diff --git a/assets/elemental-crd/elemental-crd-103.4.1+up1.6.5.tgz b/assets/elemental-crd/elemental-crd-103.4.1+up1.6.5.tgz new file mode 100644 index 0000000000..e52b652e89 Binary files /dev/null and b/assets/elemental-crd/elemental-crd-103.4.1+up1.6.5.tgz differ diff --git a/assets/elemental/elemental-103.4.1+up1.6.5.tgz b/assets/elemental/elemental-103.4.1+up1.6.5.tgz new file mode 100644 index 0000000000..609c5bcc1a Binary files /dev/null and b/assets/elemental/elemental-103.4.1+up1.6.5.tgz differ diff --git a/charts/elemental-crd/103.4.1+up1.6.5/Chart.yaml b/charts/elemental-crd/103.4.1+up1.6.5/Chart.yaml new file mode 100644 index 0000000000..dd6c05d04e --- /dev/null +++ b/charts/elemental-crd/103.4.1+up1.6.5/Chart.yaml @@ -0,0 +1,11 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: cattle-elemental-system + catalog.cattle.io/release-name: elemental-operator-crds +apiVersion: v2 +appVersion: 1.6.5 +description: A Helm chart for deploying Rancher Elemental Operator CRDs +name: elemental-crd +type: application +version: 103.4.1+up1.6.5 diff --git a/charts/elemental-crd/103.4.1+up1.6.5/templates/crds.yaml b/charts/elemental-crd/103.4.1+up1.6.5/templates/crds.yaml new file mode 100644 index 0000000000..8746409480 --- /dev/null +++ b/charts/elemental-crd/103.4.1+up1.6.5/templates/crds.yaml @@ -0,0 +1,3747 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + app.kubernetes.io/instance: '{{ .Release.Name }}' + app.kubernetes.io/part-of: Elemental Operator + app.kubernetes.io/version: '{{ .Chart.Version }}' + controller-gen.kubebuilder.io/version: v0.14.0 + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: machineinventories.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: MachineInventory + listKind: MachineInventoryList + plural: machineinventories + singular: machineinventory + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + machineHash: + description: |- + MachineHash the hash of the identifier used by the host to identify + to the operator. This is used when the host authenticates without TPM. + Both the authentication method and the identifier used to derive the hash + depend upon the MachineRegistration spec.config.elemental.registration.auth value. + type: string + tpmHash: + description: |- + TPMHash the hash of the TPM EK public key. This is used if you are + using TPM2 to identifiy nodes. You can obtain the TPM by + running `rancherd get-tpm-hash` on the node. Or nodes can + report their TPM hash by using the MachineRegister. + type: string + type: object + status: + properties: + conditions: + description: Conditions describe the state of the machine inventory + object. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + plan: + description: PlanStatus reflect the status of the plan owned by the + machine inventory object. + properties: + checksum: + description: Checksum checksum of the created plan. + type: string + secretRef: + description: PlanSecretRef a reference to the created plan secret. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + state: + description: State reflect state of the plan that belongs to the + machine inventory. + enum: + - Applied + - Failed + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + app.kubernetes.io/instance: '{{ .Release.Name }}' + app.kubernetes.io/part-of: Elemental Operator + app.kubernetes.io/version: '{{ .Chart.Version }}' + controller-gen.kubebuilder.io/version: v0.14.0 + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: machineinventoryselectors.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: MachineInventorySelector + listKind: MachineInventorySelectorList + plural: machineinventoryselectors + singular: machineinventoryselector + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + providerID: + description: |- + ProviderID the identifier for the elemental instance. + NOTE: Functionality not implemented yet. + type: string + selector: + description: Selector selector to choose elemental machines. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + type: object + status: + properties: + addresses: + description: Addresses represent machine addresses. + items: + description: MachineAddress contains information for the node's + address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP, + InternalIP, ExternalDNS or InternalDNS. + type: string + required: + - address + - type + type: object + type: array + bootstrapPlanChecksum: + description: BootstrapPlanChecksum represent bootstrap plan checksum. + type: string + conditions: + description: Conditions describe the state of the machine selector + object. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + machineInventoryRef: + description: MachineInventoryRef reference to the machine inventory + that belongs to the selector. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + ready: + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + app.kubernetes.io/instance: '{{ .Release.Name }}' + app.kubernetes.io/part-of: Elemental Operator + app.kubernetes.io/version: '{{ .Chart.Version }}' + controller-gen.kubebuilder.io/version: v0.14.0 + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: machineinventoryselectortemplates.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: MachineInventorySelectorTemplate + listKind: MachineInventorySelectorTemplateList + plural: machineinventoryselectortemplates + singular: machineinventoryselectortemplate + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + template: + description: Template machine inventory selector template. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + providerID: + description: |- + ProviderID the identifier for the elemental instance. + NOTE: Functionality not implemented yet. + type: string + selector: + description: Selector selector to choose elemental machines. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + type: object + status: + properties: + addresses: + description: Addresses represent machine addresses. + items: + description: MachineAddress contains information for the + node's address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, + ExternalIP, InternalIP, ExternalDNS or InternalDNS. + type: string + required: + - address + - type + type: object + type: array + bootstrapPlanChecksum: + description: BootstrapPlanChecksum represent bootstrap plan + checksum. + type: string + conditions: + description: Conditions describe the state of the machine + selector object. + items: + description: "Condition contains details for one aspect + of the current state of this API Resource.\n---\nThis + struct is intended for direct use as an array at the field + path .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t + \ // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t + \ // +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, + Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + machineInventoryRef: + description: MachineInventoryRef reference to the machine + inventory that belongs to the selector. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + ready: + type: boolean + type: object + type: object + required: + - template + type: object + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + app.kubernetes.io/instance: '{{ .Release.Name }}' + app.kubernetes.io/part-of: Elemental Operator + app.kubernetes.io/version: '{{ .Chart.Version }}' + controller-gen.kubebuilder.io/version: v0.14.0 + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: machineregistrations.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: MachineRegistration + listKind: MachineRegistrationList + plural: machineregistrations + singular: machineregistration + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + config: + description: Config the cloud config that will be used to provision + the node. + properties: + cloud-config: + x-kubernetes-preserve-unknown-fields: true + elemental: + properties: + install: + properties: + config-dir: + type: string + config-urls: + items: + type: string + type: array + debug: + type: boolean + device: + type: string + device-selector: + items: + properties: + key: + enum: + - Name + - Size + type: string + operator: + enum: + - In + - NotIn + - Gt + - Lt + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + disable-boot-entry: + type: boolean + eject-cd: + type: boolean + firmware: + type: string + iso: + type: string + no-format: + type: boolean + poweroff: + type: boolean + reboot: + type: boolean + snapshotter: + default: + type: loopdevice + properties: + type: + default: loopdevice + description: Type sets the snapshotter type a new + installation, available options are 'loopdevice' + and 'btrfs' + type: string + type: object + system-uri: + type: string + tty: + type: string + type: object + registration: + properties: + auth: + default: tpm + type: string + ca-cert: + type: string + emulate-tpm: + type: boolean + emulated-tpm-seed: + format: int64 + type: integer + no-smbios: + type: boolean + no-toolkit: + type: boolean + url: + type: string + type: object + reset: + default: + reboot: true + reset-oem: true + reset-persistent: true + properties: + config-urls: + items: + type: string + type: array + debug: + type: boolean + disable-boot-entry: + type: boolean + enabled: + type: boolean + poweroff: + type: boolean + reboot: + default: true + type: boolean + reset-oem: + default: true + type: boolean + reset-persistent: + default: true + type: boolean + system-uri: + type: string + type: object + system-agent: + properties: + secret-name: + type: string + secret-namespace: + type: string + token: + type: string + url: + type: string + type: object + type: object + type: object + machineInventoryAnnotations: + additionalProperties: + type: string + description: MachineInventoryAnnotations annotations to be added to + the created MachineInventory object. + type: object + machineInventoryLabels: + additionalProperties: + type: string + description: MachineInventoryLabels label to be added to the created + MachineInventory object. + type: object + machineName: + type: string + type: object + status: + properties: + conditions: + description: Conditions describe the state of the machine registration + object. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + registrationToken: + description: RegistrationToken a token for registering a machine. + type: string + registrationURL: + description: RegistrationURL is the URL for registering a new machine. + type: string + serviceAccountRef: + description: ServiceAccountRef a reference to the service account + created by the machine registration. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + app.kubernetes.io/instance: '{{ .Release.Name }}' + app.kubernetes.io/part-of: Elemental Operator + app.kubernetes.io/version: '{{ .Chart.Version }}' + controller-gen.kubebuilder.io/version: v0.14.0 + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: managedosimages.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: ManagedOSImage + listKind: ManagedOSImageList + plural: managedosimages + singular: managedosimage + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + cloudConfig: + x-kubernetes-preserve-unknown-fields: true + clusterRolloutStrategy: + description: RolloverStrategy controls the rollout of the bundle across + clusters. + properties: + autoPartitionSize: + anyOf: + - type: integer + - type: string + description: |- + A number or percentage of how to automatically partition clusters if no + specific partitioning strategy is configured. + default: 25% + nullable: true + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + A number or percentage of clusters that can be unavailable during an update + of a bundle. This follows the same basic approach as a deployment rollout + strategy. Once the number of clusters meets unavailable state update will be + paused. Default value is 100% which doesn't take effect on update. + default: 100% + nullable: true + x-kubernetes-int-or-string: true + maxUnavailablePartitions: + anyOf: + - type: integer + - type: string + description: |- + A number or percentage of cluster partitions that can be unavailable during + an update of a bundle. + default: 0 + nullable: true + x-kubernetes-int-or-string: true + partitions: + description: |- + A list of definitions of partitions. If any target clusters do not match + the configuration they are added to partitions at the end following the + autoPartitionSize. + items: + description: Partition defines a separate rollout strategy for + a set of clusters. + properties: + clusterGroup: + description: A cluster group name to include in this partition + type: string + clusterGroupSelector: + description: Selector matching cluster group labels to include + in this partition + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + clusterName: + description: ClusterName is the name of a cluster to include + in this partition + type: string + clusterSelector: + description: Selector matching cluster labels to include + in this partition + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + A number or percentage of clusters that can be unavailable in this + partition before this partition is treated as done. + default: 10% + x-kubernetes-int-or-string: true + name: + description: A user-friendly name given to the partition + used for Display (optional). + type: string + type: object + nullable: true + type: array + type: object + clusterTargets: + items: + description: |- + BundleTarget declares clusters to deploy to. Fleet will merge the + BundleDeploymentOptions from customizations into this struct. + properties: + clusterGroup: + description: ClusterGroup to match a specific cluster group + by name. + nullable: true + type: string + clusterGroupSelector: + description: ClusterGroupSelector is a selector to match cluster + groups. + nullable: true + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + clusterName: + description: |- + ClusterName to match a specific cluster by name that will be + selected + nullable: true + type: string + clusterSelector: + description: |- + ClusterSelector is a selector to match clusters. The structure is + the standard metav1.LabelSelector format. If clusterGroupSelector or + clusterGroup is specified, clusterSelector will be used only to + further refine the selection after clusterGroupSelector and + clusterGroup is evaluated. + nullable: true + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + correctDrift: + description: CorrectDrift specifies how drift correction should + work. + properties: + enabled: + description: Enabled correct drift if true. + type: boolean + force: + description: Force helm rollback with --force option will + be used if true. This will try to recreate all resources + in the release. + type: boolean + keepFailHistory: + description: KeepFailHistory keeps track of failed rollbacks + in the helm history. + type: boolean + type: object + defaultNamespace: + description: |- + DefaultNamespace is the namespace to use for resources that do not + specify a namespace. This field is not used to enforce or lock down + the deployment to a specific namespace. + nullable: true + type: string + deleteCRDResources: + description: DeleteCRDResources deletes CRDs. Warning! this + will also delete all your Custom Resources. + type: boolean + diff: + description: Diff can be used to ignore the modified state of + objects which are amended at runtime. + nullable: true + properties: + comparePatches: + description: ComparePatches match a resource and remove + fields from the check for modifications. + items: + description: ComparePatch matches a resource and removes + fields from the check for modifications. + properties: + apiVersion: + description: APIVersion is the apiVersion of the resource + to match. + nullable: true + type: string + jsonPointers: + description: JSONPointers ignore diffs at a certain + JSON path. + items: + type: string + nullable: true + type: array + kind: + description: Kind is the kind of the resource to match. + nullable: true + type: string + name: + description: Name is the name of the resource to match. + nullable: true + type: string + namespace: + description: Namespace is the namespace of the resource + to match. + nullable: true + type: string + operations: + description: Operations remove a JSON path from the + resource. + items: + description: Operation of a ComparePatch, usually + "remove". + properties: + op: + description: Op is usually "remove" + nullable: true + type: string + path: + description: Path is the JSON path to remove. + nullable: true + type: string + value: + description: Value is usually empty. + nullable: true + type: string + type: object + nullable: true + type: array + type: object + nullable: true + type: array + type: object + doNotDeploy: + description: DoNotDeploy if set to true, will not deploy to + this target. + type: boolean + forceSyncGeneration: + description: ForceSyncGeneration is used to force a redeployment + format: int64 + type: integer + helm: + description: Helm options for the deployment, like the chart + name, repo and values. + nullable: true + properties: + atomic: + description: Atomic sets the --atomic flag when Helm is + performing an upgrade + type: boolean + chart: + description: |- + Chart can refer to any go-getter URL or OCI registry based helm + chart URL. The chart will be downloaded. + nullable: true + type: string + disableDNS: + description: DisableDNS can be used to customize Helm's + EnableDNS option, which Fleet sets to `true` by default. + type: boolean + disableDependencyUpdate: + description: DisableDependencyUpdate allows skipping chart + dependencies update + type: boolean + disablePreProcess: + description: DisablePreProcess disables template processing + in values + type: boolean + force: + description: Force allows to override immutable resources. + This could be dangerous. + type: boolean + maxHistory: + description: MaxHistory limits the maximum number of revisions + saved per release by Helm. + type: integer + releaseName: + description: |- + ReleaseName sets a custom release name to deploy the chart as. If + not specified a release name will be generated by combining the + invoking GitRepo.name + GitRepo.path. + maxLength: 53 + nullable: true + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + repo: + description: Repo is the name of the HTTPS helm repo to + download the chart from. + nullable: true + type: string + skipSchemaValidation: + description: SkipSchemaValidation allows skipping schema + validation against the chart values + type: boolean + takeOwnership: + description: TakeOwnership makes helm skip the check for + its own annotations + type: boolean + timeoutSeconds: + description: TimeoutSeconds is the time to wait for Helm + operations. + type: integer + values: + description: |- + Values passed to Helm. It is possible to specify the keys and values + as go template strings. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + valuesFiles: + description: ValuesFiles is a list of files to load values + from. + items: + type: string + nullable: true + type: array + valuesFrom: + description: ValuesFrom loads the values from configmaps + and secrets. + items: + description: 'Define helm values that can come from configmap, + secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439' + properties: + configMapKeyRef: + description: The reference to a config map with release + values. + nullable: true + properties: + key: + nullable: true + type: string + name: + description: Name of a resource in the same namespace + as the referent. + nullable: true + type: string + namespace: + nullable: true + type: string + type: object + secretKeyRef: + description: The reference to a secret with release + values. + nullable: true + properties: + key: + nullable: true + type: string + name: + description: Name of a resource in the same namespace + as the referent. + nullable: true + type: string + namespace: + nullable: true + type: string + type: object + type: object + nullable: true + type: array + version: + description: Version of the chart to download + nullable: true + type: string + waitForJobs: + description: |- + WaitForJobs if set and timeoutSeconds provided, will wait until all + Jobs have been completed before marking the GitRepo as ready. It + will wait for as long as timeoutSeconds + type: boolean + type: object + ignore: + description: IgnoreOptions can be used to ignore fields when + monitoring the bundle. + properties: + conditions: + description: Conditions is a list of conditions to be ignored + when monitoring the Bundle. + items: + additionalProperties: + type: string + type: object + nullable: true + type: array + type: object + keepResources: + description: KeepResources can be used to keep the deployed + resources when removing the bundle + type: boolean + kustomize: + description: |- + Kustomize options for the deployment, like the dir containing the + kustomization.yaml file. + nullable: true + properties: + dir: + description: |- + Dir points to a custom folder for kustomize resources. This folder must contain + a kustomization.yaml file. + nullable: true + type: string + type: object + name: + description: |- + Name of target. This value is largely for display and logging. If + not specified a default name of the format "target000" will be used + type: string + namespace: + description: |- + TargetNamespace if present will assign all resource to this + namespace and if any cluster scoped resource exists the deployment + will fail. + nullable: true + type: string + namespaceAnnotations: + additionalProperties: + type: string + description: NamespaceAnnotations are annotations that will + be appended to the namespace created by Fleet. + nullable: true + type: object + namespaceLabels: + additionalProperties: + type: string + description: NamespaceLabels are labels that will be appended + to the namespace created by Fleet. + nullable: true + type: object + serviceAccount: + description: ServiceAccount which will be used to perform this + deployment. + nullable: true + type: string + yaml: + description: |- + YAML options, if using raw YAML these are names that map to + overlays/{name} files that will be used to replace or patch a resource. + nullable: true + properties: + overlays: + description: |- + Overlays is a list of names that maps to folders in "overlays/". + If you wish to customize the file ./subdir/resource.yaml then a file + ./overlays/myoverlay/subdir/resource.yaml will replace the base + file. + A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file. + items: + type: string + nullable: true + type: array + type: object + type: object + type: array + concurrency: + format: int64 + type: integer + cordon: + type: boolean + drain: + default: + deleteLocalData: true + force: true + ignoreDaemonSets: true + skipWaitForDeleteTimeout: 60 + description: DrainSpec encapsulates `kubectl drain` parameters minus + node/pod selectors. + nullable: true + properties: + deleteEmptydirData: + type: boolean + deleteLocalData: + type: boolean + disableEviction: + type: boolean + force: + type: boolean + gracePeriod: + format: int32 + type: integer + ignoreDaemonSets: + type: boolean + podSelector: + description: |- + A label selector is a label query over a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector matches all objects. A null + label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + skipWaitForDeleteTimeout: + type: integer + timeout: + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. + format: int64 + type: integer + type: object + managedOSVersionName: + type: string + nodeSelector: + description: |- + A label selector is a label query over a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector matches all objects. A null + label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + osImage: + type: string + prepare: + description: ContainerSpec is a simplified container template. + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + envFrom: + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + envs: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + image: + type: string + securityContext: + description: |- + SecurityContext holds security configuration that will be applied to a container. + Some fields are present in both SecurityContext and PodSecurityContext. When both + are set, the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. + type: boolean + capabilities: + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + volumes: + items: + properties: + destination: + type: string + name: + type: string + source: + type: string + type: object + type: array + type: object + upgradeContainer: + description: ContainerSpec is a simplified container template. + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + envFrom: + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + envs: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + image: + type: string + securityContext: + description: |- + SecurityContext holds security configuration that will be applied to a container. + Some fields are present in both SecurityContext and PodSecurityContext. When both + are set, the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. + type: boolean + capabilities: + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + volumes: + items: + properties: + destination: + type: string + name: + type: string + source: + type: string + type: object + type: array + type: object + required: + - drain + type: object + status: + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + app.kubernetes.io/instance: '{{ .Release.Name }}' + app.kubernetes.io/part-of: Elemental Operator + app.kubernetes.io/version: '{{ .Chart.Version }}' + controller-gen.kubebuilder.io/version: v0.14.0 + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: managedosversionchannels.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: ManagedOSVersionChannel + listKind: ManagedOSVersionChannelList + plural: managedosversionchannels + singular: managedosversionchannel + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + deleteNoLongerInSyncVersions: + default: false + description: |- + DeleteNoLongerInSyncVersions automatically deletes + all no-longer-in-sync ManagedOSVersions that were created by this channel. + type: boolean + options: + x-kubernetes-preserve-unknown-fields: true + syncInterval: + default: 1h + type: string + type: + type: string + upgradeContainer: + description: ContainerSpec is a simplified container template. + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + envFrom: + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + envs: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + image: + type: string + securityContext: + description: |- + SecurityContext holds security configuration that will be applied to a container. + Some fields are present in both SecurityContext and PodSecurityContext. When both + are set, the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. + type: boolean + capabilities: + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + volumes: + items: + properties: + destination: + type: string + name: + type: string + source: + type: string + type: object + type: array + type: object + type: object + status: + properties: + conditions: + description: Conditions describe the state of the managed OS version + object. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + failedSynchronizationAttempts: + description: FailedSynchronizationAttempts counts the number of consecutive + synchronization failures + type: integer + lastSyncedTime: + description: LastSyncedTime is the timestamp of the last synchronization + format: date-time + type: string + syncedGeneration: + description: SyncedGeneration tracks the spec generation of the last + synchronization + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + app.kubernetes.io/instance: '{{ .Release.Name }}' + app.kubernetes.io/part-of: Elemental Operator + app.kubernetes.io/version: '{{ .Chart.Version }}' + controller-gen.kubebuilder.io/version: v0.14.0 + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: managedosversions.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: ManagedOSVersion + listKind: ManagedOSVersionList + plural: managedosversions + singular: managedosversion + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + metadata: + x-kubernetes-preserve-unknown-fields: true + minVersion: + type: string + type: + type: string + upgradeContainer: + description: ContainerSpec is a simplified container template. + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + envFrom: + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + envs: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + image: + type: string + securityContext: + description: |- + SecurityContext holds security configuration that will be applied to a container. + Some fields are present in both SecurityContext and PodSecurityContext. When both + are set, the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. + type: boolean + capabilities: + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + volumes: + items: + properties: + destination: + type: string + name: + type: string + source: + type: string + type: object + type: array + type: object + version: + type: string + type: object + status: + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + app.kubernetes.io/instance: '{{ .Release.Name }}' + app.kubernetes.io/part-of: Elemental Operator + app.kubernetes.io/version: '{{ .Chart.Version }}' + controller-gen.kubebuilder.io/version: v0.14.0 + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: metadata.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: Metadata + listKind: MetadataList + plural: metadata + singular: metadata + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + annotations: + additionalProperties: + type: string + type: object + appVersion: + type: string + type: object + status: + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + app.kubernetes.io/instance: '{{ .Release.Name }}' + app.kubernetes.io/part-of: Elemental Operator + app.kubernetes.io/version: '{{ .Chart.Version }}' + controller-gen.kubebuilder.io/version: v0.14.0 + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: seedimages.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: SeedImage + listKind: SeedImageList + plural: seedimages + singular: seedimage + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + properties: + baseImage: + description: BaseImg the base elemental image used to build the seed + image. + type: string + buildContainer: + description: |- + BuildContainer settings for a custom container used to generate the + downloadable image. + properties: + args: + description: Args same as corev1.Container.Args + items: + type: string + type: array + command: + description: Command same as corev1.Container.Command + items: + type: string + type: array + image: + description: Image container image to run + type: string + imagePullPolicy: + description: Args same as corev1.Container.ImagePullPolicy + type: string + name: + description: Name of the spawned container + type: string + type: object + cleanupAfterMinutes: + default: 60 + description: |- + LifetimeMinutes the time at which the built seed image will be cleaned up. + If when the lifetime elapses the built image is being downloaded, the active + download will be completed before removing the built image. + Default is 60 minutes, set to 0 to disable. + format: int32 + type: integer + cloud-config: + description: CloudConfig contains cloud-config data to be put in the + generated iso. + x-kubernetes-preserve-unknown-fields: true + registrationRef: + description: MachineRegistrationRef a reference to the related MachineRegistration. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + retriggerBuild: + description: RetriggerBuild triggers to build again a cleaned up seed + image. + type: boolean + size: + anyOf: + - type: integer + - type: string + default: 6442450944 + description: |- + Size specifies the size of the volume used to store the image. + Defaults to 6Gi + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + targetPlatform: + description: 'Platform specifies the target platform for the built + image. Example: linux/amd64' + example: linux/amd64 + pattern: ^$|^\S+\/\S+$ + type: string + type: + default: iso + description: |- + Type specifies the type of seed image to built. + Valid values are iso|raw + Defaults to "iso" + enum: + - iso + - raw + type: string + required: + - registrationRef + - type + type: object + status: + properties: + checksumURL: + description: ChecksumURL the URL from which the SeedImage checksum + can be downloaded once the image is built. + type: string + conditions: + description: Conditions describe the state of the machine registration + object. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + downloadToken: + description: DownloadToken a token to identify the seed image to download. + type: string + downloadURL: + description: DownloadURL the URL from which the SeedImage can be downloaded + once built. + type: string + state: + description: State reflect the state of the seed image build process. + enum: + - Initialized + - Started + - Completed + - Failed + - NotStarted + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/elemental-crd/103.4.1+up1.6.5/templates/validate-no-pending-deletions.yaml b/charts/elemental-crd/103.4.1+up1.6.5/templates/validate-no-pending-deletions.yaml new file mode 100644 index 0000000000..6e16863118 --- /dev/null +++ b/charts/elemental-crd/103.4.1+up1.6.5/templates/validate-no-pending-deletions.yaml @@ -0,0 +1,17 @@ +{{- $crds := list + "machineinventories.elemental.cattle.io" + "machineinventoryselectors.elemental.cattle.io" + "machineinventoryselectortemplates.elemental.cattle.io" + "machineregistrations.elemental.cattle.io" + "managedosimages.elemental.cattle.io" + "managedosversionchannels.elemental.cattle.io" + "managedosversions.elemental.cattle.io" + "seedimages.elemental.cattle.io" + "metadata.elemental.cattle.io" +-}} +{{- range $index, $crd := $crds -}} + {{- $obj := lookup "apiextensions.k8s.io/v1" "CustomResourceDefinition" $.Release.Namespace $crd -}} + {{- if and $obj $obj.metadata.deletionTimestamp -}} + {{- required "CRDs from previous installations are pending to be removed (deletionTimestamp is set). Fully deleting them before (re-)installing is required" "" -}} + {{- end -}} +{{- end -}} diff --git a/charts/elemental/103.4.1+up1.6.5/Chart.yaml b/charts/elemental/103.4.1+up1.6.5/Chart.yaml new file mode 100644 index 0000000000..e4ed82b675 --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/Chart.yaml @@ -0,0 +1,20 @@ +annotations: + catalog.cattle.io/auto-install: elemental-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Elemental + catalog.cattle.io/kube-version: '>= 1.23.0-0' + catalog.cattle.io/namespace: cattle-elemental-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux + catalog.cattle.io/provides-gvr: elemental.cattle.io/v1beta1 + catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0' + catalog.cattle.io/release-name: elemental-operator + catalog.cattle.io/scope: management + catalog.cattle.io/type: cluster-tool + catalog.cattle.io/upstream-version: 1.6.5 +apiVersion: v2 +appVersion: 1.6.5 +description: Elemental provides Cloud Native OS Management for Cluster Nodes. +icon: https://raw.githubusercontent.com/rancher/elemental/main/logo/icon-elemental.svg +name: elemental +version: 103.4.1+up1.6.5 diff --git a/charts/elemental/103.4.1+up1.6.5/README.md b/charts/elemental/103.4.1+up1.6.5/README.md new file mode 100644 index 0000000000..bf7b83ea6c --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/README.md @@ -0,0 +1,5 @@ +# Elemental Operator Helm Chart + +This chart bootstraps an elemental-operator deployment on a [Rancher Manager](https://rancher.com/docs/rancher/) cluster using the [Helm](https://helm.sh) package manager. + +Check out the [Elemental Operator Helm Chart documentation](https://elemental.docs.rancher.com/elementaloperatorchart-reference/) in the official [Elemental guide](https://elemental.docs.rancher.com/). diff --git a/charts/elemental/103.4.1+up1.6.5/app-readme.md b/charts/elemental/103.4.1+up1.6.5/app-readme.md new file mode 100644 index 0000000000..3d694ac5f6 --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/app-readme.md @@ -0,0 +1,5 @@ +# Elemental + +Elemental brings to Rancher the ability to install and manage the OS of bare metal and virtualized machines. + +For more information on how to deploy an Elemental Cluster, follow the [official documentation](https://elemental.docs.rancher.com/). \ No newline at end of file diff --git a/charts/elemental/103.4.1+up1.6.5/questions.yaml b/charts/elemental/103.4.1+up1.6.5/questions.yaml new file mode 100644 index 0000000000..53a85c6e32 --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/questions.yaml @@ -0,0 +1,27 @@ +questions: +- variable: channel.defaultChannel + default: "true" + description: "Provide an Elemental OS Channel container image" + label: Elemental OS Channel + type: boolean + show_subquestion_if: true + group: "Elemental OS Channel" + subquestions: + - variable: channel.image + default: "registry.suse.com/rancher/elemental-channel/sl-micro" + description: "Specify the Elemental OS channel: for air-gapped scenarios you need to provide your own OS channel image (see https://elemental.docs.rancher.com/airgap for detailed instructions)" + type: string + label: Elemental OS Channel Image + group: "Elemental OS Channel" + - variable: channel.tag + default: "6.0-baremetal" + description: "Specify Elemental OS channel image tag" + type: string + label: "Elemental OS Channel Tag" + group: "Elemental OS Channel" +- variable: debug + default: "false" + description: "Enable debug logging in the Elemental operator" + type: boolean + label: "Enable Debug Logging" + group: "Logging" diff --git a/charts/elemental/103.4.1+up1.6.5/templates/_helpers.tpl b/charts/elemental/103.4.1+up1.6.5/templates/_helpers.tpl new file mode 100644 index 0000000000..ee1e6fe7d8 --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/templates/_helpers.tpl @@ -0,0 +1,17 @@ +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} + +{{- define "registry_url" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{ include "system_default_registry" . }} +{{- else if .Values.registryUrl -}} +{{- printf "%s/" .Values.registryUrl -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} diff --git a/charts/elemental/103.4.1+up1.6.5/templates/apiservice.yaml b/charts/elemental/103.4.1+up1.6.5/templates/apiservice.yaml new file mode 100644 index 0000000000..73ae2e505f --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/templates/apiservice.yaml @@ -0,0 +1,9 @@ +kind: APIService +apiVersion: management.cattle.io/v3 +metadata: + name: {{ .Release.Name }} +spec: + secretName: elemental-operator + secretNamespace: {{ .Release.Namespace }} + pathPrefixes: + - /elemental/ diff --git a/charts/elemental/103.4.1+up1.6.5/templates/capi_rbac.yaml b/charts/elemental/103.4.1+up1.6.5/templates/capi_rbac.yaml new file mode 100644 index 0000000000..8692f75269 --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/templates/capi_rbac.yaml @@ -0,0 +1,10 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: elemental-capi-role + labels: + cluster.x-k8s.io/aggregate-to-manager: "true" +rules: + - apiGroups: ["elemental.cattle.io"] + resources: ["*"] + verbs: ["*"] diff --git a/charts/elemental/103.4.1+up1.6.5/templates/channel-dev.yaml b/charts/elemental/103.4.1+up1.6.5/templates/channel-dev.yaml new file mode 100644 index 0000000000..da66784034 --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/templates/channel-dev.yaml @@ -0,0 +1,13 @@ +# Unstable channel for testing isv:Rancher:Elemental OBS projects +# it is only rendered if the registryUrl value includes a known OBS project reference +{{ if and (hasPrefix "registry.opensuse.org" .Values.registryUrl) (contains "isv/rancher/elemental" .Values.registryUrl) }} +apiVersion: elemental.cattle.io/v1beta1 +kind: ManagedOSVersionChannel +metadata: + name: unstable-testing-channel + namespace: fleet-default +spec: + options: + image: {{ .Values.registryUrl }}/rancher/elemental-unstable-channel:latest + type: custom +{{ end }} diff --git a/charts/elemental/103.4.1+up1.6.5/templates/channels.yaml b/charts/elemental/103.4.1+up1.6.5/templates/channels.yaml new file mode 100644 index 0000000000..c180d36d05 --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/templates/channels.yaml @@ -0,0 +1,30 @@ +{{ $defChannelName := "" }} +{{ if and .Values.channel .Values.channel.image .Values.channel.tag .Values.channel.name }} +{{ $defChannelName := .Values.channel.name }} +apiVersion: elemental.cattle.io/v1beta1 +kind: ManagedOSVersionChannel +metadata: + name: {{ .Values.channel.name }} + namespace: fleet-default +spec: + options: + image: {{ .Values.channel.image }}:{{ .Values.channel.tag }} + type: custom +{{ end }} + +# Keep pre-existing channels managed by Helm if they do not match with the current default +# this way if an upgrade introduces a new channel any pre-existing channel managed by Helm is not deleted +{{ range $index, $channel := (lookup "elemental.cattle.io/v1beta1" "ManagedOSVersionChannel" "fleet-default" "").items }} + {{ if and (eq (index $channel.metadata.labels "app.kubernetes.io/managed-by") "Helm") (ne $channel.metadata.name $defChannelName) }} +--- +apiVersion: elemental.cattle.io/v1beta1 +kind: ManagedOSVersionChannel +metadata: + name: {{ $channel.metadata.name }} + namespace: fleet-default +spec: + options: + image: {{ $channel.spec.options.image }} + type: custom + {{ end }} +{{ end }} diff --git a/charts/elemental/103.4.1+up1.6.5/templates/cluster_role.yaml b/charts/elemental/103.4.1+up1.6.5/templates/cluster_role.yaml new file mode 100644 index 0000000000..aaa3a0f2ec --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/templates/cluster_role.yaml @@ -0,0 +1,268 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: '{{ .Release.Name }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods/log + verbs: + - get +- apiGroups: + - "" + resources: + - pods/status + verbs: + - get +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - delete + - get + - list + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services/status + verbs: + - get +- apiGroups: + - cluster.x-k8s.io + resources: + - machines + verbs: + - get + - list + - watch +- apiGroups: + - elemental.cattle.io + resources: + - machineinventories + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - elemental.cattle.io + resources: + - machineinventories/status + verbs: + - get + - patch + - update +- apiGroups: + - elemental.cattle.io + resources: + - machineinventoryselectors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - elemental.cattle.io + resources: + - machineinventoryselectors/status + verbs: + - get + - list + - patch + - update +- apiGroups: + - elemental.cattle.io + resources: + - machineregistrations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - elemental.cattle.io + resources: + - machineregistrations/status + verbs: + - get + - patch + - update +- apiGroups: + - elemental.cattle.io + resources: + - managedosimages + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - elemental.cattle.io + resources: + - managedosimages/status + verbs: + - get + - list + - patch + - update +- apiGroups: + - elemental.cattle.io + resources: + - managedosversionchannels + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - elemental.cattle.io + resources: + - managedosversionchannels/status + verbs: + - get + - list + - patch + - update +- apiGroups: + - elemental.cattle.io + resources: + - managedosversions + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - elemental.cattle.io + resources: + - managedosversions/status + verbs: + - get + - list + - patch + - update +- apiGroups: + - elemental.cattle.io + resources: + - seedimages + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - elemental.cattle.io + resources: + - seedimages/status + verbs: + - get + - patch + - update +- apiGroups: + - fleet.cattle.io + resources: + - bundles + verbs: + - create + - get + - list + - update + - watch +- apiGroups: + - management.cattle.io + resources: + - settings + verbs: + - get + - list + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - create + - delete + - list + - watch diff --git a/charts/elemental/103.4.1+up1.6.5/templates/cluster_role_binding.yaml b/charts/elemental/103.4.1+up1.6.5/templates/cluster_role_binding.yaml new file mode 100644 index 0000000000..e68c7bc96b --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/templates/cluster_role_binding.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ .Release.Name }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ .Release.Name }} +subjects: +- kind: ServiceAccount + name: {{ .Release.Name }} + namespace: {{.Release.Namespace}} + diff --git a/charts/elemental/103.4.1+up1.6.5/templates/deployment.yaml b/charts/elemental/103.4.1+up1.6.5/templates/deployment.yaml new file mode 100644 index 0000000000..576d58d596 --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/templates/deployment.yaml @@ -0,0 +1,50 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }} +spec: + replicas: {{ .Values.replicas }} + selector: + matchLabels: + app: elemental-operator + template: + metadata: + labels: + app: elemental-operator + spec: + containers: + - env: + - name: NO_PROXY + value: {{ .Values.noProxy }} + {{- if .Values.proxy }} + - name: HTTP_PROXY + value: {{ .Values.proxy }} + - name: HTTPS_PROXY + value: {{ .Values.proxy }} + {{- end }} + name: {{ .Release.Name }} + imagePullPolicy: "{{ .Values.image.imagePullPolicy }}" + image: {{ template "registry_url" . }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }} + args: + - operator + {{- if .Values.debug }} + - --v=5 + - --debug + {{- end }} + - --namespace + - {{ .Release.Namespace }} + - --operator-image + - {{ template "registry_url" . }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }} + - --seedimage-image + - {{ template "registry_url" . }}{{ .Values.seedImage.repository }}:{{ .Values.seedImage.tag | default .Chart.AppVersion }} + - --seedimage-image-pullpolicy + - {{ .Values.seedImage.imagePullPolicy}} + serviceAccountName: {{ .Release.Name }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/elemental/103.4.1+up1.6.5/templates/globalrole.yaml b/charts/elemental/103.4.1+up1.6.5/templates/globalrole.yaml new file mode 100644 index 0000000000..323cf2ead8 --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/templates/globalrole.yaml @@ -0,0 +1,16 @@ +apiVersion: management.cattle.io/v3 +builtin: false +description: "Elemental Administrator Role" +displayName: Elemental Administrator +kind: GlobalRole +metadata: + labels: + cattle.io/creator: norman + name: {{ .Release.Name }} +rules: +- apiGroups: + - elemental.cattle.io + resources: + - '*' + verbs: + - '*' diff --git a/charts/elemental/103.4.1+up1.6.5/templates/metadata.yaml b/charts/elemental/103.4.1+up1.6.5/templates/metadata.yaml new file mode 100644 index 0000000000..d102d9f2ea --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/templates/metadata.yaml @@ -0,0 +1,10 @@ +apiVersion: elemental.cattle.io/v1beta1 +kind: Metadata +metadata: + name: {{ .Release.Name }} +spec: + appVersion: {{ .Chart.AppVersion }} + annotations: + {{- range $key, $value := .Chart.Annotations }} + {{ $key }}: {{ toYaml $value }} + {{- end }} diff --git a/charts/elemental/103.4.1+up1.6.5/templates/serviceaccount.yaml b/charts/elemental/103.4.1+up1.6.5/templates/serviceaccount.yaml new file mode 100644 index 0000000000..cb203d6f6c --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/templates/serviceaccount.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Release.Name }} diff --git a/charts/elemental/103.4.1+up1.6.5/templates/validate-install-crd.yaml b/charts/elemental/103.4.1+up1.6.5/templates/validate-install-crd.yaml new file mode 100644 index 0000000000..45008251ae --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/templates/validate-install-crd.yaml @@ -0,0 +1,26 @@ +{{ if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 }} + {{ $apis := dict + "elemental.cattle.io/v1beta1/MachineInventory" "machineinventories" + "elemental.cattle.io/v1beta1/MachineInventorySelector" "machineinventoryselectors" + "elemental.cattle.io/v1beta1/MachineInventorySelectorTemplate" "machineinventoryselectortemplates" + "elemental.cattle.io/v1beta1/MachineRegistration" "machineregistrations" + "elemental.cattle.io/v1beta1/ManagedOSImage" "managedosimages" + "elemental.cattle.io/v1beta1/ManagedOSVersionChannel" "managedosversionchannels" + "elemental.cattle.io/v1beta1/ManagedOSVersion" "managedosversions" + "elemental.cattle.io/v1beta1/SeedImage" "seedimages" + "elemental.cattle.io/v1beta1/Metadata" "metadata" + }} + {{- range $api, $crd := $apis -}} + {{- if not ($.Capabilities.APIVersions.Has $api) -}} + {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}} + {{- end -}} + {{- $crdobj := lookup "apiextensions.k8s.io/v1" "CustomResourceDefinition" "" (print $crd ".elemental.cattle.io") -}} + {{- if not $crdobj -}} + {{- print "Cannot lookup " $crd ".elemental.cattle.io crd object" | fail -}} + {{- end -}} + {{- $crdrelease := index $crdobj.metadata.annotations "meta.helm.sh/release-name" -}} + {{- if eq $crdrelease $.Release.Name -}} + {{- required "Elemental CRDs should be moved to the new elemental-operator-crds chart before upgrading this operator." "" -}} + {{- end -}} + {{- end -}} +{{- end -}} diff --git a/charts/elemental/103.4.1+up1.6.5/values.yaml b/charts/elemental/103.4.1+up1.6.5/values.yaml new file mode 100644 index 0000000000..812abf75a2 --- /dev/null +++ b/charts/elemental/103.4.1+up1.6.5/values.yaml @@ -0,0 +1,43 @@ +image: + empty: rancher/pause:3.1 + repository: "rancher/mirrored-elemental-operator" + tag: "1.6.5" + imagePullPolicy: IfNotPresent + +seedImage: + repository: "rancher/mirrored-elemental-seedimage-builder" + tag: "1.6.5" + imagePullPolicy: IfNotPresent + +channel: + name: "sl-micro-6.0-baremetal-channel" + image: "registry.suse.com/rancher/elemental-channel/sl-micro" + tag: "6.0-baremetal" + +# number of operator replicas to deploy +replicas: 1 + +# http[s] proxy server +# proxy: http://@:: + +# comma separated list of domains or ip addresses that will not use the proxy +noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local + +global: + cattle: + systemDefaultRegistry: "" + +# used only if systemDefaultRegistry is empty +registryUrl: "" + +# enable debug output for operator +debug: false + +nodeSelector: + kubernetes.io/os: linux + +tolerations: + - key: cattle.io/os + operator: "Equal" + value: "linux" + effect: NoSchedule diff --git a/index.yaml b/index.yaml index 7b5dbe83a8..88dbc9a1ef 100755 --- a/index.yaml +++ b/index.yaml @@ -1,6 +1,30 @@ apiVersion: v1 entries: elemental: + - annotations: + catalog.cattle.io/auto-install: elemental-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Elemental + catalog.cattle.io/kube-version: '>= 1.23.0-0' + catalog.cattle.io/namespace: cattle-elemental-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux + catalog.cattle.io/provides-gvr: elemental.cattle.io/v1beta1 + catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0' + catalog.cattle.io/release-name: elemental-operator + catalog.cattle.io/scope: management + catalog.cattle.io/type: cluster-tool + catalog.cattle.io/upstream-version: 1.6.5 + apiVersion: v2 + appVersion: 1.6.5 + created: "2024-10-28T11:28:11.407104099+01:00" + description: Elemental provides Cloud Native OS Management for Cluster Nodes. + digest: e01ba212904a0037ac5c1a84b27365f43a883d20ba9e4c3b7c6d757846910ca4 + icon: https://raw.githubusercontent.com/rancher/elemental/main/logo/icon-elemental.svg + name: elemental + urls: + - assets/elemental/elemental-103.4.1+up1.6.5.tgz + version: 103.4.1+up1.6.5 - annotations: catalog.cattle.io/auto-install: elemental-crd=match catalog.cattle.io/certified: rancher @@ -146,6 +170,21 @@ entries: - assets/elemental/elemental-103.0.0+up1.3.4.tgz version: 103.0.0+up1.3.4 elemental-crd: + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: cattle-elemental-system + catalog.cattle.io/release-name: elemental-operator-crds + apiVersion: v2 + appVersion: 1.6.5 + created: "2024-10-28T11:28:12.934224489+01:00" + description: A Helm chart for deploying Rancher Elemental Operator CRDs + digest: 5aa44ef0c1e144b5a203e49dde264de2164b48603fab4a3bf3561849b0f92fe1 + name: elemental-crd + type: application + urls: + - assets/elemental-crd/elemental-crd-103.4.1+up1.6.5.tgz + version: 103.4.1+up1.6.5 - annotations: catalog.cattle.io/certified: rancher catalog.cattle.io/hidden: "true" diff --git a/packages/elemental/elemental-crd/generated-changes/patch/Chart.yaml.patch b/packages/elemental/elemental-crd/generated-changes/patch/Chart.yaml.patch index e3477606b6..f379d40466 100644 --- a/packages/elemental/elemental-crd/generated-changes/patch/Chart.yaml.patch +++ b/packages/elemental/elemental-crd/generated-changes/patch/Chart.yaml.patch @@ -2,9 +2,9 @@ +++ charts/Chart.yaml @@ -6,5 +6,6 @@ apiVersion: v2 - appVersion: 1.6.4 + appVersion: 1.6.5 description: A Helm chart for deploying Rancher Elemental Operator CRDs -name: elemental-operator-crds +name: elemental-crd +type: application - version: 1.6.4 + version: 1.6.5 diff --git a/packages/elemental/elemental-crd/package.yaml b/packages/elemental/elemental-crd/package.yaml index ea80482562..070664b217 100644 --- a/packages/elemental/elemental-crd/package.yaml +++ b/packages/elemental/elemental-crd/package.yaml @@ -1,2 +1,2 @@ -url: oci://registry.suse.com/rancher/elemental-operator-crds-chart:1.6.4 -version: 103.4.0 +url: oci://registry.suse.com/rancher/elemental-operator-crds-chart:1.6.5 +version: 103.4.1 diff --git a/packages/elemental/elemental/generated-changes/patch/Chart.yaml.patch b/packages/elemental/elemental/generated-changes/patch/Chart.yaml.patch index 79965aeaa6..52e493657d 100644 --- a/packages/elemental/elemental/generated-changes/patch/Chart.yaml.patch +++ b/packages/elemental/elemental/generated-changes/patch/Chart.yaml.patch @@ -17,11 +17,11 @@ catalog.cattle.io/scope: management catalog.cattle.io/type: cluster-tool - catalog.cattle.io/upstream-version: '%VERSION' -+ catalog.cattle.io/upstream-version: 1.6.4 ++ catalog.cattle.io/upstream-version: 1.6.5 apiVersion: v2 - appVersion: 1.6.4 + appVersion: 1.6.5 description: Elemental provides Cloud Native OS Management for Cluster Nodes. icon: https://raw.githubusercontent.com/rancher/elemental/main/logo/icon-elemental.svg -name: elemental-operator +name: elemental - version: 1.6.4 + version: 1.6.5 diff --git a/packages/elemental/elemental/generated-changes/patch/questions.yaml.patch b/packages/elemental/elemental/generated-changes/patch/questions.yaml.patch index de9a284a7d..7dad1a410a 100644 --- a/packages/elemental/elemental/generated-changes/patch/questions.yaml.patch +++ b/packages/elemental/elemental/generated-changes/patch/questions.yaml.patch @@ -11,7 +11,7 @@ label: Elemental OS Channel Image group: "Elemental OS Channel" - variable: channel.tag -- default: "1.6.4" +- default: "1.6.5" + default: "6.0-baremetal" description: "Specify Elemental OS channel image tag" type: string diff --git a/packages/elemental/elemental/generated-changes/patch/values.yaml.patch b/packages/elemental/elemental/generated-changes/patch/values.yaml.patch index e08f41bba8..7ed57d4579 100644 --- a/packages/elemental/elemental/generated-changes/patch/values.yaml.patch +++ b/packages/elemental/elemental/generated-changes/patch/values.yaml.patch @@ -5,13 +5,13 @@ empty: rancher/pause:3.1 - repository: "rancher/elemental-operator" + repository: "rancher/mirrored-elemental-operator" - tag: "1.6.4" + tag: "1.6.5" imagePullPolicy: IfNotPresent seedImage: - repository: "rancher/seedimage-builder" + repository: "rancher/mirrored-elemental-seedimage-builder" - tag: "1.6.4" + tag: "1.6.5" imagePullPolicy: IfNotPresent @@ -28,7 +28,7 @@ diff --git a/packages/elemental/elemental/package.yaml b/packages/elemental/elemental/package.yaml index 7ec2214a2b..6d90e02fa4 100644 --- a/packages/elemental/elemental/package.yaml +++ b/packages/elemental/elemental/package.yaml @@ -1,2 +1,2 @@ -url: oci://registry.suse.com/rancher/elemental-operator-chart:1.6.4 -version: 103.4.0 +url: oci://registry.suse.com/rancher/elemental-operator-chart:1.6.5 +version: 103.4.1 diff --git a/release.yaml b/release.yaml index e3bf6271db..5045b84913 100644 --- a/release.yaml +++ b/release.yaml @@ -1,3 +1,7 @@ +elemental: + - 103.4.1+up1.6.5 +elemental-crd: + - 103.4.1+up1.6.5 longhorn: - 103.4.1+up1.7.2 longhorn-crd: