2 Copyright 2017 The Kubernetes Authors.
4 Licensed under the Apache License, Version 2.0 (the "License");
5 you may not use this file except in compliance with the License.
6 You may obtain a copy of the License at
8 http://www.apache.org/licenses/LICENSE-2.0
10 Unless required by applicable law or agreed to in writing, software
11 distributed under the License is distributed on an "AS IS" BASIS,
12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 See the License for the specific language governing permissions and
14 limitations under the License.
20 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
21 "k8s.io/apimachinery/pkg/runtime"
22 "k8s.io/apimachinery/pkg/types"
25 // ConversionStrategyType describes different conversion types.
26 type ConversionStrategyType string
29 // NoneConverter is a converter that only sets apiversion of the CR and leave everything else unchanged.
30 NoneConverter ConversionStrategyType = "None"
31 // WebhookConverter is a converter that calls to an external webhook to convert the CR.
32 WebhookConverter ConversionStrategyType = "Webhook"
35 // CustomResourceDefinitionSpec describes how a user wants their resource to appear
36 type CustomResourceDefinitionSpec struct {
37 // Group is the group this resource belongs in
38 Group string `json:"group" protobuf:"bytes,1,opt,name=group"`
39 // Version is the version this resource belongs in
40 // Should be always first item in Versions field if provided.
41 // Optional, but at least one of Version or Versions must be set.
42 // Deprecated: Please use `Versions`.
44 Version string `json:"version,omitempty" protobuf:"bytes,2,opt,name=version"`
45 // Names are the names used to describe this custom resource
46 Names CustomResourceDefinitionNames `json:"names" protobuf:"bytes,3,opt,name=names"`
47 // Scope indicates whether this resource is cluster or namespace scoped. Default is namespaced
48 Scope ResourceScope `json:"scope" protobuf:"bytes,4,opt,name=scope,casttype=ResourceScope"`
49 // Validation describes the validation methods for CustomResources
50 // Optional, the global validation schema for all versions.
51 // Top-level and per-version schemas are mutually exclusive.
53 Validation *CustomResourceValidation `json:"validation,omitempty" protobuf:"bytes,5,opt,name=validation"`
54 // Subresources describes the subresources for CustomResource
55 // Optional, the global subresources for all versions.
56 // Top-level and per-version subresources are mutually exclusive.
58 Subresources *CustomResourceSubresources `json:"subresources,omitempty" protobuf:"bytes,6,opt,name=subresources"`
59 // Versions is the list of all supported versions for this resource.
60 // If Version field is provided, this field is optional.
61 // Validation: All versions must use the same validation schema for now. i.e., top
62 // level Validation field is applied to all of these versions.
63 // Order: The version name will be used to compute the order.
64 // If the version string is "kube-like", it will sort above non "kube-like" version strings, which are ordered
65 // lexicographically. "Kube-like" versions start with a "v", then are followed by a number (the major version),
66 // then optionally the string "alpha" or "beta" and another number (the minor version). These are sorted first
67 // by GA > beta > alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing
68 // major version, then minor version. An example sorted list of versions:
69 // v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.
71 Versions []CustomResourceDefinitionVersion `json:"versions,omitempty" protobuf:"bytes,7,rep,name=versions"`
72 // AdditionalPrinterColumns are additional columns shown e.g. in kubectl next to the name. Defaults to a created-at column.
73 // Optional, the global columns for all versions.
74 // Top-level and per-version columns are mutually exclusive.
76 AdditionalPrinterColumns []CustomResourceColumnDefinition `json:"additionalPrinterColumns,omitempty" protobuf:"bytes,8,rep,name=additionalPrinterColumns"`
78 // `conversion` defines conversion settings for the CRD.
80 Conversion *CustomResourceConversion `json:"conversion,omitempty" protobuf:"bytes,9,opt,name=conversion"`
83 // CustomResourceConversion describes how to convert different versions of a CR.
84 type CustomResourceConversion struct {
85 // `strategy` specifies the conversion strategy. Allowed values are:
86 // - `None`: The converter only change the apiVersion and would not touch any other field in the CR.
87 // - `Webhook`: API Server will call to an external webhook to do the conversion. Additional information is needed for this option.
88 Strategy ConversionStrategyType `json:"strategy" protobuf:"bytes,1,name=strategy"`
90 // `webhookClientConfig` is the instructions for how to call the webhook if strategy is `Webhook`. This field is
91 // alpha-level and is only honored by servers that enable the CustomResourceWebhookConversion feature.
93 WebhookClientConfig *WebhookClientConfig `json:"webhookClientConfig,omitempty" protobuf:"bytes,2,name=webhookClientConfig"`
96 // WebhookClientConfig contains the information to make a TLS
97 // connection with the webhook. It has the same field as admissionregistration.v1beta1.WebhookClientConfig.
98 type WebhookClientConfig struct {
99 // `url` gives the location of the webhook, in standard URL form
100 // (`scheme://host:port/path`). Exactly one of `url` or `service`
101 // must be specified.
103 // The `host` should not refer to a service running in the cluster; use
104 // the `service` field instead. The host might be resolved via external
105 // DNS in some apiservers (e.g., `kube-apiserver` cannot resolve
106 // in-cluster DNS as that would be a layering violation). `host` may
107 // also be an IP address.
109 // Please note that using `localhost` or `127.0.0.1` as a `host` is
110 // risky unless you take great care to run this webhook on all hosts
111 // which run an apiserver which might need to make calls to this
112 // webhook. Such installs are likely to be non-portable, i.e., not easy
113 // to turn up in a new cluster.
115 // The scheme must be "https"; the URL must begin with "https://".
117 // A path is optional, and if present may be any string permissible in
118 // a URL. You may use the path to pass an arbitrary string to the
119 // webhook, for example, a cluster identifier.
121 // Attempting to use a user or basic auth e.g. "user:password@" is not
122 // allowed. Fragments ("#...") and query parameters ("?...") are not
126 URL *string `json:"url,omitempty" protobuf:"bytes,3,opt,name=url"`
128 // `service` is a reference to the service for this webhook. Either
129 // `service` or `url` must be specified.
131 // If the webhook is running within the cluster, then you should use `service`.
133 // Port 443 will be used if it is open, otherwise it is an error.
136 Service *ServiceReference `json:"service,omitempty" protobuf:"bytes,1,opt,name=service"`
138 // `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate.
139 // If unspecified, system trust roots on the apiserver are used.
141 CABundle []byte `json:"caBundle,omitempty" protobuf:"bytes,2,opt,name=caBundle"`
144 // ServiceReference holds a reference to Service.legacy.k8s.io
145 type ServiceReference struct {
146 // `namespace` is the namespace of the service.
148 Namespace string `json:"namespace" protobuf:"bytes,1,opt,name=namespace"`
149 // `name` is the name of the service.
151 Name string `json:"name" protobuf:"bytes,2,opt,name=name"`
153 // `path` is an optional URL path which will be sent in any request to
156 Path *string `json:"path,omitempty" protobuf:"bytes,3,opt,name=path"`
159 // CustomResourceDefinitionVersion describes a version for CRD.
160 type CustomResourceDefinitionVersion struct {
161 // Name is the version name, e.g. “v1”, “v2beta1”, etc.
162 Name string `json:"name" protobuf:"bytes,1,opt,name=name"`
163 // Served is a flag enabling/disabling this version from being served via REST APIs
164 Served bool `json:"served" protobuf:"varint,2,opt,name=served"`
165 // Storage flags the version as storage version. There must be exactly one
166 // flagged as storage version.
167 Storage bool `json:"storage" protobuf:"varint,3,opt,name=storage"`
168 // Schema describes the schema for CustomResource used in validation, pruning, and defaulting.
169 // Top-level and per-version schemas are mutually exclusive.
170 // Per-version schemas must not all be set to identical values (top-level validation schema should be used instead)
171 // This field is alpha-level and is only honored by servers that enable the CustomResourceWebhookConversion feature.
173 Schema *CustomResourceValidation `json:"schema,omitempty" protobuf:"bytes,4,opt,name=schema"`
174 // Subresources describes the subresources for CustomResource
175 // Top-level and per-version subresources are mutually exclusive.
176 // Per-version subresources must not all be set to identical values (top-level subresources should be used instead)
177 // This field is alpha-level and is only honored by servers that enable the CustomResourceWebhookConversion feature.
179 Subresources *CustomResourceSubresources `json:"subresources,omitempty" protobuf:"bytes,5,opt,name=subresources"`
180 // AdditionalPrinterColumns are additional columns shown e.g. in kubectl next to the name. Defaults to a created-at column.
181 // Top-level and per-version columns are mutually exclusive.
182 // Per-version columns must not all be set to identical values (top-level columns should be used instead)
183 // This field is alpha-level and is only honored by servers that enable the CustomResourceWebhookConversion feature.
184 // NOTE: CRDs created prior to 1.13 populated the top-level additionalPrinterColumns field by default. To apply an
185 // update that changes to per-version additionalPrinterColumns, the top-level additionalPrinterColumns field must
186 // be explicitly set to null
188 AdditionalPrinterColumns []CustomResourceColumnDefinition `json:"additionalPrinterColumns,omitempty" protobuf:"bytes,6,rep,name=additionalPrinterColumns"`
191 // CustomResourceColumnDefinition specifies a column for server side printing.
192 type CustomResourceColumnDefinition struct {
193 // name is a human readable name for the column.
194 Name string `json:"name" protobuf:"bytes,1,opt,name=name"`
195 // type is an OpenAPI type definition for this column.
196 // See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.
197 Type string `json:"type" protobuf:"bytes,2,opt,name=type"`
198 // format is an optional OpenAPI type definition for this column. The 'name' format is applied
199 // to the primary identifier column to assist in clients identifying column is the resource name.
200 // See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.
202 Format string `json:"format,omitempty" protobuf:"bytes,3,opt,name=format"`
203 // description is a human readable description of this column.
205 Description string `json:"description,omitempty" protobuf:"bytes,4,opt,name=description"`
206 // priority is an integer defining the relative importance of this column compared to others. Lower
207 // numbers are considered higher priority. Columns that may be omitted in limited space scenarios
208 // should be given a higher priority.
210 Priority int32 `json:"priority,omitempty" protobuf:"bytes,5,opt,name=priority"`
212 // JSONPath is a simple JSON path, i.e. with array notation.
213 JSONPath string `json:"JSONPath" protobuf:"bytes,6,opt,name=JSONPath"`
216 // CustomResourceDefinitionNames indicates the names to serve this CustomResourceDefinition
217 type CustomResourceDefinitionNames struct {
218 // Plural is the plural name of the resource to serve. It must match the name of the CustomResourceDefinition-registration
219 // too: plural.group and it must be all lowercase.
220 Plural string `json:"plural" protobuf:"bytes,1,opt,name=plural"`
221 // Singular is the singular name of the resource. It must be all lowercase Defaults to lowercased <kind>
223 Singular string `json:"singular,omitempty" protobuf:"bytes,2,opt,name=singular"`
224 // ShortNames are short names for the resource. It must be all lowercase.
226 ShortNames []string `json:"shortNames,omitempty" protobuf:"bytes,3,opt,name=shortNames"`
227 // Kind is the serialized kind of the resource. It is normally CamelCase and singular.
228 Kind string `json:"kind" protobuf:"bytes,4,opt,name=kind"`
229 // ListKind is the serialized kind of the list for this resource. Defaults to <kind>List.
231 ListKind string `json:"listKind,omitempty" protobuf:"bytes,5,opt,name=listKind"`
232 // Categories is a list of grouped resources custom resources belong to (e.g. 'all')
234 Categories []string `json:"categories,omitempty" protobuf:"bytes,6,rep,name=categories"`
237 // ResourceScope is an enum defining the different scopes available to a custom resource
238 type ResourceScope string
241 ClusterScoped ResourceScope = "Cluster"
242 NamespaceScoped ResourceScope = "Namespaced"
245 type ConditionStatus string
247 // These are valid condition statuses. "ConditionTrue" means a resource is in the condition.
248 // "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes
249 // can't decide if a resource is in the condition or not. In the future, we could add other
250 // intermediate conditions, e.g. ConditionDegraded.
252 ConditionTrue ConditionStatus = "True"
253 ConditionFalse ConditionStatus = "False"
254 ConditionUnknown ConditionStatus = "Unknown"
257 // CustomResourceDefinitionConditionType is a valid value for CustomResourceDefinitionCondition.Type
258 type CustomResourceDefinitionConditionType string
261 // Established means that the resource has become active. A resource is established when all names are
262 // accepted without a conflict for the first time. A resource stays established until deleted, even during
263 // a later NamesAccepted due to changed names. Note that not all names can be changed.
264 Established CustomResourceDefinitionConditionType = "Established"
265 // NamesAccepted means the names chosen for this CustomResourceDefinition do not conflict with others in
266 // the group and are therefore accepted.
267 NamesAccepted CustomResourceDefinitionConditionType = "NamesAccepted"
268 // Terminating means that the CustomResourceDefinition has been deleted and is cleaning up.
269 Terminating CustomResourceDefinitionConditionType = "Terminating"
272 // CustomResourceDefinitionCondition contains details for the current condition of this pod.
273 type CustomResourceDefinitionCondition struct {
274 // Type is the type of the condition.
275 Type CustomResourceDefinitionConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=CustomResourceDefinitionConditionType"`
276 // Status is the status of the condition.
277 // Can be True, False, Unknown.
278 Status ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=ConditionStatus"`
279 // Last time the condition transitioned from one status to another.
281 LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,3,opt,name=lastTransitionTime"`
282 // Unique, one-word, CamelCase reason for the condition's last transition.
284 Reason string `json:"reason,omitempty" protobuf:"bytes,4,opt,name=reason"`
285 // Human-readable message indicating details about last transition.
287 Message string `json:"message,omitempty" protobuf:"bytes,5,opt,name=message"`
290 // CustomResourceDefinitionStatus indicates the state of the CustomResourceDefinition
291 type CustomResourceDefinitionStatus struct {
292 // Conditions indicate state for particular aspects of a CustomResourceDefinition
293 Conditions []CustomResourceDefinitionCondition `json:"conditions" protobuf:"bytes,1,opt,name=conditions"`
295 // AcceptedNames are the names that are actually being used to serve discovery
296 // They may be different than the names in spec.
297 AcceptedNames CustomResourceDefinitionNames `json:"acceptedNames" protobuf:"bytes,2,opt,name=acceptedNames"`
299 // StoredVersions are all versions of CustomResources that were ever persisted. Tracking these
300 // versions allows a migration path for stored versions in etcd. The field is mutable
301 // so the migration controller can first finish a migration to another version (i.e.
302 // that no old objects are left in the storage), and then remove the rest of the
303 // versions from this list.
304 // None of the versions in this list can be removed from the spec.Versions field.
305 StoredVersions []string `json:"storedVersions" protobuf:"bytes,3,rep,name=storedVersions"`
308 // CustomResourceCleanupFinalizer is the name of the finalizer which will delete instances of
309 // a CustomResourceDefinition
310 const CustomResourceCleanupFinalizer = "customresourcecleanup.apiextensions.k8s.io"
313 // +genclient:nonNamespaced
314 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
316 // CustomResourceDefinition represents a resource that should be exposed on the API server. Its name MUST be in the format
317 // <.spec.name>.<.spec.group>.
318 type CustomResourceDefinition struct {
319 metav1.TypeMeta `json:",inline"`
320 metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
322 // Spec describes how the user wants the resources to appear
323 Spec CustomResourceDefinitionSpec `json:"spec" protobuf:"bytes,2,opt,name=spec"`
324 // Status indicates the actual state of the CustomResourceDefinition
326 Status CustomResourceDefinitionStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
329 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
331 // CustomResourceDefinitionList is a list of CustomResourceDefinition objects.
332 type CustomResourceDefinitionList struct {
333 metav1.TypeMeta `json:",inline"`
334 metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
336 // Items individual CustomResourceDefinitions
337 Items []CustomResourceDefinition `json:"items" protobuf:"bytes,2,rep,name=items"`
340 // CustomResourceValidation is a list of validation methods for CustomResources.
341 type CustomResourceValidation struct {
342 // OpenAPIV3Schema is the OpenAPI v3 schema to be validated against.
344 OpenAPIV3Schema *JSONSchemaProps `json:"openAPIV3Schema,omitempty" protobuf:"bytes,1,opt,name=openAPIV3Schema"`
347 // CustomResourceSubresources defines the status and scale subresources for CustomResources.
348 type CustomResourceSubresources struct {
349 // Status denotes the status subresource for CustomResources
351 Status *CustomResourceSubresourceStatus `json:"status,omitempty" protobuf:"bytes,1,opt,name=status"`
352 // Scale denotes the scale subresource for CustomResources
354 Scale *CustomResourceSubresourceScale `json:"scale,omitempty" protobuf:"bytes,2,opt,name=scale"`
357 // CustomResourceSubresourceStatus defines how to serve the status subresource for CustomResources.
358 // Status is represented by the `.status` JSON path inside of a CustomResource. When set,
359 // * exposes a /status subresource for the custom resource
360 // * PUT requests to the /status subresource take a custom resource object, and ignore changes to anything except the status stanza
361 // * PUT/POST/PATCH requests to the custom resource ignore changes to the status stanza
362 type CustomResourceSubresourceStatus struct{}
364 // CustomResourceSubresourceScale defines how to serve the scale subresource for CustomResources.
365 type CustomResourceSubresourceScale struct {
366 // SpecReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Spec.Replicas.
367 // Only JSON paths without the array notation are allowed.
368 // Must be a JSON Path under .spec.
369 // If there is no value under the given path in the CustomResource, the /scale subresource will return an error on GET.
370 SpecReplicasPath string `json:"specReplicasPath" protobuf:"bytes,1,name=specReplicasPath"`
371 // StatusReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Replicas.
372 // Only JSON paths without the array notation are allowed.
373 // Must be a JSON Path under .status.
374 // If there is no value under the given path in the CustomResource, the status replica value in the /scale subresource
375 // will default to 0.
376 StatusReplicasPath string `json:"statusReplicasPath" protobuf:"bytes,2,opt,name=statusReplicasPath"`
377 // LabelSelectorPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Selector.
378 // Only JSON paths without the array notation are allowed.
379 // Must be a JSON Path under .status.
380 // Must be set to work with HPA.
381 // If there is no value under the given path in the CustomResource, the status label selector value in the /scale
382 // subresource will default to the empty string.
384 LabelSelectorPath *string `json:"labelSelectorPath,omitempty" protobuf:"bytes,3,opt,name=labelSelectorPath"`
387 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
389 // ConversionReview describes a conversion request/response.
390 type ConversionReview struct {
391 metav1.TypeMeta `json:",inline"`
392 // `request` describes the attributes for the conversion request.
394 Request *ConversionRequest `json:"request,omitempty" protobuf:"bytes,1,opt,name=request"`
395 // `response` describes the attributes for the conversion response.
397 Response *ConversionResponse `json:"response,omitempty" protobuf:"bytes,2,opt,name=response"`
400 // ConversionRequest describes the conversion request parameters.
401 type ConversionRequest struct {
402 // `uid` is an identifier for the individual request/response. It allows us to distinguish instances of requests which are
403 // otherwise identical (parallel requests, requests when earlier requests did not modify etc)
404 // The UID is meant to track the round trip (request/response) between the KAS and the WebHook, not the user request.
405 // It is suitable for correlating log entries between the webhook and apiserver, for either auditing or debugging.
406 UID types.UID `json:"uid" protobuf:"bytes,1,name=uid"`
407 // `desiredAPIVersion` is the version to convert given objects to. e.g. "myapi.example.com/v1"
408 DesiredAPIVersion string `json:"desiredAPIVersion" protobuf:"bytes,2,name=desiredAPIVersion"`
409 // `objects` is the list of CR objects to be converted.
410 Objects []runtime.RawExtension `json:"objects" protobuf:"bytes,3,rep,name=objects"`
413 // ConversionResponse describes a conversion response.
414 type ConversionResponse struct {
415 // `uid` is an identifier for the individual request/response.
416 // This should be copied over from the corresponding AdmissionRequest.
417 UID types.UID `json:"uid" protobuf:"bytes,1,name=uid"`
418 // `convertedObjects` is the list of converted version of `request.objects` if the `result` is successful otherwise empty.
419 // The webhook is expected to set apiVersion of these objects to the ConversionRequest.desiredAPIVersion. The list
420 // must also has the same size as input list with the same objects in the same order(i.e. equal UIDs and object meta)
421 ConvertedObjects []runtime.RawExtension `json:"convertedObjects" protobuf:"bytes,2,rep,name=convertedObjects"`
422 // `result` contains the result of conversion with extra details if the conversion failed. `result.status` determines if
423 // the conversion failed or succeeded. The `result.status` field is required and represent the success or failure of the
424 // conversion. A successful conversion must set `result.status` to `Success`. A failed conversion must set
425 // `result.status` to `Failure` and provide more details in `result.message` and return http status 200. The `result.message`
426 // will be used to construct an error message for the end user.
427 Result metav1.Status `json:"result" protobuf:"bytes,3,name=result"`