public_git
/
actions-runner-controller
mirror of https://github.com/actions-runner-controller/actions-runner-controller.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'master' into runnerset-docker-socket

This commit is contained in:
Bassem Dghaidi 2023-09-21 21:13:45 +02:00 committed by GitHub
parent 61d90f42d1 cf24ab584d
commit ad427c312a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
69 changed files with 18397 additions and 300 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/arc-publish-chart.yaml vendored
View File

@ -70,7 +70,7 @@ jobs:
run: | run: |
changed=$(ct list-changed --config charts/.ci/ct-config.yaml) changed=$(ct list-changed --config charts/.ci/ct-config.yaml)
if [[ -n "$changed" ]]; then if [[ -n "$changed" ]]; then
echo "::set-output name=changed::true" echo "changed=true" >> $GITHUB_OUTPUT
fi fi
- name: Run chart-testing (lint) - name: Run chart-testing (lint)

8
.github/workflows/arc-publish.yaml vendored
View File

@ -18,7 +18,7 @@ on:
default: false default: false
permissions: permissions:
contents: write contents: write
packages: write packages: write
env: env:
@ -34,16 +34,16 @@ jobs:
name: Release name: Release
runs-on: ubuntu-latest runs-on: ubuntu-latest
# gha-runner-scale-set has its own release workflow. # gha-runner-scale-set has its own release workflow.
# We don't want to publish a new actions-runner-controller image # We don't want to publish a new actions-runner-controller image
# we release gha-runner-scale-set. # we release gha-runner-scale-set.
if: ${{ !startsWith(github.event.inputs.release_tag_name, 'gha-runner-scale-set-') }} if: ${{ !startsWith(github.event.inputs.release_tag_name, 'gha-runner-scale-set-') }}
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v3
- uses: actions/setup-go@v3 - uses: actions/setup-go@v4
with: with:
go-version: '1.18.2' go-version-file: 'go.mod'
- name: Install tools - name: Install tools
run: | run: |

2
.github/workflows/arc-validate-chart.yaml vendored
View File

@ -79,7 +79,7 @@ jobs:
run: | run: |
changed=$(ct list-changed --config charts/.ci/ct-config.yaml) changed=$(ct list-changed --config charts/.ci/ct-config.yaml)
if [[ -n "$changed" ]]; then if [[ -n "$changed" ]]; then
echo "::set-output name=changed::true" echo "changed=true" >> $GITHUB_OUTPUT
fi fi
- name: Run chart-testing (lint) - name: Run chart-testing (lint)

2
.github/workflows/gha-e2e-tests.yaml vendored
View File

@ -16,7 +16,7 @@ env:
TARGET_ORG: actions-runner-controller TARGET_ORG: actions-runner-controller
TARGET_REPO: arc_e2e_test_dummy TARGET_REPO: arc_e2e_test_dummy
IMAGE_NAME: "arc-test-image" IMAGE_NAME: "arc-test-image"
IMAGE_VERSION: "0.5.0" IMAGE_VERSION: "0.6.0"
concurrency: concurrency:
# This will make sure we only apply the concurrency limits on pull requests # This will make sure we only apply the concurrency limits on pull requests

2
.github/workflows/gha-validate-chart.yaml vendored
View File

@ -76,7 +76,7 @@ jobs:
ct version ct version
changed=$(ct list-changed --config charts/.ci/ct-config-gha.yaml) changed=$(ct list-changed --config charts/.ci/ct-config-gha.yaml)
if [[ -n "$changed" ]]; then if [[ -n "$changed" ]]; then
echo "::set-output name=changed::true" echo "changed=true" >> $GITHUB_OUTPUT
fi fi
- name: Run chart-testing (lint) - name: Run chart-testing (lint)

8
.github/workflows/global-publish-canary.yaml vendored
View File

@ -91,7 +91,7 @@ jobs:
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v3
- name: Login to GitHub Container Registry - name: Login to GitHub Container Registry
uses: docker/login-action@v2 uses: docker/login-action@v2
with: with:
@ -101,14 +101,14 @@ jobs:
# Normalization is needed because upper case characters are not allowed in the repository name # Normalization is needed because upper case characters are not allowed in the repository name
# and the short sha is needed for image tagging # and the short sha is needed for image tagging
- name: Resolve parameters - name: Resolve parameters
id: resolve_parameters id: resolve_parameters
run: | run: |
echo "INFO: Resolving short sha" echo "INFO: Resolving short sha"
echo "short_sha=$(git rev-parse --short ${{ github.ref }})" >> $GITHUB_OUTPUT echo "short_sha=$(git rev-parse --short ${{ github.ref }})" >> $GITHUB_OUTPUT
echo "INFO: Normalizing repository name (lowercase)" echo "INFO: Normalizing repository name (lowercase)"
echo "repository_owner=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT echo "repository_owner=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT
- name: Set up QEMU - name: Set up QEMU
uses: docker/setup-qemu-action@v2 uses: docker/setup-qemu-action@v2
@ -124,7 +124,7 @@ jobs:
context: . context: .
file: ./Dockerfile file: ./Dockerfile
platforms: linux/amd64,linux/arm64 platforms: linux/amd64,linux/arm64
build-args: VERSION=canary-"${{ github.ref }}" build-args: VERSION=canary-${{ steps.resolve_parameters.outputs.short_sha }}
push: ${{ env.PUSH_TO_REGISTRIES }} push: ${{ env.PUSH_TO_REGISTRIES }}
tags: | tags: |
ghcr.io/${{ steps.resolve_parameters.outputs.repository_owner }}/gha-runner-scale-set-controller:canary ghcr.io/${{ steps.resolve_parameters.outputs.repository_owner }}/gha-runner-scale-set-controller:canary

6
Dockerfile
View File

@ -24,7 +24,7 @@ RUN go mod download
# With the above commmand, # With the above commmand,
# TARGETOS can be "linux", TARGETARCH can be "amd64", "arm64", and "arm", TARGETVARIANT can be "v7". # TARGETOS can be "linux", TARGETARCH can be "amd64", "arm64", and "arm", TARGETVARIANT can be "v7".
ARG TARGETPLATFORM TARGETOS TARGETARCH TARGETVARIANT VERSION=dev ARG TARGETPLATFORM TARGETOS TARGETARCH TARGETVARIANT VERSION=dev COMMIT_SHA=dev
# We intentionally avoid `--mount=type=cache,mode=0777,target=/go/pkg/mod` in the `go mod download` and the `go build` runs # We intentionally avoid `--mount=type=cache,mode=0777,target=/go/pkg/mod` in the `go mod download` and the `go build` runs
# to avoid https://github.com/moby/buildkit/issues/2334 # to avoid https://github.com/moby/buildkit/issues/2334
@ -36,8 +36,8 @@ ENV GOCACHE /build/${TARGETPLATFORM}/root/.cache/go-build
RUN --mount=target=. \ RUN --mount=target=. \
--mount=type=cache,mode=0777,target=${GOCACHE} \ --mount=type=cache,mode=0777,target=${GOCACHE} \
export GOOS=${TARGETOS} GOARCH=${TARGETARCH} GOARM=${TARGETVARIANT#v} && \ export GOOS=${TARGETOS} GOARCH=${TARGETARCH} GOARM=${TARGETVARIANT#v} && \
go build -trimpath -ldflags="-s -w -X 'github.com/actions/actions-runner-controller/build.Version=${VERSION}'" -o /out/manager main.go && \ go build -trimpath -ldflags="-s -w -X 'github.com/actions/actions-runner-controller/build.Version=${VERSION}' -X 'github.com/actions/actions-runner-controller/build.CommitSHA=${COMMIT_SHA}'" -o /out/manager main.go && \
go build -trimpath -ldflags="-s -w" -o /out/github-runnerscaleset-listener ./cmd/githubrunnerscalesetlistener && \ go build -trimpath -ldflags="-s -w -X 'github.com/actions/actions-runner-controller/build.Version=${VERSION}' -X 'github.com/actions/actions-runner-controller/build.CommitSHA=${COMMIT_SHA}'" -o /out/github-runnerscaleset-listener ./cmd/githubrunnerscalesetlistener && \
go build -trimpath -ldflags="-s -w" -o /out/github-webhook-server ./cmd/githubwebhookserver && \ go build -trimpath -ldflags="-s -w" -o /out/github-webhook-server ./cmd/githubwebhookserver && \
go build -trimpath -ldflags="-s -w" -o /out/actions-metrics-server ./cmd/actionsmetricsserver && \ go build -trimpath -ldflags="-s -w" -o /out/actions-metrics-server ./cmd/actionsmetricsserver && \
go build -trimpath -ldflags="-s -w" -o /out/sleep ./cmd/sleep go build -trimpath -ldflags="-s -w" -o /out/sleep ./cmd/sleep

6
Makefile
View File

@ -5,7 +5,8 @@ else
endif endif
DOCKER_USER ?= $(shell echo ${DOCKER_IMAGE_NAME} | cut -d / -f1) DOCKER_USER ?= $(shell echo ${DOCKER_IMAGE_NAME} | cut -d / -f1)
VERSION ?= dev VERSION ?= dev
RUNNER_VERSION ?= 2.308.0 COMMIT_SHA = $(shell git rev-parse HEAD)
RUNNER_VERSION ?= 2.309.0
TARGETPLATFORM ?= $(shell arch) TARGETPLATFORM ?= $(shell arch)
RUNNER_NAME ?= ${DOCKER_USER}/actions-runner RUNNER_NAME ?= ${DOCKER_USER}/actions-runner
RUNNER_TAG ?= ${VERSION} RUNNER_TAG ?= ${VERSION}
@ -67,7 +68,7 @@ endif
all: manager all: manager
lint: lint:
docker run --rm -v $(PWD):/app -w /app golangci/golangci-lint:v1.49.0 golangci-lint run docker run --rm -v $(PWD):/app -w /app golangci/golangci-lint:v1.54.2 golangci-lint run
GO_TEST_ARGS ?= -short GO_TEST_ARGS ?= -short
@ -215,6 +216,7 @@ docker-buildx:
--build-arg RUNNER_VERSION=${RUNNER_VERSION} \ --build-arg RUNNER_VERSION=${RUNNER_VERSION} \
--build-arg DOCKER_VERSION=${DOCKER_VERSION} \ --build-arg DOCKER_VERSION=${DOCKER_VERSION} \
--build-arg VERSION=${VERSION} \ --build-arg VERSION=${VERSION} \
--build-arg COMMIT_SHA=${COMMIT_SHA} \
-t "${DOCKER_IMAGE_NAME}:${VERSION}" \ -t "${DOCKER_IMAGE_NAME}:${VERSION}" \
-f Dockerfile \ -f Dockerfile \
. ${PUSH_ARG} . ${PUSH_ARG}

6
apis/actions.github.com/v1alpha1/autoscalinglistener_types.go
View File

@ -52,9 +52,6 @@ type AutoscalingListenerSpec struct {
// Required // Required
Image string `json:"image,omitempty"` Image string `json:"image,omitempty"`
// Required
ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"`
// Required // Required
ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"` ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"`
@ -63,6 +60,9 @@ type AutoscalingListenerSpec struct {
// +optional // +optional
GitHubServerTLS *GitHubServerTLSConfig `json:"githubServerTLS,omitempty"` GitHubServerTLS *GitHubServerTLSConfig `json:"githubServerTLS,omitempty"`
// +optional
Template *corev1.PodTemplateSpec `json:"template,omitempty"`
} }
// AutoscalingListenerStatus defines the observed state of AutoscalingListener // AutoscalingListenerStatus defines the observed state of AutoscalingListener

3
apis/actions.github.com/v1alpha1/autoscalingrunnerset_types.go
View File

@ -74,6 +74,9 @@ type AutoscalingRunnerSetSpec struct {
// Required // Required
Template corev1.PodTemplateSpec `json:"template,omitempty"` Template corev1.PodTemplateSpec `json:"template,omitempty"`
// +optional
ListenerTemplate *corev1.PodTemplateSpec `json:"listenerTemplate,omitempty"`
// +optional // +optional
// +kubebuilder:validation:Minimum:=0 // +kubebuilder:validation:Minimum:=0
MaxRunners *int `json:"maxRunners,omitempty"` MaxRunners *int `json:"maxRunners,omitempty"`

10
apis/actions.github.com/v1alpha1/zz_generated.deepcopy.go
View File

@ -103,6 +103,11 @@ func (in *AutoscalingListenerSpec) DeepCopyInto(out *AutoscalingListenerSpec) {
*out = new(GitHubServerTLSConfig) *out = new(GitHubServerTLSConfig)
(*in).DeepCopyInto(*out) (*in).DeepCopyInto(*out)
} }
if in.Template != nil {
in, out := &in.Template, &out.Template
*out = new(v1.PodTemplateSpec)
(*in).DeepCopyInto(*out)
}
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AutoscalingListenerSpec. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AutoscalingListenerSpec.
@ -203,6 +208,11 @@ func (in *AutoscalingRunnerSetSpec) DeepCopyInto(out *AutoscalingRunnerSetSpec)
(*in).DeepCopyInto(*out) (*in).DeepCopyInto(*out)
} }
in.Template.DeepCopyInto(&out.Template) in.Template.DeepCopyInto(&out.Template)
if in.ListenerTemplate != nil {
in, out := &in.ListenerTemplate, &out.ListenerTemplate
*out = new(v1.PodTemplateSpec)
(*in).DeepCopyInto(*out)
}
if in.MaxRunners != nil { if in.MaxRunners != nil {
in, out := &in.MaxRunners, &out.MaxRunners in, out := &in.MaxRunners, &out.MaxRunners
*out = new(int) *out = new(int)

2
build/version.go
View File

@ -2,3 +2,5 @@ package build
// This is overridden at build-time using go-build ldflags. dev is the fallback value // This is overridden at build-time using go-build ldflags. dev is the fallback value
var Version = "NA" var Version = "NA"
var CommitSHA = "NA"

4
charts/actions-runner-controller/Chart.yaml
View File

@ -15,10 +15,10 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes # This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version. # to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/) # Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.23.3 version: 0.23.5
# Used as the default manager tag value when no tag property is provided in the values.yaml # Used as the default manager tag value when no tag property is provided in the values.yaml
appVersion: 0.27.4 appVersion: 0.27.5
home: https://github.com/actions/actions-runner-controller home: https://github.com/actions/actions-runner-controller

9
charts/actions-runner-controller/crds/actions.summerwind.dev_horizontalrunnerautoscalers.yaml
View File

@ -1,8 +1,9 @@
---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.7.0 controller-gen.kubebuilder.io/version: v0.11.3
creationTimestamp: null creationTimestamp: null
name: horizontalrunnerautoscalers.actions.summerwind.dev name: horizontalrunnerautoscalers.actions.summerwind.dev
spec: spec:
@ -251,9 +252,3 @@ spec:
subresources: subresources:
status: {} status: {}
preserveUnknownFields: false preserveUnknownFields: false
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

80
charts/actions-runner-controller/crds/actions.summerwind.dev_runnerdeployments.yaml
View File

@ -1,8 +1,9 @@
---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.7.0 controller-gen.kubebuilder.io/version: v0.11.3
creationTimestamp: null creationTimestamp: null
name: runnerdeployments.actions.summerwind.dev name: runnerdeployments.actions.summerwind.dev
spec: spec:
@ -102,6 +103,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
template: template:
properties: properties:
metadata: metadata:
@ -183,6 +185,7 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
weight: weight:
description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
format: int32 format: int32
@ -243,10 +246,12 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
required: required:
- nodeSelectorTerms - nodeSelectorTerms
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
podAffinity: podAffinity:
description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
@ -289,6 +294,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -319,6 +325,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -374,6 +381,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -404,6 +412,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -458,6 +467,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -488,6 +498,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -543,6 +554,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -573,6 +585,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -634,6 +647,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -646,6 +660,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -665,6 +680,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -680,6 +696,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -700,6 +717,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -713,6 +731,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -1441,6 +1460,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -1453,6 +1473,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -1472,6 +1493,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -1487,6 +1509,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -1599,6 +1622,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -1611,6 +1635,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -1630,6 +1655,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -1645,6 +1671,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -1664,6 +1691,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -1677,6 +1705,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
ephemeral: ephemeral:
@ -1724,6 +1753,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -1736,6 +1766,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -1755,6 +1786,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -1770,6 +1802,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -1790,6 +1823,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -1803,6 +1837,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -2514,6 +2549,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
initContainers: initContainers:
items: items:
@ -2558,6 +2594,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -2570,6 +2607,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -2589,6 +2627,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -2604,6 +2643,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -2624,6 +2664,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -2637,6 +2678,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -3492,6 +3534,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -3504,6 +3547,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -3523,6 +3567,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -3538,6 +3583,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -3558,6 +3604,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -3571,6 +3618,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -4299,6 +4347,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
matchLabelKeys: matchLabelKeys:
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
items: items:
@ -4323,7 +4372,7 @@ spec:
description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
type: string type: string
whenUnsatisfiable: whenUnsatisfiable:
description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.' description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
type: string type: string
required: required:
- maxSkew - maxSkew
@ -4454,6 +4503,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string type: string
@ -4476,6 +4526,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeID: volumeID:
description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string type: string
@ -4516,6 +4567,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
csi: csi:
description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).
properties: properties:
@ -4532,6 +4584,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
readOnly: readOnly:
description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).
type: boolean type: boolean
@ -4567,6 +4620,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -4593,6 +4647,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -4613,7 +4668,7 @@ spec:
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
type: object type: object
ephemeral: ephemeral:
description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
properties: properties:
volumeClaimTemplate: volumeClaimTemplate:
description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
@ -4662,8 +4717,9 @@ spec:
- kind - kind
- name - name
type: object type: object
x-kubernetes-map-type: atomic
dataSourceRef: dataSourceRef:
description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.' description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
properties: properties:
apiGroup: apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
@ -4745,6 +4801,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
storageClassName: storageClassName:
description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string type: string
@ -4807,6 +4864,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- driver - driver
type: object type: object
@ -4922,6 +4980,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
targetPortal: targetPortal:
description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
type: string type: string
@ -5030,6 +5089,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
downwardAPI: downwardAPI:
description: downwardAPI information about the downwardAPI data to project description: downwardAPI information about the downwardAPI data to project
properties: properties:
@ -5050,6 +5110,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -5076,6 +5137,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -5111,6 +5173,7 @@ spec:
description: optional field specify whether the Secret or its key must be defined description: optional field specify whether the Secret or its key must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
serviceAccountToken: serviceAccountToken:
description: serviceAccountToken is information about the serviceAccountToken data to project description: serviceAccountToken is information about the serviceAccountToken data to project
properties: properties:
@ -5185,6 +5248,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string type: string
@ -5214,6 +5278,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
sslEnabled: sslEnabled:
description: sslEnabled Flag enable/disable SSL communication with Gateway, default false description: sslEnabled Flag enable/disable SSL communication with Gateway, default false
type: boolean type: boolean
@ -5284,6 +5349,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeName: volumeName:
description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.
type: string type: string
@ -5391,9 +5457,3 @@ spec:
subresources: subresources:
status: {} status: {}
preserveUnknownFields: false preserveUnknownFields: false
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

80
charts/actions-runner-controller/crds/actions.summerwind.dev_runnerreplicasets.yaml
View File

@ -1,8 +1,9 @@
---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.7.0 controller-gen.kubebuilder.io/version: v0.11.3
creationTimestamp: null creationTimestamp: null
name: runnerreplicasets.actions.summerwind.dev name: runnerreplicasets.actions.summerwind.dev
spec: spec:
@ -84,6 +85,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
template: template:
properties: properties:
metadata: metadata:
@ -165,6 +167,7 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
weight: weight:
description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
format: int32 format: int32
@ -225,10 +228,12 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
required: required:
- nodeSelectorTerms - nodeSelectorTerms
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
podAffinity: podAffinity:
description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
@ -271,6 +276,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -301,6 +307,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -356,6 +363,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -386,6 +394,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -440,6 +449,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -470,6 +480,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -525,6 +536,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -555,6 +567,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -616,6 +629,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -628,6 +642,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -647,6 +662,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -662,6 +678,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -682,6 +699,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -695,6 +713,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -1423,6 +1442,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -1435,6 +1455,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -1454,6 +1475,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -1469,6 +1491,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -1581,6 +1604,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -1593,6 +1617,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -1612,6 +1637,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -1627,6 +1653,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -1646,6 +1673,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -1659,6 +1687,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
ephemeral: ephemeral:
@ -1706,6 +1735,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -1718,6 +1748,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -1737,6 +1768,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -1752,6 +1784,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -1772,6 +1805,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -1785,6 +1819,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -2496,6 +2531,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
initContainers: initContainers:
items: items:
@ -2540,6 +2576,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -2552,6 +2589,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -2571,6 +2609,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -2586,6 +2625,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -2606,6 +2646,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -2619,6 +2660,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -3474,6 +3516,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -3486,6 +3529,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -3505,6 +3549,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -3520,6 +3565,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -3540,6 +3586,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -3553,6 +3600,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -4281,6 +4329,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
matchLabelKeys: matchLabelKeys:
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
items: items:
@ -4305,7 +4354,7 @@ spec:
description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
type: string type: string
whenUnsatisfiable: whenUnsatisfiable:
description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.' description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
type: string type: string
required: required:
- maxSkew - maxSkew
@ -4436,6 +4485,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string type: string
@ -4458,6 +4508,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeID: volumeID:
description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string type: string
@ -4498,6 +4549,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
csi: csi:
description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).
properties: properties:
@ -4514,6 +4566,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
readOnly: readOnly:
description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).
type: boolean type: boolean
@ -4549,6 +4602,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -4575,6 +4629,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -4595,7 +4650,7 @@ spec:
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
type: object type: object
ephemeral: ephemeral:
description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
properties: properties:
volumeClaimTemplate: volumeClaimTemplate:
description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
@ -4644,8 +4699,9 @@ spec:
- kind - kind
- name - name
type: object type: object
x-kubernetes-map-type: atomic
dataSourceRef: dataSourceRef:
description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.' description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
properties: properties:
apiGroup: apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
@ -4727,6 +4783,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
storageClassName: storageClassName:
description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string type: string
@ -4789,6 +4846,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- driver - driver
type: object type: object
@ -4904,6 +4962,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
targetPortal: targetPortal:
description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
type: string type: string
@ -5012,6 +5071,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
downwardAPI: downwardAPI:
description: downwardAPI information about the downwardAPI data to project description: downwardAPI information about the downwardAPI data to project
properties: properties:
@ -5032,6 +5092,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -5058,6 +5119,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -5093,6 +5155,7 @@ spec:
description: optional field specify whether the Secret or its key must be defined description: optional field specify whether the Secret or its key must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
serviceAccountToken: serviceAccountToken:
description: serviceAccountToken is information about the serviceAccountToken data to project description: serviceAccountToken is information about the serviceAccountToken data to project
properties: properties:
@ -5167,6 +5230,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string type: string
@ -5196,6 +5260,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
sslEnabled: sslEnabled:
description: sslEnabled Flag enable/disable SSL communication with Gateway, default false description: sslEnabled Flag enable/disable SSL communication with Gateway, default false
type: boolean type: boolean
@ -5266,6 +5331,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeName: volumeName:
description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.
type: string type: string
@ -5370,9 +5436,3 @@ spec:
subresources: subresources:
status: {} status: {}
preserveUnknownFields: false preserveUnknownFields: false
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

79
charts/actions-runner-controller/crds/actions.summerwind.dev_runners.yaml
View File

@ -1,8 +1,9 @@
---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.7.0 controller-gen.kubebuilder.io/version: v0.11.3
creationTimestamp: null creationTimestamp: null
name: runners.actions.summerwind.dev name: runners.actions.summerwind.dev
spec: spec:
@ -118,6 +119,7 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
weight: weight:
description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
format: int32 format: int32
@ -178,10 +180,12 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
required: required:
- nodeSelectorTerms - nodeSelectorTerms
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
podAffinity: podAffinity:
description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
@ -224,6 +228,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -254,6 +259,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -309,6 +315,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -339,6 +346,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -393,6 +401,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -423,6 +432,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -478,6 +488,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -508,6 +519,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -569,6 +581,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -581,6 +594,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -600,6 +614,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -615,6 +630,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -635,6 +651,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -648,6 +665,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -1376,6 +1394,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -1388,6 +1407,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -1407,6 +1427,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -1422,6 +1443,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -1534,6 +1556,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -1546,6 +1569,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -1565,6 +1589,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -1580,6 +1605,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -1599,6 +1625,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -1612,6 +1639,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
ephemeral: ephemeral:
@ -1659,6 +1687,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -1671,6 +1700,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -1690,6 +1720,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -1705,6 +1736,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -1725,6 +1757,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -1738,6 +1771,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -2449,6 +2483,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
initContainers: initContainers:
items: items:
@ -2493,6 +2528,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -2505,6 +2541,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -2524,6 +2561,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -2539,6 +2577,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -2559,6 +2598,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -2572,6 +2612,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -3427,6 +3468,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -3439,6 +3481,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -3458,6 +3501,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -3473,6 +3517,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -3493,6 +3538,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -3506,6 +3552,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -4234,6 +4281,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
matchLabelKeys: matchLabelKeys:
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
items: items:
@ -4258,7 +4306,7 @@ spec:
description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
type: string type: string
whenUnsatisfiable: whenUnsatisfiable:
description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.' description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
type: string type: string
required: required:
- maxSkew - maxSkew
@ -4389,6 +4437,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string type: string
@ -4411,6 +4460,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeID: volumeID:
description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string type: string
@ -4451,6 +4501,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
csi: csi:
description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).
properties: properties:
@ -4467,6 +4518,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
readOnly: readOnly:
description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).
type: boolean type: boolean
@ -4502,6 +4554,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -4528,6 +4581,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -4548,7 +4602,7 @@ spec:
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
type: object type: object
ephemeral: ephemeral:
description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
properties: properties:
volumeClaimTemplate: volumeClaimTemplate:
description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
@ -4597,8 +4651,9 @@ spec:
- kind - kind
- name - name
type: object type: object
x-kubernetes-map-type: atomic
dataSourceRef: dataSourceRef:
description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.' description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
properties: properties:
apiGroup: apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
@ -4680,6 +4735,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
storageClassName: storageClassName:
description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string type: string
@ -4742,6 +4798,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- driver - driver
type: object type: object
@ -4857,6 +4914,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
targetPortal: targetPortal:
description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
type: string type: string
@ -4965,6 +5023,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
downwardAPI: downwardAPI:
description: downwardAPI information about the downwardAPI data to project description: downwardAPI information about the downwardAPI data to project
properties: properties:
@ -4985,6 +5044,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -5011,6 +5071,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -5046,6 +5107,7 @@ spec:
description: optional field specify whether the Secret or its key must be defined description: optional field specify whether the Secret or its key must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
serviceAccountToken: serviceAccountToken:
description: serviceAccountToken is information about the serviceAccountToken data to project description: serviceAccountToken is information about the serviceAccountToken data to project
properties: properties:
@ -5120,6 +5182,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string type: string
@ -5149,6 +5212,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
sslEnabled: sslEnabled:
description: sslEnabled Flag enable/disable SSL communication with Gateway, default false description: sslEnabled Flag enable/disable SSL communication with Gateway, default false
type: boolean type: boolean
@ -5219,6 +5283,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeName: volumeName:
description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.
type: string type: string
@ -5368,9 +5433,3 @@ spec:
subresources: subresources:
status: {} status: {}
preserveUnknownFields: false preserveUnknownFields: false
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

70
charts/actions-runner-controller/crds/actions.summerwind.dev_runnersets.yaml
View File

@ -1,8 +1,9 @@
---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.7.0 controller-gen.kubebuilder.io/version: v0.11.3
creationTimestamp: null creationTimestamp: null
name: runnersets.actions.summerwind.dev name: runnersets.actions.summerwind.dev
spec: spec:
@ -99,7 +100,7 @@ spec:
description: ordinals controls the numbering of replica indices in a StatefulSet. The default ordinals behavior assigns a "0" index to the first replica and increments the index by one for each additional replica requested. Using the ordinals field requires the StatefulSetStartOrdinal feature gate to be enabled, which is alpha. description: ordinals controls the numbering of replica indices in a StatefulSet. The default ordinals behavior assigns a "0" index to the first replica and increments the index by one for each additional replica requested. Using the ordinals field requires the StatefulSetStartOrdinal feature gate to be enabled, which is alpha.
properties: properties:
start: start:
description: 'start is the number representing the first replica''s index. It may be used to number replicas from an alternate index (eg: 1-indexed) over the default 0-indexed names, or to orchestrate progressive movement of replicas from one StatefulSet to another. If set, replica indices will be in the range: [.spec.ordinals.start, .spec.ordinals.start + .spec.replicas). If unset, defaults to 0. Replica indices will be in the range: [0, .spec.replicas).' description: 'start is the number representing the first replica''s index. It may be used to number replicas from an alternate index (eg: 1-indexed) over the default 0-indexed names, or to orchestrate progressive movement of replicas from one StatefulSet to another. If set, replica indices will be in the range: [.spec.ordinals.start, .spec.ordinals.start + .spec.replicas). If unset, defaults to 0. Replica indices will be in the range: [0, .spec.replicas).'
format: int32 format: int32
type: integer type: integer
type: object type: object
@ -160,6 +161,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
serviceAccountName: serviceAccountName:
type: string type: string
serviceName: serviceName:
@ -252,6 +254,7 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
weight: weight:
description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
format: int32 format: int32
@ -312,10 +315,12 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
required: required:
- nodeSelectorTerms - nodeSelectorTerms
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
podAffinity: podAffinity:
description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
@ -358,6 +363,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -388,6 +394,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -443,6 +450,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -473,6 +481,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -527,6 +536,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -557,6 +567,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -612,6 +623,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -642,6 +654,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -703,6 +716,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -715,6 +729,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -734,6 +749,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -749,6 +765,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -769,6 +786,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -782,6 +800,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -1527,6 +1546,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -1539,6 +1559,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -1558,6 +1579,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -1573,6 +1595,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -1593,6 +1616,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -1606,6 +1630,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -2317,6 +2342,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
initContainers: initContainers:
description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/'
@ -2362,6 +2388,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -2374,6 +2401,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -2393,6 +2421,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -2408,6 +2437,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -2428,6 +2458,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -2441,6 +2472,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -3373,6 +3405,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
matchLabelKeys: matchLabelKeys:
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
items: items:
@ -3397,7 +3430,7 @@ spec:
description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
type: string type: string
whenUnsatisfiable: whenUnsatisfiable:
description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.' description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
type: string type: string
required: required:
- maxSkew - maxSkew
@ -3498,6 +3531,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string type: string
@ -3520,6 +3554,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeID: volumeID:
description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string type: string
@ -3560,6 +3595,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
csi: csi:
description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).
properties: properties:
@ -3576,6 +3612,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
readOnly: readOnly:
description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).
type: boolean type: boolean
@ -3611,6 +3648,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -3637,6 +3675,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -3657,7 +3696,7 @@ spec:
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
type: object type: object
ephemeral: ephemeral:
description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
properties: properties:
volumeClaimTemplate: volumeClaimTemplate:
description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
@ -3706,8 +3745,9 @@ spec:
- kind - kind
- name - name
type: object type: object
x-kubernetes-map-type: atomic
dataSourceRef: dataSourceRef:
description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.' description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
properties: properties:
apiGroup: apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
@ -3789,6 +3829,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
storageClassName: storageClassName:
description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string type: string
@ -3851,6 +3892,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- driver - driver
type: object type: object
@ -3966,6 +4008,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
targetPortal: targetPortal:
description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
type: string type: string
@ -4074,6 +4117,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
downwardAPI: downwardAPI:
description: downwardAPI information about the downwardAPI data to project description: downwardAPI information about the downwardAPI data to project
properties: properties:
@ -4094,6 +4138,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -4120,6 +4165,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -4155,6 +4201,7 @@ spec:
description: optional field specify whether the Secret or its key must be defined description: optional field specify whether the Secret or its key must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
serviceAccountToken: serviceAccountToken:
description: serviceAccountToken is information about the serviceAccountToken data to project description: serviceAccountToken is information about the serviceAccountToken data to project
properties: properties:
@ -4229,6 +4276,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string type: string
@ -4258,6 +4306,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
sslEnabled: sslEnabled:
description: sslEnabled Flag enable/disable SSL communication with Gateway, default false description: sslEnabled Flag enable/disable SSL communication with Gateway, default false
type: boolean type: boolean
@ -4328,6 +4377,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeName: volumeName:
description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.
type: string type: string
@ -4437,8 +4487,9 @@ spec:
- kind - kind
- name - name
type: object type: object
x-kubernetes-map-type: atomic
dataSourceRef: dataSourceRef:
description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.' description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
properties: properties:
apiGroup: apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
@ -4520,6 +4571,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
storageClassName: storageClassName:
description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string type: string
@ -4680,9 +4732,3 @@ spec:
subresources: subresources:
status: {} status: {}
preserveUnknownFields: false preserveUnknownFields: false
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

4
charts/actions-runner-controller/templates/actionsmetrics.deployment.yaml
View File

@ -111,10 +111,14 @@ spec:
name: {{ include "actions-runner-controller.secretName" . }} name: {{ include "actions-runner-controller.secretName" . }}
optional: true optional: true
{{- end }} {{- end }}
{{- if kindIs "slice" .Values.actionsMetricsServer.env }}
{{- toYaml .Values.actionsMetricsServer.env | nindent 8 }}
{{- else }}
{{- range $key, $val := .Values.actionsMetricsServer.env }} {{- range $key, $val := .Values.actionsMetricsServer.env }}
- name: {{ $key }} - name: {{ $key }}
value: {{ $val | quote }} value: {{ $val | quote }}
{{- end }} {{- end }}
{{- end }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default (cat "v" .Chart.AppVersion | replace " " "") }}" image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default (cat "v" .Chart.AppVersion | replace " " "") }}"
name: actions-metrics-server name: actions-metrics-server
imagePullPolicy: {{ .Values.image.pullPolicy }} imagePullPolicy: {{ .Values.image.pullPolicy }}

14
charts/actions-runner-controller/templates/webhook_configs.yaml
View File

@ -19,7 +19,7 @@ webhooks:
{{- if .Values.scope.singleNamespace }} {{- if .Values.scope.singleNamespace }}
namespaceSelector: namespaceSelector:
matchLabels: matchLabels:
name: {{ default .Release.Namespace .Values.scope.watchNamespace }} kubernetes.io/metadata.name: {{ default .Release.Namespace .Values.scope.watchNamespace }}
{{- end }} {{- end }}
clientConfig: clientConfig:
{{- if .Values.admissionWebHooks.caBundle }} {{- if .Values.admissionWebHooks.caBundle }}
@ -50,7 +50,7 @@ webhooks:
{{- if .Values.scope.singleNamespace }} {{- if .Values.scope.singleNamespace }}
namespaceSelector: namespaceSelector:
matchLabels: matchLabels:
name: {{ default .Release.Namespace .Values.scope.watchNamespace }} kubernetes.io/metadata.name: {{ default .Release.Namespace .Values.scope.watchNamespace }}
{{- end }} {{- end }}
clientConfig: clientConfig:
{{- if .Values.admissionWebHooks.caBundle }} {{- if .Values.admissionWebHooks.caBundle }}
@ -81,7 +81,7 @@ webhooks:
{{- if .Values.scope.singleNamespace }} {{- if .Values.scope.singleNamespace }}
namespaceSelector: namespaceSelector:
matchLabels: matchLabels:
name: {{ default .Release.Namespace .Values.scope.watchNamespace }} kubernetes.io/metadata.name: {{ default .Release.Namespace .Values.scope.watchNamespace }}
{{- end }} {{- end }}
clientConfig: clientConfig:
{{- if .Values.admissionWebHooks.caBundle }} {{- if .Values.admissionWebHooks.caBundle }}
@ -112,7 +112,7 @@ webhooks:
{{- if .Values.scope.singleNamespace }} {{- if .Values.scope.singleNamespace }}
namespaceSelector: namespaceSelector:
matchLabels: matchLabels:
name: {{ default .Release.Namespace .Values.scope.watchNamespace }} kubernetes.io/metadata.name: {{ default .Release.Namespace .Values.scope.watchNamespace }}
{{- end }} {{- end }}
clientConfig: clientConfig:
{{- if .Values.admissionWebHooks.caBundle }} {{- if .Values.admissionWebHooks.caBundle }}
@ -156,7 +156,7 @@ webhooks:
{{- if .Values.scope.singleNamespace }} {{- if .Values.scope.singleNamespace }}
namespaceSelector: namespaceSelector:
matchLabels: matchLabels:
name: {{ default .Release.Namespace .Values.scope.watchNamespace }} kubernetes.io/metadata.name: {{ default .Release.Namespace .Values.scope.watchNamespace }}
{{- end }} {{- end }}
clientConfig: clientConfig:
{{- if .Values.admissionWebHooks.caBundle }} {{- if .Values.admissionWebHooks.caBundle }}
@ -187,7 +187,7 @@ webhooks:
{{- if .Values.scope.singleNamespace }} {{- if .Values.scope.singleNamespace }}
namespaceSelector: namespaceSelector:
matchLabels: matchLabels:
name: {{ default .Release.Namespace .Values.scope.watchNamespace }} kubernetes.io/metadata.name: {{ default .Release.Namespace .Values.scope.watchNamespace }}
{{- end }} {{- end }}
clientConfig: clientConfig:
{{- if .Values.admissionWebHooks.caBundle }} {{- if .Values.admissionWebHooks.caBundle }}
@ -218,7 +218,7 @@ webhooks:
{{- if .Values.scope.singleNamespace }} {{- if .Values.scope.singleNamespace }}
namespaceSelector: namespaceSelector:
matchLabels: matchLabels:
name: {{ default .Release.Namespace .Values.scope.watchNamespace }} kubernetes.io/metadata.name: {{ default .Release.Namespace .Values.scope.watchNamespace }}
{{- end }} {{- end }}
clientConfig: clientConfig:
{{- if .Values.admissionWebHooks.caBundle }} {{- if .Values.admissionWebHooks.caBundle }}

20
charts/actions-runner-controller/values.yaml
View File

@ -70,7 +70,7 @@ rbac:
{} {}
# # This allows ARC to dynamically create a ServiceAccount and a Role for each Runner pod that uses "kubernetes" container mode, # # This allows ARC to dynamically create a ServiceAccount and a Role for each Runner pod that uses "kubernetes" container mode,
# # by extending ARC's manager role to have the same permissions required by the pod runs the runner agent in "kubernetes" container mode. # # by extending ARC's manager role to have the same permissions required by the pod runs the runner agent in "kubernetes" container mode.
# # Without this, Kubernetes blocks ARC to create the role to prevent a priviledge escalation. # # Without this, Kubernetes blocks ARC to create the role to prevent a privilege escalation.
# # See https://github.com/actions/actions-runner-controller/pull/1268/files#r917327010 # # See https://github.com/actions/actions-runner-controller/pull/1268/files#r917327010
# allowGrantingKubernetesContainerModePermissions: true # allowGrantingKubernetesContainerModePermissions: true
@ -151,8 +151,7 @@ podDisruptionBudget:
# PriorityClass: system-cluster-critical # PriorityClass: system-cluster-critical
priorityClassName: "" priorityClassName: ""
env: # env:
{}
# specify additional environment variables for the controller pod. # specify additional environment variables for the controller pod.
# It's possible to specify either key vale pairs e.g.: # It's possible to specify either key vale pairs e.g.:
# http_proxy: "proxy.com:8080" # http_proxy: "proxy.com:8080"
@ -303,7 +302,7 @@ githubWebhookServer:
# key: GITHUB_WEBHOOK_SECRET_TOKEN # key: GITHUB_WEBHOOK_SECRET_TOKEN
# name: prod-gha-controller-webhook-token # name: prod-gha-controller-webhook-token
# optional: true # optional: true
env: {} # env:
actionsMetrics: actionsMetrics:
serviceAnnotations: {} serviceAnnotations: {}
@ -322,6 +321,19 @@ actionsMetrics:
image: image:
repository: quay.io/brancz/kube-rbac-proxy repository: quay.io/brancz/kube-rbac-proxy
tag: v0.13.1 tag: v0.13.1
# specify additional environment variables for the webhook server pod.
# It's possible to specify either key vale pairs e.g.:
# my_env_var: "some value"
# my_other_env_var: "other value"
# or a list of complete environment variable definitions e.g.:
# - name: GITHUB_WEBHOOK_SECRET_TOKEN
# valueFrom:
# secretKeyRef:
# key: GITHUB_WEBHOOK_SECRET_TOKEN
# name: prod-gha-controller-webhook-token
# optional: true
# env:
actionsMetricsServer: actionsMetricsServer:
enabled: false enabled: false

4
charts/gha-runner-scale-set-controller/Chart.yaml
View File

@ -15,13 +15,13 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes # This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version. # to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/) # Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.5.0 version: 0.6.0
# This is the version number of the application being deployed. This version number should be # This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to # incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using. # follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes. # It is recommended to use it with quotes.
appVersion: "0.5.0" appVersion: "0.6.0"
home: https://github.com/actions/actions-runner-controller home: https://github.com/actions/actions-runner-controller

4270
charts/gha-runner-scale-set-controller/crds/actions.github.com_autoscalinglisteners.yaml
View File

File diff suppressed because it is too large Load Diff

4320
charts/gha-runner-scale-set-controller/crds/actions.github.com_autoscalingrunnersets.yaml
View File

File diff suppressed because it is too large Load Diff

64
charts/gha-runner-scale-set-controller/crds/actions.github.com_ephemeralrunners.yaml
View File

@ -1,8 +1,9 @@
---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.7.0 controller-gen.kubebuilder.io/version: v0.11.3
creationTimestamp: null creationTimestamp: null
name: ephemeralrunners.actions.github.com name: ephemeralrunners.actions.github.com
spec: spec:
@ -82,6 +83,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: object type: object
metadata: metadata:
@ -195,6 +197,7 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
weight: weight:
description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
format: int32 format: int32
@ -255,10 +258,12 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
required: required:
- nodeSelectorTerms - nodeSelectorTerms
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
podAffinity: podAffinity:
description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
@ -301,6 +306,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -331,6 +337,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -386,6 +393,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -416,6 +424,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -470,6 +479,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -500,6 +510,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -555,6 +566,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -585,6 +597,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -646,6 +659,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -658,6 +672,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -677,6 +692,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -692,6 +708,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -712,6 +729,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -725,6 +743,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -1470,6 +1489,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -1482,6 +1502,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -1501,6 +1522,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -1516,6 +1538,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -1536,6 +1559,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -1549,6 +1573,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -2260,6 +2285,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
initContainers: initContainers:
description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/'
@ -2305,6 +2331,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -2317,6 +2344,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -2336,6 +2364,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -2351,6 +2380,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -2371,6 +2401,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -2384,6 +2415,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -3316,6 +3348,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
matchLabelKeys: matchLabelKeys:
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
items: items:
@ -3340,7 +3373,7 @@ spec:
description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
type: string type: string
whenUnsatisfiable: whenUnsatisfiable:
description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.' description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
type: string type: string
required: required:
- maxSkew - maxSkew
@ -3441,6 +3474,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string type: string
@ -3463,6 +3497,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeID: volumeID:
description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string type: string
@ -3503,6 +3538,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
csi: csi:
description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).
properties: properties:
@ -3519,6 +3555,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
readOnly: readOnly:
description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).
type: boolean type: boolean
@ -3554,6 +3591,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -3580,6 +3618,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -3600,7 +3639,7 @@ spec:
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
type: object type: object
ephemeral: ephemeral:
description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
properties: properties:
volumeClaimTemplate: volumeClaimTemplate:
description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
@ -3649,8 +3688,9 @@ spec:
- kind - kind
- name - name
type: object type: object
x-kubernetes-map-type: atomic
dataSourceRef: dataSourceRef:
description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.' description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
properties: properties:
apiGroup: apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
@ -3732,6 +3772,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
storageClassName: storageClassName:
description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string type: string
@ -3794,6 +3835,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- driver - driver
type: object type: object
@ -3909,6 +3951,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
targetPortal: targetPortal:
description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
type: string type: string
@ -4017,6 +4060,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
downwardAPI: downwardAPI:
description: downwardAPI information about the downwardAPI data to project description: downwardAPI information about the downwardAPI data to project
properties: properties:
@ -4037,6 +4081,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -4063,6 +4108,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -4098,6 +4144,7 @@ spec:
description: optional field specify whether the Secret or its key must be defined description: optional field specify whether the Secret or its key must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
serviceAccountToken: serviceAccountToken:
description: serviceAccountToken is information about the serviceAccountToken data to project description: serviceAccountToken is information about the serviceAccountToken data to project
properties: properties:
@ -4172,6 +4219,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string type: string
@ -4201,6 +4249,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
sslEnabled: sslEnabled:
description: sslEnabled Flag enable/disable SSL communication with Gateway, default false description: sslEnabled Flag enable/disable SSL communication with Gateway, default false
type: boolean type: boolean
@ -4271,6 +4320,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeName: volumeName:
description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.
type: string type: string
@ -4346,9 +4396,3 @@ spec:
subresources: subresources:
status: {} status: {}
preserveUnknownFields: false preserveUnknownFields: false
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

64
charts/gha-runner-scale-set-controller/crds/actions.github.com_ephemeralrunnersets.yaml
View File

@ -1,8 +1,9 @@
---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.7.0 controller-gen.kubebuilder.io/version: v0.11.3
creationTimestamp: null creationTimestamp: null
name: ephemeralrunnersets.actions.github.com name: ephemeralrunnersets.actions.github.com
spec: spec:
@ -76,6 +77,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: object type: object
metadata: metadata:
@ -189,6 +191,7 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
weight: weight:
description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
format: int32 format: int32
@ -249,10 +252,12 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
required: required:
- nodeSelectorTerms - nodeSelectorTerms
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
podAffinity: podAffinity:
description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
@ -295,6 +300,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -325,6 +331,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -380,6 +387,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -410,6 +418,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -464,6 +473,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -494,6 +504,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -549,6 +560,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -579,6 +591,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -640,6 +653,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -652,6 +666,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -671,6 +686,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -686,6 +702,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -706,6 +723,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -719,6 +737,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -1464,6 +1483,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -1476,6 +1496,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -1495,6 +1516,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -1510,6 +1532,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -1530,6 +1553,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -1543,6 +1567,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -2254,6 +2279,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
initContainers: initContainers:
description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/'
@ -2299,6 +2325,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -2311,6 +2338,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -2330,6 +2358,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -2345,6 +2374,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -2365,6 +2395,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -2378,6 +2409,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -3310,6 +3342,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
matchLabelKeys: matchLabelKeys:
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
items: items:
@ -3334,7 +3367,7 @@ spec:
description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
type: string type: string
whenUnsatisfiable: whenUnsatisfiable:
description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.' description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
type: string type: string
required: required:
- maxSkew - maxSkew
@ -3435,6 +3468,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string type: string
@ -3457,6 +3491,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeID: volumeID:
description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string type: string
@ -3497,6 +3532,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
csi: csi:
description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).
properties: properties:
@ -3513,6 +3549,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
readOnly: readOnly:
description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).
type: boolean type: boolean
@ -3548,6 +3585,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -3574,6 +3612,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -3594,7 +3633,7 @@ spec:
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
type: object type: object
ephemeral: ephemeral:
description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
properties: properties:
volumeClaimTemplate: volumeClaimTemplate:
description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
@ -3643,8 +3682,9 @@ spec:
- kind - kind
- name - name
type: object type: object
x-kubernetes-map-type: atomic
dataSourceRef: dataSourceRef:
description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.' description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
properties: properties:
apiGroup: apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
@ -3726,6 +3766,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
storageClassName: storageClassName:
description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string type: string
@ -3788,6 +3829,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- driver - driver
type: object type: object
@ -3903,6 +3945,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
targetPortal: targetPortal:
description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
type: string type: string
@ -4011,6 +4054,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
downwardAPI: downwardAPI:
description: downwardAPI information about the downwardAPI data to project description: downwardAPI information about the downwardAPI data to project
properties: properties:
@ -4031,6 +4075,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -4057,6 +4102,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -4092,6 +4138,7 @@ spec:
description: optional field specify whether the Secret or its key must be defined description: optional field specify whether the Secret or its key must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
serviceAccountToken: serviceAccountToken:
description: serviceAccountToken is information about the serviceAccountToken data to project description: serviceAccountToken is information about the serviceAccountToken data to project
properties: properties:
@ -4166,6 +4213,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string type: string
@ -4195,6 +4243,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
sslEnabled: sslEnabled:
description: sslEnabled Flag enable/disable SSL communication with Gateway, default false description: sslEnabled Flag enable/disable SSL communication with Gateway, default false
type: boolean type: boolean
@ -4265,6 +4314,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeName: volumeName:
description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.
type: string type: string
@ -4323,9 +4373,3 @@ spec:
subresources: subresources:
status: {} status: {}
preserveUnknownFields: false preserveUnknownFields: false
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

2
charts/gha-runner-scale-set-controller/templates/NOTES.txt
View File

@ -1,3 +1,5 @@
Thank you for installing {{ .Chart.Name }}. Thank you for installing {{ .Chart.Name }}.
Your release is named {{ .Release.Name }}. Your release is named {{ .Release.Name }}.
WARNING: value specified under image.pullPolicy will be ignored and no longer be applied to the listener pod spec as of gha-runner-scale-set-0.7.0. Please use the listenerTemplate in the gha-runner-scale-set chart to control the image pull policy of the listener.

7
charts/gha-runner-scale-set-controller/tests/template_test.go
View File

@ -374,7 +374,6 @@ func TestTemplate_ControllerDeployment_Defaults(t *testing.T) {
assert.Equal(t, "CONTROLLER_MANAGER_POD_NAMESPACE", deployment.Spec.Template.Spec.Containers[0].Env[1].Name) assert.Equal(t, "CONTROLLER_MANAGER_POD_NAMESPACE", deployment.Spec.Template.Spec.Containers[0].Env[1].Name)
assert.Equal(t, "metadata.namespace", deployment.Spec.Template.Spec.Containers[0].Env[1].ValueFrom.FieldRef.FieldPath) assert.Equal(t, "metadata.namespace", deployment.Spec.Template.Spec.Containers[0].Env[1].ValueFrom.FieldRef.FieldPath)
assert.Equal(t, "CONTROLLER_MANAGER_LISTENER_IMAGE_PULL_POLICY", deployment.Spec.Template.Spec.Containers[0].Env[2].Name) assert.Equal(t, "CONTROLLER_MANAGER_LISTENER_IMAGE_PULL_POLICY", deployment.Spec.Template.Spec.Containers[0].Env[2].Name)
assert.Equal(t, "IfNotPresent", deployment.Spec.Template.Spec.Containers[0].Env[2].Value) // default value. Needs to align with controllers/actions.github.com/resourcebuilder.go assert.Equal(t, "IfNotPresent", deployment.Spec.Template.Spec.Containers[0].Env[2].Value) // default value. Needs to align with controllers/actions.github.com/resourcebuilder.go
@ -510,15 +509,14 @@ func TestTemplate_ControllerDeployment_Customize(t *testing.T) {
assert.Equal(t, "CONTROLLER_MANAGER_CONTAINER_IMAGE", deployment.Spec.Template.Spec.Containers[0].Env[0].Name) assert.Equal(t, "CONTROLLER_MANAGER_CONTAINER_IMAGE", deployment.Spec.Template.Spec.Containers[0].Env[0].Name)
assert.Equal(t, managerImage, deployment.Spec.Template.Spec.Containers[0].Env[0].Value) assert.Equal(t, managerImage, deployment.Spec.Template.Spec.Containers[0].Env[0].Value)
assert.Equal(t, "CONTROLLER_MANAGER_POD_NAMESPACE", deployment.Spec.Template.Spec.Containers[0].Env[1].Name)
assert.Equal(t, "metadata.namespace", deployment.Spec.Template.Spec.Containers[0].Env[1].ValueFrom.FieldRef.FieldPath)
assert.Equal(t, "CONTROLLER_MANAGER_LISTENER_IMAGE_PULL_POLICY", deployment.Spec.Template.Spec.Containers[0].Env[2].Name) assert.Equal(t, "CONTROLLER_MANAGER_LISTENER_IMAGE_PULL_POLICY", deployment.Spec.Template.Spec.Containers[0].Env[2].Name)
assert.Equal(t, "Always", deployment.Spec.Template.Spec.Containers[0].Env[2].Value) // default value. Needs to align with controllers/actions.github.com/resourcebuilder.go assert.Equal(t, "Always", deployment.Spec.Template.Spec.Containers[0].Env[2].Value) // default value. Needs to align with controllers/actions.github.com/resourcebuilder.go
assert.Equal(t, "ENV_VAR_NAME_1", deployment.Spec.Template.Spec.Containers[0].Env[3].Name) assert.Equal(t, "ENV_VAR_NAME_1", deployment.Spec.Template.Spec.Containers[0].Env[3].Name)
assert.Equal(t, "ENV_VAR_VALUE_1", deployment.Spec.Template.Spec.Containers[0].Env[3].Value) assert.Equal(t, "ENV_VAR_VALUE_1", deployment.Spec.Template.Spec.Containers[0].Env[3].Value)
assert.Equal(t, "CONTROLLER_MANAGER_POD_NAMESPACE", deployment.Spec.Template.Spec.Containers[0].Env[1].Name)
assert.Equal(t, "metadata.namespace", deployment.Spec.Template.Spec.Containers[0].Env[1].ValueFrom.FieldRef.FieldPath)
assert.Equal(t, "500m", deployment.Spec.Template.Spec.Containers[0].Resources.Limits.Cpu().String()) assert.Equal(t, "500m", deployment.Spec.Template.Spec.Containers[0].Resources.Limits.Cpu().String())
assert.True(t, *deployment.Spec.Template.Spec.Containers[0].SecurityContext.RunAsNonRoot) assert.True(t, *deployment.Spec.Template.Spec.Containers[0].SecurityContext.RunAsNonRoot)
assert.Equal(t, int64(1000), *deployment.Spec.Template.Spec.Containers[0].SecurityContext.RunAsUser) assert.Equal(t, int64(1000), *deployment.Spec.Template.Spec.Containers[0].SecurityContext.RunAsUser)
@ -770,7 +768,6 @@ func TestTemplate_ControllerDeployment_WatchSingleNamespace(t *testing.T) {
assert.Equal(t, "CONTROLLER_MANAGER_POD_NAMESPACE", deployment.Spec.Template.Spec.Containers[0].Env[1].Name) assert.Equal(t, "CONTROLLER_MANAGER_POD_NAMESPACE", deployment.Spec.Template.Spec.Containers[0].Env[1].Name)
assert.Equal(t, "metadata.namespace", deployment.Spec.Template.Spec.Containers[0].Env[1].ValueFrom.FieldRef.FieldPath) assert.Equal(t, "metadata.namespace", deployment.Spec.Template.Spec.Containers[0].Env[1].ValueFrom.FieldRef.FieldPath)
assert.Equal(t, "CONTROLLER_MANAGER_LISTENER_IMAGE_PULL_POLICY", deployment.Spec.Template.Spec.Containers[0].Env[2].Name) assert.Equal(t, "CONTROLLER_MANAGER_LISTENER_IMAGE_PULL_POLICY", deployment.Spec.Template.Spec.Containers[0].Env[2].Name)
assert.Equal(t, "IfNotPresent", deployment.Spec.Template.Spec.Containers[0].Env[2].Value) // default value. Needs to align with controllers/actions.github.com/resourcebuilder.go assert.Equal(t, "IfNotPresent", deployment.Spec.Template.Spec.Containers[0].Env[2].Value) // default value. Needs to align with controllers/actions.github.com/resourcebuilder.go

22
charts/gha-runner-scale-set-controller/values.yaml
View File

@ -75,6 +75,17 @@ affinity: {}
# PriorityClass: system-cluster-critical # PriorityClass: system-cluster-critical
priorityClassName: "" priorityClassName: ""
## If `metrics:` object is not provided, or commented out, the following flags
## will be applied the controller-manager and listener pods with empty values:
## `--metrics-addr`, `--listener-metrics-addr`, `--listener-metrics-endpoint`.
## This will disable metrics.
##
## To enable metrics, uncomment the following lines.
# metrics:
# controllerManagerAddr: ":8080"
# listenerAddr: ":8080"
# listenerEndpoint: "/metrics"
flags: flags:
## Log level can be set here with one of the following values: "debug", "info", "warn", "error". ## Log level can be set here with one of the following values: "debug", "info", "warn", "error".
## Defaults to "debug". ## Defaults to "debug".
@ -102,14 +113,3 @@ flags:
## This can lead to a longer time to apply the change but it will ensure ## This can lead to a longer time to apply the change but it will ensure
## that you don't have any overprovisioning of runners. ## that you don't have any overprovisioning of runners.
updateStrategy: "immediate" updateStrategy: "immediate"
## If `metrics:` object is not provided, or commented out, the following flags
## will be applied the controller-manager and listener pods with empty values:
## `--metrics-addr`, `--listener-metrics-addr`, `--listener-metrics-endpoint`.
## This will disable metrics.
##
## To enable metrics, uncomment the following lines.
# metrics:
# controllerManagerAddr: ":8080"
# listenerAddr: ":8080"
# listenerEndpoint: "/metrics"

4
charts/gha-runner-scale-set/Chart.yaml
View File

@ -15,13 +15,13 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes # This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version. # to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/) # Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.5.0 version: 0.6.0
# This is the version number of the application being deployed. This version number should be # This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to # incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using. # follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes. # It is recommended to use it with quotes.
appVersion: "0.5.0" appVersion: "0.6.0"
home: https://github.com/actions/dev-arc home: https://github.com/actions/dev-arc

10
charts/gha-runner-scale-set/templates/autoscalingrunnerset.yaml
View File

@ -7,7 +7,7 @@ metadata:
{{- if gt (len .Release.Namespace) 63 }} {{- if gt (len .Release.Namespace) 63 }}
{{ fail "Namespace must have up to 63 characters" }} {{ fail "Namespace must have up to 63 characters" }}
{{- end }} {{- end }}
name: {{ .Release.Name }} name: {{ .Values.runnerScaleSetName | default .Release.Name }}
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
app.kubernetes.io/component: "autoscaling-runner-set" app.kubernetes.io/component: "autoscaling-runner-set"
@ -88,6 +88,11 @@ spec:
minRunners: {{ .Values.minRunners | int }} minRunners: {{ .Values.minRunners | int }}
{{- end }} {{- end }}
{{- with .Values.listenerTemplate}}
listenerTemplate:
{{- toYaml . | nindent 4}}
{{- end }}
template: template:
{{- with .Values.template.metadata }} {{- with .Values.template.metadata }}
metadata: metadata:
@ -106,6 +111,9 @@ spec:
{{ $key }}: {{ $val | toYaml | nindent 8 }} {{ $key }}: {{ $val | toYaml | nindent 8 }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- if not .Values.template.spec.restartPolicy }}
restartPolicy: Never
{{- end }}
{{- $containerMode := .Values.containerMode }} {{- $containerMode := .Values.containerMode }}
{{- if eq $containerMode.type "kubernetes" }} {{- if eq $containerMode.type "kubernetes" }}
serviceAccountName: {{ default (include "gha-runner-scale-set.kubeModeServiceAccountName" .) .Values.template.spec.serviceAccountName }} serviceAccountName: {{ default (include "gha-runner-scale-set.kubeModeServiceAccountName" .) .Values.template.spec.serviceAccountName }}

95
charts/gha-runner-scale-set/tests/template_test.go
View File

@ -381,10 +381,10 @@ func TestTemplateRenderedAutoScalingRunnerSet_RunnerScaleSetName(t *testing.T) {
helm.UnmarshalK8SYaml(t, output, &ars) helm.UnmarshalK8SYaml(t, output, &ars)
assert.Equal(t, namespaceName, ars.Namespace) assert.Equal(t, namespaceName, ars.Namespace)
assert.Equal(t, "test-runners", ars.Name) assert.Equal(t, "test-runner-scale-set-name", ars.Name)
assert.Equal(t, "gha-rs", ars.Labels["app.kubernetes.io/name"]) assert.Equal(t, "gha-rs", ars.Labels["app.kubernetes.io/name"])
assert.Equal(t, "test-runners", ars.Labels["app.kubernetes.io/instance"]) assert.Equal(t, releaseName, ars.Labels["app.kubernetes.io/instance"])
assert.Equal(t, "https://github.com/actions", ars.Spec.GitHubConfigUrl) assert.Equal(t, "https://github.com/actions", ars.Spec.GitHubConfigUrl)
assert.Equal(t, "test-runners-gha-rs-github-secret", ars.Spec.GitHubConfigSecret) assert.Equal(t, "test-runners-gha-rs-github-secret", ars.Spec.GitHubConfigSecret)
assert.Equal(t, "test-runner-scale-set-name", ars.Spec.RunnerScaleSetName) assert.Equal(t, "test-runner-scale-set-name", ars.Spec.RunnerScaleSetName)
@ -956,6 +956,50 @@ func TestTemplateRenderedAutoScalingRunnerSet_EnableKubernetesMode(t *testing.T)
assert.NotNil(t, ars.Spec.Template.Spec.Volumes[0].Ephemeral, "Template.Spec should have 1 ephemeral volume") assert.NotNil(t, ars.Spec.Template.Spec.Volumes[0].Ephemeral, "Template.Spec should have 1 ephemeral volume")
} }
func TestTemplateRenderedAutoscalingRunnerSet_ListenerPodTemplate(t *testing.T) {
t.Parallel()
// Path to the helm chart we will test
helmChartPath, err := filepath.Abs("../../gha-runner-scale-set")
require.NoError(t, err)
testValuesPath, err := filepath.Abs("../tests/values_listener_template.yaml")
require.NoError(t, err)
releaseName := "test-runners"
namespaceName := "test-" + strings.ToLower(random.UniqueId())
options := &helm.Options{
Logger: logger.Discard,
SetValues: map[string]string{
"controllerServiceAccount.name": "arc",
"controllerServiceAccount.namespace": "arc-system",
},
ValuesFiles: []string{testValuesPath},
KubectlOptions: k8s.NewKubectlOptions("", "", namespaceName),
}
output := helm.RenderTemplate(t, options, helmChartPath, releaseName, []string{"templates/autoscalingrunnerset.yaml"})
var ars v1alpha1.AutoscalingRunnerSet
helm.UnmarshalK8SYaml(t, output, &ars)
require.NotNil(t, ars.Spec.ListenerTemplate, "ListenerPodTemplate should not be nil")
assert.Equal(t, ars.Spec.ListenerTemplate.Spec.Hostname, "example")
require.Len(t, ars.Spec.ListenerTemplate.Spec.Containers, 2, "ListenerPodTemplate should have 2 containers")
assert.Equal(t, ars.Spec.ListenerTemplate.Spec.Containers[0].Name, "listener")
assert.Equal(t, ars.Spec.ListenerTemplate.Spec.Containers[0].Image, "listener:latest")
assert.ElementsMatch(t, ars.Spec.ListenerTemplate.Spec.Containers[0].Command, []string{"/path/to/entrypoint"})
assert.Len(t, ars.Spec.ListenerTemplate.Spec.Containers[0].VolumeMounts, 1, "VolumeMounts should be 1")
assert.Equal(t, ars.Spec.ListenerTemplate.Spec.Containers[0].VolumeMounts[0].Name, "work")
assert.Equal(t, ars.Spec.ListenerTemplate.Spec.Containers[0].VolumeMounts[0].MountPath, "/home/example")
assert.Equal(t, ars.Spec.ListenerTemplate.Spec.Containers[1].Name, "side-car")
assert.Equal(t, ars.Spec.ListenerTemplate.Spec.Containers[1].Image, "nginx:latest")
}
func TestTemplateRenderedAutoScalingRunnerSet_UsePredefinedSecret(t *testing.T) { func TestTemplateRenderedAutoScalingRunnerSet_UsePredefinedSecret(t *testing.T) {
t.Parallel() t.Parallel()
@ -1668,6 +1712,53 @@ func TestTemplateRenderedAutoScalingRunnerSet_ExtraContainers(t *testing.T) {
assert.Equal(t, "192.0.2.1", ars.Spec.Template.Spec.DNSConfig.Nameservers[0], "DNS Nameserver should be set") assert.Equal(t, "192.0.2.1", ars.Spec.Template.Spec.DNSConfig.Nameservers[0], "DNS Nameserver should be set")
} }
func TestTemplateRenderedAutoScalingRunnerSet_RestartPolicy(t *testing.T) {
t.Parallel()
// Path to the helm chart we will test
helmChartPath, err := filepath.Abs("../../gha-runner-scale-set")
require.NoError(t, err)
releaseName := "test-runners"
namespaceName := "test-" + strings.ToLower(random.UniqueId())
options := &helm.Options{
Logger: logger.Discard,
SetValues: map[string]string{
"githubConfigUrl": "https://github.com/actions",
"githubConfigSecret.github_token": "gh_token12345",
"controllerServiceAccount.name": "arc",
"controllerServiceAccount.namespace": "arc-system",
},
KubectlOptions: k8s.NewKubectlOptions("", "", namespaceName),
}
output := helm.RenderTemplate(t, options, helmChartPath, releaseName, []string{"templates/autoscalingrunnerset.yaml"})
var ars v1alpha1.AutoscalingRunnerSet
helm.UnmarshalK8SYaml(t, output, &ars)
assert.Equal(t, corev1.RestartPolicyNever, ars.Spec.Template.Spec.RestartPolicy, "RestartPolicy should be Never")
options = &helm.Options{
Logger: logger.Discard,
SetValues: map[string]string{
"githubConfigUrl": "https://github.com/actions",
"githubConfigSecret.github_token": "gh_token12345",
"controllerServiceAccount.name": "arc",
"controllerServiceAccount.namespace": "arc-system",
"template.spec.restartPolicy": "Always",
},
KubectlOptions: k8s.NewKubectlOptions("", "", namespaceName),
}
output = helm.RenderTemplate(t, options, helmChartPath, releaseName, []string{"templates/autoscalingrunnerset.yaml"}, "--debug")
helm.UnmarshalK8SYaml(t, output, &ars)
assert.Equal(t, corev1.RestartPolicyAlways, ars.Spec.Template.Spec.RestartPolicy, "RestartPolicy should be Always")
}
func TestTemplateRenderedAutoScalingRunnerSet_ExtraPodSpec(t *testing.T) { func TestTemplateRenderedAutoScalingRunnerSet_ExtraPodSpec(t *testing.T) {
t.Parallel() t.Parallel()

15
charts/gha-runner-scale-set/tests/values_listener_template.yaml Normal file
View File

@ -0,0 +1,15 @@
githubConfigUrl: https://github.com/actions/actions-runner-controller
githubConfigSecret:
github_token: test
listenerTemplate:
spec:
hostname: "example"
containers:
- name: listener
image: listener:latest
command: ["/path/to/entrypoint"]
volumeMounts:
- name: work
mountPath: /home/example
- name: side-car
image: nginx:latest

32
charts/gha-runner-scale-set/values.yaml
View File

@ -36,10 +36,10 @@ githubConfigSecret:
# - example.com # - example.com
# - example.org # - example.org
## maxRunners is the max number of runners the auto scaling runner set will scale up to. ## maxRunners is the max number of runners the autoscaling runner set will scale up to.
# maxRunners: 5 # maxRunners: 5
## minRunners is the min number of runners the auto scaling runner set will scale down to. ## minRunners is the min number of runners the autoscaling runner set will scale down to.
# minRunners: 0 # minRunners: 0
# runnerGroup: "default" # runnerGroup: "default"
@ -68,7 +68,7 @@ githubConfigSecret:
# key: ca.crt # key: ca.crt
# runnerMountPath: /usr/local/share/ca-certificates/ # runnerMountPath: /usr/local/share/ca-certificates/
## Container mode is is an object that provides out-of-box configuration ## Container mode is an object that provides out-of-box configuration
## for dind and kubernetes mode. Template will be modified as documented under the ## for dind and kubernetes mode. Template will be modified as documented under the
## template object. ## template object.
## ##
@ -85,7 +85,25 @@ githubConfigSecret:
# requests: # requests:
# storage: 1Gi # storage: 1Gi
## template is the PodSpec for each listener Pod
## For reference: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#PodSpec
# listenerTemplate:
# spec:
# containers:
# # Use this section to append additional configuration to the listener container.
# # If you change the name of the container, the configuration will not be applied to the listener,
# # and it will be treated as a side-car container.
# - name: listener
# securityContext:
# runAsUser: 1000
# # Use this section to add the configuration of a side-car container.
# # Comment it out or remove it if you don't need it.
# # Spec for this container will be applied as is without any modifications.
# - name: side-car
# image: example-sidecar
## template is the PodSpec for each runner Pod ## template is the PodSpec for each runner Pod
## For reference: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#PodSpec
template: template:
## template.spec will be modified if you change the container mode ## template.spec will be modified if you change the container mode
## with containerMode.type=dind, we will populate the template.spec with following pod spec ## with containerMode.type=dind, we will populate the template.spec with following pod spec
@ -101,6 +119,7 @@ template:
## containers: ## containers:
## - name: runner ## - name: runner
## image: ghcr.io/actions/actions-runner:latest ## image: ghcr.io/actions/actions-runner:latest
## command: ["/home/runner/run.sh"]
## env: ## env:
## - name: DOCKER_HOST ## - name: DOCKER_HOST
## value: unix:///run/docker/docker.sock ## value: unix:///run/docker/docker.sock
@ -142,6 +161,7 @@ template:
## containers: ## containers:
## - name: runner ## - name: runner
## image: ghcr.io/actions/actions-runner:latest ## image: ghcr.io/actions/actions-runner:latest
## command: ["/home/runner/run.sh"]
## env: ## env:
## - name: ACTIONS_RUNNER_CONTAINER_HOOKS ## - name: ACTIONS_RUNNER_CONTAINER_HOOKS
## value: /home/runner/k8s/index.js ## value: /home/runner/k8s/index.js
@ -166,9 +186,9 @@ template:
## storage: 1Gi ## storage: 1Gi
spec: spec:
containers: containers:
- name: runner - name: runner
image: ghcr.io/actions/actions-runner:latest image: ghcr.io/actions/actions-runner:latest
command: ["/home/runner/run.sh"] command: ["/home/runner/run.sh"]
## Optional controller service account that needs to have required Role and RoleBinding ## Optional controller service account that needs to have required Role and RoleBinding
## to operate this gha-runner-scale-set installation. ## to operate this gha-runner-scale-set installation.

6
cmd/githubrunnerscalesetlistener/main.go
View File

@ -190,8 +190,12 @@ func run(ctx context.Context, rc RunnerScaleSetListenerConfig, logger logr.Logge
rc, rc,
creds, creds,
actions.WithLogger(logger), actions.WithLogger(logger),
actions.WithUserAgent(fmt.Sprintf("actions-runner-controller/%s", build.Version)),
) )
actionsServiceClient.SetUserAgent(actions.UserAgentInfo{
Version: build.Version,
CommitSHA: build.CommitSHA,
ScaleSetID: rc.RunnerScaleSetId,
})
if err != nil { if err != nil {
return fmt.Errorf("failed to create an Actions Service client: %w", err) return fmt.Errorf("failed to create an Actions Service client: %w", err)
} }

11
cmd/githubrunnerscalesetlistener/mock_KubernetesManager.go
View File

@ -1,4 +1,4 @@
// Code generated by mockery v2.16.0. DO NOT EDIT. // Code generated by mockery v2.33.2. DO NOT EDIT.
package main package main
@ -41,13 +41,12 @@ func (_m *MockKubernetesManager) UpdateEphemeralRunnerWithJobInfo(ctx context.Co
return r0 return r0
} }
type mockConstructorTestingTNewMockKubernetesManager interface { // NewMockKubernetesManager creates a new instance of MockKubernetesManager. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.
// The first argument is typically a *testing.T value.
func NewMockKubernetesManager(t interface {
mock.TestingT mock.TestingT
Cleanup(func()) Cleanup(func())
} }) *MockKubernetesManager {
// NewMockKubernetesManager creates a new instance of MockKubernetesManager. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.
func NewMockKubernetesManager(t mockConstructorTestingTNewMockKubernetesManager) *MockKubernetesManager {
mock := &MockKubernetesManager{} mock := &MockKubernetesManager{}
mock.Mock.Test(t) mock.Mock.Test(t)

11
cmd/githubrunnerscalesetlistener/mock_RunnerScaleSetClient.go
View File

@ -1,4 +1,4 @@
// Code generated by mockery v2.16.0. DO NOT EDIT. // Code generated by mockery v2.33.2. DO NOT EDIT.
package main package main
@ -43,13 +43,12 @@ func (_m *MockRunnerScaleSetClient) GetRunnerScaleSetMessage(ctx context.Context
return r0 return r0
} }
type mockConstructorTestingTNewMockRunnerScaleSetClient interface { // NewMockRunnerScaleSetClient creates a new instance of MockRunnerScaleSetClient. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.
// The first argument is typically a *testing.T value.
func NewMockRunnerScaleSetClient(t interface {
mock.TestingT mock.TestingT
Cleanup(func()) Cleanup(func())
} }) *MockRunnerScaleSetClient {
// NewMockRunnerScaleSetClient creates a new instance of MockRunnerScaleSetClient. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.
func NewMockRunnerScaleSetClient(t mockConstructorTestingTNewMockRunnerScaleSetClient) *MockRunnerScaleSetClient {
mock := &MockRunnerScaleSetClient{} mock := &MockRunnerScaleSetClient{}
mock.Mock.Test(t) mock.Mock.Test(t)

4270
config/crd/bases/actions.github.com_autoscalinglisteners.yaml
View File

File diff suppressed because it is too large Load Diff

4320
config/crd/bases/actions.github.com_autoscalingrunnersets.yaml
View File

File diff suppressed because it is too large Load Diff

64
config/crd/bases/actions.github.com_ephemeralrunners.yaml
View File

@ -1,8 +1,9 @@
---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.7.0 controller-gen.kubebuilder.io/version: v0.11.3
creationTimestamp: null creationTimestamp: null
name: ephemeralrunners.actions.github.com name: ephemeralrunners.actions.github.com
spec: spec:
@ -82,6 +83,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: object type: object
metadata: metadata:
@ -195,6 +197,7 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
weight: weight:
description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
format: int32 format: int32
@ -255,10 +258,12 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
required: required:
- nodeSelectorTerms - nodeSelectorTerms
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
podAffinity: podAffinity:
description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
@ -301,6 +306,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -331,6 +337,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -386,6 +393,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -416,6 +424,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -470,6 +479,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -500,6 +510,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -555,6 +566,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -585,6 +597,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -646,6 +659,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -658,6 +672,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -677,6 +692,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -692,6 +708,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -712,6 +729,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -725,6 +743,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -1470,6 +1489,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -1482,6 +1502,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -1501,6 +1522,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -1516,6 +1538,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -1536,6 +1559,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -1549,6 +1573,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -2260,6 +2285,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
initContainers: initContainers:
description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/'
@ -2305,6 +2331,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -2317,6 +2344,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -2336,6 +2364,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -2351,6 +2380,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -2371,6 +2401,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -2384,6 +2415,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -3316,6 +3348,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
matchLabelKeys: matchLabelKeys:
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
items: items:
@ -3340,7 +3373,7 @@ spec:
description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
type: string type: string
whenUnsatisfiable: whenUnsatisfiable:
description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.' description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
type: string type: string
required: required:
- maxSkew - maxSkew
@ -3441,6 +3474,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string type: string
@ -3463,6 +3497,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeID: volumeID:
description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string type: string
@ -3503,6 +3538,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
csi: csi:
description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).
properties: properties:
@ -3519,6 +3555,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
readOnly: readOnly:
description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).
type: boolean type: boolean
@ -3554,6 +3591,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -3580,6 +3618,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -3600,7 +3639,7 @@ spec:
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
type: object type: object
ephemeral: ephemeral:
description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
properties: properties:
volumeClaimTemplate: volumeClaimTemplate:
description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
@ -3649,8 +3688,9 @@ spec:
- kind - kind
- name - name
type: object type: object
x-kubernetes-map-type: atomic
dataSourceRef: dataSourceRef:
description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.' description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
properties: properties:
apiGroup: apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
@ -3732,6 +3772,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
storageClassName: storageClassName:
description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string type: string
@ -3794,6 +3835,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- driver - driver
type: object type: object
@ -3909,6 +3951,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
targetPortal: targetPortal:
description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
type: string type: string
@ -4017,6 +4060,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
downwardAPI: downwardAPI:
description: downwardAPI information about the downwardAPI data to project description: downwardAPI information about the downwardAPI data to project
properties: properties:
@ -4037,6 +4081,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -4063,6 +4108,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -4098,6 +4144,7 @@ spec:
description: optional field specify whether the Secret or its key must be defined description: optional field specify whether the Secret or its key must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
serviceAccountToken: serviceAccountToken:
description: serviceAccountToken is information about the serviceAccountToken data to project description: serviceAccountToken is information about the serviceAccountToken data to project
properties: properties:
@ -4172,6 +4219,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string type: string
@ -4201,6 +4249,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
sslEnabled: sslEnabled:
description: sslEnabled Flag enable/disable SSL communication with Gateway, default false description: sslEnabled Flag enable/disable SSL communication with Gateway, default false
type: boolean type: boolean
@ -4271,6 +4320,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeName: volumeName:
description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.
type: string type: string
@ -4346,9 +4396,3 @@ spec:
subresources: subresources:
status: {} status: {}
preserveUnknownFields: false preserveUnknownFields: false
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

64
config/crd/bases/actions.github.com_ephemeralrunnersets.yaml
View File

@ -1,8 +1,9 @@
---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.7.0 controller-gen.kubebuilder.io/version: v0.11.3
creationTimestamp: null creationTimestamp: null
name: ephemeralrunnersets.actions.github.com name: ephemeralrunnersets.actions.github.com
spec: spec:
@ -76,6 +77,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: object type: object
metadata: metadata:
@ -189,6 +191,7 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
weight: weight:
description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
format: int32 format: int32
@ -249,10 +252,12 @@ spec:
type: object type: object
type: array type: array
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
required: required:
- nodeSelectorTerms - nodeSelectorTerms
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
podAffinity: podAffinity:
description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
@ -295,6 +300,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -325,6 +331,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -380,6 +387,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -410,6 +418,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -464,6 +473,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -494,6 +504,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -549,6 +560,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaceSelector: namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
properties: properties:
@ -579,6 +591,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
namespaces: namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
items: items:
@ -640,6 +653,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -652,6 +666,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -671,6 +686,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -686,6 +702,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -706,6 +723,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -719,6 +737,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -1464,6 +1483,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -1476,6 +1496,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -1495,6 +1516,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -1510,6 +1532,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -1530,6 +1553,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -1543,6 +1567,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -2254,6 +2279,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
type: array type: array
initContainers: initContainers:
description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/'
@ -2299,6 +2325,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
fieldRef: fieldRef:
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
properties: properties:
@ -2311,6 +2338,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
resourceFieldRef: resourceFieldRef:
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
properties: properties:
@ -2330,6 +2358,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
secretKeyRef: secretKeyRef:
description: Selects a key of a secret in the pod's namespace description: Selects a key of a secret in the pod's namespace
properties: properties:
@ -2345,6 +2374,7 @@ spec:
required: required:
- key - key
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
required: required:
- name - name
@ -2365,6 +2395,7 @@ spec:
description: Specify whether the ConfigMap must be defined description: Specify whether the ConfigMap must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
prefix: prefix:
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
type: string type: string
@ -2378,6 +2409,7 @@ spec:
description: Specify whether the Secret must be defined description: Specify whether the Secret must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
type: object type: object
type: array type: array
image: image:
@ -3310,6 +3342,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
matchLabelKeys: matchLabelKeys:
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
items: items:
@ -3334,7 +3367,7 @@ spec:
description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
type: string type: string
whenUnsatisfiable: whenUnsatisfiable:
description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.' description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
type: string type: string
required: required:
- maxSkew - maxSkew
@ -3435,6 +3468,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
type: string type: string
@ -3457,6 +3491,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeID: volumeID:
description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
type: string type: string
@ -3497,6 +3532,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
csi: csi:
description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).
properties: properties:
@ -3513,6 +3549,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
readOnly: readOnly:
description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write). description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).
type: boolean type: boolean
@ -3548,6 +3585,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -3574,6 +3612,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -3594,7 +3633,7 @@ spec:
x-kubernetes-int-or-string: true x-kubernetes-int-or-string: true
type: object type: object
ephemeral: ephemeral:
description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
properties: properties:
volumeClaimTemplate: volumeClaimTemplate:
description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
@ -3643,8 +3682,9 @@ spec:
- kind - kind
- name - name
type: object type: object
x-kubernetes-map-type: atomic
dataSourceRef: dataSourceRef:
description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.' description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
properties: properties:
apiGroup: apiGroup:
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
@ -3726,6 +3766,7 @@ spec:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object type: object
type: object type: object
x-kubernetes-map-type: atomic
storageClassName: storageClassName:
description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string type: string
@ -3788,6 +3829,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- driver - driver
type: object type: object
@ -3903,6 +3945,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
targetPortal: targetPortal:
description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260). description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
type: string type: string
@ -4011,6 +4054,7 @@ spec:
description: optional specify whether the ConfigMap or its keys must be defined description: optional specify whether the ConfigMap or its keys must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
downwardAPI: downwardAPI:
description: downwardAPI information about the downwardAPI data to project description: downwardAPI information about the downwardAPI data to project
properties: properties:
@ -4031,6 +4075,7 @@ spec:
required: required:
- fieldPath - fieldPath
type: object type: object
x-kubernetes-map-type: atomic
mode: mode:
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
format: int32 format: int32
@ -4057,6 +4102,7 @@ spec:
required: required:
- resource - resource
type: object type: object
x-kubernetes-map-type: atomic
required: required:
- path - path
type: object type: object
@ -4092,6 +4138,7 @@ spec:
description: optional field specify whether the Secret or its key must be defined description: optional field specify whether the Secret or its key must be defined
type: boolean type: boolean
type: object type: object
x-kubernetes-map-type: atomic
serviceAccountToken: serviceAccountToken:
description: serviceAccountToken is information about the serviceAccountToken data to project description: serviceAccountToken is information about the serviceAccountToken data to project
properties: properties:
@ -4166,6 +4213,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
user: user:
description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
type: string type: string
@ -4195,6 +4243,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
sslEnabled: sslEnabled:
description: sslEnabled Flag enable/disable SSL communication with Gateway, default false description: sslEnabled Flag enable/disable SSL communication with Gateway, default false
type: boolean type: boolean
@ -4265,6 +4314,7 @@ spec:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic
volumeName: volumeName:
description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace. description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.
type: string type: string
@ -4323,9 +4373,3 @@ spec:
subresources: subresources:
status: {} status: {}
preserveUnknownFields: false preserveUnknownFields: false
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

2
config/manager/manager.yaml
View File

@ -56,8 +56,6 @@ spec:
valueFrom: valueFrom:
fieldRef: fieldRef:
fieldPath: metadata.namespace fieldPath: metadata.namespace
- name: CONTROLLER_MANAGER_LISTENER_IMAGE_PULL_POLICY
value: IfNotPresent
volumeMounts: volumeMounts:
- name: controller-manager - name: controller-manager
mountPath: "/etc/actions-runner-controller" mountPath: "/etc/actions-runner-controller"

144
controllers/actions.github.com/autoscalinglistener_controller_test.go
View File

@ -361,6 +361,150 @@ var _ = Describe("Test AutoScalingListener controller", func() {
}) })
}) })
var _ = Describe("Test AutoScalingListener customization", func() {
var ctx context.Context
var mgr ctrl.Manager
var autoscalingNS *corev1.Namespace
var autoscalingRunnerSet *actionsv1alpha1.AutoscalingRunnerSet
var configSecret *corev1.Secret
var autoscalingListener *actionsv1alpha1.AutoscalingListener
var runAsUser int64 = 1001
listenerPodTemplate := corev1.PodTemplateSpec{
Spec: corev1.PodSpec{
Containers: []corev1.Container{
{
Name: "listener",
ImagePullPolicy: corev1.PullAlways,
SecurityContext: &corev1.SecurityContext{
RunAsUser: &runAsUser,
},
},
{
Name: "sidecar",
ImagePullPolicy: corev1.PullIfNotPresent,
Image: "busybox",
},
},
SecurityContext: &corev1.PodSecurityContext{
RunAsUser: &runAsUser,
},
},
}
BeforeEach(func() {
ctx = context.Background()
autoscalingNS, mgr = createNamespace(GinkgoT(), k8sClient)
configSecret = createDefaultSecret(GinkgoT(), k8sClient, autoscalingNS.Name)
controller := &AutoscalingListenerReconciler{
Client: mgr.GetClient(),
Scheme: mgr.GetScheme(),
Log: logf.Log,
}
err := controller.SetupWithManager(mgr)
Expect(err).NotTo(HaveOccurred(), "failed to setup controller")
min := 1
max := 10
autoscalingRunnerSet = &actionsv1alpha1.AutoscalingRunnerSet{
ObjectMeta: metav1.ObjectMeta{
Name: "test-asrs",
Namespace: autoscalingNS.Name,
},
Spec: actionsv1alpha1.AutoscalingRunnerSetSpec{
GitHubConfigUrl: "https://github.com/owner/repo",
GitHubConfigSecret: configSecret.Name,
MaxRunners: &max,
MinRunners: &min,
Template: corev1.PodTemplateSpec{
Spec: corev1.PodSpec{
Containers: []corev1.Container{
{
Name: "runner",
Image: "ghcr.io/actions/runner",
},
},
},
},
},
}
err = k8sClient.Create(ctx, autoscalingRunnerSet)
Expect(err).NotTo(HaveOccurred(), "failed to create AutoScalingRunnerSet")
autoscalingListener = &actionsv1alpha1.AutoscalingListener{
ObjectMeta: metav1.ObjectMeta{
Name: "test-asltest",
Namespace: autoscalingNS.Name,
},
Spec: actionsv1alpha1.AutoscalingListenerSpec{
GitHubConfigUrl: "https://github.com/owner/repo",
GitHubConfigSecret: configSecret.Name,
RunnerScaleSetId: 1,
AutoscalingRunnerSetNamespace: autoscalingRunnerSet.Namespace,
AutoscalingRunnerSetName: autoscalingRunnerSet.Name,
EphemeralRunnerSetName: "test-ers",
MaxRunners: 10,
MinRunners: 1,
Image: "ghcr.io/owner/repo",
Template: &listenerPodTemplate,
},
}
err = k8sClient.Create(ctx, autoscalingListener)
Expect(err).NotTo(HaveOccurred(), "failed to create AutoScalingListener")
startManagers(GinkgoT(), mgr)
})
Context("When creating a new AutoScalingListener", func() {
It("It should create customized pod with applied configuration", func() {
// Check if finalizer is added
created := new(actionsv1alpha1.AutoscalingListener)
Eventually(
func() (string, error) {
err := k8sClient.Get(ctx, client.ObjectKey{Name: autoscalingListener.Name, Namespace: autoscalingListener.Namespace}, created)
if err != nil {
return "", err
}
if len(created.Finalizers) == 0 {
return "", nil
}
return created.Finalizers[0], nil
},
autoscalingListenerTestTimeout,
autoscalingListenerTestInterval).Should(BeEquivalentTo(autoscalingListenerFinalizerName), "AutoScalingListener should have a finalizer")
// Check if pod is created
pod := new(corev1.Pod)
Eventually(
func() (string, error) {
err := k8sClient.Get(ctx, client.ObjectKey{Name: autoscalingListener.Name, Namespace: autoscalingListener.Namespace}, pod)
if err != nil {
return "", err
}
return pod.Name, nil
},
autoscalingListenerTestTimeout,
autoscalingListenerTestInterval,
).Should(BeEquivalentTo(autoscalingListener.Name), "Pod should be created")
Expect(pod.Spec.SecurityContext.RunAsUser).To(Equal(&runAsUser), "Pod should have the correct security context")
Expect(pod.Spec.Containers[0].Name).NotTo(Equal("listener"), "Pod should have the correct container name")
Expect(pod.Spec.Containers[0].SecurityContext.RunAsUser).To(Equal(&runAsUser), "Pod should have the correct security context")
Expect(pod.Spec.Containers[0].ImagePullPolicy).To(Equal(corev1.PullAlways), "Pod should have the correct image pull policy")
Expect(pod.Spec.Containers[1].Name).To(Equal("sidecar"), "Pod should have the correct container name")
Expect(pod.Spec.Containers[1].Image).To(Equal("busybox"), "Pod should have the correct image")
Expect(pod.Spec.Containers[1].ImagePullPolicy).To(Equal(corev1.PullIfNotPresent), "Pod should have the correct image pull policy")
})
})
})
var _ = Describe("Test AutoScalingListener controller with proxy", func() { var _ = Describe("Test AutoScalingListener controller with proxy", func() {
var ctx context.Context var ctx context.Context
var mgr ctrl.Manager var mgr ctrl.Manager

6
controllers/actions.github.com/autoscalingrunnerset_controller.go
View File

@ -463,6 +463,12 @@ func (r *AutoscalingRunnerSetReconciler) createRunnerScaleSet(ctx context.Contex
} }
} }
actionsClient.SetUserAgent(actions.UserAgentInfo{
Version: build.Version,
CommitSHA: build.CommitSHA,
ScaleSetID: runnerScaleSet.Id,
})
logger.Info("Created/Reused a runner scale set", "id", runnerScaleSet.Id, "runnerGroupName", runnerScaleSet.RunnerGroupName) logger.Info("Created/Reused a runner scale set", "id", runnerScaleSet.Id, "runnerGroupName", runnerScaleSet.RunnerGroupName)
if autoscalingRunnerSet.Annotations == nil { if autoscalingRunnerSet.Annotations == nil {
autoscalingRunnerSet.Annotations = map[string]string{} autoscalingRunnerSet.Annotations = map[string]string{}

5
controllers/actions.github.com/autoscalingrunnerset_controller_test.go
View File

@ -888,8 +888,9 @@ var _ = Describe("Test client optional configuration", Ordered, func() {
Log: logf.Log, Log: logf.Log,
ControllerNamespace: autoscalingNS.Name, ControllerNamespace: autoscalingNS.Name,
DefaultRunnerScaleSetListenerImage: "ghcr.io/actions/arc", DefaultRunnerScaleSetListenerImage: "ghcr.io/actions/arc",
ActionsClient: actions.NewMultiClient("test", logr.Discard()), ActionsClient: actions.NewMultiClient(logr.Discard()),
} }
err := controller.SetupWithManager(mgr) err := controller.SetupWithManager(mgr)
Expect(err).NotTo(HaveOccurred(), "failed to setup controller") Expect(err).NotTo(HaveOccurred(), "failed to setup controller")
@ -1079,7 +1080,7 @@ var _ = Describe("Test client optional configuration", Ordered, func() {
}) })
It("should be able to make requests to a server using root CAs", func() { It("should be able to make requests to a server using root CAs", func() {
controller.ActionsClient = actions.NewMultiClient("test", logr.Discard()) controller.ActionsClient = actions.NewMultiClient(logr.Discard())
certsFolder := filepath.Join( certsFolder := filepath.Join(
"../../", "../../",

4
controllers/actions.github.com/ephemeralrunner_controller_test.go
View File

@ -729,7 +729,7 @@ var _ = Describe("EphemeralRunner", func() {
It("uses an actions client with proxy transport", func() { It("uses an actions client with proxy transport", func() {
// Use an actual client // Use an actual client
controller.ActionsClient = actions.NewMultiClient("test", logr.Discard()) controller.ActionsClient = actions.NewMultiClient(logr.Discard())
proxySuccessfulllyCalled := false proxySuccessfulllyCalled := false
proxy := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { proxy := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@ -914,7 +914,7 @@ var _ = Describe("EphemeralRunner", func() {
server.StartTLS() server.StartTLS()
// Use an actual client // Use an actual client
controller.ActionsClient = actions.NewMultiClient("test", logr.Discard()) controller.ActionsClient = actions.NewMultiClient(logr.Discard())
ephemeralRunner := newExampleRunner("test-runner", autoScalingNS.Name, configSecret.Name) ephemeralRunner := newExampleRunner("test-runner", autoScalingNS.Name, configSecret.Name)
ephemeralRunner.Spec.GitHubConfigUrl = server.ConfigURLForOrg("my-org") ephemeralRunner.Spec.GitHubConfigUrl = server.ConfigURLForOrg("my-org")

4
controllers/actions.github.com/ephemeralrunnerset_controller_test.go
View File

@ -753,7 +753,7 @@ var _ = Describe("Test EphemeralRunnerSet controller with proxy settings", func(
Client: mgr.GetClient(), Client: mgr.GetClient(),
Scheme: mgr.GetScheme(), Scheme: mgr.GetScheme(),
Log: logf.Log, Log: logf.Log,
ActionsClient: actions.NewMultiClient("test", logr.Discard()), ActionsClient: actions.NewMultiClient(logr.Discard()),
} }
err := controller.SetupWithManager(mgr) err := controller.SetupWithManager(mgr)
Expect(err).NotTo(HaveOccurred(), "failed to setup controller") Expect(err).NotTo(HaveOccurred(), "failed to setup controller")
@ -1052,7 +1052,7 @@ var _ = Describe("Test EphemeralRunnerSet controller with custom root CA", func(
Client: mgr.GetClient(), Client: mgr.GetClient(),
Scheme: mgr.GetScheme(), Scheme: mgr.GetScheme(),
Log: logf.Log, Log: logf.Log,
ActionsClient: actions.NewMultiClient("test", logr.Discard()), ActionsClient: actions.NewMultiClient(logr.Discard()),
} }
err = controller.SetupWithManager(mgr) err = controller.SetupWithManager(mgr)
Expect(err).NotTo(HaveOccurred(), "failed to setup controller") Expect(err).NotTo(HaveOccurred(), "failed to setup controller")

149
controllers/actions.github.com/resourcebuilder.go
View File

@ -33,14 +33,31 @@ var commonLabelKeys = [...]string{
LabelKeyGitHubRepository, LabelKeyGitHubRepository,
} }
var reservedListenerContainerEnvKeys = map[string]struct{}{
"GITHUB_CONFIGURE_URL": {},
"GITHUB_EPHEMERAL_RUNNER_SET_NAMESPACE": {},
"GITHUB_EPHEMERAL_RUNNER_SET_NAME": {},
"GITHUB_MAX_RUNNERS": {},
"GITHUB_MIN_RUNNERS": {},
"GITHUB_RUNNER_SCALE_SET_ID": {},
"GITHUB_RUNNER_LOG_LEVEL": {},
"GITHUB_RUNNER_LOG_FORMAT": {},
"GITHUB_TOKEN": {},
"GITHUB_APP_ID": {},
"GITHUB_APP_INSTALLATION_ID": {},
"GITHUB_APP_PRIVATE_KEY": {},
}
const labelValueKubernetesPartOf = "gha-runner-scale-set" const labelValueKubernetesPartOf = "gha-runner-scale-set"
// scaleSetListenerImagePullPolicy is applied to all listeners var scaleSetListenerLogLevel = DefaultScaleSetListenerLogLevel
var scaleSetListenerLogFormat = DefaultScaleSetListenerLogFormat
var scaleSetListenerImagePullPolicy = DefaultScaleSetListenerImagePullPolicy var scaleSetListenerImagePullPolicy = DefaultScaleSetListenerImagePullPolicy
func SetListenerImagePullPolicy(pullPolicy string) bool { func SetListenerImagePullPolicy(pullPolicy string) bool {
switch p := corev1.PullPolicy(pullPolicy); p { switch p := corev1.PullPolicy(pullPolicy); p {
case corev1.PullAlways, corev1.PullNever, corev1.PullIfNotPresent: case corev1.PullAlways, corev1.PullIfNotPresent, corev1.PullNever:
scaleSetListenerImagePullPolicy = p scaleSetListenerImagePullPolicy = p
return true return true
default: default:
@ -48,9 +65,6 @@ func SetListenerImagePullPolicy(pullPolicy string) bool {
} }
} }
var scaleSetListenerLogLevel = DefaultScaleSetListenerLogLevel
var scaleSetListenerLogFormat = DefaultScaleSetListenerLogFormat
func SetListenerLoggingParameters(level string, format string) bool { func SetListenerLoggingParameters(level string, format string) bool {
switch level { switch level {
case logging.LogLevelDebug, logging.LogLevelInfo, logging.LogLevelWarn, logging.LogLevelError: case logging.LogLevelDebug, logging.LogLevelInfo, logging.LogLevelWarn, logging.LogLevelError:
@ -115,10 +129,10 @@ func (b *resourceBuilder) newAutoScalingListener(autoscalingRunnerSet *v1alpha1.
MinRunners: effectiveMinRunners, MinRunners: effectiveMinRunners,
MaxRunners: effectiveMaxRunners, MaxRunners: effectiveMaxRunners,
Image: image, Image: image,
ImagePullPolicy: scaleSetListenerImagePullPolicy,
ImagePullSecrets: imagePullSecrets, ImagePullSecrets: imagePullSecrets,
Proxy: autoscalingRunnerSet.Spec.Proxy, Proxy: autoscalingRunnerSet.Spec.Proxy,
GitHubServerTLS: autoscalingRunnerSet.Spec.GitHubServerTLS, GitHubServerTLS: autoscalingRunnerSet.Spec.GitHubServerTLS,
Template: autoscalingRunnerSet.Spec.ListenerTemplate,
}, },
} }
@ -266,7 +280,7 @@ func (b *resourceBuilder) newScaleSetListenerPod(autoscalingListener *v1alpha1.A
Name: autoscalingListenerContainerName, Name: autoscalingListenerContainerName,
Image: autoscalingListener.Spec.Image, Image: autoscalingListener.Spec.Image,
Env: listenerEnv, Env: listenerEnv,
ImagePullPolicy: autoscalingListener.Spec.ImagePullPolicy, ImagePullPolicy: scaleSetListenerImagePullPolicy,
Command: []string{ Command: []string{
"/github-runnerscaleset-listener", "/github-runnerscaleset-listener",
}, },
@ -295,9 +309,130 @@ func (b *resourceBuilder) newScaleSetListenerPod(autoscalingListener *v1alpha1.A
Spec: podSpec, Spec: podSpec,
} }
if autoscalingListener.Spec.Template != nil {
mergeListenerPodWithTemplate(newRunnerScaleSetListenerPod, autoscalingListener.Spec.Template)
}
return newRunnerScaleSetListenerPod, nil return newRunnerScaleSetListenerPod, nil
} }
func mergeListenerPodWithTemplate(pod *corev1.Pod, tmpl *corev1.PodTemplateSpec) {
// apply metadata
for k, v := range tmpl.Annotations {
if _, ok := pod.Annotations[k]; !ok {
pod.Annotations[k] = v
}
}
for k, v := range tmpl.Labels {
if _, ok := pod.Labels[k]; !ok {
pod.Labels[k] = v
}
}
// apply spec
// apply container
listenerContainer := &pod.Spec.Containers[0] // if this panics, we have bigger problems
for i := range tmpl.Spec.Containers {
c := &tmpl.Spec.Containers[i]
switch c.Name {
case "listener":
mergeListenerContainer(listenerContainer, c)
default:
pod.Spec.Containers = append(pod.Spec.Containers, *c)
}
}
// apply pod related spec
// NOTE: fields that should be gnored
// - service account based fields
if tmpl.Spec.RestartPolicy != "" {
pod.Spec.RestartPolicy = tmpl.Spec.RestartPolicy
}
if tmpl.Spec.ImagePullSecrets != nil {
pod.Spec.ImagePullSecrets = tmpl.Spec.ImagePullSecrets
}
pod.Spec.Volumes = tmpl.Spec.Volumes
pod.Spec.InitContainers = tmpl.Spec.InitContainers
pod.Spec.EphemeralContainers = tmpl.Spec.EphemeralContainers
pod.Spec.TerminationGracePeriodSeconds = tmpl.Spec.TerminationGracePeriodSeconds
pod.Spec.ActiveDeadlineSeconds = tmpl.Spec.ActiveDeadlineSeconds
pod.Spec.DNSPolicy = tmpl.Spec.DNSPolicy
pod.Spec.NodeSelector = tmpl.Spec.NodeSelector
pod.Spec.NodeName = tmpl.Spec.NodeName
pod.Spec.HostNetwork = tmpl.Spec.HostNetwork
pod.Spec.HostPID = tmpl.Spec.HostPID
pod.Spec.HostIPC = tmpl.Spec.HostIPC
pod.Spec.ShareProcessNamespace = tmpl.Spec.ShareProcessNamespace
pod.Spec.SecurityContext = tmpl.Spec.SecurityContext
pod.Spec.Hostname = tmpl.Spec.Hostname
pod.Spec.Subdomain = tmpl.Spec.Subdomain
pod.Spec.Affinity = tmpl.Spec.Affinity
pod.Spec.SchedulerName = tmpl.Spec.SchedulerName
pod.Spec.Tolerations = tmpl.Spec.Tolerations
pod.Spec.HostAliases = tmpl.Spec.HostAliases
pod.Spec.PriorityClassName = tmpl.Spec.PriorityClassName
pod.Spec.Priority = tmpl.Spec.Priority
pod.Spec.DNSConfig = tmpl.Spec.DNSConfig
pod.Spec.ReadinessGates = tmpl.Spec.ReadinessGates
pod.Spec.RuntimeClassName = tmpl.Spec.RuntimeClassName
pod.Spec.EnableServiceLinks = tmpl.Spec.EnableServiceLinks
pod.Spec.PreemptionPolicy = tmpl.Spec.PreemptionPolicy
pod.Spec.Overhead = tmpl.Spec.Overhead
pod.Spec.TopologySpreadConstraints = tmpl.Spec.TopologySpreadConstraints
pod.Spec.SetHostnameAsFQDN = tmpl.Spec.SetHostnameAsFQDN
pod.Spec.OS = tmpl.Spec.OS
pod.Spec.HostUsers = tmpl.Spec.HostUsers
pod.Spec.SchedulingGates = tmpl.Spec.SchedulingGates
pod.Spec.ResourceClaims = tmpl.Spec.ResourceClaims
}
func mergeListenerContainer(base, from *corev1.Container) {
// name should not be modified
if from.Image != "" {
base.Image = from.Image
}
if len(from.Command) > 0 {
base.Command = from.Command
}
for _, v := range from.Env {
if _, ok := reservedListenerContainerEnvKeys[v.Name]; !ok {
base.Env = append(base.Env, v)
}
}
if from.ImagePullPolicy != "" {
base.ImagePullPolicy = from.ImagePullPolicy
}
base.Args = append(base.Args, from.Args...)
base.WorkingDir = from.WorkingDir
base.Ports = append(base.Ports, from.Ports...)
base.EnvFrom = append(base.EnvFrom, from.EnvFrom...)
base.Resources = from.Resources
base.VolumeMounts = append(base.VolumeMounts, from.VolumeMounts...)
base.VolumeDevices = append(base.VolumeDevices, from.VolumeDevices...)
base.LivenessProbe = from.LivenessProbe
base.ReadinessProbe = from.ReadinessProbe
base.StartupProbe = from.StartupProbe
base.Lifecycle = from.Lifecycle
base.TerminationMessagePath = from.TerminationMessagePath
base.TerminationMessagePolicy = from.TerminationMessagePolicy
base.ImagePullPolicy = from.ImagePullPolicy
base.SecurityContext = from.SecurityContext
base.Stdin = from.Stdin
base.StdinOnce = from.StdinOnce
base.TTY = from.TTY
}
func (b *resourceBuilder) newScaleSetListenerServiceAccount(autoscalingListener *v1alpha1.AutoscalingListener) *corev1.ServiceAccount { func (b *resourceBuilder) newScaleSetListenerServiceAccount(autoscalingListener *v1alpha1.AutoscalingListener) *corev1.ServiceAccount {
return &corev1.ServiceAccount{ return &corev1.ServiceAccount{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{

4
docs/about-arc.md
View File

@ -23,7 +23,7 @@ Self-hosted runners offer more control of hardware, operating system, and softwa
Self-hosted runners can be physical, virtual, in a container, on-premises, or in a cloud. Self-hosted runners can be physical, virtual, in a container, on-premises, or in a cloud.
- Traditional Deployment is having a physical machine, with OS and apps on it. The runner runs on this machine and executes any jobs. It comes with the cost of owning and operating the hardware 24/7 even if it isn't in use that entire time. - Traditional Deployment is having a physical machine, with OS and apps on it. The runner runs on this machine and executes any jobs. It comes with the cost of owning and operating the hardware 24/7 even if it isn't in use that entire time.
- Virtualized deployments are simpler to manage. Each runner runs on a virtual machine (VM) that runs on a host. There could be multiple such VMs running on the same host. VMs are complete OSs and might take time to bring up everytime a clean environment is needed to run workflows. - Virtualized deployments are simpler to manage. Each runner runs on a virtual machine (VM) that runs on a host. There could be multiple such VMs running on the same host. VMs are complete OSs and might take time to bring up everytime a clean environment is needed to run workflows.
- Containerized deployments are similar to VMs, but instead of bringing up entire VMs, a container gets deployed.Kubernetes (K8s) provides a scalable and reproducible environment for containerized workloads. They are lightweight, loosely coupled, highly efficient and can be managed centrally. There are advantages to using Kubernetes (outlined "[here](https://kubernetes.io/docs/concepts/overview/what-is-kubernetes/)."), but it is more complicated and less widely-understood than the other options. A managed provider makes this much simpler to run at scale. - Containerized deployments are similar to VMs, but instead of bringing up entire VMs, a container gets deployed. Kubernetes (K8s) provides a scalable and reproducible environment for containerized workloads. They are lightweight, loosely coupled, highly efficient and can be managed centrally. There are advantages to using Kubernetes (outlined "[here](https://kubernetes.io/docs/concepts/overview/what-is-kubernetes/)."), but it is more complicated and less widely-understood than the other options. A managed provider makes this much simpler to run at scale.
*Actions Runner Controller(ARC) makes it simpler to run self hosted runners on K8s managed containers.* *Actions Runner Controller(ARC) makes it simpler to run self hosted runners on K8s managed containers.*
@ -172,7 +172,7 @@ If there is a need to include packages in the runner image for which there is no
FROM summerwind/actions-runner:latest FROM summerwind/actions-runner:latest
RUN sudo apt-get update -y \ RUN sudo apt-get update -y \
&& sudo apt-get install $YOUR_PACKAGES && sudo apt-get install $YOUR_PACKAGES \
&& sudo rm -rf /var/lib/apt/lists/* && sudo rm -rf /var/lib/apt/lists/*
``` ```

2
docs/automatically-scaling-runners.md
View File

@ -554,7 +554,7 @@ This can be problematic in two scenarios:
> RunnerDeployment is not affected by the Scenario 1 as RunnerDeployment-managed runners are already tolerable to unlimitedly long in-progress running job while being replaced, as it's graceful termination process is handled outside of the entrypoint and the Kubernetes' pod termination process. > RunnerDeployment is not affected by the Scenario 1 as RunnerDeployment-managed runners are already tolerable to unlimitedly long in-progress running job while being replaced, as it's graceful termination process is handled outside of the entrypoint and the Kubernetes' pod termination process.
To make it more reliable, please set `spec.template.spec.terminationGracePeriodSeconds` field and the `RUNNER_GRACEFUL_STOP_TIMEOUT` environment variable appropriately. To make it more reliable, please set `spec.template.spec.terminationGracePeriodSeconds` field and the `RUNNER_GRACEFUL_STOP_TIMEOUT` environment variable appropriately. **NOTE:** if you are using the default configuration of running DinD as a sidecar, you'll need to set this environment variable in both `spec.template.spec.env` as well as `spec.template.spec.dockerEnv` for RunnerDeployment objects, otherwise the `docker` container will recieve the same termination signal and exit while the remainder of the build runs.
If you want the pod to terminate in approximately 110 seconds at the latest since the termination request, try `terminationGracePeriodSeconds` of `110` and `RUNNER_GRACEFUL_STOP_TIMEOUT` of like `90`. If you want the pod to terminate in approximately 110 seconds at the latest since the termination request, try `terminationGracePeriodSeconds` of `110` and `RUNNER_GRACEFUL_STOP_TIMEOUT` of like `90`.

9
docs/gha-runner-scale-set-controller/README.md
View File

@ -43,6 +43,13 @@ You can follow [this troubleshooting guide](https://docs.github.com/en/actions/h
## Changelog ## Changelog
### v0.6.0
1. Fix parsing AcquireJob MessageQueueTokenExpiredError (#2837)[https://github.com/actions/actions-runner-controller/pull/2837]
1. Set restart policy on the runner pod to Never if restartPolicy is not set in template (#2787)[https://github.com/actions/actions-runner-controller/pull/2787]
1. Set the AutoscalingRunnerSet name to runnerScaleSetName (#2803)[https://github.com/actions/actions-runner-controller/pull/2803]
1. Extend and generate crds allowing listener pod spec change (#2758)[https://github.com/actions/actions-runner-controller/pull/2758]
1. Extend the user agent and fix the build version for the listener app (#2892)[https://github.com/actions/actions-runner-controller/pull/2892]
### v0.5.0 ### v0.5.0
1. Provide scale-set listener metrics [#2559](https://github.com/actions/actions-runner-controller/pull/2559) 1. Provide scale-set listener metrics [#2559](https://github.com/actions/actions-runner-controller/pull/2559)
@ -112,7 +119,7 @@ Please evaluate these changes carefully before upgrading.
#### Major changes #### Major changes
1. Added proxy support for the controller and the runner pods, see the new helm chart fields [#2286](https://github.com/actions/actions-runner-controller/pull/2286) 1. Added proxy support for the controller and the runner pods, see the new helm chart fields [#2286](https://github.com/actions/actions-runner-controller/pull/2286)
1. Added the abiilty to provide a pre-defined kubernetes secret for the auto scaling runner set helm chart [#2234](https://github.com/actions/actions-runner-controller/pull/2234) 1. Added the abiilty to provide a pre-defined kubernetes secret for the autoscaling runner set helm chart [#2234](https://github.com/actions/actions-runner-controller/pull/2234)
1. Enhanced security posture by removing un-required permissions for the manager-role [#2260](https://github.com/actions/actions-runner-controller/pull/2260) 1. Enhanced security posture by removing un-required permissions for the manager-role [#2260](https://github.com/actions/actions-runner-controller/pull/2260)
1. Enhanced our logging by returning an error when a runner group is defined in the values file but it's not created in GitHub [#2215](https://github.com/actions/actions-runner-controller/pull/2215) 1. Enhanced our logging by returning an error when a runner group is defined in the values file but it's not created in GitHub [#2215](https://github.com/actions/actions-runner-controller/pull/2215)
1. Fixed helm charts issues that were preventing the use of DinD [#2291](https://github.com/actions/actions-runner-controller/pull/2291) 1. Fixed helm charts issues that were preventing the use of DinD [#2291](https://github.com/actions/actions-runner-controller/pull/2291)

69
github/actions/client.go
View File

@ -17,6 +17,7 @@ import (
"sync" "sync"
"time" "time"
"github.com/actions/actions-runner-controller/build"
"github.com/go-logr/logr" "github.com/go-logr/logr"
"github.com/golang-jwt/jwt/v4" "github.com/golang-jwt/jwt/v4"
"github.com/google/uuid" "github.com/google/uuid"
@ -53,6 +54,8 @@ type ActionsService interface {
GetRunner(ctx context.Context, runnerId int64) (*RunnerReference, error) GetRunner(ctx context.Context, runnerId int64) (*RunnerReference, error)
GetRunnerByName(ctx context.Context, runnerName string) (*RunnerReference, error) GetRunnerByName(ctx context.Context, runnerName string) (*RunnerReference, error)
RemoveRunner(ctx context.Context, runnerId int64) error RemoveRunner(ctx context.Context, runnerId int64) error
SetUserAgent(info UserAgentInfo)
} }
type Client struct { type Client struct {
@ -72,7 +75,7 @@ type Client struct {
creds *ActionsAuth creds *ActionsAuth
config *GitHubConfig config *GitHubConfig
logger logr.Logger logger logr.Logger
userAgent string userAgent UserAgentInfo
rootCAs *x509.CertPool rootCAs *x509.CertPool
tlsInsecureSkipVerify bool tlsInsecureSkipVerify bool
@ -84,10 +87,24 @@ type ProxyFunc func(req *http.Request) (*url.URL, error)
type ClientOption func(*Client) type ClientOption func(*Client)
func WithUserAgent(userAgent string) ClientOption { type UserAgentInfo struct {
return func(c *Client) { Version string
c.userAgent = userAgent CommitSHA string
ScaleSetID int
}
func (u UserAgentInfo) String() string {
var scaleSetID = "NA"
if u.ScaleSetID > 0 {
scaleSetID = strconv.Itoa(u.ScaleSetID)
} }
return fmt.Sprintf(
"actions-runner-controller/%s CommitSHA/%s ScaleSetID/%s",
u.Version,
u.CommitSHA,
scaleSetID,
)
} }
func WithLogger(logger logr.Logger) ClientOption { func WithLogger(logger logr.Logger) ClientOption {
@ -140,6 +157,11 @@ func NewClient(githubConfigURL string, creds *ActionsAuth, options ...ClientOpti
// retryablehttp defaults // retryablehttp defaults
retryMax: 4, retryMax: 4,
retryWaitMax: 30 * time.Second, retryWaitMax: 30 * time.Second,
userAgent: UserAgentInfo{
Version: build.Version,
CommitSHA: build.CommitSHA,
ScaleSetID: 0,
},
} }
for _, option := range options { for _, option := range options {
@ -178,6 +200,10 @@ func NewClient(githubConfigURL string, creds *ActionsAuth, options ...ClientOpti
return ac, nil return ac, nil
} }
func (c *Client) SetUserAgent(info UserAgentInfo) {
c.userAgent = info
}
// Identifier returns a string to help identify a client uniquely. // Identifier returns a string to help identify a client uniquely.
// This is used for caching client instances and understanding when a config // This is used for caching client instances and understanding when a config
// change warrants creating a new client. Any changes to Client that would // change warrants creating a new client. Any changes to Client that would
@ -186,7 +212,7 @@ func (c *Client) Identifier() string {
identifier := fmt.Sprintf("configURL:%q,", c.config.ConfigURL.String()) identifier := fmt.Sprintf("configURL:%q,", c.config.ConfigURL.String())
if c.creds.Token != "" { if c.creds.Token != "" {
identifier += fmt.Sprintf("token:%q", c.creds.Token) identifier += fmt.Sprintf("token:%q,", c.creds.Token)
} }
if c.creds.AppCreds != nil { if c.creds.AppCreds != nil {
@ -234,9 +260,7 @@ func (c *Client) NewGitHubAPIRequest(ctx context.Context, method, path string, b
return nil, err return nil, err
} }
if c.userAgent != "" { req.Header.Set("User-Agent", c.userAgent.String())
req.Header.Set("User-Agent", c.userAgent)
}
return req, nil return req, nil
} }
@ -278,9 +302,7 @@ func (c *Client) NewActionsServiceRequest(ctx context.Context, method, path stri
req.Header.Set("Content-Type", "application/json") req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.ActionsServiceAdminToken)) req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.ActionsServiceAdminToken))
if c.userAgent != "" { req.Header.Set("User-Agent", c.userAgent.String())
req.Header.Set("User-Agent", c.userAgent)
}
return req, nil return req, nil
} }
@ -473,9 +495,7 @@ func (c *Client) GetMessage(ctx context.Context, messageQueueUrl, messageQueueAc
req.Header.Set("Accept", "application/json; api-version=6.0-preview") req.Header.Set("Accept", "application/json; api-version=6.0-preview")
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", messageQueueAccessToken)) req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", messageQueueAccessToken))
if c.userAgent != "" { req.Header.Set("User-Agent", c.userAgent.String())
req.Header.Set("User-Agent", c.userAgent)
}
resp, err := c.Do(req) resp, err := c.Do(req)
if err != nil { if err != nil {
@ -524,9 +544,7 @@ func (c *Client) DeleteMessage(ctx context.Context, messageQueueUrl, messageQueu
req.Header.Set("Content-Type", "application/json") req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", messageQueueAccessToken)) req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", messageQueueAccessToken))
if c.userAgent != "" { req.Header.Set("User-Agent", c.userAgent.String())
req.Header.Set("User-Agent", c.userAgent)
}
resp, err := c.Do(req) resp, err := c.Do(req)
if err != nil { if err != nil {
@ -624,9 +642,7 @@ func (c *Client) AcquireJobs(ctx context.Context, runnerScaleSetId int, messageQ
req.Header.Set("Content-Type", "application/json") req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", messageQueueAccessToken)) req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", messageQueueAccessToken))
if c.userAgent != "" { req.Header.Set("User-Agent", c.userAgent.String())
req.Header.Set("User-Agent", c.userAgent)
}
resp, err := c.Do(req) resp, err := c.Do(req)
if err != nil { if err != nil {
@ -634,7 +650,18 @@ func (c *Client) AcquireJobs(ctx context.Context, runnerScaleSetId int, messageQ
} }
if resp.StatusCode != http.StatusOK { if resp.StatusCode != http.StatusOK {
return nil, ParseActionsErrorFromResponse(resp) if resp.StatusCode != http.StatusUnauthorized {
return nil, ParseActionsErrorFromResponse(resp)
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
body = trimByteOrderMark(body)
if err != nil {
return nil, err
}
return nil, &MessageQueueTokenExpiredError{msg: string(body)}
} }
var acquiredJobs *Int64List var acquiredJobs *Int64List

34
github/actions/client_job_acquisition_test.go
View File

@ -2,6 +2,7 @@ package actions_test
import ( import (
"context" "context"
"errors"
"net/http" "net/http"
"strings" "strings"
"testing" "testing"
@ -84,6 +85,39 @@ func TestAcquireJobs(t *testing.T) {
assert.NotNil(t, err) assert.NotNil(t, err)
assert.Equalf(t, actualRetry, expectedRetry, "A retry was expected after the first request but got: %v", actualRetry) assert.Equalf(t, actualRetry, expectedRetry, "A retry was expected after the first request but got: %v", actualRetry)
}) })
t.Run("Should return MessageQueueTokenExpiredError when http error is not Unauthorized", func(t *testing.T) {
want := []int64{1}
session := &actions.RunnerScaleSetSession{
RunnerScaleSet: &actions.RunnerScaleSet{Id: 1},
MessageQueueAccessToken: "abc",
}
requestIDs := want
server := newActionsServer(t, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if strings.HasSuffix(r.URL.Path, "/acquirablejobs") {
w.Write([]byte(`{"count": 1}`))
return
}
if r.Method == http.MethodPost {
http.Error(w, "Session expired", http.StatusUnauthorized)
return
}
}))
client, err := actions.NewClient(server.configURLForOrg("my-org"), auth)
require.NoError(t, err)
_, err = client.GetAcquirableJobs(ctx, 1)
require.NoError(t, err)
got, err := client.AcquireJobs(ctx, session.RunnerScaleSet.Id, session.MessageQueueAccessToken, requestIDs)
require.Error(t, err)
assert.Nil(t, got)
var expectedErr *actions.MessageQueueTokenExpiredError
assert.True(t, errors.As(err, &expectedErr))
})
} }
func TestGetAcquirableJobs(t *testing.T) { func TestGetAcquirableJobs(t *testing.T) {

2
github/actions/fake/client.go
View File

@ -282,3 +282,5 @@ func (f *FakeClient) GetRunnerByName(ctx context.Context, runnerName string) (*a
func (f *FakeClient) RemoveRunner(ctx context.Context, runnerId int64) error { func (f *FakeClient) RemoveRunner(ctx context.Context, runnerId int64) error {
return f.removeRunnerResult.err return f.removeRunnerResult.err
} }
func (f *FakeClient) SetUserAgent(_ actions.UserAgentInfo) {}

18
github/actions/github_api_request_test.go
View File

@ -15,6 +15,12 @@ import (
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
) )
var testUserAgent = actions.UserAgentInfo{
Version: "test",
CommitSHA: "test",
ScaleSetID: 1,
}
func TestNewGitHubAPIRequest(t *testing.T) { func TestNewGitHubAPIRequest(t *testing.T) {
ctx := context.Background() ctx := context.Background()
@ -62,13 +68,15 @@ func TestNewGitHubAPIRequest(t *testing.T) {
}) })
t.Run("sets user agent header if present", func(t *testing.T) { t.Run("sets user agent header if present", func(t *testing.T) {
client, err := actions.NewClient("http://localhost/my-org", nil, actions.WithUserAgent("my-agent")) client, err := actions.NewClient("http://localhost/my-org", nil)
require.NoError(t, err) require.NoError(t, err)
client.SetUserAgent(testUserAgent)
req, err := client.NewGitHubAPIRequest(ctx, http.MethodGet, "/app/installations/123/access_tokens", nil) req, err := client.NewGitHubAPIRequest(ctx, http.MethodGet, "/app/installations/123/access_tokens", nil)
require.NoError(t, err) require.NoError(t, err)
assert.Equal(t, "my-agent", req.Header.Get("User-Agent")) assert.Equal(t, testUserAgent.String(), req.Header.Get("User-Agent"))
}) })
t.Run("sets the body we pass", func(t *testing.T) { t.Run("sets the body we pass", func(t *testing.T) {
@ -182,13 +190,15 @@ func TestNewActionsServiceRequest(t *testing.T) {
t.Run("populates header", func(t *testing.T) { t.Run("populates header", func(t *testing.T) {
server := testserver.New(t, nil) server := testserver.New(t, nil)
client, err := actions.NewClient(server.ConfigURLForOrg("my-org"), defaultCreds, actions.WithUserAgent("my-agent")) client, err := actions.NewClient(server.ConfigURLForOrg("my-org"), defaultCreds)
require.NoError(t, err) require.NoError(t, err)
client.SetUserAgent(testUserAgent)
req, err := client.NewActionsServiceRequest(ctx, http.MethodGet, "/my/path", nil) req, err := client.NewActionsServiceRequest(ctx, http.MethodGet, "/my/path", nil)
require.NoError(t, err) require.NoError(t, err)
assert.Equal(t, "my-agent", req.Header.Get("User-Agent")) assert.Equal(t, testUserAgent.String(), req.Header.Get("User-Agent"))
assert.Equal(t, "application/json", req.Header.Get("Content-Type")) assert.Equal(t, "application/json", req.Header.Get("Content-Type"))
}) })
} }

81
github/actions/mock_ActionsService.go
View File

@ -1,4 +1,4 @@
// Code generated by mockery v2.16.0. DO NOT EDIT. // Code generated by mockery v2.33.2. DO NOT EDIT.
package actions package actions
@ -19,6 +19,10 @@ func (_m *MockActionsService) AcquireJobs(ctx context.Context, runnerScaleSetId
ret := _m.Called(ctx, runnerScaleSetId, messageQueueAccessToken, requestIds) ret := _m.Called(ctx, runnerScaleSetId, messageQueueAccessToken, requestIds)
var r0 []int64 var r0 []int64
var r1 error
if rf, ok := ret.Get(0).(func(context.Context, int, string, []int64) ([]int64, error)); ok {
return rf(ctx, runnerScaleSetId, messageQueueAccessToken, requestIds)
}
if rf, ok := ret.Get(0).(func(context.Context, int, string, []int64) []int64); ok { if rf, ok := ret.Get(0).(func(context.Context, int, string, []int64) []int64); ok {
r0 = rf(ctx, runnerScaleSetId, messageQueueAccessToken, requestIds) r0 = rf(ctx, runnerScaleSetId, messageQueueAccessToken, requestIds)
} else { } else {
@ -27,7 +31,6 @@ func (_m *MockActionsService) AcquireJobs(ctx context.Context, runnerScaleSetId
} }
} }
var r1 error
if rf, ok := ret.Get(1).(func(context.Context, int, string, []int64) error); ok { if rf, ok := ret.Get(1).(func(context.Context, int, string, []int64) error); ok {
r1 = rf(ctx, runnerScaleSetId, messageQueueAccessToken, requestIds) r1 = rf(ctx, runnerScaleSetId, messageQueueAccessToken, requestIds)
} else { } else {
@ -42,6 +45,10 @@ func (_m *MockActionsService) CreateMessageSession(ctx context.Context, runnerSc
ret := _m.Called(ctx, runnerScaleSetId, owner) ret := _m.Called(ctx, runnerScaleSetId, owner)
var r0 *RunnerScaleSetSession var r0 *RunnerScaleSetSession
var r1 error
if rf, ok := ret.Get(0).(func(context.Context, int, string) (*RunnerScaleSetSession, error)); ok {
return rf(ctx, runnerScaleSetId, owner)
}
if rf, ok := ret.Get(0).(func(context.Context, int, string) *RunnerScaleSetSession); ok { if rf, ok := ret.Get(0).(func(context.Context, int, string) *RunnerScaleSetSession); ok {
r0 = rf(ctx, runnerScaleSetId, owner) r0 = rf(ctx, runnerScaleSetId, owner)
} else { } else {
@ -50,7 +57,6 @@ func (_m *MockActionsService) CreateMessageSession(ctx context.Context, runnerSc
} }
} }
var r1 error
if rf, ok := ret.Get(1).(func(context.Context, int, string) error); ok { if rf, ok := ret.Get(1).(func(context.Context, int, string) error); ok {
r1 = rf(ctx, runnerScaleSetId, owner) r1 = rf(ctx, runnerScaleSetId, owner)
} else { } else {
@ -65,6 +71,10 @@ func (_m *MockActionsService) CreateRunnerScaleSet(ctx context.Context, runnerSc
ret := _m.Called(ctx, runnerScaleSet) ret := _m.Called(ctx, runnerScaleSet)
var r0 *RunnerScaleSet var r0 *RunnerScaleSet
var r1 error
if rf, ok := ret.Get(0).(func(context.Context, *RunnerScaleSet) (*RunnerScaleSet, error)); ok {
return rf(ctx, runnerScaleSet)
}
if rf, ok := ret.Get(0).(func(context.Context, *RunnerScaleSet) *RunnerScaleSet); ok { if rf, ok := ret.Get(0).(func(context.Context, *RunnerScaleSet) *RunnerScaleSet); ok {
r0 = rf(ctx, runnerScaleSet) r0 = rf(ctx, runnerScaleSet)
} else { } else {
@ -73,7 +83,6 @@ func (_m *MockActionsService) CreateRunnerScaleSet(ctx context.Context, runnerSc
} }
} }
var r1 error
if rf, ok := ret.Get(1).(func(context.Context, *RunnerScaleSet) error); ok { if rf, ok := ret.Get(1).(func(context.Context, *RunnerScaleSet) error); ok {
r1 = rf(ctx, runnerScaleSet) r1 = rf(ctx, runnerScaleSet)
} else { } else {
@ -130,6 +139,10 @@ func (_m *MockActionsService) GenerateJitRunnerConfig(ctx context.Context, jitRu
ret := _m.Called(ctx, jitRunnerSetting, scaleSetId) ret := _m.Called(ctx, jitRunnerSetting, scaleSetId)
var r0 *RunnerScaleSetJitRunnerConfig var r0 *RunnerScaleSetJitRunnerConfig
var r1 error
if rf, ok := ret.Get(0).(func(context.Context, *RunnerScaleSetJitRunnerSetting, int) (*RunnerScaleSetJitRunnerConfig, error)); ok {
return rf(ctx, jitRunnerSetting, scaleSetId)
}
if rf, ok := ret.Get(0).(func(context.Context, *RunnerScaleSetJitRunnerSetting, int) *RunnerScaleSetJitRunnerConfig); ok { if rf, ok := ret.Get(0).(func(context.Context, *RunnerScaleSetJitRunnerSetting, int) *RunnerScaleSetJitRunnerConfig); ok {
r0 = rf(ctx, jitRunnerSetting, scaleSetId) r0 = rf(ctx, jitRunnerSetting, scaleSetId)
} else { } else {
@ -138,7 +151,6 @@ func (_m *MockActionsService) GenerateJitRunnerConfig(ctx context.Context, jitRu
} }
} }
var r1 error
if rf, ok := ret.Get(1).(func(context.Context, *RunnerScaleSetJitRunnerSetting, int) error); ok { if rf, ok := ret.Get(1).(func(context.Context, *RunnerScaleSetJitRunnerSetting, int) error); ok {
r1 = rf(ctx, jitRunnerSetting, scaleSetId) r1 = rf(ctx, jitRunnerSetting, scaleSetId)
} else { } else {
@ -153,6 +165,10 @@ func (_m *MockActionsService) GetAcquirableJobs(ctx context.Context, runnerScale
ret := _m.Called(ctx, runnerScaleSetId) ret := _m.Called(ctx, runnerScaleSetId)
var r0 *AcquirableJobList var r0 *AcquirableJobList
var r1 error
if rf, ok := ret.Get(0).(func(context.Context, int) (*AcquirableJobList, error)); ok {
return rf(ctx, runnerScaleSetId)
}
if rf, ok := ret.Get(0).(func(context.Context, int) *AcquirableJobList); ok { if rf, ok := ret.Get(0).(func(context.Context, int) *AcquirableJobList); ok {
r0 = rf(ctx, runnerScaleSetId) r0 = rf(ctx, runnerScaleSetId)
} else { } else {
@ -161,7 +177,6 @@ func (_m *MockActionsService) GetAcquirableJobs(ctx context.Context, runnerScale
} }
} }
var r1 error
if rf, ok := ret.Get(1).(func(context.Context, int) error); ok { if rf, ok := ret.Get(1).(func(context.Context, int) error); ok {
r1 = rf(ctx, runnerScaleSetId) r1 = rf(ctx, runnerScaleSetId)
} else { } else {
@ -176,6 +191,10 @@ func (_m *MockActionsService) GetMessage(ctx context.Context, messageQueueUrl st
ret := _m.Called(ctx, messageQueueUrl, messageQueueAccessToken, lastMessageId) ret := _m.Called(ctx, messageQueueUrl, messageQueueAccessToken, lastMessageId)
var r0 *RunnerScaleSetMessage var r0 *RunnerScaleSetMessage
var r1 error
if rf, ok := ret.Get(0).(func(context.Context, string, string, int64) (*RunnerScaleSetMessage, error)); ok {
return rf(ctx, messageQueueUrl, messageQueueAccessToken, lastMessageId)
}
if rf, ok := ret.Get(0).(func(context.Context, string, string, int64) *RunnerScaleSetMessage); ok { if rf, ok := ret.Get(0).(func(context.Context, string, string, int64) *RunnerScaleSetMessage); ok {
r0 = rf(ctx, messageQueueUrl, messageQueueAccessToken, lastMessageId) r0 = rf(ctx, messageQueueUrl, messageQueueAccessToken, lastMessageId)
} else { } else {
@ -184,7 +203,6 @@ func (_m *MockActionsService) GetMessage(ctx context.Context, messageQueueUrl st
} }
} }
var r1 error
if rf, ok := ret.Get(1).(func(context.Context, string, string, int64) error); ok { if rf, ok := ret.Get(1).(func(context.Context, string, string, int64) error); ok {
r1 = rf(ctx, messageQueueUrl, messageQueueAccessToken, lastMessageId) r1 = rf(ctx, messageQueueUrl, messageQueueAccessToken, lastMessageId)
} else { } else {
@ -199,6 +217,10 @@ func (_m *MockActionsService) GetRunner(ctx context.Context, runnerId int64) (*R
ret := _m.Called(ctx, runnerId) ret := _m.Called(ctx, runnerId)
var r0 *RunnerReference var r0 *RunnerReference
var r1 error
if rf, ok := ret.Get(0).(func(context.Context, int64) (*RunnerReference, error)); ok {
return rf(ctx, runnerId)
}
if rf, ok := ret.Get(0).(func(context.Context, int64) *RunnerReference); ok { if rf, ok := ret.Get(0).(func(context.Context, int64) *RunnerReference); ok {
r0 = rf(ctx, runnerId) r0 = rf(ctx, runnerId)
} else { } else {
@ -207,7 +229,6 @@ func (_m *MockActionsService) GetRunner(ctx context.Context, runnerId int64) (*R
} }
} }
var r1 error
if rf, ok := ret.Get(1).(func(context.Context, int64) error); ok { if rf, ok := ret.Get(1).(func(context.Context, int64) error); ok {
r1 = rf(ctx, runnerId) r1 = rf(ctx, runnerId)
} else { } else {
@ -222,6 +243,10 @@ func (_m *MockActionsService) GetRunnerByName(ctx context.Context, runnerName st
ret := _m.Called(ctx, runnerName) ret := _m.Called(ctx, runnerName)
var r0 *RunnerReference var r0 *RunnerReference
var r1 error
if rf, ok := ret.Get(0).(func(context.Context, string) (*RunnerReference, error)); ok {
return rf(ctx, runnerName)
}
if rf, ok := ret.Get(0).(func(context.Context, string) *RunnerReference); ok { if rf, ok := ret.Get(0).(func(context.Context, string) *RunnerReference); ok {
r0 = rf(ctx, runnerName) r0 = rf(ctx, runnerName)
} else { } else {
@ -230,7 +255,6 @@ func (_m *MockActionsService) GetRunnerByName(ctx context.Context, runnerName st
} }
} }
var r1 error
if rf, ok := ret.Get(1).(func(context.Context, string) error); ok { if rf, ok := ret.Get(1).(func(context.Context, string) error); ok {
r1 = rf(ctx, runnerName) r1 = rf(ctx, runnerName)
} else { } else {
@ -245,6 +269,10 @@ func (_m *MockActionsService) GetRunnerGroupByName(ctx context.Context, runnerGr
ret := _m.Called(ctx, runnerGroup) ret := _m.Called(ctx, runnerGroup)
var r0 *RunnerGroup var r0 *RunnerGroup
var r1 error
if rf, ok := ret.Get(0).(func(context.Context, string) (*RunnerGroup, error)); ok {
return rf(ctx, runnerGroup)
}
if rf, ok := ret.Get(0).(func(context.Context, string) *RunnerGroup); ok { if rf, ok := ret.Get(0).(func(context.Context, string) *RunnerGroup); ok {
r0 = rf(ctx, runnerGroup) r0 = rf(ctx, runnerGroup)
} else { } else {
@ -253,7 +281,6 @@ func (_m *MockActionsService) GetRunnerGroupByName(ctx context.Context, runnerGr
} }
} }
var r1 error
if rf, ok := ret.Get(1).(func(context.Context, string) error); ok { if rf, ok := ret.Get(1).(func(context.Context, string) error); ok {
r1 = rf(ctx, runnerGroup) r1 = rf(ctx, runnerGroup)
} else { } else {
@ -268,6 +295,10 @@ func (_m *MockActionsService) GetRunnerScaleSet(ctx context.Context, runnerGroup
ret := _m.Called(ctx, runnerGroupId, runnerScaleSetName) ret := _m.Called(ctx, runnerGroupId, runnerScaleSetName)
var r0 *RunnerScaleSet var r0 *RunnerScaleSet
var r1 error
if rf, ok := ret.Get(0).(func(context.Context, int, string) (*RunnerScaleSet, error)); ok {
return rf(ctx, runnerGroupId, runnerScaleSetName)
}
if rf, ok := ret.Get(0).(func(context.Context, int, string) *RunnerScaleSet); ok { if rf, ok := ret.Get(0).(func(context.Context, int, string) *RunnerScaleSet); ok {
r0 = rf(ctx, runnerGroupId, runnerScaleSetName) r0 = rf(ctx, runnerGroupId, runnerScaleSetName)
} else { } else {
@ -276,7 +307,6 @@ func (_m *MockActionsService) GetRunnerScaleSet(ctx context.Context, runnerGroup
} }
} }
var r1 error
if rf, ok := ret.Get(1).(func(context.Context, int, string) error); ok { if rf, ok := ret.Get(1).(func(context.Context, int, string) error); ok {
r1 = rf(ctx, runnerGroupId, runnerScaleSetName) r1 = rf(ctx, runnerGroupId, runnerScaleSetName)
} else { } else {
@ -291,6 +321,10 @@ func (_m *MockActionsService) GetRunnerScaleSetById(ctx context.Context, runnerS
ret := _m.Called(ctx, runnerScaleSetId) ret := _m.Called(ctx, runnerScaleSetId)
var r0 *RunnerScaleSet var r0 *RunnerScaleSet
var r1 error
if rf, ok := ret.Get(0).(func(context.Context, int) (*RunnerScaleSet, error)); ok {
return rf(ctx, runnerScaleSetId)
}
if rf, ok := ret.Get(0).(func(context.Context, int) *RunnerScaleSet); ok { if rf, ok := ret.Get(0).(func(context.Context, int) *RunnerScaleSet); ok {
r0 = rf(ctx, runnerScaleSetId) r0 = rf(ctx, runnerScaleSetId)
} else { } else {
@ -299,7 +333,6 @@ func (_m *MockActionsService) GetRunnerScaleSetById(ctx context.Context, runnerS
} }
} }
var r1 error
if rf, ok := ret.Get(1).(func(context.Context, int) error); ok { if rf, ok := ret.Get(1).(func(context.Context, int) error); ok {
r1 = rf(ctx, runnerScaleSetId) r1 = rf(ctx, runnerScaleSetId)
} else { } else {
@ -314,6 +347,10 @@ func (_m *MockActionsService) RefreshMessageSession(ctx context.Context, runnerS
ret := _m.Called(ctx, runnerScaleSetId, sessionId) ret := _m.Called(ctx, runnerScaleSetId, sessionId)
var r0 *RunnerScaleSetSession var r0 *RunnerScaleSetSession
var r1 error
if rf, ok := ret.Get(0).(func(context.Context, int, *uuid.UUID) (*RunnerScaleSetSession, error)); ok {
return rf(ctx, runnerScaleSetId, sessionId)
}
if rf, ok := ret.Get(0).(func(context.Context, int, *uuid.UUID) *RunnerScaleSetSession); ok { if rf, ok := ret.Get(0).(func(context.Context, int, *uuid.UUID) *RunnerScaleSetSession); ok {
r0 = rf(ctx, runnerScaleSetId, sessionId) r0 = rf(ctx, runnerScaleSetId, sessionId)
} else { } else {
@ -322,7 +359,6 @@ func (_m *MockActionsService) RefreshMessageSession(ctx context.Context, runnerS
} }
} }
var r1 error
if rf, ok := ret.Get(1).(func(context.Context, int, *uuid.UUID) error); ok { if rf, ok := ret.Get(1).(func(context.Context, int, *uuid.UUID) error); ok {
r1 = rf(ctx, runnerScaleSetId, sessionId) r1 = rf(ctx, runnerScaleSetId, sessionId)
} else { } else {
@ -346,11 +382,20 @@ func (_m *MockActionsService) RemoveRunner(ctx context.Context, runnerId int64)
return r0 return r0
} }
// SetUserAgent provides a mock function with given fields: info
func (_m *MockActionsService) SetUserAgent(info UserAgentInfo) {
_m.Called(info)
}
// UpdateRunnerScaleSet provides a mock function with given fields: ctx, runnerScaleSetId, runnerScaleSet // UpdateRunnerScaleSet provides a mock function with given fields: ctx, runnerScaleSetId, runnerScaleSet
func (_m *MockActionsService) UpdateRunnerScaleSet(ctx context.Context, runnerScaleSetId int, runnerScaleSet *RunnerScaleSet) (*RunnerScaleSet, error) { func (_m *MockActionsService) UpdateRunnerScaleSet(ctx context.Context, runnerScaleSetId int, runnerScaleSet *RunnerScaleSet) (*RunnerScaleSet, error) {
ret := _m.Called(ctx, runnerScaleSetId, runnerScaleSet) ret := _m.Called(ctx, runnerScaleSetId, runnerScaleSet)
var r0 *RunnerScaleSet var r0 *RunnerScaleSet
var r1 error
if rf, ok := ret.Get(0).(func(context.Context, int, *RunnerScaleSet) (*RunnerScaleSet, error)); ok {
return rf(ctx, runnerScaleSetId, runnerScaleSet)
}
if rf, ok := ret.Get(0).(func(context.Context, int, *RunnerScaleSet) *RunnerScaleSet); ok { if rf, ok := ret.Get(0).(func(context.Context, int, *RunnerScaleSet) *RunnerScaleSet); ok {
r0 = rf(ctx, runnerScaleSetId, runnerScaleSet) r0 = rf(ctx, runnerScaleSetId, runnerScaleSet)
} else { } else {
@ -359,7 +404,6 @@ func (_m *MockActionsService) UpdateRunnerScaleSet(ctx context.Context, runnerSc
} }
} }
var r1 error
if rf, ok := ret.Get(1).(func(context.Context, int, *RunnerScaleSet) error); ok { if rf, ok := ret.Get(1).(func(context.Context, int, *RunnerScaleSet) error); ok {
r1 = rf(ctx, runnerScaleSetId, runnerScaleSet) r1 = rf(ctx, runnerScaleSetId, runnerScaleSet)
} else { } else {
@ -369,13 +413,12 @@ func (_m *MockActionsService) UpdateRunnerScaleSet(ctx context.Context, runnerSc
return r0, r1 return r0, r1
} }
type mockConstructorTestingTNewMockActionsService interface { // NewMockActionsService creates a new instance of MockActionsService. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.
// The first argument is typically a *testing.T value.
func NewMockActionsService(t interface {
mock.TestingT mock.TestingT
Cleanup(func()) Cleanup(func())
} }) *MockActionsService {
// NewMockActionsService creates a new instance of MockActionsService. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.
func NewMockActionsService(t mockConstructorTestingTNewMockActionsService) *MockActionsService {
mock := &MockActionsService{} mock := &MockActionsService{}
mock.Mock.Test(t) mock.Mock.Test(t)

21
github/actions/mock_SessionService.go
View File

@ -1,4 +1,4 @@
// Code generated by mockery v2.16.0. DO NOT EDIT. // Code generated by mockery v2.33.2. DO NOT EDIT.
package actions package actions
@ -18,6 +18,10 @@ func (_m *MockSessionService) AcquireJobs(ctx context.Context, requestIds []int6
ret := _m.Called(ctx, requestIds) ret := _m.Called(ctx, requestIds)
var r0 []int64 var r0 []int64
var r1 error
if rf, ok := ret.Get(0).(func(context.Context, []int64) ([]int64, error)); ok {
return rf(ctx, requestIds)
}
if rf, ok := ret.Get(0).(func(context.Context, []int64) []int64); ok { if rf, ok := ret.Get(0).(func(context.Context, []int64) []int64); ok {
r0 = rf(ctx, requestIds) r0 = rf(ctx, requestIds)
} else { } else {
@ -26,7 +30,6 @@ func (_m *MockSessionService) AcquireJobs(ctx context.Context, requestIds []int6
} }
} }
var r1 error
if rf, ok := ret.Get(1).(func(context.Context, []int64) error); ok { if rf, ok := ret.Get(1).(func(context.Context, []int64) error); ok {
r1 = rf(ctx, requestIds) r1 = rf(ctx, requestIds)
} else { } else {
@ -69,6 +72,10 @@ func (_m *MockSessionService) GetMessage(ctx context.Context, lastMessageId int6
ret := _m.Called(ctx, lastMessageId) ret := _m.Called(ctx, lastMessageId)
var r0 *RunnerScaleSetMessage var r0 *RunnerScaleSetMessage
var r1 error
if rf, ok := ret.Get(0).(func(context.Context, int64) (*RunnerScaleSetMessage, error)); ok {
return rf(ctx, lastMessageId)
}
if rf, ok := ret.Get(0).(func(context.Context, int64) *RunnerScaleSetMessage); ok { if rf, ok := ret.Get(0).(func(context.Context, int64) *RunnerScaleSetMessage); ok {
r0 = rf(ctx, lastMessageId) r0 = rf(ctx, lastMessageId)
} else { } else {
@ -77,7 +84,6 @@ func (_m *MockSessionService) GetMessage(ctx context.Context, lastMessageId int6
} }
} }
var r1 error
if rf, ok := ret.Get(1).(func(context.Context, int64) error); ok { if rf, ok := ret.Get(1).(func(context.Context, int64) error); ok {
r1 = rf(ctx, lastMessageId) r1 = rf(ctx, lastMessageId)
} else { } else {
@ -87,13 +93,12 @@ func (_m *MockSessionService) GetMessage(ctx context.Context, lastMessageId int6
return r0, r1 return r0, r1
} }
type mockConstructorTestingTNewMockSessionService interface { // NewMockSessionService creates a new instance of MockSessionService. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.
// The first argument is typically a *testing.T value.
func NewMockSessionService(t interface {
mock.TestingT mock.TestingT
Cleanup(func()) Cleanup(func())
} }) *MockSessionService {
// NewMockSessionService creates a new instance of MockSessionService. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.
func NewMockSessionService(t mockConstructorTestingTNewMockSessionService) *MockSessionService {
mock := &MockSessionService{} mock := &MockSessionService{}
mock.Mock.Test(t) mock.Mock.Test(t)

13
github/actions/multi_client.go
View File

@ -19,8 +19,7 @@ type multiClient struct {
mu sync.Mutex mu sync.Mutex
clients map[ActionsClientKey]*Client clients map[ActionsClientKey]*Client
logger logr.Logger logger logr.Logger
userAgent string
} }
type GitHubAppAuth struct { type GitHubAppAuth struct {
@ -42,12 +41,11 @@ type ActionsClientKey struct {
Namespace string Namespace string
} }
func NewMultiClient(userAgent string, logger logr.Logger) MultiClient { func NewMultiClient(logger logr.Logger) MultiClient {
return &multiClient{ return &multiClient{
mu: sync.Mutex{}, mu: sync.Mutex{},
clients: make(map[ActionsClientKey]*Client), clients: make(map[ActionsClientKey]*Client),
logger: logger, logger: logger,
userAgent: userAgent,
} }
} }
@ -66,7 +64,6 @@ func (m *multiClient) GetClientFor(ctx context.Context, githubConfigURL string,
githubConfigURL, githubConfigURL,
&creds, &creds,
append([]ClientOption{ append([]ClientOption{
WithUserAgent(m.userAgent),
WithLogger(m.logger), WithLogger(m.logger),
}, options...)..., }, options...)...,
) )

21
github/actions/multi_client_test.go
View File

@ -10,10 +10,16 @@ import (
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
) )
var testUserAgent = UserAgentInfo{
Version: "test",
CommitSHA: "test",
ScaleSetID: 1,
}
func TestMultiClientCaching(t *testing.T) { func TestMultiClientCaching(t *testing.T) {
logger := logr.Discard() logger := logr.Discard()
ctx := context.Background() ctx := context.Background()
multiClient := NewMultiClient("test-user-agent", logger).(*multiClient) multiClient := NewMultiClient(logger).(*multiClient)
defaultNamespace := "default" defaultNamespace := "default"
defaultConfigURL := "https://github.com/org/repo" defaultConfigURL := "https://github.com/org/repo"
@ -61,20 +67,21 @@ func TestMultiClientOptions(t *testing.T) {
Token: "token", Token: "token",
} }
multiClient := NewMultiClient("test-user-agent", logger) multiClient := NewMultiClient(logger)
service, err := multiClient.GetClientFor( service, err := multiClient.GetClientFor(
ctx, ctx,
defaultConfigURL, defaultConfigURL,
*defaultCreds, *defaultCreds,
defaultNamespace, defaultNamespace,
WithUserAgent("test-option"),
) )
service.SetUserAgent(testUserAgent)
require.NoError(t, err) require.NoError(t, err)
client := service.(*Client) client := service.(*Client)
req, err := client.NewGitHubAPIRequest(ctx, "GET", "/test", nil) req, err := client.NewGitHubAPIRequest(ctx, "GET", "/test", nil)
require.NoError(t, err) require.NoError(t, err)
assert.Equal(t, "test-option", req.Header.Get("User-Agent")) assert.Equal(t, testUserAgent.String(), req.Header.Get("User-Agent"))
}) })
t.Run("GetClientFromSecret", func(t *testing.T) { t.Run("GetClientFromSecret", func(t *testing.T) {
@ -82,20 +89,20 @@ func TestMultiClientOptions(t *testing.T) {
"github_token": []byte("token"), "github_token": []byte("token"),
} }
multiClient := NewMultiClient("test-user-agent", logger) multiClient := NewMultiClient(logger)
service, err := multiClient.GetClientFromSecret( service, err := multiClient.GetClientFromSecret(
ctx, ctx,
defaultConfigURL, defaultConfigURL,
defaultNamespace, defaultNamespace,
secret, secret,
WithUserAgent("test-option"),
) )
service.SetUserAgent(testUserAgent)
require.NoError(t, err) require.NoError(t, err)
client := service.(*Client) client := service.(*Client)
req, err := client.NewGitHubAPIRequest(ctx, "GET", "/test", nil) req, err := client.NewGitHubAPIRequest(ctx, "GET", "/test", nil)
require.NoError(t, err) require.NoError(t, err)
assert.Equal(t, "test-option", req.Header.Get("User-Agent")) assert.Equal(t, testUserAgent.String(), req.Header.Get("User-Agent"))
}) })
} }

1
main.go
View File

@ -230,7 +230,6 @@ func main() {
} }
actionsMultiClient := actions.NewMultiClient( actionsMultiClient := actions.NewMultiClient(
"actions-runner-controller/"+build.Version,
log.WithName("actions-clients"), log.WithName("actions-clients"),
) )

2
runner/Makefile
View File

@ -6,7 +6,7 @@ DIND_ROOTLESS_RUNNER_NAME ?= ${DOCKER_USER}/actions-runner-dind-rootless
OS_IMAGE ?= ubuntu-22.04 OS_IMAGE ?= ubuntu-22.04
TARGETPLATFORM ?= $(shell arch) TARGETPLATFORM ?= $(shell arch)
RUNNER_VERSION ?= 2.308.0 RUNNER_VERSION ?= 2.309.0
RUNNER_CONTAINER_HOOKS_VERSION ?= 0.3.2 RUNNER_CONTAINER_HOOKS_VERSION ?= 0.3.2
DOCKER_VERSION ?= 20.10.23 DOCKER_VERSION ?= 20.10.23

2
runner/VERSION
View File

@ -1,2 +1,2 @@
RUNNER_VERSION=2.308.0 RUNNER_VERSION=2.309.0
RUNNER_CONTAINER_HOOKS_VERSION=0.3.2 RUNNER_CONTAINER_HOOKS_VERSION=0.3.2

5
runner/actions-runner-dind-rootless.ubuntu-20.04.dockerfile
View File

@ -27,7 +27,6 @@ RUN apt-get update -y \
dnsutils \ dnsutils \
ftp \ ftp \
git \ git \
git-lfs \
iproute2 \ iproute2 \
iputils-ping \ iputils-ping \
iptables \ iptables \
@ -56,6 +55,10 @@ RUN apt-get update -y \
&& ln -sf /usr/bin/pip3 /usr/bin/pip \ && ln -sf /usr/bin/pip3 /usr/bin/pip \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
# Download latest git-lfs version
RUN curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash && \
apt-get install -y --no-install-recommends git-lfs
# Runner user # Runner user
RUN adduser --disabled-password --gecos "" --uid $RUNNER_UID runner RUN adduser --disabled-password --gecos "" --uid $RUNNER_UID runner

5
runner/actions-runner-dind-rootless.ubuntu-22.04.dockerfile
View File

@ -23,7 +23,6 @@ RUN apt-get update -y \
curl \ curl \
ca-certificates \ ca-certificates \
git \ git \
git-lfs \
iproute2 \ iproute2 \
iptables \ iptables \
jq \ jq \
@ -33,6 +32,10 @@ RUN apt-get update -y \
zip \ zip \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
# Download latest git-lfs version
RUN curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash && \
apt-get install -y --no-install-recommends git-lfs
# Runner user # Runner user
RUN adduser --disabled-password --gecos "" --uid $RUNNER_USER_UID runner RUN adduser --disabled-password --gecos "" --uid $RUNNER_USER_UID runner

5
runner/actions-runner-dind.ubuntu-20.04.dockerfile
View File

@ -25,7 +25,6 @@ RUN apt-get update -y \
dnsutils \ dnsutils \
ftp \ ftp \
git \ git \
git-lfs \
iproute2 \ iproute2 \
iputils-ping \ iputils-ping \
iptables \ iptables \
@ -53,6 +52,10 @@ RUN apt-get update -y \
&& ln -sf /usr/bin/pip3 /usr/bin/pip \ && ln -sf /usr/bin/pip3 /usr/bin/pip \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
# Download latest git-lfs version
RUN curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash && \
apt-get install -y --no-install-recommends git-lfs
# Runner user # Runner user
RUN adduser --disabled-password --gecos "" --uid $RUNNER_UID runner \ RUN adduser --disabled-password --gecos "" --uid $RUNNER_UID runner \
&& groupadd docker --gid $DOCKER_GID \ && groupadd docker --gid $DOCKER_GID \

5
runner/actions-runner-dind.ubuntu-22.04.dockerfile
View File

@ -20,7 +20,6 @@ RUN apt-get update -y \
curl \ curl \
ca-certificates \ ca-certificates \
git \ git \
git-lfs \
iptables \ iptables \
jq \ jq \
software-properties-common \ software-properties-common \
@ -29,6 +28,10 @@ RUN apt-get update -y \
zip \ zip \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
# Download latest git-lfs version
RUN curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash && \
apt-get install -y --no-install-recommends git-lfs
# Runner user # Runner user
RUN adduser --disabled-password --gecos "" --uid $RUNNER_USER_UID runner \ RUN adduser --disabled-password --gecos "" --uid $RUNNER_USER_UID runner \
&& groupadd docker --gid $DOCKER_GROUP_GID \ && groupadd docker --gid $DOCKER_GROUP_GID \

5
runner/actions-runner.ubuntu-20.04.dockerfile
View File

@ -25,7 +25,6 @@ RUN apt-get update -y \
dnsutils \ dnsutils \
ftp \ ftp \
git \ git \
git-lfs \
iproute2 \ iproute2 \
iputils-ping \ iputils-ping \
jq \ jq \
@ -50,6 +49,10 @@ RUN apt-get update -y \
&& ln -sf /usr/bin/pip3 /usr/bin/pip \ && ln -sf /usr/bin/pip3 /usr/bin/pip \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
# Download latest git-lfs version
RUN curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash && \
apt-get install -y --no-install-recommends git-lfs
RUN adduser --disabled-password --gecos "" --uid $RUNNER_UID runner \ RUN adduser --disabled-password --gecos "" --uid $RUNNER_UID runner \
&& groupadd docker --gid $DOCKER_GID \ && groupadd docker --gid $DOCKER_GID \
&& usermod -aG sudo runner \ && usermod -aG sudo runner \

5
runner/actions-runner.ubuntu-22.04.dockerfile
View File

@ -20,13 +20,16 @@ RUN apt-get update -y \
curl \ curl \
ca-certificates \ ca-certificates \
git \ git \
git-lfs \
jq \ jq \
sudo \ sudo \
unzip \ unzip \
zip \ zip \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
# Download latest git-lfs version
RUN curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash && \
apt-get install -y --no-install-recommends git-lfs
RUN adduser --disabled-password --gecos "" --uid $RUNNER_USER_UID runner \ RUN adduser --disabled-password --gecos "" --uid $RUNNER_USER_UID runner \
&& groupadd docker --gid $DOCKER_GROUP_GID \ && groupadd docker --gid $DOCKER_GROUP_GID \
&& usermod -aG sudo runner \ && usermod -aG sudo runner \

2
test/e2e/e2e_test.go
View File

@ -36,7 +36,7 @@ var (
testResultCMNamePrefix = "test-result-" testResultCMNamePrefix = "test-result-"
RunnerVersion = "2.308.0" RunnerVersion = "2.309.0"
) )
// If you're willing to run this test via VS Code "run test" or "debug test", // If you're willing to run this test via VS Code "run test" or "debug test",