Skip to main content
Version: 0.6

Custom Resources Spec

Sub Resources

GitRepo​

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specGitRepoSpecfalse
statusGitRepoStatusfalse

Back to Custom Resources

GitRepoDisplay​

FieldDescriptionSchemeRequired
readyBundleDeploymentsstringfalse
statestringfalse
messagestringfalse
errorboolfalse

Back to Custom Resources

GitRepoResource​

FieldDescriptionSchemeRequired
apiVersionstringfalse
kindstringfalse
typestringfalse
idstringfalse
namespacestringfalse
namestringfalse
incompleteStateboolfalse
statestringfalse
errorboolfalse
transitioningboolfalse
messagestringfalse
perClusterState[][ResourcePerClusterState](#resourceperclusterstate)false

Back to Custom Resources

GitRepoResourceCounts​

FieldDescriptionSchemeRequired
readyinttrue
desiredReadyinttrue
waitAppliedinttrue
modifiedinttrue
orphanedinttrue
missinginttrue
unknowninttrue
notReadyinttrue

Back to Custom Resources

GitRepoRestriction​

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
defaultServiceAccountstringfalse
allowedServiceAccounts[]stringfalse
allowedRepoPatterns[]stringfalse
defaultClientSecretNamestringfalse
allowedClientSecretNames[]stringfalse
allowedTargetNamespaces[]stringfalse

Back to Custom Resources

GitRepoSpec​

FieldDescriptionSchemeRequired
repoRepo is a URL to a git repo to clone and indexstringfalse
branchBranch The git branch to followstringfalse
revisionRevision A specific commit or tag to operate onstringfalse
targetNamespaceEnsure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demandstringfalse
clientSecretNameClientSecretName is the client secret to be used to connect to the repo It is expected the secret be of type \"kubernetes.io/basic-auth\" or \"kubernetes.io/ssh-auth\".stringfalse
helmSecretNameHelmSecretName contains the auth secret for private helm repositorystringfalse
helmRepoURLRegexHelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not providedstringfalse
caBundleCABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate.[]bytefalse
insecureSkipTLSVerifyInsecureSkipTLSverify will use insecure HTTPS to clone the repo.boolfalse
pathsPaths is the directories relative to the git repo root that contain resources to be applied. Path globbing is support, for example [\"charts/*\"] will match all folders as a subdirectory of charts/ If empty, \"/\" is the default[]stringfalse
pausedPaused this cause changes in Git to not be propagated down to the clusters but instead mark resources as OutOfSyncboolfalse
serviceAccountServiceAccount used in the downstream cluster for deploymentstringfalse
targetsTargets is a list of target this repo will deploy to[][GitTarget](#gittarget)false
pollingIntervalPollingInterval is how often to check git for new updates*metav1.Durationfalse
forceSyncGenerationIncrement this number to force a redeployment of contents from Gitint64false
imageScanIntervalImageScanInterval is the interval of syncing scanned images and writing back to git repo*metav1.Durationfalse
imageScanCommitCommit specifies how to commit to the git repo when new image is scanned and write back to git repoCommitSpecfalse
keepResourcesKeepResources specifies if the resources created must be kept after deleting the GitRepoboolfalse

Back to Custom Resources

GitRepoStatus​

FieldDescriptionSchemeRequired
observedGenerationint64true
commitstringfalse
readyClustersinttrue
desiredReadyClustersinttrue
gitJobStatusstringfalse
summaryBundleSummaryfalse
displayGitRepoDisplayfalse
conditions[]genericcondition.GenericConditionfalse
resources[][GitRepoResource](#gitreporesource)false
resourceCountsGitRepoResourceCountsfalse
resourceErrors[]stringfalse
lastSyncedImageScanTimemetav1.Timefalse

Back to Custom Resources

GitTarget​

FieldDescriptionSchemeRequired
namestringfalse
clusterNamestringfalse
clusterSelector*metav1.LabelSelectorfalse
clusterGroupstringfalse
clusterGroupSelector*metav1.LabelSelectorfalse

Back to Custom Resources

ResourcePerClusterState​

FieldDescriptionSchemeRequired
statestringfalse
errorboolfalse
transitioningboolfalse
messagestringfalse
patch*GenericMapfalse
clusterIdstringfalse

Back to Custom Resources

Bundle​

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specBundleSpectrue
statusBundleStatustrue

Back to Custom Resources

BundleDeployment​

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specBundleDeploymentSpecfalse
statusBundleDeploymentStatusfalse

Back to Custom Resources

BundleDeploymentDisplay​

FieldDescriptionSchemeRequired
deployedstringfalse
monitoredstringfalse
statestringfalse

Back to Custom Resources

BundleDeploymentOptions​

FieldDescriptionSchemeRequired
defaultNamespaceDefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace.stringfalse
namespaceTargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail.stringfalse
kustomizeKustomize options for the deployment, like the dir containing the kustomization.yaml file.*KustomizeOptionsfalse
helmHelm options for the deployment, like the chart name, repo and values.*HelmOptionsfalse
serviceAccountServiceAccount which will be used to perform this deployment.stringfalse
forceSyncGenerationForceSyncGeneration is used to force a redeploymentint64false
yamlYAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.*YAMLOptionsfalse
diffDiff can be used to ignore the modified state of objects which are amended at runtime.*DiffOptionsfalse
keepResourcesKeepResources can be used to keep the deployed resources when removing the bundleboolfalse

Back to Custom Resources

BundleDeploymentSpec​

FieldDescriptionSchemeRequired
stagedOptionsBundleDeploymentOptionsfalse
stagedDeploymentIDstringfalse
optionsBundleDeploymentOptionsfalse
deploymentIDstringfalse
dependsOn[][BundleRef](#bundleref)false

Back to Custom Resources

BundleDeploymentStatus​

FieldDescriptionSchemeRequired
conditions[]genericcondition.GenericConditionfalse
appliedDeploymentIDstringfalse
releasestringfalse
readyboolfalse
nonModifiedboolfalse
nonReadyStatus[][NonReadyStatus](#nonreadystatus)false
modifiedStatus[][ModifiedStatus](#modifiedstatus)false
displayBundleDeploymentDisplayfalse
syncGeneration*int64false

Back to Custom Resources

BundleDisplay​

FieldDescriptionSchemeRequired
readyClustersstringfalse
statestringfalse

Back to Custom Resources

BundleNamespaceMapping​

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
bundleSelector*metav1.LabelSelectorfalse
namespaceSelector*metav1.LabelSelectorfalse

Back to Custom Resources

BundleRef​

FieldDescriptionSchemeRequired
namestringfalse
selector*metav1.LabelSelectorfalse

Back to Custom Resources

BundleResource​

FieldDescriptionSchemeRequired
namestringfalse
contentstringfalse
encodingstringfalse

Back to Custom Resources

BundleSpec​

FieldDescriptionSchemeRequired
BundleDeploymentOptionsBundleDeploymentOptionsfalse
pausedPaused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.boolfalse
rolloutStrategyRolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.*RolloutStrategyfalse
resourcesResources contain the actual resources from the git repo which will be deployed.[][BundleResource](#bundleresource)false
targetsTargets refer to the clusters which will be deployed to.[][BundleTarget](#bundletarget)false
targetRestrictionsTargetRestrictions restrict which clusters the bundle will be deployed to.[][BundleTargetRestriction](#bundletargetrestriction)false
dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[][BundleRef](#bundleref)false

Back to Custom Resources

BundleStatus​

FieldDescriptionSchemeRequired
conditions[]genericcondition.GenericConditionfalse
summaryBundleSummaryfalse
newlyCreatedintfalse
unavailableinttrue
unavailablePartitionsinttrue
maxUnavailableinttrue
maxUnavailablePartitionsinttrue
maxNewintfalse
partitions[][PartitionStatus](#partitionstatus)false
displayBundleDisplayfalse
resourceKey[][ResourceKey](#resourcekey)false
observedGenerationint64true

Back to Custom Resources

BundleSummary​

FieldDescriptionSchemeRequired
notReadyintfalse
waitAppliedintfalse
errAppliedintfalse
outOfSyncintfalse
modifiedintfalse
readyinttrue
pendingintfalse
desiredReadyinttrue
nonReadyResources[][NonReadyResource](#nonreadyresource)false

Back to Custom Resources

BundleTarget​

FieldDescriptionSchemeRequired
BundleDeploymentOptionsBundleDeploymentOptionsfalse
namestringfalse
clusterNamestringfalse
clusterSelector*metav1.LabelSelectorfalse
clusterGroupstringfalse
clusterGroupSelector*metav1.LabelSelectorfalse

Back to Custom Resources

BundleTargetRestriction​

FieldDescriptionSchemeRequired
namestringfalse
clusterNamestringfalse
clusterSelector*metav1.LabelSelectorfalse
clusterGroupstringfalse
clusterGroupSelector*metav1.LabelSelectorfalse

Back to Custom Resources

ComparePatch​

FieldDescriptionSchemeRequired
kindstringfalse
apiVersionstringfalse
namespacestringfalse
namestringfalse
operations[][Operation](#operation)false
jsonPointers[]stringfalse

Back to Custom Resources

ConfigMapKeySelector​

FieldDescriptionSchemeRequired
namespacestringfalse
keystringfalse

Back to Custom Resources

Content​

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
content[]bytefalse

Back to Custom Resources

DiffOptions​

FieldDescriptionSchemeRequired
comparePatches[][ComparePatch](#comparepatch)false

Back to Custom Resources

HelmOptions​

FieldDescriptionSchemeRequired
chartChart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded.stringfalse
repoRepo is the name of the HTTPS helm repo to download the chart from.stringfalse
releaseNameReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path.stringfalse
versionVersion of the chart to downloadstringfalse
timeoutSecondsTimeoutSeconds is the time to wait for Helm operations.intfalse
valuesValues passed to Helm. It is possible to specify the keys and values as go template strings.*GenericMapfalse
valuesFromValuesFrom loads the values from configmaps and secrets.[][ValuesFrom](#valuesfrom)false
forceForce allows to override immutable resources. This could be dangerous.boolfalse
takeOwnershipTakeOwnership makes helm skip the check for its own annotationsboolfalse
maxHistoryMaxHistory limits the maximum number of revisions saved per release by Helm.intfalse
valuesFilesValuesFiles is a list of files to load values from.[]stringfalse
waitForJobsWaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSecondsboolfalse
atomicAtomic sets the --atomic flag when Helm is performing an upgradeboolfalse
disablePreProcessDisablePreProcess disables template processing in valuesboolfalse

Back to Custom Resources

KustomizeOptions​

FieldDescriptionSchemeRequired
dirstringfalse

Back to Custom Resources

LocalObjectReference​

FieldDescriptionSchemeRequired
namestringtrue

Back to Custom Resources

ModifiedStatus​

FieldDescriptionSchemeRequired
kindstringfalse
apiVersionstringfalse
namespacestringfalse
namestringfalse
missingboolfalse
deleteboolfalse
patchstringfalse

Back to Custom Resources

NonReadyResource​

FieldDescriptionSchemeRequired
namestringfalse
bundleStateBundleStatefalse
messagestringfalse
modifiedStatus[][ModifiedStatus](#modifiedstatus)false
nonReadyStatus[][NonReadyStatus](#nonreadystatus)false

Back to Custom Resources

NonReadyStatus​

FieldDescriptionSchemeRequired
uidtypes.UIDfalse
kindstringfalse
apiVersionstringfalse
namespacestringfalse
namestringfalse
summarysummary.Summaryfalse

Back to Custom Resources

Operation​

FieldDescriptionSchemeRequired
opstringfalse
pathstringfalse
valuestringfalse

Back to Custom Resources

Partition​

FieldDescriptionSchemeRequired
namestringfalse
maxUnavailable*intstr.IntOrStringfalse
clusterNamestringfalse
clusterSelector*metav1.LabelSelectorfalse
clusterGroupstringfalse
clusterGroupSelector*metav1.LabelSelectorfalse

Back to Custom Resources

PartitionStatus​

FieldDescriptionSchemeRequired
namestringfalse
countintfalse
maxUnavailableintfalse
unavailableintfalse
summaryBundleSummaryfalse

Back to Custom Resources

ResourceKey​

FieldDescriptionSchemeRequired
kindstringfalse
apiVersionstringfalse
namespacestringfalse
namestringfalse

Back to Custom Resources

RolloutStrategy​

FieldDescriptionSchemeRequired
maxUnavailable*intstr.IntOrStringfalse
maxUnavailablePartitions*intstr.IntOrStringfalse
autoPartitionSize*intstr.IntOrStringfalse
partitions[][Partition](#partition)false

Back to Custom Resources

SecretKeySelector​

FieldDescriptionSchemeRequired
namespacestringfalse
keystringfalse

Back to Custom Resources

ValuesFrom​

Define helm values that can come from configmap, secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439

FieldDescriptionSchemeRequired
configMapKeyRefThe reference to a config map with release values.*ConfigMapKeySelectorfalse
secretKeyRefThe reference to a secret with release values.*SecretKeySelectorfalse

Back to Custom Resources

YAMLOptions​

FieldDescriptionSchemeRequired
overlays[]stringfalse

Back to Custom Resources

AlphabeticalPolicy​

AlphabeticalPolicy specifies a alphabetical ordering policy.

FieldDescriptionSchemeRequired
orderOrder specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A.stringfalse

Back to Custom Resources

CommitSpec​

CommitSpec specifies how to commit changes to the git repository

FieldDescriptionSchemeRequired
authorNameAuthorName gives the name to provide when making a commitstringtrue
authorEmailAuthorEmail gives the email to provide when making a commitstringtrue
messageTemplateMessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made.stringfalse

Back to Custom Resources

ImagePolicyChoice​

ImagePolicyChoice is a union of all the types of policy that can be supplied.

FieldDescriptionSchemeRequired
semverSemVer gives a semantic version range to check against the tags available.*SemVerPolicyfalse
alphabeticalAlphabetical set of rules to use for alphabetical ordering of the tags.*AlphabeticalPolicyfalse

Back to Custom Resources

ImageScan​

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specImageScanSpecfalse
statusImageScanStatusfalse

Back to Custom Resources

ImageScanSpec​

API is taken from https://github.com/fluxcd/image-reflector-controller

FieldDescriptionSchemeRequired
tagNameTagName is the tag ref that needs to be put in manifest to replace fieldsstringfalse
gitrepoNameGitRepo reference namestringfalse
imageImage is the name of the image repositorystringfalse
intervalInterval is the length of time to wait between scans of the image repository.metav1.Durationfalse
secretRefSecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with kubectl create secret docker-registry, or the equivalent.*corev1.LocalObjectReferencefalse
suspendThis flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.boolfalse
policyPolicy gives the particulars of the policy to be followed in selecting the most recent imageImagePolicyChoicetrue

Back to Custom Resources

ImageScanStatus​

FieldDescriptionSchemeRequired
conditions[]genericcondition.GenericConditionfalse
lastScanTimeLastScanTime is the last time image was scannedmetav1.Timefalse
latestImageLatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy.stringfalse
latestTagLatest tag is the latest tag filtered by the policystringfalse
latestDigestLatestDigest is the digest of latest tagstringfalse
observedGenerationint64false
canonicalImageNameCanonicalName is the name of the image repository with all the implied bits made explicit; e.g., docker.io/library/alpine rather than alpine.stringfalse

Back to Custom Resources

SemVerPolicy​

SemVerPolicy specifies a semantic version policy.

FieldDescriptionSchemeRequired
rangeRange gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image.stringtrue

Back to Custom Resources

AgentStatus​

FieldDescriptionSchemeRequired
lastSeenmetav1.Timetrue
namespacestringtrue
nonReadyNodesinttrue
readyNodesinttrue
nonReadyNodeNamesAt most 3 nodes[]stringtrue
readyNodeNamesAt most 3 nodes[]stringtrue

Back to Custom Resources

Cluster​

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specClusterSpecfalse
statusClusterStatusfalse

Back to Custom Resources

ClusterDisplay​

FieldDescriptionSchemeRequired
readyBundlesstringfalse
readyNodesstringfalse
sampleNodestringfalse
statestringfalse

Back to Custom Resources

ClusterGroup​

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specClusterGroupSpectrue
statusClusterGroupStatustrue

Back to Custom Resources

ClusterGroupDisplay​

FieldDescriptionSchemeRequired
readyClustersstringfalse
readyBundlesstringfalse
statestringfalse

Back to Custom Resources

ClusterGroupSpec​

FieldDescriptionSchemeRequired
selector*metav1.LabelSelectorfalse

Back to Custom Resources

ClusterGroupStatus​

FieldDescriptionSchemeRequired
clusterCountinttrue
nonReadyClusterCountinttrue
nonReadyClusters[]stringfalse
conditions[]genericcondition.GenericConditionfalse
summaryBundleSummaryfalse
displayClusterGroupDisplayfalse
resourceCountsGitRepoResourceCountsfalse

Back to Custom Resources

ClusterRegistration​

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specClusterRegistrationSpecfalse
statusClusterRegistrationStatusfalse

Back to Custom Resources

ClusterRegistrationSpec​

FieldDescriptionSchemeRequired
clientIDstringfalse
clientRandomstringfalse
clusterLabelsmap[string]stringfalse

Back to Custom Resources

ClusterRegistrationStatus​

FieldDescriptionSchemeRequired
clusterNamestringfalse
grantedboolfalse

Back to Custom Resources

ClusterRegistrationToken​

FieldDescriptionSchemeRequired
metadatametav1.ObjectMetafalse
specClusterRegistrationTokenSpecfalse
statusClusterRegistrationTokenStatusfalse

Back to Custom Resources

ClusterRegistrationTokenSpec​

FieldDescriptionSchemeRequired
ttl*metav1.Durationfalse

Back to Custom Resources

ClusterRegistrationTokenStatus​

FieldDescriptionSchemeRequired
expires*metav1.Timefalse
secretNamestringfalse

Back to Custom Resources

ClusterSpec​

FieldDescriptionSchemeRequired
pausedPaused if set to true, will stop any BundleDeployments from being updated.boolfalse
clientIDClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster.stringfalse
kubeConfigSecretKubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster.stringfalse
redeployAgentGenerationRedeployAgentGeneration can be used to force redeploying the agent.int64false
agentEnvVarsAgentEnvVars are extra environment variables to be added to the agent deployment.[]v1.EnvVarfalse
agentNamespaceAgentNamespace defaults to the system namespace, e.g. cattle-fleet-system.stringfalse
privateRepoURLPrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config.stringfalse
templateValuesTemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating.*GenericMapfalse
agentTolerationsAgentTolerations defines an extra set of Tolerations to be added to the Agent deployment.[]v1.Tolerationfalse

Back to Custom Resources

ClusterStatus​

FieldDescriptionSchemeRequired
conditions[]genericcondition.GenericConditionfalse
namespaceNamespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\"stringfalse
summaryBundleSummaryfalse
resourceCountsGitRepoResourceCountsfalse
readyGitReposinttrue
desiredReadyGitReposinttrue
agentEnvVarsHashstringfalse
agentPrivateRepoURLstringfalse
agentDeployedGeneration*int64false
agentMigratedboolfalse
agentNamespaceMigratedboolfalse
cattleNamespaceMigratedboolfalse
displayClusterDisplayfalse
agentAgentStatusfalse

Back to Custom Resources