openshift-python-wrapper 10.0.69__tar.gz → 10.0.70__tar.gz

{openshift_python_wrapper-10.0.69 → openshift_python_wrapper-10.0.70}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: openshift-python-wrapper
-Version: 10.0.69
+Version: 10.0.70
 Summary: Wrapper around https://github.com/kubernetes-client/python
 Home-page: https://github.com/RedHatQE/openshift-python-wrapper
 License: Apache-2.0
@@ -17,11 +17,12 @@ Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.12
 Requires-Dist: click (>=8.1.7,<9.0.0)
+Requires-Dist: cloup (>=3.0.5,<4.0.0)
 Requires-Dist: colorlog (>=6.7.0,<7.0.0)
 Requires-Dist: jinja2 (>=3.1.2,<4.0.0)
 Requires-Dist: kubernetes (>=30.0.0,<31.0.0)
 Requires-Dist: packaging (>=23.1,<24.0)
-Requires-Dist: pyhelper-utils (>=0.0.30,<0.0.31)
+Requires-Dist: pyhelper-utils (>=0.0.31,<0.0.32)
 Requires-Dist: python-benedict (>=0.33.0,<0.34.0)
 Requires-Dist: python-simple-logger (>=1.0.6)
 Requires-Dist: rich (>=13.7.1,<14.0.0)

openshift_python_wrapper-10.0.70/ocp_resources/aaq.py

@@ -0,0 +1,150 @@
+# Generated using https://github.com/RedHatQE/openshift-python-wrapper/blob/main/scripts/resource/README.md
+
+from typing import Any, Dict, Optional
+from ocp_resources.resource import Resource
+
+
+class AAQ(Resource):
+    """
+    AAQ is the AAQ Operator CRD
+    """
+
+    api_group: str = Resource.ApiGroup.AAQ_KUBEVIRT_IO
+
+    def __init__(
+        self,
+        cert_config: Optional[Dict[str, Any]] = None,
+        configuration: Optional[Dict[str, Any]] = None,
+        image_pull_policy: Optional[str] = "",
+        infra: Optional[Dict[str, Any]] = None,
+        namespace_selector: Optional[Dict[str, Any]] = None,
+        priority_class: Optional[str] = "",
+        workload: Optional[Dict[str, Any]] = None,
+        **kwargs: Any,
+    ) -> None:
+        """
+        Args:
+            cert_config(Dict[Any, Any]): certificate configuration
+
+              FIELDS:
+                ca	<Object>
+                  CA configuration CA certs are kept in the CA bundle as long as they are
+                  valid
+
+                server	<Object>
+                  Server configuration Certs are rotated and discarded
+
+            configuration(Dict[Any, Any]): holds aaq configurations.
+
+              FIELDS:
+                allowApplicationAwareClusterResourceQuota	<boolean>
+                  AllowApplicationAwareClusterResourceQuota can be set to true to allow
+                  creation and management of ApplicationAwareClusterResourceQuota. Defaults to
+                  false
+
+                sidecarEvaluators	<[]Object>
+                  SidecarEvaluators allow custom quota counting for external operator
+
+                vmiCalculatorConfiguration	<Object>
+                  VmiCalculatorConfiguration determine how resource allocation will be done
+                  with ApplicationAwareResourceQuota
+
+            image_pull_policy(str): PullPolicy describes a policy for if/when to pull a container image
+
+            infra(Dict[Any, Any]): Rules on which nodes AAQ infrastructure pods will be scheduled
+
+              FIELDS:
+                affinity	<Object>
+                  affinity enables pod affinity/anti-affinity placement expanding the types of
+                  constraints that can be expressed with nodeSelector. affinity is going to be
+                  applied to the relevant kind of pods in parallel with nodeSelector See
+                  https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
+
+                nodeSelector	<map[string]string>
+                  nodeSelector is the node selector applied to the relevant kind of pods It
+                  specifies a map of key-value pairs: for the pod to be eligible to run on a
+                  node, the node must have each of the indicated key-value pairs as labels (it
+                  can have additional labels as well). See
+                  https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
+
+                tolerations	<[]Object>
+                  tolerations is a list of tolerations applied to the relevant kind of pods
+                  See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+                  for more info. These are additional tolerations other than default ones.
+
+            namespace_selector(Dict[Any, Any]): namespaces where pods should be gated before scheduling Defaults to
+              targeting namespaces with an "application-aware-quota/enable-gating" label
+              key.
+
+              FIELDS:
+                matchExpressions	<[]Object>
+                  matchExpressions is a list of label selector requirements. The requirements
+                  are ANDed.
+
+                matchLabels	<map[string]string>
+                  matchLabels is a map of {key,value} pairs. A single {key,value} in the
+                  matchLabels map is equivalent to an element of matchExpressions, whose key
+                  field is "key", the operator is "In", and the values array contains only
+                  "value". The requirements are ANDed.
+
+            priority_class(str): PriorityClass of the AAQ control plane
+
+            workload(Dict[Any, Any]): Restrict on which nodes AAQ workload pods will be scheduled
+
+              FIELDS:
+                affinity	<Object>
+                  affinity enables pod affinity/anti-affinity placement expanding the types of
+                  constraints that can be expressed with nodeSelector. affinity is going to be
+                  applied to the relevant kind of pods in parallel with nodeSelector See
+                  https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
+
+                nodeSelector	<map[string]string>
+                  nodeSelector is the node selector applied to the relevant kind of pods It
+                  specifies a map of key-value pairs: for the pod to be eligible to run on a
+                  node, the node must have each of the indicated key-value pairs as labels (it
+                  can have additional labels as well). See
+                  https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
+
+                tolerations	<[]Object>
+                  tolerations is a list of tolerations applied to the relevant kind of pods
+                  See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+                  for more info. These are additional tolerations other than default ones.
+
+        """
+        super().__init__(**kwargs)
+
+        self.cert_config = cert_config
+        self.configuration = configuration
+        self.image_pull_policy = image_pull_policy
+        self.infra = infra
+        self.namespace_selector = namespace_selector
+        self.priority_class = priority_class
+        self.workload = workload
+
+    def to_dict(self) -> None:
+        super().to_dict()
+
+        if not self.yaml_file:
+            self.res["spec"] = {}
+            _spec = self.res["spec"]
+
+            if self.cert_config:
+                _spec["certConfig"] = self.cert_config
+
+            if self.configuration:
+                _spec["configuration"] = self.configuration
+
+            if self.image_pull_policy:
+                _spec["imagePullPolicy"] = self.image_pull_policy
+
+            if self.infra:
+                _spec["infra"] = self.infra
+
+            if self.namespace_selector:
+                _spec["namespaceSelector"] = self.namespace_selector
+
+            if self.priority_class:
+                _spec["priorityClass"] = self.priority_class
+
+            if self.workload:
+                _spec["workload"] = self.workload

openshift_python_wrapper-10.0.70/ocp_resources/api_server.py

@@ -0,0 +1,234 @@
+# Generated using https://github.com/RedHatQE/openshift-python-wrapper/blob/main/scripts/resource/README.md
+
+from typing import Any, Dict, Optional
+from ocp_resources.resource import Resource
+
+
+class APIServer(Resource):
+    """
+    APIServer holds configuration (like serving certificates, client CA and CORS
+    domains) shared by all API servers in the system, among them especially
+    kube-apiserver and openshift-apiserver. The canonical name of an instance is
+    'cluster'.
+     Compatibility level 1: Stable within a major release for a minimum of 12
+    months or 3 minor releases (whichever is longer).
+
+    API Link: https://docs.openshift.com/container-platform/4.16/rest_api/config_apis/apiserver-config-openshift-io-v1.html
+    """
+
+    api_group: str = Resource.ApiGroup.CONFIG_OPENSHIFT_IO
+
+    def __init__(
+        self,
+        additional_cors_allowed_origins: Optional[Dict[str, Any]] = None,
+        audit: Optional[Dict[str, Any]] = None,
+        client_ca: Optional[Dict[str, Any]] = None,
+        encryption: Optional[Dict[str, Any]] = None,
+        serving_certs: Optional[Dict[str, Any]] = None,
+        tls_security_profile: Optional[Dict[str, Any]] = None,
+        **kwargs: Any,
+    ) -> None:
+        """
+        Args:
+            additional_cors_allowed_origins(Dict[Any, Any]): additionalCORSAllowedOrigins lists additional, user-defined regular
+              expressions describing hosts for which the API server allows access using
+              the CORS headers. This may be needed to access the API and the integrated
+              OAuth server from JavaScript applications. The values are regular
+              expressions that correspond to the Golang regular expression language.
+
+            audit(Dict[Any, Any]): audit specifies the settings for audit configuration to be applied to all
+              OpenShift-provided API servers in the cluster.
+
+              FIELDS:
+                customRules	<[]Object>
+                  customRules specify profiles per group. These profile take precedence over
+                  the top-level profile field if they apply. They are evaluation from top to
+                  bottom and the first one that matches, applies.
+
+                profile	<string>
+                  profile specifies the name of the desired top-level audit profile to be
+                  applied to all requests sent to any of the OpenShift-provided API servers in
+                  the cluster (kube-apiserver, openshift-apiserver and oauth-apiserver), with
+                  the exception of those requests that match one or more of the customRules.
+                   The following profiles are provided: - Default: default policy which means
+                  MetaData level logging with the exception of events (not logged at all),
+                  oauthaccesstokens and oauthauthorizetokens (both logged at RequestBody
+                  level). - WriteRequestBodies: like 'Default', but logs request and response
+                  HTTP payloads for write requests (create, update, patch). -
+                  AllRequestBodies: like 'WriteRequestBodies', but also logs request and
+                  response HTTP payloads for read requests (get, list). - None: no requests
+                  are logged at all, not even oauthaccesstokens and oauthauthorizetokens.
+                   Warning: It is not recommended to disable audit logging by using the `None`
+                  profile unless you are fully aware of the risks of not logging data that can
+                  be beneficial when troubleshooting issues. If you disable audit logging and
+                  a support situation arises, you might need to enable audit logging and
+                  reproduce the issue in order to troubleshoot properly.
+                   If unset, the 'Default' profile is used as the default.
+
+            client_ca(Dict[Any, Any]): clientCA references a ConfigMap containing a certificate bundle for the
+              signers that will be recognized for incoming client certificates in addition
+              to the operator managed signers. If this is empty, then only operator
+              managed signers are valid. You usually only have to set this if you have
+              your own PKI you wish to honor client certificates from. The ConfigMap must
+              exist in the openshift-config namespace and contain the following required
+              fields: - ConfigMap.Data["ca-bundle.crt"] - CA bundle.
+
+              FIELDS:
+                name	<string> -required-
+                  name is the metadata.name of the referenced config map
+
+            encryption(Dict[Any, Any]): encryption allows the configuration of encryption of resources at the
+              datastore layer.
+
+              FIELDS:
+                type	<string>
+                  type defines what encryption type should be used to encrypt resources at the
+                  datastore layer. When this field is unset (i.e. when it is set to the empty
+                  string), identity is implied. The behavior of unset can and will change over
+                  time.  Even if encryption is enabled by default, the meaning of unset may
+                  change to a different encryption type based on changes in best practices.
+                   When encryption is enabled, all sensitive resources shipped with the
+                  platform are encrypted. This list of sensitive resources can and will change
+                  over time.  The current authoritative list is:
+                   1. secrets 2. configmaps 3. routes.route.openshift.io 4.
+                  oauthaccesstokens.oauth.openshift.io 5.
+                  oauthauthorizetokens.oauth.openshift.io
+
+            serving_certs(Dict[Any, Any]): servingCert is the TLS cert info for serving secure traffic. If not
+              specified, operator managed certificates will be used for serving secure
+              traffic.
+
+              FIELDS:
+                namedCertificates	<[]Object>
+                  namedCertificates references secrets containing the TLS cert info for
+                  serving secure traffic to specific hostnames. If no named certificates are
+                  provided, or no named certificates match the server name as understood by a
+                  client, the defaultServingCertificate will be used.
+
+            tls_security_profile(Dict[Any, Any]): tlsSecurityProfile specifies settings for TLS connections for externally
+              exposed servers.
+               If unset, a default (which may change between releases) is chosen. Note
+              that only Old, Intermediate and Custom profiles are currently supported, and
+              the maximum available minTLSVersion is VersionTLS12.
+
+              FIELDS:
+                custom	<Object>
+                  custom is a user-defined TLS security profile. Be extremely careful using a
+                  custom profile as invalid configurations can be catastrophic. An example
+                  custom profile looks like this:
+                   ciphers:
+                   - ECDHE-ECDSA-CHACHA20-POLY1305
+                   - ECDHE-RSA-CHACHA20-POLY1305
+                   - ECDHE-RSA-AES128-GCM-SHA256
+                   - ECDHE-ECDSA-AES128-GCM-SHA256
+                   minTLSVersion: VersionTLS11
+
+                intermediate	<Object>
+                  intermediate is a TLS security profile based on:
+                   https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29
+                   and looks like this (yaml):
+                   ciphers:
+                   - TLS_AES_128_GCM_SHA256
+                   - TLS_AES_256_GCM_SHA384
+                   - TLS_CHACHA20_POLY1305_SHA256
+                   - ECDHE-ECDSA-AES128-GCM-SHA256
+                   - ECDHE-RSA-AES128-GCM-SHA256
+                   - ECDHE-ECDSA-AES256-GCM-SHA384
+                   - ECDHE-RSA-AES256-GCM-SHA384
+                   - ECDHE-ECDSA-CHACHA20-POLY1305
+                   - ECDHE-RSA-CHACHA20-POLY1305
+                   - DHE-RSA-AES128-GCM-SHA256
+                   - DHE-RSA-AES256-GCM-SHA384
+                   minTLSVersion: VersionTLS12
+
+                modern	<Object>
+                  modern is a TLS security profile based on:
+                   https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
+                   and looks like this (yaml):
+                   ciphers:
+                   - TLS_AES_128_GCM_SHA256
+                   - TLS_AES_256_GCM_SHA384
+                   - TLS_CHACHA20_POLY1305_SHA256
+                   minTLSVersion: VersionTLS13
+
+                old	<Object>
+                  old is a TLS security profile based on:
+                   https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility
+                   and looks like this (yaml):
+                   ciphers:
+                   - TLS_AES_128_GCM_SHA256
+                   - TLS_AES_256_GCM_SHA384
+                   - TLS_CHACHA20_POLY1305_SHA256
+                   - ECDHE-ECDSA-AES128-GCM-SHA256
+                   - ECDHE-RSA-AES128-GCM-SHA256
+                   - ECDHE-ECDSA-AES256-GCM-SHA384
+                   - ECDHE-RSA-AES256-GCM-SHA384
+                   - ECDHE-ECDSA-CHACHA20-POLY1305
+                   - ECDHE-RSA-CHACHA20-POLY1305
+                   - DHE-RSA-AES128-GCM-SHA256
+                   - DHE-RSA-AES256-GCM-SHA384
+                   - DHE-RSA-CHACHA20-POLY1305
+                   - ECDHE-ECDSA-AES128-SHA256
+                   - ECDHE-RSA-AES128-SHA256
+                   - ECDHE-ECDSA-AES128-SHA
+                   - ECDHE-RSA-AES128-SHA
+                   - ECDHE-ECDSA-AES256-SHA384
+                   - ECDHE-RSA-AES256-SHA384
+                   - ECDHE-ECDSA-AES256-SHA
+                   - ECDHE-RSA-AES256-SHA
+                   - DHE-RSA-AES128-SHA256
+                   - DHE-RSA-AES256-SHA256
+                   - AES128-GCM-SHA256
+                   - AES256-GCM-SHA384
+                   - AES128-SHA256
+                   - AES256-SHA256
+                   - AES128-SHA
+                   - AES256-SHA
+                   - DES-CBC3-SHA
+                   minTLSVersion: VersionTLS10
+
+                type	<string>
+                  type is one of Old, Intermediate, Modern or Custom. Custom provides the
+                  ability to specify individual TLS security profile parameters. Old,
+                  Intermediate and Modern are TLS security profiles based on:
+                   https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations
+                   The profiles are intent based, so they may change over time as new ciphers
+                  are developed and existing ciphers are found to be insecure.  Depending on
+                  precisely which ciphers are available to a process, the list may be reduced.
+                   Note that the Modern profile is currently not supported because it is not
+                  yet well adopted by common software libraries.
+
+        """
+        super().__init__(**kwargs)
+
+        self.additional_cors_allowed_origins = additional_cors_allowed_origins
+        self.audit = audit
+        self.client_ca = client_ca
+        self.encryption = encryption
+        self.serving_certs = serving_certs
+        self.tls_security_profile = tls_security_profile
+
+    def to_dict(self) -> None:
+        super().to_dict()
+
+        if not self.yaml_file:
+            self.res["spec"] = {}
+            _spec = self.res["spec"]
+
+            if self.additional_cors_allowed_origins:
+                _spec["additionalCORSAllowedOrigins"] = self.additional_cors_allowed_origins
+
+            if self.audit:
+                _spec["audit"] = self.audit
+
+            if self.client_ca:
+                _spec["clientCA"] = self.client_ca
+
+            if self.encryption:
+                _spec["encryption"] = self.encryption
+
+            if self.serving_certs:
+                _spec["servingCerts"] = self.serving_certs
+
+            if self.tls_security_profile:
+                _spec["tlsSecurityProfile"] = self.tls_security_profile

openshift_python_wrapper-10.0.70/ocp_resources/cdi.py

@@ -0,0 +1,225 @@
+# Generated using https://github.com/RedHatQE/openshift-python-wrapper/blob/main/scripts/resource/README.md
+
+from typing import Any, Dict, Optional
+from ocp_resources.resource import Resource
+
+
+class CDI(Resource):
+    """
+    CDI is the Containerized Data Importer Operator CRD
+    """
+
+    api_group: str = Resource.ApiGroup.CDI_KUBEVIRT_IO
+
+    class Status(Resource.Status):
+        DEPLOYING: str = "Deploying"
+        DEPLOYED: str = "Deployed"
+
+    def __init__(
+        self,
+        cert_config: Optional[Dict[str, Any]] = None,
+        clone_strategy_override: Optional[str] = "",
+        config: Optional[Dict[str, Any]] = None,
+        customize_components: Optional[Dict[str, Any]] = None,
+        image_pull_policy: Optional[str] = "",
+        infra: Optional[Dict[str, Any]] = None,
+        priority_class: Optional[str] = "",
+        uninstall_strategy: Optional[str] = "",
+        workload: Optional[Dict[str, Any]] = None,
+        **kwargs: Any,
+    ) -> None:
+        """
+        Args:
+            cert_config(Dict[Any, Any]): certificate configuration
+
+              FIELDS:
+                ca	<Object>
+                  CA configuration
+                  CA certs are kept in the CA bundle as long as they are valid
+
+                client	<Object>
+                  Client configuration
+                  Certs are rotated and discarded
+
+                server	<Object>
+                  Server configuration
+                  Certs are rotated and discarded
+
+            clone_strategy_override(str): Clone strategy override: should we use a host-assisted copy even if
+              snapshots are available?
+
+            config(Dict[Any, Any]): CDIConfig at CDI level
+
+              FIELDS:
+                dataVolumeTTLSeconds	<integer>
+                  DataVolumeTTLSeconds is the time in seconds after DataVolume completion it
+                  can be garbage collected. Disabled by default.
+
+                featureGates	<[]string>
+                  FeatureGates are a list of specific enabled feature gates
+
+                filesystemOverhead	<Object>
+                  FilesystemOverhead describes the space reserved for overhead when using
+                  Filesystem volumes. A value is between 0 and 1, if not defined it is 0.055
+                  (5.5% overhead)
+
+                imagePullSecrets	<[]Object>
+                  The imagePullSecrets used to pull the container images
+
+                importProxy	<Object>
+                  ImportProxy contains importer pod proxy configuration.
+
+                insecureRegistries	<[]string>
+                  InsecureRegistries is a list of TLS disabled registries
+
+                logVerbosity	<integer>
+                  LogVerbosity overrides the default verbosity level used to initialize
+                  loggers
+
+                podResourceRequirements	<Object>
+                  ResourceRequirements describes the compute resource requirements.
+
+                preallocation	<boolean>
+                  Preallocation controls whether storage for DataVolumes should be allocated
+                  in advance.
+
+                scratchSpaceStorageClass	<string>
+                  Override the storage class to used for scratch space during transfer
+                  operations. The scratch space storage class is determined in the following
+                  order: 1. value of scratchSpaceStorageClass, if that doesn't exist, use the
+                  default storage class, if there is no default storage class, use the storage
+                  class of the DataVolume, if no storage class specified, use no storage class
+                  for scratch space
+
+                tlsSecurityProfile	<Object>
+                  TLSSecurityProfile is used by operators to apply cluster-wide TLS security
+                  settings to operands.
+
+                uploadProxyURLOverride	<string>
+                  Override the URL used when uploading to a DataVolume
+
+            customize_components(Dict[Any, Any]): CustomizeComponents defines patches for components deployed by the CDI
+              operator.
+
+              FIELDS:
+                flags	<Object>
+                  Configure the value used for deployment and daemonset resources
+
+                patches	<[]Object>
+                  <no description>
+
+            image_pull_policy(str): PullPolicy describes a policy for if/when to pull a container image
+
+            infra(Dict[Any, Any]): Selectors and tolerations that should apply to cdi infrastructure components
+
+              FIELDS:
+                affinity	<Object>
+                  affinity enables pod affinity/anti-affinity placement expanding the types of
+                  constraints
+                  that can be expressed with nodeSelector.
+                  affinity is going to be applied to the relevant kind of pods in parallel
+                  with nodeSelector
+                  See
+                  https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
+
+                apiServerReplicas	<integer>
+                  ApiserverReplicas set Replicas for cdi-apiserver
+
+                deploymentReplicas	<integer>
+                  DeploymentReplicas set Replicas for cdi-deployment
+
+                nodeSelector	<map[string]string>
+                  nodeSelector is the node selector applied to the relevant kind of pods
+                  It specifies a map of key-value pairs: for the pod to be eligible to run on
+                  a node,
+                  the node must have each of the indicated key-value pairs as labels
+                  (it can have additional labels as well).
+                  See
+                  https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
+
+                tolerations	<[]Object>
+                  tolerations is a list of tolerations applied to the relevant kind of pods
+                  See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+                  for more info.
+                  These are additional tolerations other than default ones.
+
+                uploadProxyReplicas	<integer>
+                  UploadproxyReplicas set Replicas for cdi-uploadproxy
+
+            priority_class(str): PriorityClass of the CDI control plane
+
+            uninstall_strategy(str): CDIUninstallStrategy defines the state to leave CDI on uninstall
+
+            workload(Dict[Any, Any]): Restrict on which nodes CDI workload pods will be scheduled
+
+              FIELDS:
+                affinity	<Object>
+                  affinity enables pod affinity/anti-affinity placement expanding the types of
+                  constraints
+                  that can be expressed with nodeSelector.
+                  affinity is going to be applied to the relevant kind of pods in parallel
+                  with nodeSelector
+                  See
+                  https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
+
+                nodeSelector	<map[string]string>
+                  nodeSelector is the node selector applied to the relevant kind of pods
+                  It specifies a map of key-value pairs: for the pod to be eligible to run on
+                  a node,
+                  the node must have each of the indicated key-value pairs as labels
+                  (it can have additional labels as well).
+                  See
+                  https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
+
+                tolerations	<[]Object>
+                  tolerations is a list of tolerations applied to the relevant kind of pods
+                  See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+                  for more info.
+                  These are additional tolerations other than default ones.
+
+        """
+        super().__init__(**kwargs)
+
+        self.cert_config = cert_config
+        self.clone_strategy_override = clone_strategy_override
+        self.config = config
+        self.customize_components = customize_components
+        self.image_pull_policy = image_pull_policy
+        self.infra = infra
+        self.priority_class = priority_class
+        self.uninstall_strategy = uninstall_strategy
+        self.workload = workload
+
+    def to_dict(self) -> None:
+        super().to_dict()
+
+        if not self.yaml_file:
+            self.res["spec"] = {}
+            _spec = self.res["spec"]
+
+            if self.cert_config:
+                _spec["certConfig"] = self.cert_config
+
+            if self.clone_strategy_override:
+                _spec["cloneStrategyOverride"] = self.clone_strategy_override
+
+            if self.config:
+                _spec["config"] = self.config
+
+            if self.customize_components:
+                _spec["customizeComponents"] = self.customize_components
+
+            if self.image_pull_policy:
+                _spec["imagePullPolicy"] = self.image_pull_policy
+
+            if self.infra:
+                _spec["infra"] = self.infra
+
+            if self.priority_class:
+                _spec["priorityClass"] = self.priority_class
+
+            if self.uninstall_strategy:
+                _spec["uninstallStrategy"] = self.uninstall_strategy
+
+            if self.workload:
+                _spec["workload"] = self.workload