apiVersion: v1 kind: Namespace metadata: labels: app.kubernetes.io/component: operator app.kubernetes.io/managed-by: kustomize app.kubernetes.io/name: kairos-operator name: operator-system --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.17.2 name: nodeops.operator.kairos.io spec: group: operator.kairos.io names: kind: NodeOp listKind: NodeOpList plural: nodeops singular: nodeop scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: properties: apiVersion: type: string kind: type: string metadata: type: object spec: properties: backoffLimit: format: int32 type: integer command: items: type: string type: array concurrency: default: 0 format: int32 minimum: 0 type: integer cordon: default: false type: boolean drainOptions: properties: deleteEmptyDirData: default: false type: boolean enabled: default: false type: boolean force: default: false type: boolean gracePeriodSeconds: format: int32 type: integer ignoreDaemonSets: default: true type: boolean timeoutSeconds: format: int32 type: integer type: object hostMountPath: default: /host type: string image: type: string imagePullSecrets: items: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic type: array nodeSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic rebootOnSuccess: default: false type: boolean stopOnFailure: default: false type: boolean required: - command type: object status: properties: lastUpdated: format: date-time type: string nodeStatuses: additionalProperties: properties: jobName: type: string lastUpdated: format: date-time type: string message: type: string phase: type: string rebootStatus: type: string required: - phase type: object type: object phase: type: string type: object type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.17.2 name: nodeopupgrades.operator.kairos.io spec: group: operator.kairos.io names: kind: NodeOpUpgrade listKind: NodeOpUpgradeList plural: nodeopupgrades singular: nodeopupgrade scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: properties: apiVersion: type: string kind: type: string metadata: type: object spec: properties: concurrency: default: 0 format: int32 minimum: 0 type: integer force: type: boolean image: type: string imagePullSecrets: items: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic type: array nodeSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic stopOnFailure: type: boolean upgradeActive: type: boolean upgradeRecovery: type: boolean required: - image type: object status: properties: lastUpdated: format: date-time type: string message: type: string nodeOpName: type: string nodeStatuses: additionalProperties: properties: jobName: type: string lastUpdated: format: date-time type: string message: type: string phase: type: string rebootStatus: type: string required: - phase type: object type: object phase: type: string type: object type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.17.2 name: osartifacts.build.kairos.io spec: group: build.kairos.io names: kind: OSArtifact listKind: OSArtifactList plural: osartifacts singular: osartifact scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.phase name: Phase type: string - description: Age jsonPath: .metadata.creationTimestamp name: Age type: date name: v1alpha2 schema: openAPIV3Schema: properties: apiVersion: type: string kind: type: string metadata: type: object spec: properties: artifacts: properties: arch: enum: - amd64 - arm64 type: string azureImage: type: boolean bundles: items: type: string type: array cloudConfigRef: properties: key: type: string name: type: string required: - name type: object cloudImage: type: boolean diskSize: type: string gceImage: type: boolean grubConfig: type: string iso: type: boolean kairosRelease: type: string netboot: type: boolean netbootURL: type: string osRelease: type: string overlayISOVolume: type: string overlayRootfsVolume: type: string uki: properties: container: type: boolean efi: type: boolean iso: type: boolean keysVolume: type: string required: - keysVolume type: object x-kubernetes-validations: - message: keysVolume is required when at least one of iso, container, or efi is true rule: '!( (self.iso || self.container || self.efi) && (!has(self.keysVolume) || self.keysVolume == "") )' volume: type: string type: object exporters: items: properties: activeDeadlineSeconds: format: int64 type: integer backoffLimit: format: int32 type: integer backoffLimitPerIndex: format: int32 type: integer completionMode: type: string completions: format: int32 type: integer managedBy: type: string manualSelector: type: boolean maxFailedIndexes: format: int32 type: integer parallelism: format: int32 type: integer podFailurePolicy: properties: rules: items: properties: action: type: string onExitCodes: properties: containerName: type: string operator: type: string values: items: format: int32 type: integer type: array x-kubernetes-list-type: set required: - operator - values type: object onPodConditions: items: properties: status: type: string type: type: string required: - type type: object type: array x-kubernetes-list-type: atomic required: - action type: object type: array x-kubernetes-list-type: atomic required: - rules type: object podReplacementPolicy: type: string selector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic successPolicy: properties: rules: items: properties: succeededCount: format: int32 type: integer succeededIndexes: type: string type: object type: array x-kubernetes-list-type: atomic required: - rules type: object suspend: type: boolean template: properties: metadata: type: object spec: properties: activeDeadlineSeconds: format: int64 type: integer affinity: properties: nodeAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: preference: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic weight: format: int32 type: integer required: - preference - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: items: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchFields: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic type: array x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object x-kubernetes-map-type: atomic type: object podAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: podAffinityTerm: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array x-kubernetes-list-type: atomic topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array x-kubernetes-list-type: atomic topologyKey: type: string required: - topologyKey type: object type: array x-kubernetes-list-type: atomic type: object podAntiAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: podAffinityTerm: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array x-kubernetes-list-type: atomic topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array x-kubernetes-list-type: atomic topologyKey: type: string required: - topologyKey type: object type: array x-kubernetes-list-type: atomic type: object type: object automountServiceAccountToken: type: boolean containers: items: properties: args: items: type: string type: array x-kubernetes-list-type: atomic command: items: type: string type: array x-kubernetes-list-type: atomic env: items: properties: name: type: string value: type: string valueFrom: properties: configMapKeyRef: properties: key: type: string name: default: "" type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic fileKeyRef: properties: key: type: string optional: default: false type: boolean path: type: string volumeName: type: string required: - key - path - volumeName type: object x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: default: "" type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map envFrom: items: properties: configMapRef: properties: name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic prefix: type: string secretRef: properties: name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic type: object type: array x-kubernetes-list-type: atomic image: type: string imagePullPolicy: type: string lifecycle: properties: postStart: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object sleep: properties: seconds: format: int64 type: integer required: - seconds type: object tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object type: object preStop: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object sleep: properties: seconds: format: int64 type: integer required: - seconds type: object tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object type: object stopSignal: type: string type: object livenessProbe: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: default: "" type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object name: type: string ports: items: properties: containerPort: format: int32 type: integer hostIP: type: string hostPort: format: int32 type: integer name: type: string protocol: default: TCP type: string required: - containerPort type: object type: array x-kubernetes-list-map-keys: - containerPort - protocol x-kubernetes-list-type: map readinessProbe: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: default: "" type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object resizePolicy: items: properties: resourceName: type: string restartPolicy: type: string required: - resourceName - restartPolicy type: object type: array x-kubernetes-list-type: atomic resources: properties: claims: items: properties: name: type: string request: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object restartPolicy: type: string restartPolicyRules: items: properties: action: type: string exitCodes: properties: operator: type: string values: items: format: int32 type: integer type: array x-kubernetes-list-type: set required: - operator type: object required: - action type: object type: array x-kubernetes-list-type: atomic securityContext: properties: allowPrivilegeEscalation: type: boolean appArmorProfile: properties: localhostProfile: type: string type: type: string required: - type type: object capabilities: properties: add: items: type: string type: array x-kubernetes-list-type: atomic drop: items: type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean procMount: type: string readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: properties: level: type: string role: type: string type: type: string user: type: string type: object seccompProfile: properties: localhostProfile: type: string type: type: string required: - type type: object windowsOptions: properties: gmsaCredentialSpec: type: string gmsaCredentialSpecName: type: string hostProcess: type: boolean runAsUserName: type: string type: object type: object startupProbe: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: default: "" type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object stdin: type: boolean stdinOnce: type: boolean terminationMessagePath: type: string terminationMessagePolicy: type: string tty: type: boolean volumeDevices: items: properties: devicePath: type: string name: type: string required: - devicePath - name type: object type: array x-kubernetes-list-map-keys: - devicePath x-kubernetes-list-type: map volumeMounts: items: properties: mountPath: type: string mountPropagation: type: string name: type: string readOnly: type: boolean recursiveReadOnly: type: string subPath: type: string subPathExpr: type: string required: - mountPath - name type: object type: array x-kubernetes-list-map-keys: - mountPath x-kubernetes-list-type: map workingDir: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map dnsConfig: properties: nameservers: items: type: string type: array x-kubernetes-list-type: atomic options: items: properties: name: type: string value: type: string type: object type: array x-kubernetes-list-type: atomic searches: items: type: string type: array x-kubernetes-list-type: atomic type: object dnsPolicy: type: string enableServiceLinks: type: boolean ephemeralContainers: items: properties: args: items: type: string type: array x-kubernetes-list-type: atomic command: items: type: string type: array x-kubernetes-list-type: atomic env: items: properties: name: type: string value: type: string valueFrom: properties: configMapKeyRef: properties: key: type: string name: default: "" type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic fileKeyRef: properties: key: type: string optional: default: false type: boolean path: type: string volumeName: type: string required: - key - path - volumeName type: object x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: default: "" type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map envFrom: items: properties: configMapRef: properties: name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic prefix: type: string secretRef: properties: name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic type: object type: array x-kubernetes-list-type: atomic image: type: string imagePullPolicy: type: string lifecycle: properties: postStart: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object sleep: properties: seconds: format: int64 type: integer required: - seconds type: object tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object type: object preStop: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object sleep: properties: seconds: format: int64 type: integer required: - seconds type: object tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object type: object stopSignal: type: string type: object livenessProbe: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: default: "" type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object name: type: string ports: items: properties: containerPort: format: int32 type: integer hostIP: type: string hostPort: format: int32 type: integer name: type: string protocol: default: TCP type: string required: - containerPort type: object type: array x-kubernetes-list-map-keys: - containerPort - protocol x-kubernetes-list-type: map readinessProbe: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: default: "" type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object resizePolicy: items: properties: resourceName: type: string restartPolicy: type: string required: - resourceName - restartPolicy type: object type: array x-kubernetes-list-type: atomic resources: properties: claims: items: properties: name: type: string request: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object restartPolicy: type: string restartPolicyRules: items: properties: action: type: string exitCodes: properties: operator: type: string values: items: format: int32 type: integer type: array x-kubernetes-list-type: set required: - operator type: object required: - action type: object type: array x-kubernetes-list-type: atomic securityContext: properties: allowPrivilegeEscalation: type: boolean appArmorProfile: properties: localhostProfile: type: string type: type: string required: - type type: object capabilities: properties: add: items: type: string type: array x-kubernetes-list-type: atomic drop: items: type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean procMount: type: string readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: properties: level: type: string role: type: string type: type: string user: type: string type: object seccompProfile: properties: localhostProfile: type: string type: type: string required: - type type: object windowsOptions: properties: gmsaCredentialSpec: type: string gmsaCredentialSpecName: type: string hostProcess: type: boolean runAsUserName: type: string type: object type: object startupProbe: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: default: "" type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object stdin: type: boolean stdinOnce: type: boolean targetContainerName: type: string terminationMessagePath: type: string terminationMessagePolicy: type: string tty: type: boolean volumeDevices: items: properties: devicePath: type: string name: type: string required: - devicePath - name type: object type: array x-kubernetes-list-map-keys: - devicePath x-kubernetes-list-type: map volumeMounts: items: properties: mountPath: type: string mountPropagation: type: string name: type: string readOnly: type: boolean recursiveReadOnly: type: string subPath: type: string subPathExpr: type: string required: - mountPath - name type: object type: array x-kubernetes-list-map-keys: - mountPath x-kubernetes-list-type: map workingDir: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map hostAliases: items: properties: hostnames: items: type: string type: array x-kubernetes-list-type: atomic ip: type: string required: - ip type: object type: array x-kubernetes-list-map-keys: - ip x-kubernetes-list-type: map hostIPC: type: boolean hostNetwork: type: boolean hostPID: type: boolean hostUsers: type: boolean hostname: type: string hostnameOverride: type: string imagePullSecrets: items: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map initContainers: items: properties: args: items: type: string type: array x-kubernetes-list-type: atomic command: items: type: string type: array x-kubernetes-list-type: atomic env: items: properties: name: type: string value: type: string valueFrom: properties: configMapKeyRef: properties: key: type: string name: default: "" type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic fileKeyRef: properties: key: type: string optional: default: false type: boolean path: type: string volumeName: type: string required: - key - path - volumeName type: object x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: default: "" type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map envFrom: items: properties: configMapRef: properties: name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic prefix: type: string secretRef: properties: name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic type: object type: array x-kubernetes-list-type: atomic image: type: string imagePullPolicy: type: string lifecycle: properties: postStart: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object sleep: properties: seconds: format: int64 type: integer required: - seconds type: object tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object type: object preStop: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object sleep: properties: seconds: format: int64 type: integer required: - seconds type: object tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object type: object stopSignal: type: string type: object livenessProbe: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: default: "" type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object name: type: string ports: items: properties: containerPort: format: int32 type: integer hostIP: type: string hostPort: format: int32 type: integer name: type: string protocol: default: TCP type: string required: - containerPort type: object type: array x-kubernetes-list-map-keys: - containerPort - protocol x-kubernetes-list-type: map readinessProbe: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: default: "" type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object resizePolicy: items: properties: resourceName: type: string restartPolicy: type: string required: - resourceName - restartPolicy type: object type: array x-kubernetes-list-type: atomic resources: properties: claims: items: properties: name: type: string request: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object restartPolicy: type: string restartPolicyRules: items: properties: action: type: string exitCodes: properties: operator: type: string values: items: format: int32 type: integer type: array x-kubernetes-list-type: set required: - operator type: object required: - action type: object type: array x-kubernetes-list-type: atomic securityContext: properties: allowPrivilegeEscalation: type: boolean appArmorProfile: properties: localhostProfile: type: string type: type: string required: - type type: object capabilities: properties: add: items: type: string type: array x-kubernetes-list-type: atomic drop: items: type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean procMount: type: string readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: properties: level: type: string role: type: string type: type: string user: type: string type: object seccompProfile: properties: localhostProfile: type: string type: type: string required: - type type: object windowsOptions: properties: gmsaCredentialSpec: type: string gmsaCredentialSpecName: type: string hostProcess: type: boolean runAsUserName: type: string type: object type: object startupProbe: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: default: "" type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object stdin: type: boolean stdinOnce: type: boolean terminationMessagePath: type: string terminationMessagePolicy: type: string tty: type: boolean volumeDevices: items: properties: devicePath: type: string name: type: string required: - devicePath - name type: object type: array x-kubernetes-list-map-keys: - devicePath x-kubernetes-list-type: map volumeMounts: items: properties: mountPath: type: string mountPropagation: type: string name: type: string readOnly: type: boolean recursiveReadOnly: type: string subPath: type: string subPathExpr: type: string required: - mountPath - name type: object type: array x-kubernetes-list-map-keys: - mountPath x-kubernetes-list-type: map workingDir: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map nodeName: type: string nodeSelector: additionalProperties: type: string type: object x-kubernetes-map-type: atomic os: properties: name: type: string required: - name type: object overhead: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object preemptionPolicy: type: string priority: format: int32 type: integer priorityClassName: type: string readinessGates: items: properties: conditionType: type: string required: - conditionType type: object type: array x-kubernetes-list-type: atomic resourceClaims: items: properties: name: type: string resourceClaimName: type: string resourceClaimTemplateName: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map resources: properties: claims: items: properties: name: type: string request: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object restartPolicy: type: string runtimeClassName: type: string schedulerName: type: string schedulingGates: items: properties: name: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map securityContext: properties: appArmorProfile: properties: localhostProfile: type: string type: type: string required: - type type: object fsGroup: format: int64 type: integer fsGroupChangePolicy: type: string runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxChangePolicy: type: string seLinuxOptions: properties: level: type: string role: type: string type: type: string user: type: string type: object seccompProfile: properties: localhostProfile: type: string type: type: string required: - type type: object supplementalGroups: items: format: int64 type: integer type: array x-kubernetes-list-type: atomic supplementalGroupsPolicy: type: string sysctls: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic windowsOptions: properties: gmsaCredentialSpec: type: string gmsaCredentialSpecName: type: string hostProcess: type: boolean runAsUserName: type: string type: object type: object serviceAccount: type: string serviceAccountName: type: string setHostnameAsFQDN: type: boolean shareProcessNamespace: type: boolean subdomain: type: string terminationGracePeriodSeconds: format: int64 type: integer tolerations: items: properties: effect: type: string key: type: string operator: type: string tolerationSeconds: format: int64 type: integer value: type: string type: object type: array x-kubernetes-list-type: atomic topologySpreadConstraints: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer nodeAffinityPolicy: type: string nodeTaintsPolicy: type: string topologyKey: type: string whenUnsatisfiable: type: string required: - maxSkew - topologyKey - whenUnsatisfiable type: object type: array x-kubernetes-list-map-keys: - topologyKey - whenUnsatisfiable x-kubernetes-list-type: map volumes: items: properties: awsElasticBlockStore: properties: fsType: type: string partition: format: int32 type: integer readOnly: type: boolean volumeID: type: string required: - volumeID type: object azureDisk: properties: cachingMode: type: string diskName: type: string diskURI: type: string fsType: default: ext4 type: string kind: type: string readOnly: default: false type: boolean required: - diskName - diskURI type: object azureFile: properties: readOnly: type: boolean secretName: type: string shareName: type: string required: - secretName - shareName type: object cephfs: properties: monitors: items: type: string type: array x-kubernetes-list-type: atomic path: type: string readOnly: type: boolean secretFile: type: string secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic user: type: string required: - monitors type: object cinder: properties: fsType: type: string readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic volumeID: type: string required: - volumeID type: object configMap: properties: defaultMode: format: int32 type: integer items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array x-kubernetes-list-type: atomic name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic csi: properties: driver: type: string fsType: type: string nodePublishSecretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic readOnly: type: boolean volumeAttributes: additionalProperties: type: string type: object required: - driver type: object downwardAPI: properties: defaultMode: format: int32 type: integer items: items: properties: fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: format: int32 type: integer path: type: string resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic required: - path type: object type: array x-kubernetes-list-type: atomic type: object emptyDir: properties: medium: type: string sizeLimit: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: properties: volumeClaimTemplate: properties: metadata: type: object spec: properties: accessModes: items: type: string type: array x-kubernetes-list-type: atomic dataSource: properties: apiGroup: type: string kind: type: string name: type: string required: - kind - name type: object x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: type: string kind: type: string name: type: string namespace: type: string required: - kind - name type: object resources: properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object selector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: type: string volumeMode: type: string volumeName: type: string type: object required: - spec type: object type: object fc: properties: fsType: type: string lun: format: int32 type: integer readOnly: type: boolean targetWWNs: items: type: string type: array x-kubernetes-list-type: atomic wwids: items: type: string type: array x-kubernetes-list-type: atomic type: object flexVolume: properties: driver: type: string fsType: type: string options: additionalProperties: type: string type: object readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic required: - driver type: object flocker: properties: datasetName: type: string datasetUUID: type: string type: object gcePersistentDisk: properties: fsType: type: string partition: format: int32 type: integer pdName: type: string readOnly: type: boolean required: - pdName type: object gitRepo: properties: directory: type: string repository: type: string revision: type: string required: - repository type: object glusterfs: properties: endpoints: type: string path: type: string readOnly: type: boolean required: - endpoints - path type: object hostPath: properties: path: type: string type: type: string required: - path type: object image: properties: pullPolicy: type: string reference: type: string type: object iscsi: properties: chapAuthDiscovery: type: boolean chapAuthSession: type: boolean fsType: type: string initiatorName: type: string iqn: type: string iscsiInterface: default: default type: string lun: format: int32 type: integer portals: items: type: string type: array x-kubernetes-list-type: atomic readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic targetPortal: type: string required: - iqn - lun - targetPortal type: object name: type: string nfs: properties: path: type: string readOnly: type: boolean server: type: string required: - path - server type: object persistentVolumeClaim: properties: claimName: type: string readOnly: type: boolean required: - claimName type: object photonPersistentDisk: properties: fsType: type: string pdID: type: string required: - pdID type: object portworxVolume: properties: fsType: type: string readOnly: type: boolean volumeID: type: string required: - volumeID type: object projected: properties: defaultMode: format: int32 type: integer sources: items: properties: clusterTrustBundle: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic name: type: string optional: type: boolean path: type: string signerName: type: string required: - path type: object configMap: properties: items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array x-kubernetes-list-type: atomic name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: properties: items: items: properties: fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: format: int32 type: integer path: type: string resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic required: - path type: object type: array x-kubernetes-list-type: atomic type: object podCertificate: properties: certificateChainPath: type: string credentialBundlePath: type: string keyPath: type: string keyType: type: string maxExpirationSeconds: format: int32 type: integer signerName: type: string userAnnotations: additionalProperties: type: string type: object required: - keyType - signerName type: object secret: properties: items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array x-kubernetes-list-type: atomic name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: properties: audience: type: string expirationSeconds: format: int64 type: integer path: type: string required: - path type: object type: object type: array x-kubernetes-list-type: atomic type: object quobyte: properties: group: type: string readOnly: type: boolean registry: type: string tenant: type: string user: type: string volume: type: string required: - registry - volume type: object rbd: properties: fsType: type: string image: type: string keyring: default: /etc/ceph/keyring type: string monitors: items: type: string type: array x-kubernetes-list-type: atomic pool: default: rbd type: string readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic user: default: admin type: string required: - image - monitors type: object scaleIO: properties: fsType: default: xfs type: string gateway: type: string protectionDomain: type: string readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic sslEnabled: type: boolean storageMode: default: ThinProvisioned type: string storagePool: type: string system: type: string volumeName: type: string required: - gateway - secretRef - system type: object secret: properties: defaultMode: format: int32 type: integer items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array x-kubernetes-list-type: atomic optional: type: boolean secretName: type: string type: object storageos: properties: fsType: type: string readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic volumeName: type: string volumeNamespace: type: string type: object vsphereVolume: properties: fsType: type: string storagePolicyID: type: string storagePolicyName: type: string volumePath: type: string required: - volumePath type: object required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map workloadRef: properties: name: type: string podGroup: type: string podGroupReplicaKey: type: string required: - name - podGroup type: object required: - containers type: object type: object ttlSecondsAfterFinished: format: int32 type: integer required: - template type: object type: array image: properties: buildEnv: items: properties: name: type: string value: type: string valueFrom: properties: configMapKeyRef: properties: key: type: string name: default: "" type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic fileKeyRef: properties: key: type: string optional: default: false type: boolean path: type: string volumeName: type: string required: - key - path - volumeName type: object x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: default: "" type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array buildImage: properties: registry: type: string repository: type: string tag: type: string required: - registry - repository - tag type: object buildOptions: properties: baseImage: type: string fips: type: boolean kubernetesDistro: type: string kubernetesVersion: type: string model: type: string trustedBoot: type: boolean version: type: string required: - version type: object caCertificatesVolume: type: string imageCredentialsSecretRef: properties: key: type: string name: type: string required: - name type: object ociSpec: properties: buildContextVolume: type: string ref: properties: key: type: string name: type: string required: - name type: object templateValues: additionalProperties: type: string type: object templateValuesFrom: properties: key: type: string name: type: string required: - name type: object type: object push: type: boolean ref: type: string type: object imagePullSecrets: items: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic type: array importers: items: properties: args: items: type: string type: array x-kubernetes-list-type: atomic command: items: type: string type: array x-kubernetes-list-type: atomic env: items: properties: name: type: string value: type: string valueFrom: properties: configMapKeyRef: properties: key: type: string name: default: "" type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic fileKeyRef: properties: key: type: string optional: default: false type: boolean path: type: string volumeName: type: string required: - key - path - volumeName type: object x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: default: "" type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map envFrom: items: properties: configMapRef: properties: name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic prefix: type: string secretRef: properties: name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic type: object type: array x-kubernetes-list-type: atomic image: type: string imagePullPolicy: type: string lifecycle: properties: postStart: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object sleep: properties: seconds: format: int64 type: integer required: - seconds type: object tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object type: object preStop: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object sleep: properties: seconds: format: int64 type: integer required: - seconds type: object tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object type: object stopSignal: type: string type: object livenessProbe: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: default: "" type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object name: type: string ports: items: properties: containerPort: format: int32 type: integer hostIP: type: string hostPort: format: int32 type: integer name: type: string protocol: default: TCP type: string required: - containerPort type: object type: array x-kubernetes-list-map-keys: - containerPort - protocol x-kubernetes-list-type: map readinessProbe: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: default: "" type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object resizePolicy: items: properties: resourceName: type: string restartPolicy: type: string required: - resourceName - restartPolicy type: object type: array x-kubernetes-list-type: atomic resources: properties: claims: items: properties: name: type: string request: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object restartPolicy: type: string restartPolicyRules: items: properties: action: type: string exitCodes: properties: operator: type: string values: items: format: int32 type: integer type: array x-kubernetes-list-type: set required: - operator type: object required: - action type: object type: array x-kubernetes-list-type: atomic securityContext: properties: allowPrivilegeEscalation: type: boolean appArmorProfile: properties: localhostProfile: type: string type: type: string required: - type type: object capabilities: properties: add: items: type: string type: array x-kubernetes-list-type: atomic drop: items: type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean procMount: type: string readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: properties: level: type: string role: type: string type: type: string user: type: string type: object seccompProfile: properties: localhostProfile: type: string type: type: string required: - type type: object windowsOptions: properties: gmsaCredentialSpec: type: string gmsaCredentialSpecName: type: string hostProcess: type: boolean runAsUserName: type: string type: object type: object startupProbe: properties: exec: properties: command: items: type: string type: array x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: default: "" type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object stdin: type: boolean stdinOnce: type: boolean terminationMessagePath: type: string terminationMessagePolicy: type: string tty: type: boolean volumeDevices: items: properties: devicePath: type: string name: type: string required: - devicePath - name type: object type: array x-kubernetes-list-map-keys: - devicePath x-kubernetes-list-type: map volumeMounts: items: properties: mountPath: type: string mountPropagation: type: string name: type: string readOnly: type: boolean recursiveReadOnly: type: string subPath: type: string subPathExpr: type: string required: - mountPath - name type: object type: array x-kubernetes-list-map-keys: - mountPath x-kubernetes-list-type: map workingDir: type: string required: - name type: object type: array volume: properties: accessModes: items: type: string type: array x-kubernetes-list-type: atomic dataSource: properties: apiGroup: type: string kind: type: string name: type: string required: - kind - name type: object x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: type: string kind: type: string name: type: string namespace: type: string required: - kind - name type: object resources: properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object selector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: type: string volumeMode: type: string volumeName: type: string type: object volumes: items: properties: awsElasticBlockStore: properties: fsType: type: string partition: format: int32 type: integer readOnly: type: boolean volumeID: type: string required: - volumeID type: object azureDisk: properties: cachingMode: type: string diskName: type: string diskURI: type: string fsType: default: ext4 type: string kind: type: string readOnly: default: false type: boolean required: - diskName - diskURI type: object azureFile: properties: readOnly: type: boolean secretName: type: string shareName: type: string required: - secretName - shareName type: object cephfs: properties: monitors: items: type: string type: array x-kubernetes-list-type: atomic path: type: string readOnly: type: boolean secretFile: type: string secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic user: type: string required: - monitors type: object cinder: properties: fsType: type: string readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic volumeID: type: string required: - volumeID type: object configMap: properties: defaultMode: format: int32 type: integer items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array x-kubernetes-list-type: atomic name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic csi: properties: driver: type: string fsType: type: string nodePublishSecretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic readOnly: type: boolean volumeAttributes: additionalProperties: type: string type: object required: - driver type: object downwardAPI: properties: defaultMode: format: int32 type: integer items: items: properties: fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: format: int32 type: integer path: type: string resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic required: - path type: object type: array x-kubernetes-list-type: atomic type: object emptyDir: properties: medium: type: string sizeLimit: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: properties: volumeClaimTemplate: properties: metadata: type: object spec: properties: accessModes: items: type: string type: array x-kubernetes-list-type: atomic dataSource: properties: apiGroup: type: string kind: type: string name: type: string required: - kind - name type: object x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: type: string kind: type: string name: type: string namespace: type: string required: - kind - name type: object resources: properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object selector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: type: string volumeMode: type: string volumeName: type: string type: object required: - spec type: object type: object fc: properties: fsType: type: string lun: format: int32 type: integer readOnly: type: boolean targetWWNs: items: type: string type: array x-kubernetes-list-type: atomic wwids: items: type: string type: array x-kubernetes-list-type: atomic type: object flexVolume: properties: driver: type: string fsType: type: string options: additionalProperties: type: string type: object readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic required: - driver type: object flocker: properties: datasetName: type: string datasetUUID: type: string type: object gcePersistentDisk: properties: fsType: type: string partition: format: int32 type: integer pdName: type: string readOnly: type: boolean required: - pdName type: object gitRepo: properties: directory: type: string repository: type: string revision: type: string required: - repository type: object glusterfs: properties: endpoints: type: string path: type: string readOnly: type: boolean required: - endpoints - path type: object hostPath: properties: path: type: string type: type: string required: - path type: object image: properties: pullPolicy: type: string reference: type: string type: object iscsi: properties: chapAuthDiscovery: type: boolean chapAuthSession: type: boolean fsType: type: string initiatorName: type: string iqn: type: string iscsiInterface: default: default type: string lun: format: int32 type: integer portals: items: type: string type: array x-kubernetes-list-type: atomic readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic targetPortal: type: string required: - iqn - lun - targetPortal type: object name: type: string nfs: properties: path: type: string readOnly: type: boolean server: type: string required: - path - server type: object persistentVolumeClaim: properties: claimName: type: string readOnly: type: boolean required: - claimName type: object photonPersistentDisk: properties: fsType: type: string pdID: type: string required: - pdID type: object portworxVolume: properties: fsType: type: string readOnly: type: boolean volumeID: type: string required: - volumeID type: object projected: properties: defaultMode: format: int32 type: integer sources: items: properties: clusterTrustBundle: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic name: type: string optional: type: boolean path: type: string signerName: type: string required: - path type: object configMap: properties: items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array x-kubernetes-list-type: atomic name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: properties: items: items: properties: fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: format: int32 type: integer path: type: string resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic required: - path type: object type: array x-kubernetes-list-type: atomic type: object podCertificate: properties: certificateChainPath: type: string credentialBundlePath: type: string keyPath: type: string keyType: type: string maxExpirationSeconds: format: int32 type: integer signerName: type: string userAnnotations: additionalProperties: type: string type: object required: - keyType - signerName type: object secret: properties: items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array x-kubernetes-list-type: atomic name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: properties: audience: type: string expirationSeconds: format: int64 type: integer path: type: string required: - path type: object type: object type: array x-kubernetes-list-type: atomic type: object quobyte: properties: group: type: string readOnly: type: boolean registry: type: string tenant: type: string user: type: string volume: type: string required: - registry - volume type: object rbd: properties: fsType: type: string image: type: string keyring: default: /etc/ceph/keyring type: string monitors: items: type: string type: array x-kubernetes-list-type: atomic pool: default: rbd type: string readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic user: default: admin type: string required: - image - monitors type: object scaleIO: properties: fsType: default: xfs type: string gateway: type: string protectionDomain: type: string readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic sslEnabled: type: boolean storageMode: default: ThinProvisioned type: string storagePool: type: string system: type: string volumeName: type: string required: - gateway - secretRef - system type: object secret: properties: defaultMode: format: int32 type: integer items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array x-kubernetes-list-type: atomic optional: type: boolean secretName: type: string type: object storageos: properties: fsType: type: string readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic volumeName: type: string volumeNamespace: type: string type: object vsphereVolume: properties: fsType: type: string storagePolicyID: type: string storagePolicyName: type: string volumePath: type: string required: - volumePath type: object required: - name type: object type: array required: - image type: object status: properties: message: type: string phase: default: Pending type: string type: object type: object served: true storage: true subresources: status: {} --- apiVersion: v1 kind: ServiceAccount metadata: labels: app.kubernetes.io/managed-by: kustomize app.kubernetes.io/name: operator name: operator-kairos-operator namespace: operator-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: app.kubernetes.io/managed-by: kustomize app.kubernetes.io/name: operator name: operator-leader-election-role namespace: operator-system rules: - apiGroups: - "" resources: - configmaps verbs: - get - list - watch - create - update - patch - delete - apiGroups: - coordination.k8s.io resources: - leases verbs: - get - list - watch - create - update - patch - delete - apiGroups: - "" resources: - events verbs: - create - patch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: operator-manager-role rules: - apiGroups: - "" resources: - configmaps verbs: - create - get - list - watch - apiGroups: - "" resources: - namespaces verbs: - get - list - watch - apiGroups: - "" resources: - nodes verbs: - get - list - patch - update - watch - apiGroups: - "" resources: - persistentvolumeclaims verbs: - create - delete - get - list - watch - apiGroups: - "" resources: - pods - serviceaccounts verbs: - create - delete - get - list - patch - update - watch - apiGroups: - "" resources: - secrets verbs: - create - get - list - update - watch - apiGroups: - batch resources: - jobs verbs: - create - delete - get - list - patch - update - watch - apiGroups: - batch resources: - jobs/status verbs: - get - patch - update - apiGroups: - build.kairos.io resources: - osartifacts verbs: - create - delete - get - list - patch - update - watch - apiGroups: - build.kairos.io resources: - osartifacts/finalizers verbs: - update - apiGroups: - build.kairos.io resources: - osartifacts/status verbs: - get - patch - update - apiGroups: - operator.kairos.io resources: - nodeops - nodeopupgrades verbs: - create - delete - get - list - patch - update - watch - apiGroups: - operator.kairos.io resources: - nodeops/finalizers - nodeopupgrades/finalizers verbs: - update - apiGroups: - operator.kairos.io resources: - nodeops/status - nodeopupgrades/status verbs: - get - patch - update - apiGroups: - rbac.authorization.k8s.io resources: - clusterrolebindings - clusterroles - rolebindings - roles verbs: - create - delete - get - list - patch - update - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: operator-metrics-auth-role rules: - apiGroups: - authentication.k8s.io resources: - tokenreviews verbs: - create - apiGroups: - authorization.k8s.io resources: - subjectaccessreviews verbs: - create --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: operator-metrics-reader rules: - nonResourceURLs: - /metrics verbs: - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: app.kubernetes.io/managed-by: kustomize app.kubernetes.io/name: operator name: operator-nodeop-admin-role rules: - apiGroups: - operator.kairos.io resources: - nodeops verbs: - '*' - apiGroups: - operator.kairos.io resources: - nodeops/status verbs: - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: app.kubernetes.io/managed-by: kustomize app.kubernetes.io/name: operator name: operator-nodeop-editor-role rules: - apiGroups: - operator.kairos.io resources: - nodeops verbs: - create - delete - get - list - patch - update - watch - apiGroups: - operator.kairos.io resources: - nodeops/status verbs: - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: app.kubernetes.io/managed-by: kustomize app.kubernetes.io/name: operator name: operator-nodeop-viewer-role rules: - apiGroups: - operator.kairos.io resources: - nodeops verbs: - get - list - watch - apiGroups: - operator.kairos.io resources: - nodeops/status verbs: - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: operator-osartifact-editor-role rules: - apiGroups: - build.kairos.io resources: - osartifacts verbs: - create - delete - get - list - patch - update - watch - apiGroups: - build.kairos.io resources: - osartifacts/status verbs: - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: operator-osartifact-viewer-role rules: - apiGroups: - build.kairos.io resources: - osartifacts verbs: - get - list - watch - apiGroups: - build.kairos.io resources: - osartifacts/status verbs: - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: app.kubernetes.io/managed-by: kustomize app.kubernetes.io/name: operator name: operator-leader-election-rolebinding namespace: operator-system roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: operator-leader-election-role subjects: - kind: ServiceAccount name: operator-kairos-operator namespace: operator-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: operator-kairos-operator-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: operator-manager-role subjects: - kind: ServiceAccount name: operator-kairos-operator namespace: operator-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: operator-metrics-auth-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: operator-metrics-auth-role subjects: - kind: ServiceAccount name: operator-kairos-operator namespace: operator-system --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: operator app.kubernetes.io/managed-by: kustomize app.kubernetes.io/name: kairos-operator name: operator-kairos-operator-metrics-service namespace: operator-system spec: ports: - name: https port: 8443 protocol: TCP targetPort: 8443 selector: app.kubernetes.io/component: operator app.kubernetes.io/name: kairos-operator --- apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/component: operator app.kubernetes.io/managed-by: kustomize app.kubernetes.io/name: kairos-operator name: operator-kairos-operator namespace: operator-system spec: replicas: 1 selector: matchLabels: app.kubernetes.io/component: operator app.kubernetes.io/name: kairos-operator template: metadata: annotations: kubectl.kubernetes.io/default-container: manager labels: app.kubernetes.io/component: operator app.kubernetes.io/name: kairos-operator spec: containers: - args: - --metrics-bind-address=:8443 - --leader-elect - --health-probe-bind-address=:8081 command: - /manager env: - name: CONTROLLER_POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: CONTROLLER_POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: OPERATOR_IMAGE value: quay.io/kairos/operator:v0.1.0-beta4 - name: NODE_LABELER_IMAGE value: quay.io/kairos/operator-node-labeler:v0.1.0-beta4 - name: SENTINEL_IMAGE value: "" - name: NODEOP_DEFAULT_IMAGE value: busybox:latest image: quay.io/kairos/operator:v0.1.0-beta4 imagePullPolicy: IfNotPresent livenessProbe: httpGet: path: /healthz port: 8081 initialDelaySeconds: 15 periodSeconds: 20 name: manager ports: [] readinessProbe: httpGet: path: /readyz port: 8081 initialDelaySeconds: 5 periodSeconds: 10 resources: limits: cpu: 500m memory: 128Mi requests: cpu: 10m memory: 64Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL volumeMounts: [] securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault serviceAccountName: operator-kairos-operator terminationGracePeriodSeconds: 10 tolerations: - key: CriticalAddonsOnly operator: Exists - effect: NoSchedule key: node-role.kubernetes.io/master operator: Exists - effect: NoSchedule key: node-role.kubernetes.io/controlplane operator: Exists - effect: NoSchedule key: node-role.kubernetes.io/control-plane operator: Exists - effect: NoExecute key: node-role.kubernetes.io/etcd operator: Exists volumes: []