description:'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info:https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type:string
kind:
description:'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info:https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type:string
metadata:
type:object
results:
description:PolicyReportResult provides result details
items:
description:PolicyReportResult provides the result for an individual
policy
properties:
category:
description:Category indicates policy category
type:string
data:
additionalProperties:
type:string
description:Data provides additional information for the policy rule
type:object
message:
description:Message is a short user friendly description of the policy
rule
type:string
policy:
description:Policy is the name of the policy
type:string
resourceSelector:
description:ResourceSelector is an optional selector for policy results
that apply to multiple resources. For example, a policy result may
apply to all pods that match a label. Either a Resource or a ResourceSelector
can be specified. If neither are provided, the result is assumed
to be for the policy report scope.
properties:
matchExpressions:
description:matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description:A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description:key is the label key that the selector applies
to.
type:string
operator:
description:operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type:string
values:
description:values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type:string
type:array
required:
- key
- operator
type:object
type:array
matchLabels:
additionalProperties:
type:string
description:matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type:object
type:object
resources:
description:Resources is an optional reference to the resource checked
by the policy and rule
items:
description:'ObjectReference contains enough information to let
you inspect or modify the referred object. --- New uses of this
type are discouraged because of difficulty describing its usage
when embedded in APIs. 1. Ignored fields. It includes many fields
which are not generally honored. For instance, ResourceVersion
and FieldPath are both very rarely valid in actual usage. 2.
Invalid usage help. It is impossible to add specific help for
individual usage. In most embedded usages, there are particular restrictions
like, "must refer only to types A and B" or "UID not honored"
or "name must be restricted". Those cannot be well described
when embedded. 3. Inconsistent validation. Because the usages
are different, the validation rules are different by usage, which
makes it hard for users to predict what will happen. 4. The fields
are both imprecise and overly precise. Kind is not a precise
mapping to a URL. This can produce ambiguity during interpretation
and require a REST mapping. In most cases, the dependency is
onthe group,resource tuple and the version of the actual
struct is irrelevant. 5. We cannot easily change it. Because
this type is embedded in many locations, updates to this type will
affect numerous schemas. Don''t make new APIs embed an underspecified
API type they do not control. Instead of using this type, create
a locally provided and used type that is well-focused on your
reference. For example, ServiceReferences for admission registration:
description:operator represents a key's relationship to a set
of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type:string
values:
description:values is an array of string values. If the operator
is In or NotIn, the values array must be non-empty. If the operator
is Exists or DoesNotExist, the values array must be empty. This
array is replaced during a strategic merge patch.
items:
type:string
type:array
required:
- key
- operator
type:object
type:array
matchLabels:
additionalProperties:
type:string
description:matchLabels is a map of {key,value} pairs. A single {key,value}
in the matchLabels map is equivalent to an element of matchExpressions,
whose key field is "key", the operator is "In", and the values array
contains only "value". The requirements are ANDed.
type:object
type:object
summary:
description:PolicyReportSummary provides a summary of results
properties:
error:
description:Error provides the count of policies that could not be
evaluated
type:integer
fail:
description:Fail provides the count of policies whose requirements
were not met
type:integer
pass:
description:Pass provides the count of policies whose requirements
were met
type:integer
skip:
description:Skip indicates the count of policies that were not selected
for evaluation
type:integer
warn:
description:Warn provides the count of unscored policies whose requirements
were not met
type:integer
type:object
type:object
version:v1alpha1
versions:
- name:v1alpha1
served:true
storage:true
status:
acceptedNames:
kind:""
plural:""
conditions:[]
storedVersions:[]
---
apiVersion:apiextensions.k8s.io/v1beta1
kind:CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version:v0.2.5
creationTimestamp:null
name:clusterreportchangerequests.kyverno.io
spec:
additionalPrinterColumns:
- JSONPath:.scope.kind
name:Kind
priority:1
type:string
- JSONPath:.scope.name
name:Name
priority:1
type:string
- JSONPath:.summary.pass
name:Pass
type:integer
- JSONPath:.summary.fail
name:Fail
type:integer
- JSONPath:.summary.warn
name:Warn
type:integer
- JSONPath:.summary.error
name:Error
type:integer
- JSONPath:.summary.skip
name:Skip
type:integer
- JSONPath:.metadata.creationTimestamp
name:Age
type:date
group:kyverno.io
names:
kind:ClusterReportChangeRequest
listKind:ClusterReportChangeRequestList
plural:clusterreportchangerequests
singular:clusterreportchangerequest
scope:Namespaced
subresources:{}
validation:
openAPIV3Schema:
description:ClusterReportChangeRequest is the Schema for the ClusterReportChangeRequests
API
properties:
apiVersion:
description:'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info:https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type:string
kind:
description:'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info:https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type:string
metadata:
type:object
results:
description:PolicyReportResult provides result details
items:
description:PolicyReportResult provides the result for an individual
policy
properties:
category:
description:Category indicates policy category
type:string
data:
additionalProperties:
type:string
description:Data provides additional information for the policy rule
type:object
message:
description:Message is a short user friendly description of the policy
rule
type:string
policy:
description:Policy is the name of the policy
type:string
resourceSelector:
description:ResourceSelector is an optional selector for policy results
that apply to multiple resources. For example, a policy result may
apply to all pods that match a label. Either a Resource or a ResourceSelector
can be specified. If neither are provided, the result is assumed
to be for the policy report scope.
properties:
matchExpressions:
description:matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description:A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description:key is the label key that the selector applies
to.
type:string
operator:
description:operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type:string
values:
description:values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type:string
type:array
required:
- key
- operator
type:object
type:array
matchLabels:
additionalProperties:
type:string
description:matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type:object
type:object
resources:
description:Resources is an optional reference to the resource checked
by the policy and rule
items:
description:'ObjectReference contains enough information to let
you inspect or modify the referred object. --- New uses of this
type are discouraged because of difficulty describing its usage
when embedded in APIs. 1. Ignored fields. It includes many fields
which are not generally honored. For instance, ResourceVersion
and FieldPath are both very rarely valid in actual usage. 2.
Invalid usage help. It is impossible to add specific help for
individual usage. In most embedded usages, there are particular restrictions
like, "must refer only to types A and B" or "UID not honored"
or "name must be restricted". Those cannot be well described
when embedded. 3. Inconsistent validation. Because the usages
are different, the validation rules are different by usage, which
makes it hard for users to predict what will happen. 4. The fields
are both imprecise and overly precise. Kind is not a precise
mapping to a URL. This can produce ambiguity during interpretation
and require a REST mapping. In most cases, the dependency is
onthe group,resource tuple and the version of the actual
struct is irrelevant. 5. We cannot easily change it. Because
this type is embedded in many locations, updates to this type will
affect numerous schemas. Don''t make new APIs embed an underspecified
API type they do not control. Instead of using this type, create
a locally provided and used type that is well-focused on your
reference. For example, ServiceReferences for admission registration:
description:'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info:https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type:string
kind:
description:'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info:https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type:string
metadata:
type:object
results:
description:PolicyReportResult provides result details
items:
description:PolicyReportResult provides the result for an individual
policy
properties:
category:
description:Category indicates policy category
type:string
data:
additionalProperties:
type:string
description:Data provides additional information for the policy rule
type:object
message:
description:Message is a short user friendly description of the policy
rule
type:string
policy:
description:Policy is the name of the policy
type:string
resourceSelector:
description:ResourceSelector is an optional selector for policy results
that apply to multiple resources. For example, a policy result may
apply to all pods that match a label. Either a Resource or a ResourceSelector
can be specified. If neither are provided, the result is assumed
to be for the policy report scope.
properties:
matchExpressions:
description:matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description:A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description:key is the label key that the selector applies
to.
type:string
operator:
description:operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type:string
values:
description:values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type:string
type:array
required:
- key
- operator
type:object
type:array
matchLabels:
additionalProperties:
type:string
description:matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type:object
type:object
resources:
description:Resources is an optional reference to the resource checked
by the policy and rule
items:
description:'ObjectReference contains enough information to let
you inspect or modify the referred object. --- New uses of this
type are discouraged because of difficulty describing its usage
when embedded in APIs. 1. Ignored fields. It includes many fields
which are not generally honored. For instance, ResourceVersion
and FieldPath are both very rarely valid in actual usage. 2.
Invalid usage help. It is impossible to add specific help for
individual usage. In most embedded usages, there are particular restrictions
like, "must refer only to types A and B" or "UID not honored"
or "name must be restricted". Those cannot be well described
when embedded. 3. Inconsistent validation. Because the usages
are different, the validation rules are different by usage, which
makes it hard for users to predict what will happen. 4. The fields
are both imprecise and overly precise. Kind is not a precise
mapping to a URL. This can produce ambiguity during interpretation
and require a REST mapping. In most cases, the dependency is
onthe group,resource tuple and the version of the actual
struct is irrelevant. 5. We cannot easily change it. Because
this type is embedded in many locations, updates to this type will
affect numerous schemas. Don''t make new APIs embed an underspecified
API type they do not control. Instead of using this type, create
a locally provided and used type that is well-focused on your
reference. For example, ServiceReferences for admission registration:
description:operator represents a key's relationship to a set
of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type:string
values:
description:values is an array of string values. If the operator
is In or NotIn, the values array must be non-empty. If the operator
is Exists or DoesNotExist, the values array must be empty. This
array is replaced during a strategic merge patch.
items:
type:string
type:array
required:
- key
- operator
type:object
type:array
matchLabels:
additionalProperties:
type:string
description:matchLabels is a map of {key,value} pairs. A single {key,value}
in the matchLabels map is equivalent to an element of matchExpressions,
whose key field is "key", the operator is "In", and the values array
contains only "value". The requirements are ANDed.
type:object
type:object
summary:
description:PolicyReportSummary provides a summary of results
properties:
error:
description:Error provides the count of policies that could not be
evaluated
type:integer
fail:
description:Fail provides the count of policies whose requirements
were not met
type:integer
pass:
description:Pass provides the count of policies whose requirements
were met
type:integer
skip:
description:Skip indicates the count of policies that were not selected
for evaluation
type:integer
warn:
description:Warn provides the count of unscored policies whose requirements
were not met
type:integer
type:object
type:object
version:v1alpha1
versions:
- name:v1alpha1
served:true
storage:true
status:
acceptedNames:
kind:""
plural:""
conditions:[]
storedVersions:[]
---
apiVersion:apiextensions.k8s.io/v1beta1
kind:CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version:v0.2.5
creationTimestamp:null
name:reportchangerequests.kyverno.io
spec:
additionalPrinterColumns:
- JSONPath:.scope.kind
name:Kind
priority:1
type:string
- JSONPath:.scope.name
name:Name
priority:1
type:string
- JSONPath:.summary.pass
name:Pass
type:integer
- JSONPath:.summary.fail
name:Fail
type:integer
- JSONPath:.summary.warn
name:Warn
type:integer
- JSONPath:.summary.error
name:Error
type:integer
- JSONPath:.summary.skip
name:Skip
type:integer
- JSONPath:.metadata.creationTimestamp
name:Age
type:date
group:kyverno.io
names:
kind:ReportChangeRequest
listKind:ReportChangeRequestList
plural:reportchangerequests
singular:reportchangerequest
scope:Namespaced
subresources:{}
validation:
openAPIV3Schema:
description:ReportChangeRequest is the Schema for the ReportChangeRequests
API
properties:
apiVersion:
description:'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info:https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type:string
kind:
description:'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info:https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type:string
metadata:
type:object
results:
description:PolicyReportResult provides result details
items:
description:PolicyReportResult provides the result for an individual
policy
properties:
category:
description:Category indicates policy category
type:string
data:
additionalProperties:
type:string
description:Data provides additional information for the policy rule
type:object
message:
description:Message is a short user friendly description of the policy
rule
type:string
policy:
description:Policy is the name of the policy
type:string
resourceSelector:
description:ResourceSelector is an optional selector for policy results
that apply to multiple resources. For example, a policy result may
apply to all pods that match a label. Either a Resource or a ResourceSelector
can be specified. If neither are provided, the result is assumed
to be for the policy report scope.
properties:
matchExpressions:
description:matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description:A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description:key is the label key that the selector applies
to.
type:string
operator:
description:operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type:string
values:
description:values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type:string
type:array
required:
- key
- operator
type:object
type:array
matchLabels:
additionalProperties:
type:string
description:matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type:object
type:object
resources:
description:Resources is an optional reference to the resource checked
by the policy and rule
items:
description:'ObjectReference contains enough information to let
you inspect or modify the referred object. --- New uses of this
type are discouraged because of difficulty describing its usage
when embedded in APIs. 1. Ignored fields. It includes many fields
which are not generally honored. For instance, ResourceVersion
and FieldPath are both very rarely valid in actual usage. 2.
Invalid usage help. It is impossible to add specific help for
individual usage. In most embedded usages, there are particular restrictions
like, "must refer only to types A and B" or "UID not honored"
or "name must be restricted". Those cannot be well described
when embedded. 3. Inconsistent validation. Because the usages
are different, the validation rules are different by usage, which
makes it hard for users to predict what will happen. 4. The fields
are both imprecise and overly precise. Kind is not a precise
mapping to a URL. This can produce ambiguity during interpretation
and require a REST mapping. In most cases, the dependency is
onthe group,resource tuple and the version of the actual
struct is irrelevant. 5. We cannot easily change it. Because
this type is embedded in many locations, updates to this type will
affect numerous schemas. Don''t make new APIs embed an underspecified
API type they do not control. Instead of using this type, create
a locally provided and used type that is well-focused on your
reference. For example, ServiceReferences for admission registration:
