kube_schema 1.4.4 → 1.4.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/LICENSE +201 -0
  4. data/lib/kube/schema/version.rb +1 -1
  5. data/schemas/crd-definitions.json +225 -37
  6. data/schemas/kubevirt-definitions.json +4 -4
  7. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e9695974cb2703c11c69c41aa624cd96cf6ac5f8bcf9859ebce423be49146250
4
- data.tar.gz: 23210ffab5ca166dacfa3f1ba2ce2d24742a36127d95fa1a1b0d896c464ef1ed
3
+ metadata.gz: 8444ae375cd69a41a2d3d8dff521b595f2efd08754794b797780305853890b11
4
+ data.tar.gz: ed93e9d9788ae21784ae8c93a4d3cc25c54487153a2617348d0e5bab1a11f9c3
5
5
  SHA512:
6
- metadata.gz: aac9d217ba2235bda3206de3391ece4da353a938b40e0ae58c98932bf03c9deee679e4c2072bbbdf5566e4663b0551b75ff700573481893bd44127e01de0f30e
7
- data.tar.gz: 1fc8fc7a0fd40fb47168c48b194f1c51522479652d391d3aa372928d91c08c348595c3e451db2f9ff53187fa4eabaed709f65e63a1e1e119588cc31426b77c65
6
+ metadata.gz: a0d886d1b544f34d0b2497bb5db67d39cc5749b92de690ade549ffc628e2d6270b06b59b154d632a4140501f6c1fbd397d625633770280973e6e6711cc37e888
7
+ data.tar.gz: 59d94d90d141d76caabfd49650931a9292b57bd24f4e5ec80aa0d052de9667ea110ee65b8ae93c559ab024150cde04026026dc57d5c06b006be116530b4696aa
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- kube_schema (1.4.4)
4
+ kube_schema (1.4.5)
5
5
  json_schemer (~> 2.5.0)
6
6
  rubyshell (~> 1.5.0)
7
7
 
data/LICENSE ADDED
@@ -0,0 +1,201 @@
1
+ Apache License
2
+ Version 2.0, January 2004
3
+ http://www.apache.org/licenses/
4
+
5
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6
+
7
+ 1. Definitions.
8
+
9
+ "License" shall mean the terms and conditions for use, reproduction,
10
+ and distribution as defined by Sections 1 through 9 of this document.
11
+
12
+ "Licensor" shall mean the copyright owner or entity authorized by
13
+ the copyright owner that is granting the License.
14
+
15
+ "Legal Entity" shall mean the union of the acting entity and all
16
+ other entities that control, are controlled by, or are under common
17
+ control with that entity. For the purposes of this definition,
18
+ "control" means (i) the power, direct or indirect, to cause the
19
+ direction or management of such entity, whether by contract or
20
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
21
+ outstanding shares, or (iii) beneficial ownership of such entity.
22
+
23
+ "You" (or "Your") shall mean an individual or Legal Entity
24
+ exercising permissions granted by this License.
25
+
26
+ "Source" form shall mean the preferred form for making modifications,
27
+ including but not limited to software source code, documentation
28
+ source, and configuration files.
29
+
30
+ "Object" form shall mean any form resulting from mechanical
31
+ transformation or translation of a Source form, including but
32
+ not limited to compiled object code, generated documentation,
33
+ and conversions to other media types.
34
+
35
+ "Work" shall mean the work of authorship, whether in Source or
36
+ Object form, made available under the License, as indicated by a
37
+ copyright notice that is included in or attached to the work
38
+ (an example is provided in the Appendix below).
39
+
40
+ "Derivative Works" shall mean any work, whether in Source or Object
41
+ form, that is based on (or derived from) the Work and for which the
42
+ editorial revisions, annotations, elaborations, or other modifications
43
+ represent, as a whole, an original work of authorship. For the purposes
44
+ of this License, Derivative Works shall not include works that remain
45
+ separable from, or merely link (or bind by name) to the interfaces of,
46
+ the Work and Derivative Works thereof.
47
+
48
+ "Contribution" shall mean any work of authorship, including
49
+ the original version of the Work and any modifications or additions
50
+ to that Work or Derivative Works thereof, that is intentionally
51
+ submitted to Licensor for inclusion in the Work by the copyright owner
52
+ or by an individual or Legal Entity authorized to submit on behalf of
53
+ the copyright owner. For the purposes of this definition, "submitted"
54
+ means any form of electronic, verbal, or written communication sent
55
+ to the Licensor or its representatives, including but not limited to
56
+ communication on electronic mailing lists, source code control systems,
57
+ and issue tracking systems that are managed by, or on behalf of, the
58
+ Licensor for the purpose of discussing and improving the Work, but
59
+ excluding communication that is conspicuously marked or otherwise
60
+ designated in writing by the copyright owner as "Not a Contribution."
61
+
62
+ "Contributor" shall mean Licensor and any individual or Legal Entity
63
+ on behalf of whom a Contribution has been received by Licensor and
64
+ subsequently incorporated within the Work.
65
+
66
+ 2. Grant of Copyright License. Subject to the terms and conditions of
67
+ this License, each Contributor hereby grants to You a perpetual,
68
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69
+ copyright license to reproduce, prepare Derivative Works of,
70
+ publicly display, publicly perform, sublicense, and distribute the
71
+ Work and such Derivative Works in Source or Object form.
72
+
73
+ 3. Grant of Patent License. Subject to the terms and conditions of
74
+ this License, each Contributor hereby grants to You a perpetual,
75
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76
+ (except as stated in this section) patent license to make, have made,
77
+ use, offer to sell, sell, import, and otherwise transfer the Work,
78
+ where such license applies only to those patent claims licensable
79
+ by such Contributor that are necessarily infringed by their
80
+ Contribution(s) alone or by combination of their Contribution(s)
81
+ with the Work to which such Contribution(s) was submitted. If You
82
+ institute patent litigation against any entity (including a
83
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
84
+ or a Contribution incorporated within the Work constitutes direct
85
+ or contributory patent infringement, then any patent licenses
86
+ granted to You under this License for that Work shall terminate
87
+ as of the date such litigation is filed.
88
+
89
+ 4. Redistribution. You may reproduce and distribute copies of the
90
+ Work or Derivative Works thereof in any medium, with or without
91
+ modifications, and in Source or Object form, provided that You
92
+ meet the following conditions:
93
+
94
+ (a) You must give any other recipients of the Work or
95
+ Derivative Works a copy of this License; and
96
+
97
+ (b) You must cause any modified files to carry prominent notices
98
+ stating that You changed the files; and
99
+
100
+ (c) You must retain, in the Source form of any Derivative Works
101
+ that You distribute, all copyright, patent, trademark, and
102
+ attribution notices from the Source form of the Work,
103
+ excluding those notices that do not pertain to any part of
104
+ the Derivative Works; and
105
+
106
+ (d) If the Work includes a "NOTICE" text file as part of its
107
+ distribution, then any Derivative Works that You distribute must
108
+ include a readable copy of the attribution notices contained
109
+ within such NOTICE file, excluding those notices that do not
110
+ pertain to any part of the Derivative Works, in at least one
111
+ of the following places: within a NOTICE text file distributed
112
+ as part of the Derivative Works; within the Source form or
113
+ documentation, if provided along with the Derivative Works; or,
114
+ within a display generated by the Derivative Works, if and
115
+ wherever such third-party notices normally appear. The contents
116
+ of the NOTICE file are for informational purposes only and
117
+ do not modify the License. You may add Your own attribution
118
+ notices within Derivative Works that You distribute, alongside
119
+ or as an addendum to the NOTICE text from the Work, provided
120
+ that such additional attribution notices cannot be construed
121
+ as modifying the License.
122
+
123
+ You may add Your own copyright statement to Your modifications and
124
+ may provide additional or different license terms and conditions
125
+ for use, reproduction, or distribution of Your modifications, or
126
+ for any such Derivative Works as a whole, provided Your use,
127
+ reproduction, and distribution of the Work otherwise complies with
128
+ the conditions stated in this License.
129
+
130
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
131
+ any Contribution intentionally submitted for inclusion in the Work
132
+ by You to the Licensor shall be under the terms and conditions of
133
+ this License, without any additional terms or conditions.
134
+ Notwithstanding the above, nothing herein shall supersede or modify
135
+ the terms of any separate license agreement you may have executed
136
+ with Licensor regarding such Contributions.
137
+
138
+ 6. Trademarks. This License does not grant permission to use the trade
139
+ names, trademarks, service marks, or product names of the Licensor,
140
+ except as required for reasonable and customary use in describing the
141
+ origin of the Work and reproducing the content of the NOTICE file.
142
+
143
+ 7. Disclaimer of Warranty. Unless required by applicable law or
144
+ agreed to in writing, Licensor provides the Work (and each
145
+ Contributor provides its Contributions) on an "AS IS" BASIS,
146
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147
+ implied, including, without limitation, any warranties or conditions
148
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149
+ PARTICULAR PURPOSE. You are solely responsible for determining the
150
+ appropriateness of using or redistributing the Work and assume any
151
+ risks associated with Your exercise of permissions under this License.
152
+
153
+ 8. Limitation of Liability. In no event and under no legal theory,
154
+ whether in tort (including negligence), contract, or otherwise,
155
+ unless required by applicable law (such as deliberate and grossly
156
+ negligent acts) or agreed to in writing, shall any Contributor be
157
+ liable to You for damages, including any direct, indirect, special,
158
+ incidental, or consequential damages of any character arising as a
159
+ result of this License or out of the use or inability to use the
160
+ Work (including but not limited to damages for loss of goodwill,
161
+ work stoppage, computer failure or malfunction, or any and all
162
+ other commercial damages or losses), even if such Contributor
163
+ has been advised of the possibility of such damages.
164
+
165
+ 9. Accepting Warranty or Additional Liability. While redistributing
166
+ the Work or Derivative Works thereof, You may choose to offer,
167
+ and charge a fee for, acceptance of support, warranty, indemnity,
168
+ or other liability obligations and/or rights consistent with this
169
+ License. However, in accepting such obligations, You may act only
170
+ on Your own behalf and on Your sole responsibility, not on behalf
171
+ of any other Contributor, and only if You agree to indemnify,
172
+ defend, and hold each Contributor harmless for any liability
173
+ incurred by, or claims asserted against, such Contributor by reason
174
+ of your accepting any such warranty or additional liability.
175
+
176
+ END OF TERMS AND CONDITIONS
177
+
178
+ APPENDIX: How to apply the Apache License to your work.
179
+
180
+ To apply the Apache License to your work, attach the following
181
+ boilerplate notice, with the fields enclosed by brackets "[]"
182
+ replaced with your own identifying information. (Don't include
183
+ the brackets!) The text should be enclosed in the appropriate
184
+ comment syntax for the file format. We also recommend that a
185
+ file or class name and description of purpose be included on the
186
+ same "printed page" as the copyright notice for easier
187
+ identification within third-party archives.
188
+
189
+ Copyright [yyyy] [name of copyright owner]
190
+
191
+ Licensed under the Apache License, Version 2.0 (the "License");
192
+ you may not use this file except in compliance with the License.
193
+ You may obtain a copy of the License at
194
+
195
+ http://www.apache.org/licenses/LICENSE-2.0
196
+
197
+ Unless required by applicable law or agreed to in writing, software
198
+ distributed under the License is distributed on an "AS IS" BASIS,
199
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200
+ See the License for the specific language governing permissions and
201
+ limitations under the License.
data/lib/kube/schema/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Kube
4
4
  module Schema
5
- VERSION = "1.4.4"
5
+ VERSION = "1.4.5"
6
6
  end
7
7
  end
data/schemas/crd-definitions.json CHANGED
@@ -233115,7 +233115,7 @@
233115
233115
  "type": "boolean"
233116
233116
  },
233117
233117
  "procMount": {
233118
- "description": "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows.",
233118
+ "description": "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nNote that this field cannot be set when spec.os.name is windows.",
233119
233119
  "type": "string"
233120
233120
  },
233121
233121
  "readOnlyRootFilesystem": {
@@ -238016,7 +238016,7 @@
238016
238016
  "type": "boolean"
238017
238017
  },
238018
238018
  "procMount": {
238019
- "description": "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows.",
238019
+ "description": "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nNote that this field cannot be set when spec.os.name is windows.",
238020
238020
  "type": "string"
238021
238021
  },
238022
238022
  "readOnlyRootFilesystem": {
@@ -239294,7 +239294,7 @@
239294
239294
  "type": "boolean"
239295
239295
  },
239296
239296
  "procMount": {
239297
- "description": "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows.",
239297
+ "description": "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nNote that this field cannot be set when spec.os.name is windows.",
239298
239298
  "type": "string"
239299
239299
  },
239300
239300
  "readOnlyRootFilesystem": {
@@ -239660,7 +239660,7 @@
239660
239660
  "type": "boolean"
239661
239661
  },
239662
239662
  "hostUsers": {
239663
- "description": "Use the host's user namespace.\nOptional: Default to true.\nIf set to true or not present, the pod will be run in the host user namespace, useful\nfor when the pod needs a feature only available to the host user namespace, such as\nloading a kernel module with CAP_SYS_MODULE.\nWhen set to false, a new userns is created for the pod. Setting false is useful for\nmitigating container breakout vulnerabilities even allowing users to run their\ncontainers as root without actually having root privileges on the host.\nThis field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.",
239663
+ "description": "Use the host's user namespace.\nOptional: Default to true.\nIf set to true or not present, the pod will be run in the host user namespace, useful\nfor when the pod needs a feature only available to the host user namespace, such as\nloading a kernel module with CAP_SYS_MODULE.\nWhen set to false, a new userns is created for the pod. Setting false is useful for\nmitigating container breakout vulnerabilities even allowing users to run their\ncontainers as root without actually having root privileges on the host.",
239664
239664
  "type": "boolean"
239665
239665
  },
239666
239666
  "hostname": {
@@ -240599,7 +240599,7 @@
240599
240599
  "type": "boolean"
240600
240600
  },
240601
240601
  "procMount": {
240602
- "description": "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows.",
240602
+ "description": "procMount denotes the type of proc mount to use for the containers.\nThe default value is Default which uses the container runtime defaults for\nreadonly paths and masked paths.\nNote that this field cannot be set when spec.os.name is windows.",
240603
240603
  "type": "string"
240604
240604
  },
240605
240605
  "readOnlyRootFilesystem": {
@@ -240987,7 +240987,7 @@
240987
240987
  "description": "ResourceClaims defines which ResourceClaims must be allocated\nand reserved before the Pod is allowed to start. The resources\nwill be made available to those containers which consume them\nby name.\n\nThis is a stable field but requires that the\nDynamicResourceAllocation feature gate is enabled.\n\nThis field is immutable.",
240988
240988
  "type": "array",
240989
240989
  "items": {
240990
- "description": "PodResourceClaim references exactly one ResourceClaim, either directly\nor by naming a ResourceClaimTemplate which is then turned into a ResourceClaim\nfor the pod.\n\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod.\nContainers that need access to the ResourceClaim reference it with this name.",
240990
+ "description": "PodResourceClaim references exactly one ResourceClaim, either directly\nor by naming a ResourceClaimTemplate which is then turned into a ResourceClaim\nfor the pod.\n\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod.\nContainers that need access to the ResourceClaim reference it with this name.\n\nWhen the DRAWorkloadResourceClaims feature gate is enabled and this Pod\nbelongs to a PodGroup, a PodResourceClaim is matched to a\nPodGroupResourceClaim if all of their fields are equal (Name,\nResourceClaimName, and ResourceClaimTemplateName). A matched claim references\na single ResourceClaim shared across all Pods in the PodGroup, reserved for\nthe PodGroup in ResourceClaimStatus.ReservedFor rather than for individual\nPods.",
240991
240991
  "type": "object",
240992
240992
  "required": [
240993
240993
  "name"
@@ -241002,7 +241002,7 @@
241002
241002
  "type": "string"
241003
241003
  },
241004
241004
  "resourceClaimTemplateName": {
241005
- "description": "ResourceClaimTemplateName is the name of a ResourceClaimTemplate\nobject in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will\nbe bound to this pod. When this pod is deleted, the ResourceClaim\nwill also be deleted. The pod name and resource name, along with a\ngenerated component, will be used to form a unique name for the\nResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nThis field is immutable and no changes will be made to the\ncorresponding ResourceClaim by the control plane after creating the\nResourceClaim.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must\nbe set.",
241005
+ "description": "ResourceClaimTemplateName is the name of a ResourceClaimTemplate\nobject in the same namespace as this pod.\n\nThe template will be used to create a new ResourceClaim, which will\nbe bound to this pod. When this pod is deleted, the ResourceClaim\nwill also be deleted. The pod name and resource name, along with a\ngenerated component, will be used to form a unique name for the\nResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\nWhen the DRAWorkloadResourceClaims feature gate is enabled and the pod\nbelongs to a PodGroup that defines a PodGroupResourceClaim with the same\nName and ResourceClaimTemplateName, this PodResourceClaim resolves to the\nResourceClaim generated for the PodGroup. All pods in the group that\ndefine an equivalent PodResourceClaim matching the\nPodGroupResourceClaim's Name and ResourceClaimTemplateName share the same\ngenerated ResourceClaim. ResourceClaims generated for a PodGroup are\nowned by the PodGroup and their lifecycles are tied to the PodGroup\ninstead of any individual pod.\n\nThis field is immutable and no changes will be made to the\ncorresponding ResourceClaim by the control plane after creating the\nResourceClaim.\n\nExactly one of ResourceClaimName and ResourceClaimTemplateName must\nbe set.",
241006
241006
  "type": "string"
241007
241007
  }
241008
241008
  }
@@ -241092,6 +241092,16 @@
241092
241092
  ],
241093
241093
  "x-kubernetes-list-type": "map"
241094
241094
  },
241095
+ "schedulingGroup": {
241096
+ "description": "SchedulingGroup provides a reference to the immediate scheduling runtime\ngrouping object that this Pod belongs to.\nThis field is used by the scheduler to identify the group and apply the\ncorrect group scheduling policies. The association with a group also\nimpacts other lifecycle aspects of a Pod that are relevant in a wider context\nof scheduling like preemption, resource attachment, etc. If not specified,\nthe Pod is treated as a single unit in all of these aspects.\nThe group object referenced by this field may not exist at the time the\nPod is created.\nThis field is immutable, but a group object with the same name may be\nrecreated with different policies. Doing this during pod scheduling\nmay result in the placement not conforming to the expected policies.",
241097
+ "type": "object",
241098
+ "properties": {
241099
+ "podGroupName": {
241100
+ "description": "PodGroupName specifies the name of the standalone PodGroup object\nthat represents the runtime instance of this group.\nMust be a DNS subdomain.",
241101
+ "type": "string"
241102
+ }
241103
+ }
241104
+ },
241095
241105
  "securityContext": {
241096
241106
  "description": "SecurityContext holds pod-level security attributes and common container settings.\nOptional: Defaults to empty. See type description for default values of each field.",
241097
241107
  "type": "object",
@@ -242080,7 +242090,7 @@
242080
242090
  }
242081
242091
  },
242082
242092
  "image": {
242083
- "description": "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro) and non-executable files (noexec).\nSub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33.\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.",
242093
+ "description": "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.\nThe volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.\n- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.\n- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.\nA failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.\nThe types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.\nThe OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.\nThe volume will be mounted read-only (ro).\nSub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33.\nThe field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.",
242084
242094
  "type": "object",
242085
242095
  "properties": {
242086
242096
  "pullPolicy": {
@@ -242221,7 +242231,7 @@
242221
242231
  }
242222
242232
  },
242223
242233
  "portworxVolume": {
242224
- "description": "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate\nis on.",
242234
+ "description": "portworxVolume represents a portworx volume attached and mounted on kubelets host machine.\nDeprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type\nare redirected to the pxd.portworx.com CSI driver.",
242225
242235
  "type": "object",
242226
242236
  "required": [
242227
242237
  "volumeID"
@@ -242809,28 +242819,6 @@
242809
242819
  "name"
242810
242820
  ],
242811
242821
  "x-kubernetes-list-type": "map"
242812
- },
242813
- "workloadRef": {
242814
- "description": "WorkloadRef provides a reference to the Workload object that this Pod belongs to.\nThis field is used by the scheduler to identify the PodGroup and apply the\ncorrect group scheduling policies. The Workload object referenced\nby this field may not exist at the time the Pod is created.\nThis field is immutable, but a Workload object with the same name\nmay be recreated with different policies. Doing this during pod scheduling\nmay result in the placement not conforming to the expected policies.",
242815
- "type": "object",
242816
- "required": [
242817
- "name",
242818
- "podGroup"
242819
- ],
242820
- "properties": {
242821
- "name": {
242822
- "description": "Name defines the name of the Workload object this Pod belongs to.\nWorkload must be in the same namespace as the Pod.\nIf it doesn't match any existing Workload, the Pod will remain unschedulable\nuntil a Workload object is created and observed by the kube-scheduler.\nIt must be a DNS subdomain.",
242823
- "type": "string"
242824
- },
242825
- "podGroup": {
242826
- "description": "PodGroup is the name of the PodGroup within the Workload that this Pod\nbelongs to. If it doesn't match any existing PodGroup within the Workload,\nthe Pod will remain unschedulable until the Workload object is recreated\nand observed by the kube-scheduler. It must be a DNS label.",
242827
- "type": "string"
242828
- },
242829
- "podGroupReplicaKey": {
242830
- "description": "PodGroupReplicaKey specifies the replica key of the PodGroup to which this\nPod belongs. It is used to distinguish pods belonging to different replicas\nof the same pod group. The pod group policy is applied separately to each replica.\nWhen set, it must be a DNS label.",
242831
- "type": "string"
242832
- }
242833
- }
242834
242822
  }
242835
242823
  }
242836
242824
  }
@@ -254672,14 +254660,13 @@
254672
254660
  "description": "Pulumi configures this store to sync secrets using the Pulumi provider",
254673
254661
  "type": "object",
254674
254662
  "required": [
254675
- "accessToken",
254676
254663
  "environment",
254677
254664
  "organization",
254678
254665
  "project"
254679
254666
  ],
254680
254667
  "properties": {
254681
254668
  "accessToken": {
254682
- "description": "AccessToken is the access tokens to sign in to the Pulumi Cloud Console.",
254669
+ "description": "AccessToken is the access tokens to sign in to the Pulumi Cloud Console.\n\nDeprecated: Use auth.accessToken instead.",
254683
254670
  "type": "object",
254684
254671
  "properties": {
254685
254672
  "secretRef": {
@@ -254715,6 +254702,101 @@
254715
254702
  "description": "APIURL is the URL of the Pulumi API.",
254716
254703
  "type": "string"
254717
254704
  },
254705
+ "auth": {
254706
+ "description": "Auth configures how the Operator authenticates with the Pulumi API.\nEither auth or the deprecated accessToken field must be specified.",
254707
+ "type": "object",
254708
+ "properties": {
254709
+ "accessToken": {
254710
+ "description": "AccessToken authenticates using a Pulumi access token stored in a Kubernetes Secret.",
254711
+ "type": "object",
254712
+ "properties": {
254713
+ "secretRef": {
254714
+ "description": "SecretRef is a reference to a secret containing the Pulumi API token.",
254715
+ "type": "object",
254716
+ "properties": {
254717
+ "key": {
254718
+ "description": "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required.",
254719
+ "type": "string",
254720
+ "maxLength": 253,
254721
+ "minLength": 1,
254722
+ "pattern": "^[-._a-zA-Z0-9]+$"
254723
+ },
254724
+ "name": {
254725
+ "description": "The name of the Secret resource being referred to.",
254726
+ "type": "string",
254727
+ "maxLength": 253,
254728
+ "minLength": 1,
254729
+ "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"
254730
+ },
254731
+ "namespace": {
254732
+ "description": "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.",
254733
+ "type": "string",
254734
+ "maxLength": 63,
254735
+ "minLength": 1,
254736
+ "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$"
254737
+ }
254738
+ }
254739
+ }
254740
+ }
254741
+ },
254742
+ "oidcConfig": {
254743
+ "description": "OIDCConfig authenticates using Kubernetes ServiceAccount tokens via OIDC.",
254744
+ "type": "object",
254745
+ "required": [
254746
+ "organization",
254747
+ "serviceAccountRef"
254748
+ ],
254749
+ "properties": {
254750
+ "expirationSeconds": {
254751
+ "description": "ExpirationSeconds sets the token validity duration for service account and OIDC token.\nDefaults to 10 minutes.",
254752
+ "type": "integer",
254753
+ "format": "int64",
254754
+ "minimum": 600
254755
+ },
254756
+ "organization": {
254757
+ "description": "Organization is the name of the Pulumi organization configured for OIDC authentication.",
254758
+ "type": "string"
254759
+ },
254760
+ "serviceAccountRef": {
254761
+ "description": "ServiceAccountRef specifies the Kubernetes ServiceAccount to use for authentication.",
254762
+ "type": "object",
254763
+ "required": [
254764
+ "name"
254765
+ ],
254766
+ "properties": {
254767
+ "audiences": {
254768
+ "description": "Audience specifies the `aud` claim for the service account token\nIf the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity\nthen this audiences will be appended to the list",
254769
+ "type": "array",
254770
+ "items": {
254771
+ "type": "string"
254772
+ }
254773
+ },
254774
+ "name": {
254775
+ "description": "The name of the ServiceAccount resource being referred to.",
254776
+ "type": "string",
254777
+ "maxLength": 253,
254778
+ "minLength": 1,
254779
+ "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"
254780
+ },
254781
+ "namespace": {
254782
+ "description": "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.",
254783
+ "type": "string",
254784
+ "maxLength": 63,
254785
+ "minLength": 1,
254786
+ "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$"
254787
+ }
254788
+ }
254789
+ }
254790
+ }
254791
+ }
254792
+ },
254793
+ "x-kubernetes-validations": [
254794
+ {
254795
+ "message": "Exactly one of 'accessToken' or 'oidcConfig' must be specified",
254796
+ "rule": "(has(self.accessToken) && !has(self.oidcConfig)) || (!has(self.accessToken) && has(self.oidcConfig))"
254797
+ }
254798
+ ]
254799
+ },
254718
254800
  "environment": {
254719
254801
  "description": "Environment are YAML documents composed of static key-value pairs, programmatic expressions,\ndynamically retrieved values from supported providers including all major clouds,\nand other Pulumi ESC environments.\nTo create a new environment, visit https://www.pulumi.com/docs/esc/environments/ for more information.",
254720
254802
  "type": "string"
@@ -254727,7 +254809,13 @@
254727
254809
  "description": "Project is the name of the Pulumi ESC project the environment belongs to.",
254728
254810
  "type": "string"
254729
254811
  }
254730
- }
254812
+ },
254813
+ "x-kubernetes-validations": [
254814
+ {
254815
+ "message": "Exactly one of 'auth' or deprecated 'accessToken' must be specified",
254816
+ "rule": "(has(self.auth) && !has(self.accessToken)) || (!has(self.auth) && has(self.accessToken))"
254817
+ }
254818
+ ]
254731
254819
  },
254732
254820
  "scaleway": {
254733
254821
  "description": "Scaleway configures this store to sync secrets using the Scaleway provider.",
@@ -261918,14 +262006,13 @@
261918
262006
  "description": "Pulumi configures this store to sync secrets using the Pulumi provider",
261919
262007
  "type": "object",
261920
262008
  "required": [
261921
- "accessToken",
261922
262009
  "environment",
261923
262010
  "organization",
261924
262011
  "project"
261925
262012
  ],
261926
262013
  "properties": {
261927
262014
  "accessToken": {
261928
- "description": "AccessToken is the access tokens to sign in to the Pulumi Cloud Console.",
262015
+ "description": "AccessToken is the access tokens to sign in to the Pulumi Cloud Console.\n\nDeprecated: Use auth.accessToken instead.",
261929
262016
  "type": "object",
261930
262017
  "properties": {
261931
262018
  "secretRef": {
@@ -261961,6 +262048,101 @@
261961
262048
  "description": "APIURL is the URL of the Pulumi API.",
261962
262049
  "type": "string"
261963
262050
  },
262051
+ "auth": {
262052
+ "description": "Auth configures how the Operator authenticates with the Pulumi API.\nEither auth or the deprecated accessToken field must be specified.",
262053
+ "type": "object",
262054
+ "properties": {
262055
+ "accessToken": {
262056
+ "description": "AccessToken authenticates using a Pulumi access token stored in a Kubernetes Secret.",
262057
+ "type": "object",
262058
+ "properties": {
262059
+ "secretRef": {
262060
+ "description": "SecretRef is a reference to a secret containing the Pulumi API token.",
262061
+ "type": "object",
262062
+ "properties": {
262063
+ "key": {
262064
+ "description": "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required.",
262065
+ "type": "string",
262066
+ "maxLength": 253,
262067
+ "minLength": 1,
262068
+ "pattern": "^[-._a-zA-Z0-9]+$"
262069
+ },
262070
+ "name": {
262071
+ "description": "The name of the Secret resource being referred to.",
262072
+ "type": "string",
262073
+ "maxLength": 253,
262074
+ "minLength": 1,
262075
+ "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"
262076
+ },
262077
+ "namespace": {
262078
+ "description": "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.",
262079
+ "type": "string",
262080
+ "maxLength": 63,
262081
+ "minLength": 1,
262082
+ "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$"
262083
+ }
262084
+ }
262085
+ }
262086
+ }
262087
+ },
262088
+ "oidcConfig": {
262089
+ "description": "OIDCConfig authenticates using Kubernetes ServiceAccount tokens via OIDC.",
262090
+ "type": "object",
262091
+ "required": [
262092
+ "organization",
262093
+ "serviceAccountRef"
262094
+ ],
262095
+ "properties": {
262096
+ "expirationSeconds": {
262097
+ "description": "ExpirationSeconds sets the token validity duration for service account and OIDC token.\nDefaults to 10 minutes.",
262098
+ "type": "integer",
262099
+ "format": "int64",
262100
+ "minimum": 600
262101
+ },
262102
+ "organization": {
262103
+ "description": "Organization is the name of the Pulumi organization configured for OIDC authentication.",
262104
+ "type": "string"
262105
+ },
262106
+ "serviceAccountRef": {
262107
+ "description": "ServiceAccountRef specifies the Kubernetes ServiceAccount to use for authentication.",
262108
+ "type": "object",
262109
+ "required": [
262110
+ "name"
262111
+ ],
262112
+ "properties": {
262113
+ "audiences": {
262114
+ "description": "Audience specifies the `aud` claim for the service account token\nIf the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity\nthen this audiences will be appended to the list",
262115
+ "type": "array",
262116
+ "items": {
262117
+ "type": "string"
262118
+ }
262119
+ },
262120
+ "name": {
262121
+ "description": "The name of the ServiceAccount resource being referred to.",
262122
+ "type": "string",
262123
+ "maxLength": 253,
262124
+ "minLength": 1,
262125
+ "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"
262126
+ },
262127
+ "namespace": {
262128
+ "description": "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.",
262129
+ "type": "string",
262130
+ "maxLength": 63,
262131
+ "minLength": 1,
262132
+ "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$"
262133
+ }
262134
+ }
262135
+ }
262136
+ }
262137
+ }
262138
+ },
262139
+ "x-kubernetes-validations": [
262140
+ {
262141
+ "message": "Exactly one of 'accessToken' or 'oidcConfig' must be specified",
262142
+ "rule": "(has(self.accessToken) && !has(self.oidcConfig)) || (!has(self.accessToken) && has(self.oidcConfig))"
262143
+ }
262144
+ ]
262145
+ },
261964
262146
  "environment": {
261965
262147
  "description": "Environment are YAML documents composed of static key-value pairs, programmatic expressions,\ndynamically retrieved values from supported providers including all major clouds,\nand other Pulumi ESC environments.\nTo create a new environment, visit https://www.pulumi.com/docs/esc/environments/ for more information.",
261966
262148
  "type": "string"
@@ -261973,7 +262155,13 @@
261973
262155
  "description": "Project is the name of the Pulumi ESC project the environment belongs to.",
261974
262156
  "type": "string"
261975
262157
  }
261976
- }
262158
+ },
262159
+ "x-kubernetes-validations": [
262160
+ {
262161
+ "message": "Exactly one of 'auth' or deprecated 'accessToken' must be specified",
262162
+ "rule": "(has(self.auth) && !has(self.accessToken)) || (!has(self.auth) && has(self.accessToken))"
262163
+ }
262164
+ ]
261977
262165
  },
261978
262166
  "scaleway": {
261979
262167
  "description": "Scaleway configures this store to sync secrets using the Scaleway provider.",
data/schemas/kubevirt-definitions.json CHANGED
@@ -1526,7 +1526,7 @@
1526
1526
  ],
1527
1527
  "properties": {
1528
1528
  "claimName": {
1529
- "description": "ClaimName needs to be provided from the list vmi.spec.resourceClaims[].name where this device is allocated",
1529
+ "description": "ClaimName references the name of an entry in the VMI's spec.resourceClaims[] array. The referenced entry may use either resourceClaimName or resourceClaimTemplateName.",
1530
1530
  "type": "string"
1531
1531
  },
1532
1532
  "deviceName": {
@@ -1539,7 +1539,7 @@
1539
1539
  "default": ""
1540
1540
  },
1541
1541
  "requestName": {
1542
- "description": "RequestName needs to be provided from resourceClaim.spec.devices.requests[].name where this device is requested",
1542
+ "description": "RequestName specifies which request from the ResourceClaim/ResourceClaimTemplate spec.devices.requests array this claim request corresponds to.",
1543
1543
  "type": "string"
1544
1544
  },
1545
1545
  "tag": {
@@ -1632,7 +1632,7 @@
1632
1632
  ],
1633
1633
  "properties": {
1634
1634
  "claimName": {
1635
- "description": "ClaimName needs to be provided from the list vmi.spec.resourceClaims[].name where this device is allocated",
1635
+ "description": "ClaimName references the name of an entry in the VMI's spec.resourceClaims[] array. The referenced entry may use either resourceClaimName or resourceClaimTemplateName.",
1636
1636
  "type": "string"
1637
1637
  },
1638
1638
  "deviceName": {
@@ -1644,7 +1644,7 @@
1644
1644
  "default": ""
1645
1645
  },
1646
1646
  "requestName": {
1647
- "description": "RequestName needs to be provided from resourceClaim.spec.devices.requests[].name where this device is requested",
1647
+ "description": "RequestName specifies which request from the ResourceClaim/ResourceClaimTemplate spec.devices.requests array this claim request corresponds to.",
1648
1648
  "type": "string"
1649
1649
  },
1650
1650
  "tag": {
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: kube_schema
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.4
4
+ version: 1.4.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nathan K
@@ -99,6 +99,7 @@ files:
99
99
  - ".rubocop.yml"
100
100
  - Gemfile
101
101
  - Gemfile.lock
102
+ - LICENSE
102
103
  - Rakefile
103
104
  - assets/validation-error.png
104
105
  - bin/console