSecretName is the client secret to be used to connect to the repo It is expected the secret be of type \”kubernetes.io/basic-auth\” or \”kubernetes.io/ssh-auth\”.stringfalse
helmSecretNameHelmSecretName contains the auth secret for private helm repositorystringfalse
helmRepoURLRegexHelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not providedstringfalse
caBundleCABundle is a PEM encoded CA bundle which will be used to validate the repo’s certificate.[]bytefalse
insecureSkipTLSVerifyInsecureSkipTLSverify will use insecure HTTPS to clone the repo.boolfalse
pathsPaths is the directories relative to the git repo root that contain resources to be applied. Path globbing is support, for example [\”charts/\”] will match all folders as a subdirectory of charts/ If empty, \”/\” is the default[]stringfalse
pausedPaused this cause changes in Git to not be propagated down to the clusters but instead mark resources as OutOfSyncboolfalse
serviceAccountServiceAccount used in the downstream cluster for deploymentstringfalse
targetsTargets is a list of target this repo will deploy to[]GitTargetfalse
pollingIntervalPollingInterval is how often to check git for new updatesmetav1.Durationfalse
forceSyncGenerationIncrement this number to force a redeployment of contents from Gitint64false
imageScanIntervalImageScanInterval is the interval of syncing scanned images and writing back to git repo*metav1.Durationfalse
imageScanCommitCommit specifies how to commit to the git repo when new image is scanned and write back to git repoCommitSpecfalse
keepResourcesKeepResources specifies if the resources created must be kept after deleting the GitRepoboolfalse

Back to Custom Resources

GitRepoStatus

FieldDescriptionSchemeRequired
observedGenerationint64true
commitstringfalse
readyClustersinttrue
desiredReadyClustersinttrue
gitJobStatusstringfalse
summaryBundleSummaryfalse
displayGitRepoDisplayfalse
conditions[]genericcondition.GenericConditionfalse
resources[]GitRepoResourcefalse
resourceCountsGitRepoResourceCountsfalse
resourceErrors[]stringfalse
lastSyncedImageScanTimemetav1.Timefalse

Back to Custom Resources

GitTarget

FieldDescriptionSchemeRequired
namestringfalse
clusterNamestringfalse
clusterSelectormetav1.LabelSelectorfalse
clusterGroupstringfalse
clusterGroupSelectormetav1.LabelSelectorfalse

Back to Custom Resources

ResourcePerClusterState

FieldDescriptionSchemeRequired
statestringfalse
errorboolfalse
transitioningboolfalse
messagestringfalse
patch*GenericMapfalse
clusterIdstringfalse

Back to Custom Resources

Bundle

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specBundleSpectrue
statusBundleStatustrue

Back to Custom Resources

BundleDeployment

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specBundleDeploymentSpecfalse
statusBundleDeploymentStatusfalse

Back to Custom Resources

BundleDeploymentDisplay

FieldDescriptionSchemeRequired
deployedstringfalse
monitoredstringfalse
statestringfalse

Back to Custom Resources

BundleDeploymentOptions

FieldDescriptionSchemeRequired
defaultNamespaceDefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace.stringfalse
namespaceTargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail.stringfalse
kustomizeKustomize options for the deployment, like the dir containing the kustomization.yaml file.KustomizeOptionsfalse
helmHelm options for the deployment, like the chart name, repo and values.HelmOptionsfalse
serviceAccountServiceAccount which will be used to perform this deployment.stringfalse
forceSyncGenerationForceSyncGeneration is used to force a redeploymentint64false
yamlYAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.YAMLOptionsfalse
diffDiff can be used to ignore the modified state of objects which are amended at runtime.DiffOptionsfalse
keepResourcesKeepResources can be used to keep the deployed resources when removing the bundleboolfalse

Back to Custom Resources

BundleDeploymentSpec

FieldDescriptionSchemeRequired
stagedOptionsBundleDeploymentOptionsfalse
stagedDeploymentIDstringfalse
optionsBundleDeploymentOptionsfalse
deploymentIDstringfalse
dependsOn[]BundleReffalse

Back to Custom Resources

BundleDeploymentStatus

FieldDescriptionSchemeRequired
conditions[]genericcondition.GenericConditionfalse
appliedDeploymentIDstringfalse
releasestringfalse
readyboolfalse
nonModifiedboolfalse
nonReadyStatus[]NonReadyStatusfalse
modifiedStatus[]ModifiedStatusfalse
displayBundleDeploymentDisplayfalse
syncGeneration*int64false

Back to Custom Resources

BundleDisplay

FieldDescriptionSchemeRequired
readyClustersstringfalse
statestringfalse

Back to Custom Resources

BundleNamespaceMapping

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
bundleSelectormetav1.LabelSelectorfalse
namespaceSelectormetav1.LabelSelectorfalse

Back to Custom Resources

BundleRef

FieldDescriptionSchemeRequired
namestringfalse
selector*metav1.LabelSelectorfalse

Back to Custom Resources

BundleResource

FieldDescriptionSchemeRequired
namestringfalse
contentstringfalse
encodingstringfalse

Back to Custom Resources

BundleSpec

FieldDescriptionSchemeRequired
BundleDeploymentOptionsBundleDeploymentOptionsfalse
pausedPaused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.boolfalse
rolloutStrategyRolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.*RolloutStrategyfalse
resourcesResources contain the actual resources from the git repo which will be deployed.[]BundleResourcefalse
targetsTargets refer to the clusters which will be deployed to.[]BundleTargetfalse
targetRestrictionsTargetRestrictions restrict which clusters the bundle will be deployed to.[]BundleTargetRestrictionfalse
dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[]BundleReffalse
ignoreIgnore refers to the fields that will not be considered when monitoring the status.IgnoreOptionsfalse

Back to Custom Resources

BundleStatus

FieldDescriptionSchemeRequired
conditions[]genericcondition.GenericConditionfalse
summaryBundleSummaryfalse
newlyCreatedintfalse
unavailableinttrue
unavailablePartitionsinttrue
maxUnavailableinttrue
maxUnavailablePartitionsinttrue
maxNewintfalse
partitions[]PartitionStatusfalse
displayBundleDisplayfalse
resourceKey[]ResourceKeyfalse
observedGenerationint64true

Back to Custom Resources

BundleSummary

FieldDescriptionSchemeRequired
notReadyintfalse
waitAppliedintfalse
errAppliedintfalse
outOfSyncintfalse
modifiedintfalse
readyinttrue
pendingintfalse
desiredReadyinttrue
nonReadyResources[]NonReadyResourcefalse

Back to Custom Resources

BundleTarget

FieldDescriptionSchemeRequired
BundleDeploymentOptionsBundleDeploymentOptionsfalse
namestringfalse
clusterNamestringfalse
clusterSelectormetav1.LabelSelectorfalse
clusterGroupstringfalse
clusterGroupSelectormetav1.LabelSelectorfalse

Back to Custom Resources

BundleTargetRestriction

FieldDescriptionSchemeRequired
namestringfalse
clusterNamestringfalse
clusterSelectormetav1.LabelSelectorfalse
clusterGroupstringfalse
clusterGroupSelectormetav1.LabelSelectorfalse

Back to Custom Resources

ComparePatch

FieldDescriptionSchemeRequired
kindstringfalse
apiVersionstringfalse
namespacestringfalse
namestringfalse
operations[]Operationfalse
jsonPointers[]stringfalse

Back to Custom Resources

ConfigMapKeySelector

FieldDescriptionSchemeRequired
namespacestringfalse
keystringfalse

Back to Custom Resources

Content

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
content[]bytefalse

Back to Custom Resources

DiffOptions

FieldDescriptionSchemeRequired
comparePatches[]ComparePatchfalse

Back to Custom Resources

HelmOptions

FieldDescriptionSchemeRequired
chartChart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded.stringfalse
repoRepo is the name of the HTTPS helm repo to download the chart from.stringfalse
releaseNameReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path.stringfalse
versionVersion of the chart to downloadstringfalse
timeoutSecondsTimeoutSeconds is the time to wait for Helm operations.intfalse
valuesValues passed to Helm. It is possible to specify the keys and values as go template strings.*GenericMapfalse
valuesFromValuesFrom loads the values from configmaps and secrets.[]ValuesFromfalse
forceForce allows to override immutable resources. This could be dangerous.boolfalse
takeOwnershipTakeOwnership makes helm skip the check for its own annotationsboolfalse
maxHistoryMaxHistory limits the maximum number of revisions saved per release by Helm.intfalse
valuesFilesValuesFiles is a list of files to load values from.[]stringfalse
waitForJobsWaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSecondsboolfalse
atomicAtomic sets the —atomic flag when Helm is performing an upgradeboolfalse
disablePreProcessDisablePreProcess disables template processing in valuesboolfalse

Back to Custom Resources

KustomizeOptions

FieldDescriptionSchemeRequired
dirstringfalse

Back to Custom Resources

LocalObjectReference

FieldDescriptionSchemeRequired
namestringtrue

Back to Custom Resources

ModifiedStatus

FieldDescriptionSchemeRequired
kindstringfalse
apiVersionstringfalse
namespacestringfalse
namestringfalse
missingboolfalse
deleteboolfalse
patchstringfalse

Back to Custom Resources

NonReadyResource

FieldDescriptionSchemeRequired
namestringfalse
bundleStateBundleStatefalse
messagestringfalse
modifiedStatus[]ModifiedStatusfalse
nonReadyStatus[]NonReadyStatusfalse

Back to Custom Resources

NonReadyStatus

FieldDescriptionSchemeRequired
uidtypes.UIDfalse
kindstringfalse
apiVersionstringfalse
namespacestringfalse
namestringfalse
summarysummary.Summaryfalse

Back to Custom Resources

Operation

FieldDescriptionSchemeRequired
opstringfalse
pathstringfalse
valuestringfalse

Back to Custom Resources

Partition

FieldDescriptionSchemeRequired
namestringfalse
maxUnavailableintstr.IntOrStringfalse
clusterNamestringfalse
clusterSelectormetav1.LabelSelectorfalse
clusterGroupstringfalse
clusterGroupSelector*metav1.LabelSelectorfalse

Back to Custom Resources

PartitionStatus

FieldDescriptionSchemeRequired
namestringfalse
countintfalse
maxUnavailableintfalse
unavailableintfalse
summaryBundleSummaryfalse

Back to Custom Resources

ResourceKey

FieldDescriptionSchemeRequired
kindstringfalse
apiVersionstringfalse
namespacestringfalse
namestringfalse

Back to Custom Resources

RolloutStrategy

FieldDescriptionSchemeRequired
maxUnavailableintstr.IntOrStringfalse
maxUnavailablePartitionsintstr.IntOrStringfalse
autoPartitionSize*intstr.IntOrStringfalse
partitions[]Partitionfalse

Back to Custom Resources

SecretKeySelector

FieldDescriptionSchemeRequired
namespacestringfalse
keystringfalse

Back to Custom Resources

ValuesFrom

Define helm values that can come from configmap, secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439

FieldDescriptionSchemeRequired
configMapKeyRefThe reference to a config map with release values.ConfigMapKeySelectorfalse
secretKeyRefThe reference to a secret with release values.SecretKeySelectorfalse

Back to Custom Resources

YAMLOptions

FieldDescriptionSchemeRequired
overlays[]stringfalse

Back to Custom Resources

AlphabeticalPolicy

AlphabeticalPolicy specifies a alphabetical ordering policy.

FieldDescriptionSchemeRequired
orderOrder specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A.stringfalse

Back to Custom Resources

CommitSpec

CommitSpec specifies how to commit changes to the git repository

FieldDescriptionSchemeRequired
authorNameAuthorName gives the name to provide when making a commitstringtrue
authorEmailAuthorEmail gives the email to provide when making a commitstringtrue
messageTemplateMessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made.stringfalse

Back to Custom Resources

ImagePolicyChoice

ImagePolicyChoice is a union of all the types of policy that can be supplied.

FieldDescriptionSchemeRequired
semverSemVer gives a semantic version range to check against the tags available.SemVerPolicyfalse
alphabeticalAlphabetical set of rules to use for alphabetical ordering of the tags.AlphabeticalPolicyfalse

Back to Custom Resources

ImageScan

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specImageScanSpecfalse
statusImageScanStatusfalse

Back to Custom Resources

ImageScanSpec

API is taken from https://github.com/fluxcd/image-reflector-controller

FieldDescriptionSchemeRequired
tagNameTagName is the tag ref that needs to be put in manifest to replace fieldsstringfalse
gitrepoNameGitRepo reference namestringfalse
imageImage is the name of the image repositorystringfalse
intervalInterval is the length of time to wait between scans of the image repository.metav1.Durationfalse
secretRefSecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with kubectl create secret docker-registry, or the equivalent.*corev1.LocalObjectReferencefalse
suspendThis flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.boolfalse
policyPolicy gives the particulars of the policy to be followed in selecting the most recent imageImagePolicyChoicetrue

Back to Custom Resources

ImageScanStatus

FieldDescriptionSchemeRequired
conditions[]genericcondition.GenericConditionfalse
lastScanTimeLastScanTime is the last time image was scannedmetav1.Timefalse
latestImageLatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy.stringfalse
latestTagLatest tag is the latest tag filtered by the policystringfalse
latestDigestLatestDigest is the digest of latest tagstringfalse
observedGenerationint64false
canonicalImageNameCanonicalName is the name of the image repository with all the implied bits made explicit; e.g., docker.io/library/alpine rather than alpine.stringfalse

Back to Custom Resources

SemVerPolicy

SemVerPolicy specifies a semantic version policy.

FieldDescriptionSchemeRequired
rangeRange gives a semver range for the image tag; the highest version within the range that’s a tag yields the latest image.stringtrue

Back to Custom Resources

AgentStatus

FieldDescriptionSchemeRequired
lastSeenmetav1.Timetrue
namespacestringtrue
nonReadyNodesinttrue
readyNodesinttrue
nonReadyNodeNamesAt most 3 nodes[]stringtrue
readyNodeNamesAt most 3 nodes[]stringtrue

Back to Custom Resources

IgnoreOptions

FieldDescriptionSchemeRequired
conditionsconditions to be ignored[]map[string]stringfalse

Cluster

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specClusterSpecfalse
statusClusterStatusfalse

Back to Custom Resources

ClusterDisplay

FieldDescriptionSchemeRequired
readyBundlesstringfalse
readyNodesstringfalse
sampleNodestringfalse
statestringfalse

Back to Custom Resources

ClusterGroup

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specClusterGroupSpectrue
statusClusterGroupStatustrue

Back to Custom Resources

ClusterGroupDisplay

FieldDescriptionSchemeRequired
readyClustersstringfalse
readyBundlesstringfalse
statestringfalse

Back to Custom Resources

ClusterGroupSpec

FieldDescriptionSchemeRequired
selector*metav1.LabelSelectorfalse

Back to Custom Resources

ClusterGroupStatus

FieldDescriptionSchemeRequired
clusterCountinttrue
nonReadyClusterCountinttrue
nonReadyClusters[]stringfalse
conditions[]genericcondition.GenericConditionfalse
summaryBundleSummaryfalse
displayClusterGroupDisplayfalse
resourceCountsGitRepoResourceCountsfalse

Back to Custom Resources

ClusterRegistration

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specClusterRegistrationSpecfalse
statusClusterRegistrationStatusfalse

Back to Custom Resources

ClusterRegistrationSpec

FieldDescriptionSchemeRequired
clientIDstringfalse
clientRandomstringfalse
clusterLabelsmap[string]stringfalse

Back to Custom Resources

ClusterRegistrationStatus

FieldDescriptionSchemeRequired
clusterNamestringfalse
grantedboolfalse

Back to Custom Resources

ClusterRegistrationToken

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specClusterRegistrationTokenSpecfalse
statusClusterRegistrationTokenStatusfalse

Back to Custom Resources

ClusterRegistrationTokenSpec

FieldDescriptionSchemeRequired
ttl*metav1.Durationfalse

Back to Custom Resources

ClusterRegistrationTokenStatus

FieldDescriptionSchemeRequired
expires*metav1.Timefalse
secretNamestringfalse

Back to Custom Resources

ClusterSpec

FieldDescriptionSchemeRequired
pausedPaused if set to true, will stop any BundleDeployments from being updated.boolfalse
clientIDClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster.stringfalse
kubeConfigSecretKubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster.stringfalse
redeployAgentGenerationRedeployAgentGeneration can be used to force redeploying the agent.int64false
agentEnvVarsAgentEnvVars are extra environment variables to be added to the agent deployment.[]v1.EnvVarfalse
agentNamespaceAgentNamespace defaults to the system namespace, e.g. cattle-fleet-system.stringfalse
privateRepoURLPrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config.stringfalse
templateValuesTemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating.GenericMapfalse
agentTolerationsAgentTolerations defines an extra set of Tolerations to be added to the Agent deployment.[]v1.Tolerationfalse
agentAffinityAgentAffinity overrides the default affinity for the cluster’s agent deployment. If this value is nil the default affinity is used.v1.Affinityfalse
agentResourcesAgentResources sets the resources for the cluster’s agent deployment.*v1.ResourceRequirementsfalse

Back to Custom Resources

ClusterStatus

FieldDescriptionSchemeRequired
conditions[]genericcondition.GenericConditionfalse
namespaceNamespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \”cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\”stringfalse
summaryBundleSummaryfalse
resourceCountsGitRepoResourceCountsfalse
readyGitReposinttrue
desiredReadyGitReposinttrue
agentEnvVarsHashstringfalse
agentPrivateRepoURLstringfalse
agentDeployedGeneration*int64false
agentMigratedboolfalse
agentNamespaceMigratedboolfalse
cattleNamespaceMigratedboolfalse
agentAffinityHashstringfalse
agentResourcesHashstringfalse
agentTolerationsHashstringfalse
displayClusterDisplayfalse
agentAgentStatusfalse

Back to Custom Resources