mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-06 07:57:07 +00:00
a43a20adb9
* feat: add cli values schema Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * docs Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * makefile Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * v1alpha1 Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * nits Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
251 lines
12 KiB
YAML
251 lines
12 KiB
YAML
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.12.0
|
|
name: values.cli.kyverno.io
|
|
spec:
|
|
group: cli.kyverno.io
|
|
names:
|
|
kind: Values
|
|
listKind: ValuesList
|
|
plural: values
|
|
singular: values
|
|
scope: Cluster
|
|
versions:
|
|
- name: v1alpha1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Values declares values to be loaded by the Kyverno CLI
|
|
properties:
|
|
apiVersion:
|
|
description: 'APIVersion defines the versioned schema of this representation
|
|
of an object. Servers should convert recognized schemas to the latest
|
|
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
type: string
|
|
globalValues:
|
|
description: GlobalValues are the global values
|
|
type: object
|
|
x-kubernetes-preserve-unknown-fields: true
|
|
kind:
|
|
description: 'Kind is a string value representing the REST resource this
|
|
object represents. Servers may infer this from the endpoint the client
|
|
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
namespaceSelector:
|
|
description: NamespaceSelectors are the namespace labels
|
|
items:
|
|
description: NamespaceSelector declares labels for a given namespace
|
|
properties:
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
description: Labels are the labels for the given namespace
|
|
type: object
|
|
name:
|
|
description: Name is the namespace name
|
|
type: string
|
|
required:
|
|
- labels
|
|
- name
|
|
type: object
|
|
type: array
|
|
policies:
|
|
description: Policies are the policy values
|
|
items:
|
|
description: Policy declares values for a given policy
|
|
properties:
|
|
name:
|
|
description: Name is the policy name
|
|
type: string
|
|
resources:
|
|
description: Resources are values for specific resources
|
|
items:
|
|
description: Resource declares values for a given resource
|
|
properties:
|
|
name:
|
|
description: Name is the name of the resource
|
|
type: string
|
|
values:
|
|
description: Values are the values for the given resource
|
|
type: object
|
|
x-kubernetes-preserve-unknown-fields: true
|
|
required:
|
|
- name
|
|
type: object
|
|
type: array
|
|
rules:
|
|
description: Rules are values for specific policy rules
|
|
items:
|
|
description: Rule declares values for a given policy rule
|
|
properties:
|
|
foreachValues:
|
|
description: ForeachValues are the foreach values for the
|
|
given policy rule
|
|
type: object
|
|
x-kubernetes-preserve-unknown-fields: true
|
|
name:
|
|
description: Name is the name of the ppolicy rule
|
|
type: string
|
|
values:
|
|
description: Values are the values for the given policy rule
|
|
type: object
|
|
x-kubernetes-preserve-unknown-fields: true
|
|
required:
|
|
- name
|
|
type: object
|
|
type: array
|
|
required:
|
|
- name
|
|
type: object
|
|
type: array
|
|
subresources:
|
|
description: Subresources are the subresource/parent resource mappings
|
|
items:
|
|
description: Subresource declares subresource/parent resource mapping
|
|
properties:
|
|
parentResource:
|
|
description: ParentResource declares the parent resource api
|
|
properties:
|
|
categories:
|
|
description: categories is a list of the grouped resources this
|
|
resource belongs to (e.g. 'all')
|
|
items:
|
|
type: string
|
|
type: array
|
|
group:
|
|
description: 'group is the preferred group of the resource. Empty
|
|
implies the group of the containing resource list. For subresources,
|
|
this may have a different value, for example: Scale".'
|
|
type: string
|
|
kind:
|
|
description: kind is the kind for the resource (e.g. 'Foo' is
|
|
the kind for a resource 'foo')
|
|
type: string
|
|
name:
|
|
description: name is the plural name of the resource.
|
|
type: string
|
|
namespaced:
|
|
description: namespaced indicates if a resource is namespaced
|
|
or not.
|
|
type: boolean
|
|
shortNames:
|
|
description: shortNames is a list of suggested short names of
|
|
the resource.
|
|
items:
|
|
type: string
|
|
type: array
|
|
singularName:
|
|
description: singularName is the singular name of the resource. This
|
|
allows clients to handle plural and singular opaquely. The
|
|
singularName is more correct for reporting status on a single
|
|
item and both singular and plural are allowed from the kubectl
|
|
CLI interface.
|
|
type: string
|
|
storageVersionHash:
|
|
description: The hash value of the storage version, the version
|
|
this resource is converted to when written to the data store.
|
|
Value must be treated as opaque by clients. Only equality
|
|
comparison on the value is valid. This is an alpha feature
|
|
and may change or be removed in the future. The field is populated
|
|
by the apiserver only if the StorageVersionHash feature gate
|
|
is enabled. This field will remain optional even if it graduates.
|
|
type: string
|
|
verbs:
|
|
description: verbs is a list of supported kube verbs (this includes
|
|
get, list, watch, create, update, patch, delete, deletecollection,
|
|
and proxy)
|
|
items:
|
|
type: string
|
|
type: array
|
|
version:
|
|
description: 'version is the preferred version of the resource. Empty
|
|
implies the version of the containing resource list For subresources,
|
|
this may have a different value, for example: v1 (while inside
|
|
a v1beta1 version of the core resource''s group)".'
|
|
type: string
|
|
required:
|
|
- kind
|
|
- name
|
|
- namespaced
|
|
- singularName
|
|
- verbs
|
|
type: object
|
|
subresource:
|
|
description: Subresource declares the subresource api
|
|
properties:
|
|
categories:
|
|
description: categories is a list of the grouped resources this
|
|
resource belongs to (e.g. 'all')
|
|
items:
|
|
type: string
|
|
type: array
|
|
group:
|
|
description: 'group is the preferred group of the resource. Empty
|
|
implies the group of the containing resource list. For subresources,
|
|
this may have a different value, for example: Scale".'
|
|
type: string
|
|
kind:
|
|
description: kind is the kind for the resource (e.g. 'Foo' is
|
|
the kind for a resource 'foo')
|
|
type: string
|
|
name:
|
|
description: name is the plural name of the resource.
|
|
type: string
|
|
namespaced:
|
|
description: namespaced indicates if a resource is namespaced
|
|
or not.
|
|
type: boolean
|
|
shortNames:
|
|
description: shortNames is a list of suggested short names of
|
|
the resource.
|
|
items:
|
|
type: string
|
|
type: array
|
|
singularName:
|
|
description: singularName is the singular name of the resource. This
|
|
allows clients to handle plural and singular opaquely. The
|
|
singularName is more correct for reporting status on a single
|
|
item and both singular and plural are allowed from the kubectl
|
|
CLI interface.
|
|
type: string
|
|
storageVersionHash:
|
|
description: The hash value of the storage version, the version
|
|
this resource is converted to when written to the data store.
|
|
Value must be treated as opaque by clients. Only equality
|
|
comparison on the value is valid. This is an alpha feature
|
|
and may change or be removed in the future. The field is populated
|
|
by the apiserver only if the StorageVersionHash feature gate
|
|
is enabled. This field will remain optional even if it graduates.
|
|
type: string
|
|
verbs:
|
|
description: verbs is a list of supported kube verbs (this includes
|
|
get, list, watch, create, update, patch, delete, deletecollection,
|
|
and proxy)
|
|
items:
|
|
type: string
|
|
type: array
|
|
version:
|
|
description: 'version is the preferred version of the resource. Empty
|
|
implies the version of the containing resource list For subresources,
|
|
this may have a different value, for example: v1 (while inside
|
|
a v1beta1 version of the core resource''s group)".'
|
|
type: string
|
|
required:
|
|
- kind
|
|
- name
|
|
- namespaced
|
|
- singularName
|
|
- verbs
|
|
type: object
|
|
required:
|
|
- parentResource
|
|
- subresource
|
|
type: object
|
|
type: array
|
|
type: object
|
|
served: true
|
|
storage: true
|