This is page 94 of 126. Use http://codebase.md/controlplaneio-fluxcd/flux-operator?lines=true&page={x} to view the full context.
# Directory Structure
```
├── .github
│ ├── actions
│ │ └── runner-cleanup
│ │ └── action.yml
│ ├── copilot-instructions.md
│ ├── dependabot.yaml
│ └── workflows
│ ├── actions-test.yaml
│ ├── e2e-olm.yaml
│ ├── preview.yaml
│ ├── push-manifests.yaml
│ ├── release.yaml
│ └── test.yaml
├── .gitignore
├── .golangci.yml
├── .goreleaser.yml
├── actions
│ └── setup
│ ├── action.yaml
│ └── README.md
├── AGENTS.md
├── api
│ └── v1
│ ├── common_types_test.go
│ ├── common_types.go
│ ├── fluxinstance_types.go
│ ├── fluxreport_types.go
│ ├── groupversion_info.go
│ ├── history_types_test.go
│ ├── history_types.go
│ ├── resourceset_types.go
│ ├── resourcesetinputprovider_types.go
│ ├── schedule_types.go
│ └── zz_generated.deepcopy.go
├── cmd
│ ├── cli
│ │ ├── build_instance.go
│ │ ├── build_resourceset_test.go
│ │ ├── build_resourceset.go
│ │ ├── build.go
│ │ ├── client.go
│ │ ├── completion_bash.go
│ │ ├── completion_fish.go
│ │ ├── completion_powershell.go
│ │ ├── completion_zsh.go
│ │ ├── completion.go
│ │ ├── create_secret_basicauth_test.go
│ │ ├── create_secret_basicauth.go
│ │ ├── create_secret_githubapp.go
│ │ ├── create_secret_proxy_test.go
│ │ ├── create_secret_proxy.go
│ │ ├── create_secret_registry_test.go
│ │ ├── create_secret_registry.go
│ │ ├── create_secret_sops_test.go
│ │ ├── create_secret_sops.go
│ │ ├── create_secret_ssh.go
│ │ ├── create_secret_tls.go
│ │ ├── create_secret.go
│ │ ├── create.go
│ │ ├── debug_web_cookie.go
│ │ ├── debug_web.go
│ │ ├── debug.go
│ │ ├── delete_inputprovider_test.go
│ │ ├── delete_inputprovider.go
│ │ ├── delete_instance_test.go
│ │ ├── delete_instance.go
│ │ ├── delete_resourceset_test.go
│ │ ├── delete_resourceset.go
│ │ ├── delete.go
│ │ ├── distro_decrypt_manifests_test.go
│ │ ├── distro_decrypt_manifests.go
│ │ ├── distro_decrypt_token_test.go
│ │ ├── distro_decrypt_token.go
│ │ ├── distro_decrypt.go
│ │ ├── distro_encrypt_manifests_test.go
│ │ ├── distro_encrypt_manifests.go
│ │ ├── distro_encrypt_token_test.go
│ │ ├── distro_encrypt_token.go
│ │ ├── distro_encrypt.go
│ │ ├── distro_keygen_enc_test.go
│ │ ├── distro_keygen_enc.go
│ │ ├── distro_keygen_sig_test.go
│ │ ├── distro_keygen_sig.go
│ │ ├── distro_keygen.go
│ │ ├── distro_revoke_license_key_test.go
│ │ ├── distro_revoke_license_key.go
│ │ ├── distro_revoke.go
│ │ ├── distro_sign_artifacts_test.go
│ │ ├── distro_sign_artifacts.go
│ │ ├── distro_sign_license_key_test.go
│ │ ├── distro_sign_license_key.go
│ │ ├── distro_sign_manifests_test.go
│ │ ├── distro_sign_manifests.go
│ │ ├── distro_sign.go
│ │ ├── distro_verify_artifacts_test.go
│ │ ├── distro_verify_artifacts.go
│ │ ├── distro_verify_license_key_test.go
│ │ ├── distro_verify_license_key.go
│ │ ├── distro_verify_manifests_test.go
│ │ ├── distro_verify_manifests.go
│ │ ├── distro_verify.go
│ │ ├── distro.go
│ │ ├── Dockerfile
│ │ ├── export_report_test.go
│ │ ├── export_report.go
│ │ ├── export_resource_test.go
│ │ ├── export_resource.go
│ │ ├── export.go
│ │ ├── get_inputprovider_test.go
│ │ ├── get_inputprovider.go
│ │ ├── get_instance.go
│ │ ├── get_resources.go
│ │ ├── get_resourceset_test.go
│ │ ├── get_resourceset.go
│ │ ├── get.go
│ │ ├── install.go
│ │ ├── main.go
│ │ ├── README.md
│ │ ├── reconcile_inputprovider.go
│ │ ├── reconcile_instance.go
│ │ ├── reconcile_resource.go
│ │ ├── reconcile_resources.go
│ │ ├── reconcile_resourceset.go
│ │ ├── reconcile.go
│ │ ├── resume_inputprovider.go
│ │ ├── resume_instance.go
│ │ ├── resume_resource.go
│ │ ├── resume_resourceset.go
│ │ ├── resume.go
│ │ ├── stats.go
│ │ ├── suite_test.go
│ │ ├── suspend_inputprovider.go
│ │ ├── suspend_instance.go
│ │ ├── suspend_resource.go
│ │ ├── suspend_resourceset.go
│ │ ├── suspend.go
│ │ ├── testdata
│ │ │ └── build_resourceset
│ │ │ ├── golden-labeled.yaml
│ │ │ ├── golden-named.yaml
│ │ │ ├── golden-permuted.yaml
│ │ │ ├── golden.yaml
│ │ │ ├── inputs.yaml
│ │ │ ├── rset-standalone.yaml
│ │ │ ├── rset-with-rsip-labeled.yaml
│ │ │ ├── rset-with-rsip-named.yaml
│ │ │ ├── rset-with-rsip-permuted.yaml
│ │ │ ├── rset-with-rsip.yaml
│ │ │ ├── rsip-labeled.yaml
│ │ │ ├── rsip-named.yaml
│ │ │ └── rsip.yaml
│ │ ├── trace_test.go
│ │ ├── trace_types.go
│ │ ├── trace.go
│ │ ├── tree_helmrelease.go
│ │ ├── tree_kustomization.go
│ │ ├── tree_resourceset_test.go
│ │ ├── tree_resourceset.go
│ │ ├── tree.go
│ │ ├── uninstall.go
│ │ ├── version_test.go
│ │ ├── version.go
│ │ ├── wait_inputprovider_test.go
│ │ ├── wait_inputprovider.go
│ │ ├── wait_instance_test.go
│ │ ├── wait_instance.go
│ │ ├── wait_resourceset_test.go
│ │ ├── wait_resourceset.go
│ │ └── wait.go
│ ├── mcp
│ │ ├── Dockerfile
│ │ ├── k8s
│ │ │ ├── actions_test.go
│ │ │ ├── actions.go
│ │ │ ├── client_test.go
│ │ │ ├── client.go
│ │ │ ├── config.go
│ │ │ ├── events_test.go
│ │ │ ├── events.go
│ │ │ ├── export_test.go
│ │ │ ├── export.go
│ │ │ ├── helm.go
│ │ │ ├── logs.go
│ │ │ ├── metrics.go
│ │ │ └── suite_test.go
│ │ ├── main.go
│ │ ├── prompter
│ │ │ ├── debug_helmrelease_test.go
│ │ │ ├── debug_helmrelease.go
│ │ │ ├── debug_kustomization_test.go
│ │ │ ├── debug_kustomization.go
│ │ │ ├── index.go
│ │ │ └── manager.go
│ │ ├── README.md
│ │ └── toolbox
│ │ ├── apply_manifest_test.go
│ │ ├── apply_manifest.go
│ │ ├── delete_resource_test.go
│ │ ├── delete_resource.go
│ │ ├── get_apis_test.go
│ │ ├── get_apis.go
│ │ ├── get_contexts_test.go
│ │ ├── get_contexts.go
│ │ ├── get_instance_test.go
│ │ ├── get_instance.go
│ │ ├── get_logs_test.go
│ │ ├── get_logs.go
│ │ ├── get_metrics_test.go
│ │ ├── get_metrics.go
│ │ ├── get_resource_test.go
│ │ ├── get_resource.go
│ │ ├── helpers.go
│ │ ├── indexer
│ │ │ └── main.go
│ │ ├── install_instance_test.go
│ │ ├── install_instance.go
│ │ ├── library
│ │ │ ├── bm25_test.go
│ │ │ ├── bm25.go
│ │ │ ├── index.go
│ │ │ ├── index.gob
│ │ │ ├── library.go
│ │ │ ├── search_test.go
│ │ │ ├── search.go
│ │ │ ├── tokenizer_test.go
│ │ │ └── tokenizer.go
│ │ ├── manager_test.go
│ │ ├── manager.go
│ │ ├── reconcile_helmrelease_test.go
│ │ ├── reconcile_helmrelease.go
│ │ ├── reconcile_kustomization_test.go
│ │ ├── reconcile_kustomization.go
│ │ ├── reconcile_resourceset_test.go
│ │ ├── reconcile_resourceset.go
│ │ ├── reconcile_source_test.go
│ │ ├── reconcile_source.go
│ │ ├── resume_reconciliation_test.go
│ │ ├── resume_reconciliation.go
│ │ ├── scopes_test.go
│ │ ├── scopes.go
│ │ ├── search_flux_docs_test.go
│ │ ├── search_flux_docs.go
│ │ ├── set_context_test.go
│ │ ├── set_context.go
│ │ ├── suspend_reconciliation_test.go
│ │ ├── suspend_reconciliation.go
│ │ └── testdata
│ │ ├── kubeconfig_golden.yaml
│ │ └── kubeconfig.yaml
│ └── operator
│ └── main.go
├── config
│ ├── crd
│ │ ├── bases
│ │ │ ├── fluxcd.controlplane.io_fluxinstances.yaml
│ │ │ ├── fluxcd.controlplane.io_fluxreports.yaml
│ │ │ ├── fluxcd.controlplane.io_resourcesetinputproviders.yaml
│ │ │ └── fluxcd.controlplane.io_resourcesets.yaml
│ │ ├── kustomization.yaml
│ │ └── kustomizeconfig.yaml
│ ├── data
│ │ ├── flux
│ │ │ ├── v2.2.3
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ └── source-controller.yaml
│ │ │ ├── v2.3.0
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ └── source-controller.yaml
│ │ │ ├── v2.4.0
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ └── source-controller.yaml
│ │ │ ├── v2.5.0
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ └── source-controller.yaml
│ │ │ ├── v2.5.1
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ └── source-controller.yaml
│ │ │ ├── v2.6.0
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ └── source-controller.yaml
│ │ │ ├── v2.6.1
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ └── source-controller.yaml
│ │ │ ├── v2.6.2
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ └── source-controller.yaml
│ │ │ ├── v2.6.3
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ └── source-controller.yaml
│ │ │ ├── v2.6.4
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ └── source-controller.yaml
│ │ │ ├── v2.7.0
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ ├── source-controller.yaml
│ │ │ │ └── source-watcher.yaml
│ │ │ ├── v2.7.1
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ ├── source-controller.yaml
│ │ │ │ └── source-watcher.yaml
│ │ │ ├── v2.7.2
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ ├── source-controller.yaml
│ │ │ │ └── source-watcher.yaml
│ │ │ ├── v2.7.3
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ ├── source-controller.yaml
│ │ │ │ └── source-watcher.yaml
│ │ │ ├── v2.7.4
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ ├── source-controller.yaml
│ │ │ │ └── source-watcher.yaml
│ │ │ └── v2.7.5
│ │ │ ├── helm-controller.yaml
│ │ │ ├── image-automation-controller.yaml
│ │ │ ├── image-reflector-controller.yaml
│ │ │ ├── kustomize-controller.yaml
│ │ │ ├── notification-controller.yaml
│ │ │ ├── policies.yaml
│ │ │ ├── rbac.yaml
│ │ │ ├── source-controller.yaml
│ │ │ └── source-watcher.yaml
│ │ ├── flux-images
│ │ │ ├── v2.2.0
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.2.1
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.2.2
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.2.3
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.3.0
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.4.0
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.5.0
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.5.1
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless-fips.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.6.0
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.6.1
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.6.2
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.6.3
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.6.4
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless-fips.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.7.0
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.7.1
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.7.2
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.7.3
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.7.4
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── v2.7.5
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless-fips.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ └── VERSION
│ │ └── flux-vex
│ │ ├── v2.2.json
│ │ ├── v2.3.json
│ │ ├── v2.4.json
│ │ ├── v2.5.json
│ │ ├── v2.6.json
│ │ └── v2.7.json
│ ├── default
│ │ ├── kustomization.yaml
│ │ ├── namespace.yaml
│ │ └── rbac.yaml
│ ├── manager
│ │ ├── account.yaml
│ │ ├── deployment.yaml
│ │ ├── kustomization.yaml
│ │ └── service.yaml
│ ├── mcp
│ │ ├── deployment.yaml
│ │ ├── kustomization.yaml
│ │ └── service.yaml
│ ├── monitoring
│ │ ├── dashboards
│ │ │ ├── flux-k8s-api-performance.json
│ │ │ └── flux-performance.json
│ │ ├── flux-controllers.yaml
│ │ ├── flux-operator.yaml
│ │ └── kustomization.yaml
│ ├── olm
│ │ ├── build
│ │ │ └── Dockerfile
│ │ ├── bundle
│ │ │ ├── manifests
│ │ │ │ ├── flux-operator.clusterserviceversion.yaml
│ │ │ │ ├── flux-operator.service.yaml
│ │ │ │ ├── fluxinstances.fluxcd.controlplane.io.crd.yaml
│ │ │ │ ├── fluxreports.fluxcd.controlplane.io.crd.yaml
│ │ │ │ ├── resourcesetinputproviders.fluxcd.controlplane.io.crd.yaml
│ │ │ │ └── resourcesets.fluxcd.controlplane.io.crd.yaml
│ │ │ ├── metadata
│ │ │ │ └── annotations.yaml
│ │ │ └── tests
│ │ │ └── scorecard
│ │ │ └── config.yaml
│ │ ├── ci.yaml
│ │ └── test
│ │ ├── bundle.Dockerfile
│ │ ├── olm.yaml
│ │ └── opm.Dockerfile
│ ├── rbac
│ │ ├── fluxinstance_editor_role.yaml
│ │ ├── fluxinstance_viewer_role.yaml
│ │ ├── fluxreport_editor_role.yaml
│ │ ├── fluxreport_viewer_role.yaml
│ │ ├── kustomization.yaml
│ │ ├── leader_election_role_binding.yaml
│ │ ├── leader_election_role.yaml
│ │ ├── resourceset_editor_role.yaml
│ │ ├── resourceset_viewer_role.yaml
│ │ ├── role_binding.yaml
│ │ ├── role.yaml
│ │ └── service_account.yaml
│ ├── samples
│ │ ├── fluxcd_v1_fluxinstance.yaml
│ │ ├── fluxcd_v1_fluxreport.yaml
│ │ ├── fluxcd_v1_resourceset.yaml
│ │ ├── fluxcd_v1_resourcesetinputprovider.yaml
│ │ └── kustomization.yaml
│ └── terraform
│ ├── main.tf
│ ├── outputs.tf
│ ├── providers.tf
│ ├── README.md
│ ├── values
│ │ └── components.yaml
│ ├── variables.tf
│ └── versions.tf
├── CONTRIBUTING.md
├── Dockerfile
├── docs
│ ├── api
│ │ └── v1
│ │ ├── fluxinstance.md
│ │ ├── fluxreport.md
│ │ ├── resourceset.md
│ │ └── resourcesetinputprovider.md
│ ├── dev
│ │ └── README.md
│ ├── guides
│ │ ├── instance
│ │ │ ├── instance-controllers.md
│ │ │ ├── instance-customization.md
│ │ │ ├── instance-monitoring.md
│ │ │ ├── instance-sharding.md
│ │ │ └── instance-sync.md
│ │ ├── operator
│ │ │ ├── operator-install.md
│ │ │ └── operator-migration.md
│ │ └── resourcesets
│ │ ├── rset-app-definition.md
│ │ ├── rset-github-pull-requests.md
│ │ ├── rset-gitlab-environments.md
│ │ ├── rset-gitlab-merge-requests.md
│ │ ├── rset-image-automation.md
│ │ ├── rset-introduction.md
│ │ └── rset-time-based-delivery.md
│ ├── lkm
│ │ └── README.md
│ ├── logo
│ │ ├── flux-operator-banner.png
│ │ ├── flux-operator-banner.svg
│ │ ├── flux-operator-icon.png
│ │ ├── flux-operator-icon.svg
│ │ ├── flux-operator-logo.png
│ │ └── flux-operator-logo.svg
│ ├── mcp
│ │ ├── instructions.md
│ │ ├── mcp-config.md
│ │ ├── mcp-install.md
│ │ ├── mcp-prompting.md
│ │ ├── prompts.md
│ │ └── tools.md
│ └── web
│ ├── web-config-api.md
│ ├── web-ingress.md
│ ├── web-sso-dex.md
│ ├── web-sso-keycloak.md
│ ├── web-sso-openshift.md
│ ├── web-standalone.md
│ └── web-user-management.md
├── go.mod
├── go.sum
├── hack
│ ├── boilerplate.go.txt
│ ├── build-dist-manifests.sh
│ ├── build-olm-images.sh
│ ├── build-olm-manifests.sh
│ ├── install-operator-sdk.sh
│ ├── prep-release.sh
│ ├── vendor-flux-manifests.sh
│ └── web-ui-load-test.sh
├── internal
│ ├── builder
│ │ ├── build_test.go
│ │ ├── build.go
│ │ ├── components.go
│ │ ├── digest.go
│ │ ├── images_test.go
│ │ ├── images.go
│ │ ├── options.go
│ │ ├── preflight_test.go
│ │ ├── preflight.go
│ │ ├── profiles.go
│ │ ├── pull.go
│ │ ├── resourceset_test.go
│ │ ├── resourceset.go
│ │ ├── result.go
│ │ ├── semver_test.go
│ │ ├── semver.go
│ │ ├── templates.go
│ │ ├── testdata
│ │ │ ├── flux
│ │ │ │ ├── v2.2.0
│ │ │ │ │ └── .gitkeep
│ │ │ │ ├── v2.2.1
│ │ │ │ │ └── .gitkeep
│ │ │ │ └── v2.3.0
│ │ │ │ └── .gitkeep
│ │ │ ├── flux-images
│ │ │ │ └── v2.3.0
│ │ │ │ ├── enterprise-alpine.yaml
│ │ │ │ ├── enterprise-distroless.yaml
│ │ │ │ └── upstream-alpine.yaml
│ │ │ ├── resourceset
│ │ │ │ ├── dedup.golden.yaml
│ │ │ │ ├── dedup.yaml
│ │ │ │ ├── empty.yaml
│ │ │ │ ├── exclude.golden.yaml
│ │ │ │ ├── exclude.yaml
│ │ │ │ ├── invalid-output.yaml
│ │ │ │ ├── missing-inputs.yaml
│ │ │ │ ├── multi-doc-template.golden.yaml
│ │ │ │ ├── multi-doc-template.yaml
│ │ │ │ ├── nestedinputs.golden.yaml
│ │ │ │ ├── nestedinputs.yaml
│ │ │ │ ├── noinputs.golden.yaml
│ │ │ │ ├── noinputs.yaml
│ │ │ │ ├── slugify.golden.yaml
│ │ │ │ └── slugify.yaml
│ │ │ ├── v2.3.0
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ └── source-controller.yaml
│ │ │ ├── v2.3.0-golden
│ │ │ │ ├── default.kustomization.yaml
│ │ │ │ ├── patches.kustomization.yaml
│ │ │ │ ├── profiles.kustomization.yaml
│ │ │ │ ├── sharding.kustomization.yaml
│ │ │ │ ├── storage.kustomization.yaml
│ │ │ │ └── sync.kustomization.yaml
│ │ │ ├── v2.6.0
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ └── source-controller.yaml
│ │ │ ├── v2.6.0-golden
│ │ │ │ ├── shard1.kustomization.yaml
│ │ │ │ ├── shard2.kustomization.yaml
│ │ │ │ ├── sharding.kustomization.yaml
│ │ │ │ ├── size.large.kustomization.yaml
│ │ │ │ ├── size.medium.kustomization.yaml
│ │ │ │ └── size.small.kustomization.yaml
│ │ │ ├── v2.7.0
│ │ │ │ ├── helm-controller.yaml
│ │ │ │ ├── image-automation-controller.yaml
│ │ │ │ ├── image-reflector-controller.yaml
│ │ │ │ ├── kustomize-controller.yaml
│ │ │ │ ├── notification-controller.yaml
│ │ │ │ ├── policies.yaml
│ │ │ │ ├── rbac.yaml
│ │ │ │ ├── source-controller.yaml
│ │ │ │ └── source-watcher.yaml
│ │ │ └── v2.7.0-golden
│ │ │ └── source-watcher.kustomization.yaml
│ │ └── workload_identity.go
│ ├── controller
│ │ ├── common.go
│ │ ├── entitlement_controller_test.go
│ │ ├── entitlement_controller.go
│ │ ├── fluxinstance_artifact_controller_test.go
│ │ ├── fluxinstance_artifact_controller.go
│ │ ├── fluxinstance_artifact_manager_test.go
│ │ ├── fluxinstance_artifact_manager.go
│ │ ├── fluxinstance_controller_test.go
│ │ ├── fluxinstance_controller.go
│ │ ├── fluxinstance_manager.go
│ │ ├── fluxinstance_migrator.go
│ │ ├── fluxinstance_uninstaller.go
│ │ ├── fluxreport_controller_test.go
│ │ ├── fluxreport_controller.go
│ │ ├── resourceset_controller_test.go
│ │ ├── resourceset_controller.go
│ │ ├── resourceset_manager_test.go
│ │ ├── resourceset_manager.go
│ │ ├── resourcesetinputprovider_controller_git_test.go
│ │ ├── resourcesetinputprovider_controller_oci_test.go
│ │ ├── resourcesetinputprovider_controller_test.go
│ │ ├── resourcesetinputprovider_controller.go
│ │ ├── resourcesetinputprovider_manager.go
│ │ ├── suite_test.go
│ │ └── testdata
│ │ └── rsa-private-key.pem
│ ├── entitlement
│ │ ├── aws.go
│ │ ├── client_test.go
│ │ ├── client.go
│ │ ├── default_test.go
│ │ └── default.go
│ ├── filtering
│ │ ├── filters_test.go
│ │ └── filters.go
│ ├── gitprovider
│ │ ├── azuredevops_test.go
│ │ ├── azuredevops.go
│ │ ├── github_test.go
│ │ ├── github.go
│ │ ├── gitlab_test.go
│ │ ├── gitlab.go
│ │ ├── interface.go
│ │ ├── options.go
│ │ ├── result_test.go
│ │ └── result.go
│ ├── inputs
│ │ ├── combine_test.go
│ │ ├── combine.go
│ │ ├── flattener.go
│ │ ├── id.go
│ │ ├── json_test.go
│ │ ├── json.go
│ │ ├── keys_test.go
│ │ ├── keys.go
│ │ ├── permuter_test.go
│ │ ├── permuter.go
│ │ └── provider.go
│ ├── install
│ │ ├── autoupdate.go
│ │ ├── client.go
│ │ ├── credentials.go
│ │ ├── deploy.go
│ │ ├── download.go
│ │ ├── events.go
│ │ ├── installer.go
│ │ ├── options.go
│ │ └── uninstall.go
│ ├── inventory
│ │ ├── inventory_test.go
│ │ ├── inventory.go
│ │ ├── reader_test.go
│ │ ├── reader.go
│ │ └── testdata
│ │ ├── inventory1.yaml
│ │ └── inventory2.yaml
│ ├── lkm
│ │ ├── artifacts_attestation_test.go
│ │ ├── artifacts_attestation.go
│ │ ├── attestation_test.go
│ │ ├── attestation.go
│ │ ├── doc.go
│ │ ├── errors.go
│ │ ├── fetch_test.go
│ │ ├── fetch.go
│ │ ├── jwe_test.go
│ │ ├── jwe.go
│ │ ├── jwt_test.go
│ │ ├── jwt.go
│ │ ├── keygen_test.go
│ │ ├── keygen.go
│ │ ├── keyset_test.go
│ │ ├── keyset.go
│ │ ├── license_test.go
│ │ ├── license.go
│ │ ├── licensekey.go
│ │ ├── manifests_attestation_test.go
│ │ ├── manifests_attestation.go
│ │ ├── revocation_test.go
│ │ └── revocation.go
│ ├── notifier
│ │ └── notifier.go
│ ├── reporter
│ │ ├── cluster.go
│ │ ├── components.go
│ │ ├── crds.go
│ │ ├── distribution.go
│ │ ├── metrics_test.go
│ │ ├── metrics.go
│ │ ├── reconcilers.go
│ │ ├── reporter.go
│ │ └── sync.go
│ ├── schedule
│ │ ├── scheduler_test.go
│ │ └── scheduler.go
│ ├── tests
│ │ ├── fluxinstance
│ │ │ ├── health_check_test.go
│ │ │ └── suite_test.go
│ │ └── resourceset
│ │ ├── health_check_test.go
│ │ └── suite_test.go
│ ├── testutils
│ │ ├── log.go
│ │ └── time.go
│ └── web
│ ├── action_test.go
│ ├── action.go
│ ├── auth
│ │ ├── claims_test.go
│ │ ├── claims.go
│ │ ├── cookies_test.go
│ │ ├── cookies.go
│ │ ├── errors_test.go
│ │ ├── errors.go
│ │ ├── middlewares_test.go
│ │ ├── middlewares.go
│ │ ├── oauth2_test.go
│ │ ├── oauth2.go
│ │ └── oidc.go
│ ├── config
│ │ ├── authentication_types_test.go
│ │ ├── authentication_types.go
│ │ ├── config_types_test.go
│ │ ├── config_types.go
│ │ ├── groupversion_info.go
│ │ ├── loader_test.go
│ │ ├── loader.go
│ │ ├── user_actions_types_test.go
│ │ ├── user_actions_types.go
│ │ └── watcher.go
│ ├── events_test.go
│ ├── events.go
│ ├── favorites_test.go
│ ├── favorites.go
│ ├── fs.go
│ ├── handler.go
│ ├── inventory.go
│ ├── kubeclient
│ │ ├── client_test.go
│ │ ├── client.go
│ │ └── suite_test.go
│ ├── middlewares_test.go
│ ├── middlewares.go
│ ├── report_test.go
│ ├── report.go
│ ├── resource_test.go
│ ├── resource.go
│ ├── resources_test.go
│ ├── resources.go
│ ├── search_test.go
│ ├── search.go
│ ├── server_test.go
│ ├── server.go
│ ├── source.go
│ ├── suite_test.go
│ ├── user
│ │ ├── user_test.go
│ │ └── user.go
│ ├── workload_test.go
│ ├── workload.go
│ ├── workloads_test.go
│ └── workloads.go
├── LICENSE
├── Makefile
├── PROJECT
├── README.md
├── SECURITY.md
├── test
│ ├── e2e
│ │ ├── e2e_suite_test.go
│ │ ├── e2e_test.go
│ │ ├── instance_test.go
│ │ └── utils.go
│ └── olm
│ ├── e2e_suite_test.go
│ ├── e2e_test.go
│ ├── instance_test.go
│ └── scorecard_test.go
└── web
├── .gitignore
├── embed.go
├── eslint.config.js
├── index.html
├── package-lock.json
├── package.json
├── postcss.config.js
├── public
│ ├── favicon.svg
│ └── fonts
│ └── inter.woff2
├── README.md
├── src
│ ├── app.jsx
│ ├── app.test.jsx
│ ├── components
│ │ ├── auth
│ │ │ ├── LoginPage.jsx
│ │ │ └── LoginPage.test.jsx
│ │ ├── dashboards
│ │ │ ├── cluster
│ │ │ │ ├── ClusterPage.jsx
│ │ │ │ ├── ClusterPage.test.jsx
│ │ │ │ ├── ControllersPanel.jsx
│ │ │ │ ├── ControllersPanel.test.jsx
│ │ │ │ ├── InfoPanel.jsx
│ │ │ │ ├── InfoPanel.test.jsx
│ │ │ │ ├── OverallStatusPanel.jsx
│ │ │ │ ├── OverallStatusPanel.test.jsx
│ │ │ │ ├── ReconcilersPanel.jsx
│ │ │ │ ├── ReconcilersPanel.test.jsx
│ │ │ │ ├── SyncPanel.jsx
│ │ │ │ └── SyncPanel.test.jsx
│ │ │ ├── common
│ │ │ │ ├── panel.jsx
│ │ │ │ ├── panel.test.jsx
│ │ │ │ ├── yaml.jsx
│ │ │ │ └── yaml.test.jsx
│ │ │ └── resource
│ │ │ ├── ActionBar.jsx
│ │ │ ├── ActionBar.test.jsx
│ │ │ ├── ArtifactPanel.jsx
│ │ │ ├── ArtifactPanel.test.jsx
│ │ │ ├── ExportedInputsPanel.jsx
│ │ │ ├── ExportedInputsPanel.test.jsx
│ │ │ ├── GraphTabContent.jsx
│ │ │ ├── GraphTabContent.test.jsx
│ │ │ ├── HistoryTimeline.jsx
│ │ │ ├── HistoryTimeline.test.jsx
│ │ │ ├── InputsPanel.jsx
│ │ │ ├── InputsPanel.test.jsx
│ │ │ ├── InventoryPanel.jsx
│ │ │ ├── InventoryPanel.test.jsx
│ │ │ ├── ReconcilerPanel.jsx
│ │ │ ├── ReconcilerPanel.test.jsx
│ │ │ ├── ResourcePage.jsx
│ │ │ ├── ResourcePage.test.jsx
│ │ │ ├── SourcePanel.jsx
│ │ │ ├── SourcePanel.test.jsx
│ │ │ ├── WorkloadsTabContent.jsx
│ │ │ └── WorkloadsTabContent.test.jsx
│ │ ├── favorites
│ │ │ ├── FavoriteCard.jsx
│ │ │ ├── FavoriteCard.test.jsx
│ │ │ ├── FavoritesHeader.jsx
│ │ │ ├── FavoritesHeader.test.jsx
│ │ │ ├── FavoritesPage.jsx
│ │ │ ├── FavoritesPage.test.jsx
│ │ │ ├── FavoritesSearch.jsx
│ │ │ └── FavoritesSearch.test.jsx
│ │ ├── layout
│ │ │ ├── ConnectionStatus.jsx
│ │ │ ├── ConnectionStatus.test.jsx
│ │ │ ├── Footer.jsx
│ │ │ ├── Footer.test.jsx
│ │ │ ├── Header.jsx
│ │ │ ├── Header.test.jsx
│ │ │ ├── Icons.jsx
│ │ │ ├── NotFoundPage.jsx
│ │ │ ├── NotFoundPage.test.jsx
│ │ │ ├── ThemeToggle.jsx
│ │ │ ├── ThemeToggle.test.jsx
│ │ │ ├── UserMenu.jsx
│ │ │ └── UserMenu.test.jsx
│ │ └── search
│ │ ├── EventList.jsx
│ │ ├── EventList.test.jsx
│ │ ├── FilterForm.jsx
│ │ ├── FilterForm.test.jsx
│ │ ├── QuickSearch.jsx
│ │ ├── QuickSearch.test.jsx
│ │ ├── ResourceDetailsView.jsx
│ │ ├── ResourceDetailsView.test.jsx
│ │ ├── ResourceList.jsx
│ │ ├── ResourceList.test.jsx
│ │ ├── StatusChart.jsx
│ │ └── StatusChart.test.jsx
│ ├── index.css
│ ├── main.jsx
│ ├── mock
│ │ ├── action.js
│ │ ├── events.js
│ │ ├── events.test.js
│ │ ├── report.js
│ │ ├── resource.js
│ │ ├── resources.js
│ │ ├── resources.test.js
│ │ ├── workload.js
│ │ └── workload.test.js
│ └── utils
│ ├── constants.js
│ ├── cookies.js
│ ├── cookies.test.js
│ ├── favorites.js
│ ├── favorites.test.js
│ ├── fetch.js
│ ├── fetch.test.js
│ ├── hash.js
│ ├── hash.test.js
│ ├── meta.js
│ ├── meta.test.js
│ ├── navHistory.js
│ ├── navHistory.test.js
│ ├── routing.js
│ ├── routing.test.js
│ ├── scroll.js
│ ├── scroll.test.js
│ ├── status.js
│ ├── status.test.js
│ ├── theme.js
│ ├── theme.test.js
│ ├── time.js
│ ├── time.test.js
│ ├── version.js
│ └── version.test.js
├── tailwind.config.js
├── vite.config.js
└── vitest.setup.js
```
# Files
--------------------------------------------------------------------------------
/config/data/flux/v2.7.5/helm-controller.yaml:
--------------------------------------------------------------------------------
```yaml
1 | apiVersion: apiextensions.k8s.io/v1
2 | kind: CustomResourceDefinition
3 | metadata:
4 | annotations:
5 | controller-gen.kubebuilder.io/version: v0.19.0
6 | labels:
7 | app.kubernetes.io/component: helm-controller
8 | app.kubernetes.io/part-of: flux
9 | name: helmreleases.helm.toolkit.fluxcd.io
10 | spec:
11 | group: helm.toolkit.fluxcd.io
12 | names:
13 | kind: HelmRelease
14 | listKind: HelmReleaseList
15 | plural: helmreleases
16 | shortNames:
17 | - hr
18 | singular: helmrelease
19 | scope: Namespaced
20 | versions:
21 | - additionalPrinterColumns:
22 | - jsonPath: .metadata.creationTimestamp
23 | name: Age
24 | type: date
25 | - jsonPath: .status.conditions[?(@.type=="Ready")].status
26 | name: Ready
27 | type: string
28 | - jsonPath: .status.conditions[?(@.type=="Ready")].message
29 | name: Status
30 | type: string
31 | name: v2
32 | schema:
33 | openAPIV3Schema:
34 | description: HelmRelease is the Schema for the helmreleases API
35 | properties:
36 | apiVersion:
37 | description: |-
38 | APIVersion defines the versioned schema of this representation of an object.
39 | Servers should convert recognized schemas to the latest internal value, and
40 | may reject unrecognized values.
41 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
42 | type: string
43 | kind:
44 | description: |-
45 | Kind is a string value representing the REST resource this object represents.
46 | Servers may infer this from the endpoint the client submits requests to.
47 | Cannot be updated.
48 | In CamelCase.
49 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
50 | type: string
51 | metadata:
52 | type: object
53 | spec:
54 | description: HelmReleaseSpec defines the desired state of a Helm release.
55 | properties:
56 | chart:
57 | description: |-
58 | Chart defines the template of the v1.HelmChart that should be created
59 | for this HelmRelease.
60 | properties:
61 | metadata:
62 | description: ObjectMeta holds the template for metadata like labels
63 | and annotations.
64 | properties:
65 | annotations:
66 | additionalProperties:
67 | type: string
68 | description: |-
69 | Annotations is an unstructured key value map stored with a resource that may be
70 | set by external tools to store and retrieve arbitrary metadata. They are not
71 | queryable and should be preserved when modifying objects.
72 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
73 | type: object
74 | labels:
75 | additionalProperties:
76 | type: string
77 | description: |-
78 | Map of string keys and values that can be used to organize and categorize
79 | (scope and select) objects.
80 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
81 | type: object
82 | type: object
83 | spec:
84 | description: Spec holds the template for the v1.HelmChartSpec
85 | for this HelmRelease.
86 | properties:
87 | chart:
88 | description: The name or path the Helm chart is available
89 | at in the SourceRef.
90 | maxLength: 2048
91 | minLength: 1
92 | type: string
93 | ignoreMissingValuesFiles:
94 | description: IgnoreMissingValuesFiles controls whether to
95 | silently ignore missing values files rather than failing.
96 | type: boolean
97 | interval:
98 | description: |-
99 | Interval at which to check the v1.Source for updates. Defaults to
100 | 'HelmReleaseSpec.Interval'.
101 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
102 | type: string
103 | reconcileStrategy:
104 | default: ChartVersion
105 | description: |-
106 | Determines what enables the creation of a new artifact. Valid values are
107 | ('ChartVersion', 'Revision').
108 | See the documentation of the values for an explanation on their behavior.
109 | Defaults to ChartVersion when omitted.
110 | enum:
111 | - ChartVersion
112 | - Revision
113 | type: string
114 | sourceRef:
115 | description: The name and namespace of the v1.Source the chart
116 | is available at.
117 | properties:
118 | apiVersion:
119 | description: APIVersion of the referent.
120 | type: string
121 | kind:
122 | description: Kind of the referent.
123 | enum:
124 | - HelmRepository
125 | - GitRepository
126 | - Bucket
127 | type: string
128 | name:
129 | description: Name of the referent.
130 | maxLength: 253
131 | minLength: 1
132 | type: string
133 | namespace:
134 | description: Namespace of the referent.
135 | maxLength: 63
136 | minLength: 1
137 | type: string
138 | required:
139 | - kind
140 | - name
141 | type: object
142 | valuesFiles:
143 | description: |-
144 | Alternative list of values files to use as the chart values (values.yaml
145 | is not included by default), expected to be a relative path in the SourceRef.
146 | Values files are merged in the order of this list with the last file overriding
147 | the first. Ignored when omitted.
148 | items:
149 | type: string
150 | type: array
151 | verify:
152 | description: |-
153 | Verify contains the secret name containing the trusted public keys
154 | used to verify the signature and specifies which provider to use to check
155 | whether OCI image is authentic.
156 | This field is only supported for OCI sources.
157 | Chart dependencies, which are not bundled in the umbrella chart artifact,
158 | are not verified.
159 | properties:
160 | provider:
161 | default: cosign
162 | description: Provider specifies the technology used to
163 | sign the OCI Helm chart.
164 | enum:
165 | - cosign
166 | - notation
167 | type: string
168 | secretRef:
169 | description: |-
170 | SecretRef specifies the Kubernetes Secret containing the
171 | trusted public keys.
172 | properties:
173 | name:
174 | description: Name of the referent.
175 | type: string
176 | required:
177 | - name
178 | type: object
179 | required:
180 | - provider
181 | type: object
182 | version:
183 | default: '*'
184 | description: |-
185 | Version semver expression, ignored for charts from v1.GitRepository and
186 | v1beta2.Bucket sources. Defaults to latest when omitted.
187 | type: string
188 | required:
189 | - chart
190 | - sourceRef
191 | type: object
192 | required:
193 | - spec
194 | type: object
195 | chartRef:
196 | description: |-
197 | ChartRef holds a reference to a source controller resource containing the
198 | Helm chart artifact.
199 | properties:
200 | apiVersion:
201 | description: APIVersion of the referent.
202 | type: string
203 | kind:
204 | description: Kind of the referent.
205 | enum:
206 | - OCIRepository
207 | - HelmChart
208 | - ExternalArtifact
209 | type: string
210 | name:
211 | description: Name of the referent.
212 | maxLength: 253
213 | minLength: 1
214 | type: string
215 | namespace:
216 | description: |-
217 | Namespace of the referent, defaults to the namespace of the Kubernetes
218 | resource object that contains the reference.
219 | maxLength: 63
220 | minLength: 1
221 | type: string
222 | required:
223 | - kind
224 | - name
225 | type: object
226 | commonMetadata:
227 | description: |-
228 | CommonMetadata specifies the common labels and annotations that are
229 | applied to all resources. Any existing label or annotation will be
230 | overridden if its key matches a common one.
231 | properties:
232 | annotations:
233 | additionalProperties:
234 | type: string
235 | description: Annotations to be added to the object's metadata.
236 | type: object
237 | labels:
238 | additionalProperties:
239 | type: string
240 | description: Labels to be added to the object's metadata.
241 | type: object
242 | type: object
243 | dependsOn:
244 | description: |-
245 | DependsOn may contain a DependencyReference slice with
246 | references to HelmRelease resources that must be ready before this HelmRelease
247 | can be reconciled.
248 | items:
249 | description: DependencyReference defines a HelmRelease dependency
250 | on another HelmRelease resource.
251 | properties:
252 | name:
253 | description: Name of the referent.
254 | type: string
255 | namespace:
256 | description: |-
257 | Namespace of the referent, defaults to the namespace of the HelmRelease
258 | resource object that contains the reference.
259 | type: string
260 | readyExpr:
261 | description: |-
262 | ReadyExpr is a CEL expression that can be used to assess the readiness
263 | of a dependency. When specified, the built-in readiness check
264 | is replaced by the logic defined in the CEL expression.
265 | To make the CEL expression additive to the built-in readiness check,
266 | the feature gate `AdditiveCELDependencyCheck` must be set to `true`.
267 | type: string
268 | required:
269 | - name
270 | type: object
271 | type: array
272 | driftDetection:
273 | description: |-
274 | DriftDetection holds the configuration for detecting and handling
275 | differences between the manifest in the Helm storage and the resources
276 | currently existing in the cluster.
277 | properties:
278 | ignore:
279 | description: |-
280 | Ignore contains a list of rules for specifying which changes to ignore
281 | during diffing.
282 | items:
283 | description: |-
284 | IgnoreRule defines a rule to selectively disregard specific changes during
285 | the drift detection process.
286 | properties:
287 | paths:
288 | description: |-
289 | Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from
290 | consideration in a Kubernetes object.
291 | items:
292 | type: string
293 | type: array
294 | target:
295 | description: |-
296 | Target is a selector for specifying Kubernetes objects to which this
297 | rule applies.
298 | If Target is not set, the Paths will be ignored for all Kubernetes
299 | objects within the manifest of the Helm release.
300 | properties:
301 | annotationSelector:
302 | description: |-
303 | AnnotationSelector is a string that follows the label selection expression
304 | https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
305 | It matches with the resource annotations.
306 | type: string
307 | group:
308 | description: |-
309 | Group is the API group to select resources from.
310 | Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
311 | https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
312 | type: string
313 | kind:
314 | description: |-
315 | Kind of the API Group to select resources from.
316 | Together with Group and Version it is capable of unambiguously
317 | identifying and/or selecting resources.
318 | https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
319 | type: string
320 | labelSelector:
321 | description: |-
322 | LabelSelector is a string that follows the label selection expression
323 | https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
324 | It matches with the resource labels.
325 | type: string
326 | name:
327 | description: Name to match resources with.
328 | type: string
329 | namespace:
330 | description: Namespace to select resources from.
331 | type: string
332 | version:
333 | description: |-
334 | Version of the API Group to select resources from.
335 | Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
336 | https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
337 | type: string
338 | type: object
339 | required:
340 | - paths
341 | type: object
342 | type: array
343 | mode:
344 | description: |-
345 | Mode defines how differences should be handled between the Helm manifest
346 | and the manifest currently applied to the cluster.
347 | If not explicitly set, it defaults to DiffModeDisabled.
348 | enum:
349 | - enabled
350 | - warn
351 | - disabled
352 | type: string
353 | type: object
354 | install:
355 | description: Install holds the configuration for Helm install actions
356 | for this HelmRelease.
357 | properties:
358 | crds:
359 | description: |-
360 | CRDs upgrade CRDs from the Helm Chart's crds directory according
361 | to the CRD upgrade policy provided here. Valid values are `Skip`,
362 | `Create` or `CreateReplace`. Default is `Create` and if omitted
363 | CRDs are installed but not updated.
364 |
365 | Skip: do neither install nor replace (update) any CRDs.
366 |
367 | Create: new CRDs are created, existing CRDs are neither updated nor deleted.
368 |
369 | CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
370 | but not deleted.
371 |
372 | By default, CRDs are applied (installed) during Helm install action.
373 | With this option users can opt in to CRD replace existing CRDs on Helm
374 | install actions, which is not (yet) natively supported by Helm.
375 | https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
376 | enum:
377 | - Skip
378 | - Create
379 | - CreateReplace
380 | type: string
381 | createNamespace:
382 | description: |-
383 | CreateNamespace tells the Helm install action to create the
384 | HelmReleaseSpec.TargetNamespace if it does not exist yet.
385 | On uninstall, the namespace will not be garbage collected.
386 | type: boolean
387 | disableHooks:
388 | description: DisableHooks prevents hooks from running during the
389 | Helm install action.
390 | type: boolean
391 | disableOpenAPIValidation:
392 | description: |-
393 | DisableOpenAPIValidation prevents the Helm install action from validating
394 | rendered templates against the Kubernetes OpenAPI Schema.
395 | type: boolean
396 | disableSchemaValidation:
397 | description: |-
398 | DisableSchemaValidation prevents the Helm install action from validating
399 | the values against the JSON Schema.
400 | type: boolean
401 | disableTakeOwnership:
402 | description: |-
403 | DisableTakeOwnership disables taking ownership of existing resources
404 | during the Helm install action. Defaults to false.
405 | type: boolean
406 | disableWait:
407 | description: |-
408 | DisableWait disables the waiting for resources to be ready after a Helm
409 | install has been performed.
410 | type: boolean
411 | disableWaitForJobs:
412 | description: |-
413 | DisableWaitForJobs disables waiting for jobs to complete after a Helm
414 | install has been performed.
415 | type: boolean
416 | remediation:
417 | description: |-
418 | Remediation holds the remediation configuration for when the Helm install
419 | action for the HelmRelease fails. The default is to not perform any action.
420 | properties:
421 | ignoreTestFailures:
422 | description: |-
423 | IgnoreTestFailures tells the controller to skip remediation when the Helm
424 | tests are run after an install action but fail. Defaults to
425 | 'Test.IgnoreFailures'.
426 | type: boolean
427 | remediateLastFailure:
428 | description: |-
429 | RemediateLastFailure tells the controller to remediate the last failure, when
430 | no retries remain. Defaults to 'false'.
431 | type: boolean
432 | retries:
433 | description: |-
434 | Retries is the number of retries that should be attempted on failures before
435 | bailing. Remediation, using an uninstall, is performed between each attempt.
436 | Defaults to '0', a negative integer equals to unlimited retries.
437 | type: integer
438 | type: object
439 | replace:
440 | description: |-
441 | Replace tells the Helm install action to re-use the 'ReleaseName', but only
442 | if that name is a deleted release which remains in the history.
443 | type: boolean
444 | skipCRDs:
445 | description: |-
446 | SkipCRDs tells the Helm install action to not install any CRDs. By default,
447 | CRDs are installed if not already present.
448 |
449 | Deprecated use CRD policy (`crds`) attribute with value `Skip` instead.
450 | type: boolean
451 | strategy:
452 | description: |-
453 | Strategy defines the install strategy to use for this HelmRelease.
454 | Defaults to 'RemediateOnFailure'.
455 | properties:
456 | name:
457 | description: Name of the install strategy.
458 | enum:
459 | - RemediateOnFailure
460 | - RetryOnFailure
461 | type: string
462 | retryInterval:
463 | description: |-
464 | RetryInterval is the interval at which to retry a failed install.
465 | Can be used only when Name is set to RetryOnFailure.
466 | Defaults to '5m'.
467 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
468 | type: string
469 | required:
470 | - name
471 | type: object
472 | x-kubernetes-validations:
473 | - message: .retryInterval cannot be set when .name is 'RemediateOnFailure'
474 | rule: '!has(self.retryInterval) || self.name != ''RemediateOnFailure'''
475 | timeout:
476 | description: |-
477 | Timeout is the time to wait for any individual Kubernetes operation (like
478 | Jobs for hooks) during the performance of a Helm install action. Defaults to
479 | 'HelmReleaseSpec.Timeout'.
480 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
481 | type: string
482 | type: object
483 | interval:
484 | description: Interval at which to reconcile the Helm release.
485 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
486 | type: string
487 | kubeConfig:
488 | description: |-
489 | KubeConfig for reconciling the HelmRelease on a remote cluster.
490 | When used in combination with HelmReleaseSpec.ServiceAccountName,
491 | forces the controller to act on behalf of that Service Account at the
492 | target cluster.
493 | If the --default-service-account flag is set, its value will be used as
494 | a controller level fallback for when HelmReleaseSpec.ServiceAccountName
495 | is empty.
496 | properties:
497 | configMapRef:
498 | description: |-
499 | ConfigMapRef holds an optional name of a ConfigMap that contains
500 | the following keys:
501 |
502 | - `provider`: the provider to use. One of `aws`, `azure`, `gcp`, or
503 | `generic`. Required.
504 | - `cluster`: the fully qualified resource name of the Kubernetes
505 | cluster in the cloud provider API. Not used by the `generic`
506 | provider. Required when one of `address` or `ca.crt` is not set.
507 | - `address`: the address of the Kubernetes API server. Required
508 | for `generic`. For the other providers, if not specified, the
509 | first address in the cluster resource will be used, and if
510 | specified, it must match one of the addresses in the cluster
511 | resource.
512 | If audiences is not set, will be used as the audience for the
513 | `generic` provider.
514 | - `ca.crt`: the optional PEM-encoded CA certificate for the
515 | Kubernetes API server. If not set, the controller will use the
516 | CA certificate from the cluster resource.
517 | - `audiences`: the optional audiences as a list of
518 | line-break-separated strings for the Kubernetes ServiceAccount
519 | token. Defaults to the `address` for the `generic` provider, or
520 | to specific values for the other providers depending on the
521 | provider.
522 | - `serviceAccountName`: the optional name of the Kubernetes
523 | ServiceAccount in the same namespace that should be used
524 | for authentication. If not specified, the controller
525 | ServiceAccount will be used.
526 |
527 | Mutually exclusive with SecretRef.
528 | properties:
529 | name:
530 | description: Name of the referent.
531 | type: string
532 | required:
533 | - name
534 | type: object
535 | secretRef:
536 | description: |-
537 | SecretRef holds an optional name of a secret that contains a key with
538 | the kubeconfig file as the value. If no key is set, the key will default
539 | to 'value'. Mutually exclusive with ConfigMapRef.
540 | It is recommended that the kubeconfig is self-contained, and the secret
541 | is regularly updated if credentials such as a cloud-access-token expire.
542 | Cloud specific `cmd-path` auth helpers will not function without adding
543 | binaries and credentials to the Pod that is responsible for reconciling
544 | Kubernetes resources. Supported only for the generic provider.
545 | properties:
546 | key:
547 | description: Key in the Secret, when not specified an implementation-specific
548 | default key is used.
549 | type: string
550 | name:
551 | description: Name of the Secret.
552 | type: string
553 | required:
554 | - name
555 | type: object
556 | type: object
557 | x-kubernetes-validations:
558 | - message: exactly one of spec.kubeConfig.configMapRef or spec.kubeConfig.secretRef
559 | must be specified
560 | rule: has(self.configMapRef) || has(self.secretRef)
561 | - message: exactly one of spec.kubeConfig.configMapRef or spec.kubeConfig.secretRef
562 | must be specified
563 | rule: '!has(self.configMapRef) || !has(self.secretRef)'
564 | maxHistory:
565 | description: |-
566 | MaxHistory is the number of revisions saved by Helm for this HelmRelease.
567 | Use '0' for an unlimited number of revisions; defaults to '5'.
568 | type: integer
569 | persistentClient:
570 | description: |-
571 | PersistentClient tells the controller to use a persistent Kubernetes
572 | client for this release. When enabled, the client will be reused for the
573 | duration of the reconciliation, instead of being created and destroyed
574 | for each (step of a) Helm action.
575 |
576 | This can improve performance, but may cause issues with some Helm charts
577 | that for example do create Custom Resource Definitions during installation
578 | outside Helm's CRD lifecycle hooks, which are then not observed to be
579 | available by e.g. post-install hooks.
580 |
581 | If not set, it defaults to true.
582 | type: boolean
583 | postRenderers:
584 | description: |-
585 | PostRenderers holds an array of Helm PostRenderers, which will be applied in order
586 | of their definition.
587 | items:
588 | description: PostRenderer contains a Helm PostRenderer specification.
589 | properties:
590 | kustomize:
591 | description: Kustomization to apply as PostRenderer.
592 | properties:
593 | images:
594 | description: |-
595 | Images is a list of (image name, new name, new tag or digest)
596 | for changing image names, tags or digests. This can also be achieved with a
597 | patch, but this operator is simpler to specify.
598 | items:
599 | description: Image contains an image name, a new name,
600 | a new tag or digest, which will replace the original
601 | name and tag.
602 | properties:
603 | digest:
604 | description: |-
605 | Digest is the value used to replace the original image tag.
606 | If digest is present NewTag value is ignored.
607 | type: string
608 | name:
609 | description: Name is a tag-less image name.
610 | type: string
611 | newName:
612 | description: NewName is the value used to replace
613 | the original name.
614 | type: string
615 | newTag:
616 | description: NewTag is the value used to replace the
617 | original tag.
618 | type: string
619 | required:
620 | - name
621 | type: object
622 | type: array
623 | patches:
624 | description: |-
625 | Strategic merge and JSON patches, defined as inline YAML objects,
626 | capable of targeting objects based on kind, label and annotation selectors.
627 | items:
628 | description: |-
629 | Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should
630 | be applied to.
631 | properties:
632 | patch:
633 | description: |-
634 | Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with
635 | an array of operation objects.
636 | type: string
637 | target:
638 | description: Target points to the resources that the
639 | patch document should be applied to.
640 | properties:
641 | annotationSelector:
642 | description: |-
643 | AnnotationSelector is a string that follows the label selection expression
644 | https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
645 | It matches with the resource annotations.
646 | type: string
647 | group:
648 | description: |-
649 | Group is the API group to select resources from.
650 | Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
651 | https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
652 | type: string
653 | kind:
654 | description: |-
655 | Kind of the API Group to select resources from.
656 | Together with Group and Version it is capable of unambiguously
657 | identifying and/or selecting resources.
658 | https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
659 | type: string
660 | labelSelector:
661 | description: |-
662 | LabelSelector is a string that follows the label selection expression
663 | https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
664 | It matches with the resource labels.
665 | type: string
666 | name:
667 | description: Name to match resources with.
668 | type: string
669 | namespace:
670 | description: Namespace to select resources from.
671 | type: string
672 | version:
673 | description: |-
674 | Version of the API Group to select resources from.
675 | Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
676 | https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
677 | type: string
678 | type: object
679 | required:
680 | - patch
681 | type: object
682 | type: array
683 | type: object
684 | type: object
685 | type: array
686 | releaseName:
687 | description: |-
688 | ReleaseName used for the Helm release. Defaults to a composition of
689 | '[TargetNamespace-]Name'.
690 | maxLength: 53
691 | minLength: 1
692 | type: string
693 | rollback:
694 | description: Rollback holds the configuration for Helm rollback actions
695 | for this HelmRelease.
696 | properties:
697 | cleanupOnFail:
698 | description: |-
699 | CleanupOnFail allows deletion of new resources created during the Helm
700 | rollback action when it fails.
701 | type: boolean
702 | disableHooks:
703 | description: DisableHooks prevents hooks from running during the
704 | Helm rollback action.
705 | type: boolean
706 | disableWait:
707 | description: |-
708 | DisableWait disables the waiting for resources to be ready after a Helm
709 | rollback has been performed.
710 | type: boolean
711 | disableWaitForJobs:
712 | description: |-
713 | DisableWaitForJobs disables waiting for jobs to complete after a Helm
714 | rollback has been performed.
715 | type: boolean
716 | force:
717 | description: Force forces resource updates through a replacement
718 | strategy.
719 | type: boolean
720 | recreate:
721 | description: Recreate performs pod restarts for the resource if
722 | applicable.
723 | type: boolean
724 | timeout:
725 | description: |-
726 | Timeout is the time to wait for any individual Kubernetes operation (like
727 | Jobs for hooks) during the performance of a Helm rollback action. Defaults to
728 | 'HelmReleaseSpec.Timeout'.
729 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
730 | type: string
731 | type: object
732 | serviceAccountName:
733 | description: |-
734 | The name of the Kubernetes service account to impersonate
735 | when reconciling this HelmRelease.
736 | maxLength: 253
737 | minLength: 1
738 | type: string
739 | storageNamespace:
740 | description: |-
741 | StorageNamespace used for the Helm storage.
742 | Defaults to the namespace of the HelmRelease.
743 | maxLength: 63
744 | minLength: 1
745 | type: string
746 | suspend:
747 | description: |-
748 | Suspend tells the controller to suspend reconciliation for this HelmRelease,
749 | it does not apply to already started reconciliations. Defaults to false.
750 | type: boolean
751 | targetNamespace:
752 | description: |-
753 | TargetNamespace to target when performing operations for the HelmRelease.
754 | Defaults to the namespace of the HelmRelease.
755 | maxLength: 63
756 | minLength: 1
757 | type: string
758 | test:
759 | description: Test holds the configuration for Helm test actions for
760 | this HelmRelease.
761 | properties:
762 | enable:
763 | description: |-
764 | Enable enables Helm test actions for this HelmRelease after an Helm install
765 | or upgrade action has been performed.
766 | type: boolean
767 | filters:
768 | description: Filters is a list of tests to run or exclude from
769 | running.
770 | items:
771 | description: Filter holds the configuration for individual Helm
772 | test filters.
773 | properties:
774 | exclude:
775 | description: Exclude specifies whether the named test should
776 | be excluded.
777 | type: boolean
778 | name:
779 | description: Name is the name of the test.
780 | maxLength: 253
781 | minLength: 1
782 | type: string
783 | required:
784 | - name
785 | type: object
786 | type: array
787 | ignoreFailures:
788 | description: |-
789 | IgnoreFailures tells the controller to skip remediation when the Helm tests
790 | are run but fail. Can be overwritten for tests run after install or upgrade
791 | actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'.
792 | type: boolean
793 | timeout:
794 | description: |-
795 | Timeout is the time to wait for any individual Kubernetes operation during
796 | the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'.
797 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
798 | type: string
799 | type: object
800 | timeout:
801 | description: |-
802 | Timeout is the time to wait for any individual Kubernetes operation (like Jobs
803 | for hooks) during the performance of a Helm action. Defaults to '5m0s'.
804 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
805 | type: string
806 | uninstall:
807 | description: Uninstall holds the configuration for Helm uninstall
808 | actions for this HelmRelease.
809 | properties:
810 | deletionPropagation:
811 | default: background
812 | description: |-
813 | DeletionPropagation specifies the deletion propagation policy when
814 | a Helm uninstall is performed.
815 | enum:
816 | - background
817 | - foreground
818 | - orphan
819 | type: string
820 | disableHooks:
821 | description: DisableHooks prevents hooks from running during the
822 | Helm rollback action.
823 | type: boolean
824 | disableWait:
825 | description: |-
826 | DisableWait disables waiting for all the resources to be deleted after
827 | a Helm uninstall is performed.
828 | type: boolean
829 | keepHistory:
830 | description: |-
831 | KeepHistory tells Helm to remove all associated resources and mark the
832 | release as deleted, but retain the release history.
833 | type: boolean
834 | timeout:
835 | description: |-
836 | Timeout is the time to wait for any individual Kubernetes operation (like
837 | Jobs for hooks) during the performance of a Helm uninstall action. Defaults
838 | to 'HelmReleaseSpec.Timeout'.
839 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
840 | type: string
841 | type: object
842 | upgrade:
843 | description: Upgrade holds the configuration for Helm upgrade actions
844 | for this HelmRelease.
845 | properties:
846 | cleanupOnFail:
847 | description: |-
848 | CleanupOnFail allows deletion of new resources created during the Helm
849 | upgrade action when it fails.
850 | type: boolean
851 | crds:
852 | description: |-
853 | CRDs upgrade CRDs from the Helm Chart's crds directory according
854 | to the CRD upgrade policy provided here. Valid values are `Skip`,
855 | `Create` or `CreateReplace`. Default is `Skip` and if omitted
856 | CRDs are neither installed nor upgraded.
857 |
858 | Skip: do neither install nor replace (update) any CRDs.
859 |
860 | Create: new CRDs are created, existing CRDs are neither updated nor deleted.
861 |
862 | CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
863 | but not deleted.
864 |
865 | By default, CRDs are not applied during Helm upgrade action. With this
866 | option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm.
867 | https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
868 | enum:
869 | - Skip
870 | - Create
871 | - CreateReplace
872 | type: string
873 | disableHooks:
874 | description: DisableHooks prevents hooks from running during the
875 | Helm upgrade action.
876 | type: boolean
877 | disableOpenAPIValidation:
878 | description: |-
879 | DisableOpenAPIValidation prevents the Helm upgrade action from validating
880 | rendered templates against the Kubernetes OpenAPI Schema.
881 | type: boolean
882 | disableSchemaValidation:
883 | description: |-
884 | DisableSchemaValidation prevents the Helm upgrade action from validating
885 | the values against the JSON Schema.
886 | type: boolean
887 | disableTakeOwnership:
888 | description: |-
889 | DisableTakeOwnership disables taking ownership of existing resources
890 | during the Helm upgrade action. Defaults to false.
891 | type: boolean
892 | disableWait:
893 | description: |-
894 | DisableWait disables the waiting for resources to be ready after a Helm
895 | upgrade has been performed.
896 | type: boolean
897 | disableWaitForJobs:
898 | description: |-
899 | DisableWaitForJobs disables waiting for jobs to complete after a Helm
900 | upgrade has been performed.
901 | type: boolean
902 | force:
903 | description: Force forces resource updates through a replacement
904 | strategy.
905 | type: boolean
906 | preserveValues:
907 | description: |-
908 | PreserveValues will make Helm reuse the last release's values and merge in
909 | overrides from 'Values'. Setting this flag makes the HelmRelease
910 | non-declarative.
911 | type: boolean
912 | remediation:
913 | description: |-
914 | Remediation holds the remediation configuration for when the Helm upgrade
915 | action for the HelmRelease fails. The default is to not perform any action.
916 | properties:
917 | ignoreTestFailures:
918 | description: |-
919 | IgnoreTestFailures tells the controller to skip remediation when the Helm
920 | tests are run after an upgrade action but fail.
921 | Defaults to 'Test.IgnoreFailures'.
922 | type: boolean
923 | remediateLastFailure:
924 | description: |-
925 | RemediateLastFailure tells the controller to remediate the last failure, when
926 | no retries remain. Defaults to 'false' unless 'Retries' is greater than 0.
927 | type: boolean
928 | retries:
929 | description: |-
930 | Retries is the number of retries that should be attempted on failures before
931 | bailing. Remediation, using 'Strategy', is performed between each attempt.
932 | Defaults to '0', a negative integer equals to unlimited retries.
933 | type: integer
934 | strategy:
935 | description: Strategy to use for failure remediation. Defaults
936 | to 'rollback'.
937 | enum:
938 | - rollback
939 | - uninstall
940 | type: string
941 | type: object
942 | strategy:
943 | description: |-
944 | Strategy defines the upgrade strategy to use for this HelmRelease.
945 | Defaults to 'RemediateOnFailure'.
946 | properties:
947 | name:
948 | description: Name of the upgrade strategy.
949 | enum:
950 | - RemediateOnFailure
951 | - RetryOnFailure
952 | type: string
953 | retryInterval:
954 | description: |-
955 | RetryInterval is the interval at which to retry a failed upgrade.
956 | Can be used only when Name is set to RetryOnFailure.
957 | Defaults to '5m'.
958 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
959 | type: string
960 | required:
961 | - name
962 | type: object
963 | x-kubernetes-validations:
964 | - message: .retryInterval can only be set when .name is 'RetryOnFailure'
965 | rule: '!has(self.retryInterval) || self.name == ''RetryOnFailure'''
966 | timeout:
967 | description: |-
968 | Timeout is the time to wait for any individual Kubernetes operation (like
969 | Jobs for hooks) during the performance of a Helm upgrade action. Defaults to
970 | 'HelmReleaseSpec.Timeout'.
971 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
972 | type: string
973 | type: object
974 | values:
975 | description: Values holds the values for this Helm release.
976 | x-kubernetes-preserve-unknown-fields: true
977 | valuesFrom:
978 | description: |-
979 | ValuesFrom holds references to resources containing Helm values for this HelmRelease,
980 | and information about how they should be merged.
981 | items:
982 | description: |-
983 | ValuesReference contains a reference to a resource containing Helm values,
984 | and optionally the key they can be found at.
985 | properties:
986 | kind:
987 | description: Kind of the values referent, valid values are ('Secret',
988 | 'ConfigMap').
989 | enum:
990 | - Secret
991 | - ConfigMap
992 | type: string
993 | name:
994 | description: |-
995 | Name of the values referent. Should reside in the same namespace as the
996 | referring resource.
997 | maxLength: 253
998 | minLength: 1
999 | type: string
1000 | optional:
1001 | description: |-
1002 | Optional marks this ValuesReference as optional. When set, a not found error
1003 | for the values reference is ignored, but any ValuesKey, TargetPath or
1004 | transient error will still result in a reconciliation failure.
1005 | type: boolean
1006 | targetPath:
1007 | description: |-
1008 | TargetPath is the YAML dot notation path the value should be merged at. When
1009 | set, the ValuesKey is expected to be a single flat value. Defaults to 'None',
1010 | which results in the values getting merged at the root.
1011 | maxLength: 250
1012 | pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$
1013 | type: string
1014 | valuesKey:
1015 | description: |-
1016 | ValuesKey is the data key where the values.yaml or a specific value can be
1017 | found at. Defaults to 'values.yaml'.
1018 | maxLength: 253
1019 | pattern: ^[\-._a-zA-Z0-9]+$
1020 | type: string
1021 | required:
1022 | - kind
1023 | - name
1024 | type: object
1025 | type: array
1026 | required:
1027 | - interval
1028 | type: object
1029 | x-kubernetes-validations:
1030 | - message: either chart or chartRef must be set
1031 | rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart)
1032 | && has(self.chartRef))
1033 | status:
1034 | default:
1035 | observedGeneration: -1
1036 | description: HelmReleaseStatus defines the observed state of a HelmRelease.
1037 | properties:
1038 | conditions:
1039 | description: Conditions holds the conditions for the HelmRelease.
1040 | items:
1041 | description: Condition contains details for one aspect of the current
1042 | state of this API Resource.
1043 | properties:
1044 | lastTransitionTime:
1045 | description: |-
1046 | lastTransitionTime is the last time the condition transitioned from one status to another.
1047 | This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
1048 | format: date-time
1049 | type: string
1050 | message:
1051 | description: |-
1052 | message is a human readable message indicating details about the transition.
1053 | This may be an empty string.
1054 | maxLength: 32768
1055 | type: string
1056 | observedGeneration:
1057 | description: |-
1058 | observedGeneration represents the .metadata.generation that the condition was set based upon.
1059 | For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
1060 | with respect to the current state of the instance.
1061 | format: int64
1062 | minimum: 0
1063 | type: integer
1064 | reason:
1065 | description: |-
1066 | reason contains a programmatic identifier indicating the reason for the condition's last transition.
1067 | Producers of specific condition types may define expected values and meanings for this field,
1068 | and whether the values are considered a guaranteed API.
1069 | The value should be a CamelCase string.
1070 | This field may not be empty.
1071 | maxLength: 1024
1072 | minLength: 1
1073 | pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
1074 | type: string
1075 | status:
1076 | description: status of the condition, one of True, False, Unknown.
1077 | enum:
1078 | - "True"
1079 | - "False"
1080 | - Unknown
1081 | type: string
1082 | type:
1083 | description: type of condition in CamelCase or in foo.example.com/CamelCase.
1084 | maxLength: 316
1085 | pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
1086 | type: string
1087 | required:
1088 | - lastTransitionTime
1089 | - message
1090 | - reason
1091 | - status
1092 | - type
1093 | type: object
1094 | type: array
1095 | failures:
1096 | description: |-
1097 | Failures is the reconciliation failure count against the latest desired
1098 | state. It is reset after a successful reconciliation.
1099 | format: int64
1100 | type: integer
1101 | helmChart:
1102 | description: |-
1103 | HelmChart is the namespaced name of the HelmChart resource created by
1104 | the controller for the HelmRelease.
1105 | type: string
1106 | history:
1107 | description: |-
1108 | History holds the history of Helm releases performed for this HelmRelease
1109 | up to the last successfully completed release.
1110 | items:
1111 | description: |-
1112 | Snapshot captures a point-in-time copy of the status information for a Helm release,
1113 | as managed by the controller.
1114 | properties:
1115 | apiVersion:
1116 | description: |-
1117 | APIVersion is the API version of the Snapshot.
1118 | Provisional: when the calculation method of the Digest field is changed,
1119 | this field will be used to distinguish between the old and new methods.
1120 | type: string
1121 | appVersion:
1122 | description: AppVersion is the chart app version of the release
1123 | object in storage.
1124 | type: string
1125 | chartName:
1126 | description: ChartName is the chart name of the release object
1127 | in storage.
1128 | type: string
1129 | chartVersion:
1130 | description: |-
1131 | ChartVersion is the chart version of the release object in
1132 | storage.
1133 | type: string
1134 | configDigest:
1135 | description: |-
1136 | ConfigDigest is the checksum of the config (better known as
1137 | "values") of the release object in storage.
1138 | It has the format of `<algo>:<checksum>`.
1139 | type: string
1140 | deleted:
1141 | description: Deleted is when the release was deleted.
1142 | format: date-time
1143 | type: string
1144 | digest:
1145 | description: |-
1146 | Digest is the checksum of the release object in storage.
1147 | It has the format of `<algo>:<checksum>`.
1148 | type: string
1149 | firstDeployed:
1150 | description: FirstDeployed is when the release was first deployed.
1151 | format: date-time
1152 | type: string
1153 | lastDeployed:
1154 | description: LastDeployed is when the release was last deployed.
1155 | format: date-time
1156 | type: string
1157 | name:
1158 | description: Name is the name of the release.
1159 | type: string
1160 | namespace:
1161 | description: Namespace is the namespace the release is deployed
1162 | to.
1163 | type: string
1164 | ociDigest:
1165 | description: OCIDigest is the digest of the OCI artifact associated
1166 | with the release.
1167 | type: string
1168 | status:
1169 | description: Status is the current state of the release.
1170 | type: string
1171 | testHooks:
1172 | additionalProperties:
1173 | description: |-
1174 | TestHookStatus holds the status information for a test hook as observed
1175 | to be run by the controller.
1176 | properties:
1177 | lastCompleted:
1178 | description: LastCompleted is the time the test hook last
1179 | completed.
1180 | format: date-time
1181 | type: string
1182 | lastStarted:
1183 | description: LastStarted is the time the test hook was
1184 | last started.
1185 | format: date-time
1186 | type: string
1187 | phase:
1188 | description: Phase the test hook was observed to be in.
1189 | type: string
1190 | type: object
1191 | description: |-
1192 | TestHooks is the list of test hooks for the release as observed to be
1193 | run by the controller.
1194 | type: object
1195 | version:
1196 | description: Version is the version of the release object in
1197 | storage.
1198 | type: integer
1199 | required:
1200 | - chartName
1201 | - chartVersion
1202 | - configDigest
1203 | - digest
1204 | - firstDeployed
1205 | - lastDeployed
1206 | - name
1207 | - namespace
1208 | - status
1209 | - version
1210 | type: object
1211 | type: array
1212 | installFailures:
1213 | description: |-
1214 | InstallFailures is the install failure count against the latest desired
1215 | state. It is reset after a successful reconciliation.
1216 | format: int64
1217 | type: integer
1218 | lastAttemptedConfigDigest:
1219 | description: |-
1220 | LastAttemptedConfigDigest is the digest for the config (better known as
1221 | "values") of the last reconciliation attempt.
1222 | type: string
1223 | lastAttemptedGeneration:
1224 | description: |-
1225 | LastAttemptedGeneration is the last generation the controller attempted
1226 | to reconcile.
1227 | format: int64
1228 | type: integer
1229 | lastAttemptedReleaseAction:
1230 | description: |-
1231 | LastAttemptedReleaseAction is the last release action performed for this
1232 | HelmRelease. It is used to determine the active retry or remediation
1233 | strategy.
1234 | enum:
1235 | - install
1236 | - upgrade
1237 | type: string
1238 | lastAttemptedReleaseActionDuration:
1239 | description: |-
1240 | LastAttemptedReleaseActionDuration is the duration of the last
1241 | release action performed for this HelmRelease.
1242 | type: string
1243 | lastAttemptedRevision:
1244 | description: |-
1245 | LastAttemptedRevision is the Source revision of the last reconciliation
1246 | attempt. For OCIRepository sources, the 12 first characters of the digest are
1247 | appended to the chart version e.g. "1.2.3+1234567890ab".
1248 | type: string
1249 | lastAttemptedRevisionDigest:
1250 | description: |-
1251 | LastAttemptedRevisionDigest is the digest of the last reconciliation attempt.
1252 | This is only set for OCIRepository sources.
1253 | type: string
1254 | lastAttemptedValuesChecksum:
1255 | description: |-
1256 | LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last
1257 | reconciliation attempt.
1258 |
1259 | Deprecated: Use LastAttemptedConfigDigest instead.
1260 | type: string
1261 | lastHandledForceAt:
1262 | description: |-
1263 | LastHandledForceAt holds the value of the most recent
1264 | force request value, so a change of the annotation value
1265 | can be detected.
1266 | type: string
1267 | lastHandledReconcileAt:
1268 | description: |-
1269 | LastHandledReconcileAt holds the value of the most recent
1270 | reconcile request value, so a change of the annotation value
1271 | can be detected.
1272 | type: string
1273 | lastHandledResetAt:
1274 | description: |-
1275 | LastHandledResetAt holds the value of the most recent reset request
1276 | value, so a change of the annotation value can be detected.
1277 | type: string
1278 | lastReleaseRevision:
1279 | description: |-
1280 | LastReleaseRevision is the revision of the last successful Helm release.
1281 |
1282 | Deprecated: Use History instead.
1283 | type: integer
1284 | observedCommonMetadataDigest:
1285 | description: |-
1286 | ObservedCommonMetadataDigest is the digest for the common metadata of
1287 | the last successful reconciliation attempt.
1288 | type: string
1289 | observedGeneration:
1290 | description: ObservedGeneration is the last observed generation.
1291 | format: int64
1292 | type: integer
1293 | observedPostRenderersDigest:
1294 | description: |-
1295 | ObservedPostRenderersDigest is the digest for the post-renderers of
1296 | the last successful reconciliation attempt.
1297 | type: string
1298 | storageNamespace:
1299 | description: |-
1300 | StorageNamespace is the namespace of the Helm release storage for the
1301 | current release.
1302 | maxLength: 63
1303 | minLength: 1
1304 | type: string
1305 | upgradeFailures:
1306 | description: |-
1307 | UpgradeFailures is the upgrade failure count against the latest desired
1308 | state. It is reset after a successful reconciliation.
1309 | format: int64
1310 | type: integer
1311 | type: object
1312 | type: object
1313 | served: true
1314 | storage: true
1315 | subresources:
1316 | status: {}
1317 | - additionalPrinterColumns:
1318 | - jsonPath: .metadata.creationTimestamp
1319 | name: Age
1320 | type: date
1321 | - jsonPath: .status.conditions[?(@.type=="Ready")].status
1322 | name: Ready
1323 | type: string
1324 | - jsonPath: .status.conditions[?(@.type=="Ready")].message
1325 | name: Status
1326 | type: string
1327 | deprecated: true
1328 | deprecationWarning: v2beta2 HelmRelease is deprecated, upgrade to v2
1329 | name: v2beta2
1330 | schema:
1331 | openAPIV3Schema:
1332 | description: HelmRelease is the Schema for the helmreleases API
1333 | properties:
1334 | apiVersion:
1335 | description: |-
1336 | APIVersion defines the versioned schema of this representation of an object.
1337 | Servers should convert recognized schemas to the latest internal value, and
1338 | may reject unrecognized values.
1339 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
1340 | type: string
1341 | kind:
1342 | description: |-
1343 | Kind is a string value representing the REST resource this object represents.
1344 | Servers may infer this from the endpoint the client submits requests to.
1345 | Cannot be updated.
1346 | In CamelCase.
1347 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
1348 | type: string
1349 | metadata:
1350 | type: object
1351 | spec:
1352 | description: HelmReleaseSpec defines the desired state of a Helm release.
1353 | properties:
1354 | chart:
1355 | description: |-
1356 | Chart defines the template of the v1beta2.HelmChart that should be created
1357 | for this HelmRelease.
1358 | properties:
1359 | metadata:
1360 | description: ObjectMeta holds the template for metadata like labels
1361 | and annotations.
1362 | properties:
1363 | annotations:
1364 | additionalProperties:
1365 | type: string
1366 | description: |-
1367 | Annotations is an unstructured key value map stored with a resource that may be
1368 | set by external tools to store and retrieve arbitrary metadata. They are not
1369 | queryable and should be preserved when modifying objects.
1370 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
1371 | type: object
1372 | labels:
1373 | additionalProperties:
1374 | type: string
1375 | description: |-
1376 | Map of string keys and values that can be used to organize and categorize
1377 | (scope and select) objects.
1378 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
1379 | type: object
1380 | type: object
1381 | spec:
1382 | description: Spec holds the template for the v1beta2.HelmChartSpec
1383 | for this HelmRelease.
1384 | properties:
1385 | chart:
1386 | description: The name or path the Helm chart is available
1387 | at in the SourceRef.
1388 | maxLength: 2048
1389 | minLength: 1
1390 | type: string
1391 | ignoreMissingValuesFiles:
1392 | description: IgnoreMissingValuesFiles controls whether to
1393 | silently ignore missing values files rather than failing.
1394 | type: boolean
1395 | interval:
1396 | description: |-
1397 | Interval at which to check the v1.Source for updates. Defaults to
1398 | 'HelmReleaseSpec.Interval'.
1399 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
1400 | type: string
1401 | reconcileStrategy:
1402 | default: ChartVersion
1403 | description: |-
1404 | Determines what enables the creation of a new artifact. Valid values are
1405 | ('ChartVersion', 'Revision').
1406 | See the documentation of the values for an explanation on their behavior.
1407 | Defaults to ChartVersion when omitted.
1408 | enum:
1409 | - ChartVersion
1410 | - Revision
1411 | type: string
1412 | sourceRef:
1413 | description: The name and namespace of the v1.Source the chart
1414 | is available at.
1415 | properties:
1416 | apiVersion:
1417 | description: APIVersion of the referent.
1418 | type: string
1419 | kind:
1420 | description: Kind of the referent.
1421 | enum:
1422 | - HelmRepository
1423 | - GitRepository
1424 | - Bucket
1425 | type: string
1426 | name:
1427 | description: Name of the referent.
1428 | maxLength: 253
1429 | minLength: 1
1430 | type: string
1431 | namespace:
1432 | description: Namespace of the referent.
1433 | maxLength: 63
1434 | minLength: 1
1435 | type: string
1436 | required:
1437 | - kind
1438 | - name
1439 | type: object
1440 | valuesFile:
1441 | description: |-
1442 | Alternative values file to use as the default chart values, expected to
1443 | be a relative path in the SourceRef. Deprecated in favor of ValuesFiles,
1444 | for backwards compatibility the file defined here is merged before the
1445 | ValuesFiles items. Ignored when omitted.
1446 | type: string
1447 | valuesFiles:
1448 | description: |-
1449 | Alternative list of values files to use as the chart values (values.yaml
1450 | is not included by default), expected to be a relative path in the SourceRef.
1451 | Values files are merged in the order of this list with the last file overriding
1452 | the first. Ignored when omitted.
1453 | items:
1454 | type: string
1455 | type: array
1456 | verify:
1457 | description: |-
1458 | Verify contains the secret name containing the trusted public keys
1459 | used to verify the signature and specifies which provider to use to check
1460 | whether OCI image is authentic.
1461 | This field is only supported for OCI sources.
1462 | Chart dependencies, which are not bundled in the umbrella chart artifact,
1463 | are not verified.
1464 | properties:
1465 | provider:
1466 | default: cosign
1467 | description: Provider specifies the technology used to
1468 | sign the OCI Helm chart.
1469 | enum:
1470 | - cosign
1471 | - notation
1472 | type: string
1473 | secretRef:
1474 | description: |-
1475 | SecretRef specifies the Kubernetes Secret containing the
1476 | trusted public keys.
1477 | properties:
1478 | name:
1479 | description: Name of the referent.
1480 | type: string
1481 | required:
1482 | - name
1483 | type: object
1484 | required:
1485 | - provider
1486 | type: object
1487 | version:
1488 | default: '*'
1489 | description: |-
1490 | Version semver expression, ignored for charts from v1beta2.GitRepository and
1491 | v1beta2.Bucket sources. Defaults to latest when omitted.
1492 | type: string
1493 | required:
1494 | - chart
1495 | - sourceRef
1496 | type: object
1497 | required:
1498 | - spec
1499 | type: object
1500 | chartRef:
1501 | description: |-
1502 | ChartRef holds a reference to a source controller resource containing the
1503 | Helm chart artifact.
1504 |
1505 | Note: this field is provisional to the v2 API, and not actively used
1506 | by v2beta2 HelmReleases.
1507 | properties:
1508 | apiVersion:
1509 | description: APIVersion of the referent.
1510 | type: string
1511 | kind:
1512 | description: Kind of the referent.
1513 | enum:
1514 | - OCIRepository
1515 | - HelmChart
1516 | type: string
1517 | name:
1518 | description: Name of the referent.
1519 | maxLength: 253
1520 | minLength: 1
1521 | type: string
1522 | namespace:
1523 | description: |-
1524 | Namespace of the referent, defaults to the namespace of the Kubernetes
1525 | resource object that contains the reference.
1526 | maxLength: 63
1527 | minLength: 1
1528 | type: string
1529 | required:
1530 | - kind
1531 | - name
1532 | type: object
1533 | dependsOn:
1534 | description: |-
1535 | DependsOn may contain a meta.NamespacedObjectReference slice with
1536 | references to HelmRelease resources that must be ready before this HelmRelease
1537 | can be reconciled.
1538 | items:
1539 | description: |-
1540 | NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any
1541 | namespace.
1542 | properties:
1543 | name:
1544 | description: Name of the referent.
1545 | type: string
1546 | namespace:
1547 | description: Namespace of the referent, when not specified it
1548 | acts as LocalObjectReference.
1549 | type: string
1550 | required:
1551 | - name
1552 | type: object
1553 | type: array
1554 | driftDetection:
1555 | description: |-
1556 | DriftDetection holds the configuration for detecting and handling
1557 | differences between the manifest in the Helm storage and the resources
1558 | currently existing in the cluster.
1559 | properties:
1560 | ignore:
1561 | description: |-
1562 | Ignore contains a list of rules for specifying which changes to ignore
1563 | during diffing.
1564 | items:
1565 | description: |-
1566 | IgnoreRule defines a rule to selectively disregard specific changes during
1567 | the drift detection process.
1568 | properties:
1569 | paths:
1570 | description: |-
1571 | Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from
1572 | consideration in a Kubernetes object.
1573 | items:
1574 | type: string
1575 | type: array
1576 | target:
1577 | description: |-
1578 | Target is a selector for specifying Kubernetes objects to which this
1579 | rule applies.
1580 | If Target is not set, the Paths will be ignored for all Kubernetes
1581 | objects within the manifest of the Helm release.
1582 | properties:
1583 | annotationSelector:
1584 | description: |-
1585 | AnnotationSelector is a string that follows the label selection expression
1586 | https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
1587 | It matches with the resource annotations.
1588 | type: string
1589 | group:
1590 | description: |-
1591 | Group is the API group to select resources from.
1592 | Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
1593 | https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
1594 | type: string
1595 | kind:
1596 | description: |-
1597 | Kind of the API Group to select resources from.
1598 | Together with Group and Version it is capable of unambiguously
1599 | identifying and/or selecting resources.
1600 | https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
1601 | type: string
1602 | labelSelector:
1603 | description: |-
1604 | LabelSelector is a string that follows the label selection expression
1605 | https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
1606 | It matches with the resource labels.
1607 | type: string
1608 | name:
1609 | description: Name to match resources with.
1610 | type: string
1611 | namespace:
1612 | description: Namespace to select resources from.
1613 | type: string
1614 | version:
1615 | description: |-
1616 | Version of the API Group to select resources from.
1617 | Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
1618 | https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
1619 | type: string
1620 | type: object
1621 | required:
1622 | - paths
1623 | type: object
1624 | type: array
1625 | mode:
1626 | description: |-
1627 | Mode defines how differences should be handled between the Helm manifest
1628 | and the manifest currently applied to the cluster.
1629 | If not explicitly set, it defaults to DiffModeDisabled.
1630 | enum:
1631 | - enabled
1632 | - warn
1633 | - disabled
1634 | type: string
1635 | type: object
1636 | install:
1637 | description: Install holds the configuration for Helm install actions
1638 | for this HelmRelease.
1639 | properties:
1640 | crds:
1641 | description: |-
1642 | CRDs upgrade CRDs from the Helm Chart's crds directory according
1643 | to the CRD upgrade policy provided here. Valid values are `Skip`,
1644 | `Create` or `CreateReplace`. Default is `Create` and if omitted
1645 | CRDs are installed but not updated.
1646 |
1647 | Skip: do neither install nor replace (update) any CRDs.
1648 |
1649 | Create: new CRDs are created, existing CRDs are neither updated nor deleted.
1650 |
1651 | CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
1652 | but not deleted.
1653 |
1654 | By default, CRDs are applied (installed) during Helm install action.
1655 | With this option users can opt in to CRD replace existing CRDs on Helm
1656 | install actions, which is not (yet) natively supported by Helm.
1657 | https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
1658 | enum:
1659 | - Skip
1660 | - Create
1661 | - CreateReplace
1662 | type: string
1663 | createNamespace:
1664 | description: |-
1665 | CreateNamespace tells the Helm install action to create the
1666 | HelmReleaseSpec.TargetNamespace if it does not exist yet.
1667 | On uninstall, the namespace will not be garbage collected.
1668 | type: boolean
1669 | disableHooks:
1670 | description: DisableHooks prevents hooks from running during the
1671 | Helm install action.
1672 | type: boolean
1673 | disableOpenAPIValidation:
1674 | description: |-
1675 | DisableOpenAPIValidation prevents the Helm install action from validating
1676 | rendered templates against the Kubernetes OpenAPI Schema.
1677 | type: boolean
1678 | disableWait:
1679 | description: |-
1680 | DisableWait disables the waiting for resources to be ready after a Helm
1681 | install has been performed.
1682 | type: boolean
1683 | disableWaitForJobs:
1684 | description: |-
1685 | DisableWaitForJobs disables waiting for jobs to complete after a Helm
1686 | install has been performed.
1687 | type: boolean
1688 | remediation:
1689 | description: |-
1690 | Remediation holds the remediation configuration for when the Helm install
1691 | action for the HelmRelease fails. The default is to not perform any action.
1692 | properties:
1693 | ignoreTestFailures:
1694 | description: |-
1695 | IgnoreTestFailures tells the controller to skip remediation when the Helm
1696 | tests are run after an install action but fail. Defaults to
1697 | 'Test.IgnoreFailures'.
1698 | type: boolean
1699 | remediateLastFailure:
1700 | description: |-
1701 | RemediateLastFailure tells the controller to remediate the last failure, when
1702 | no retries remain. Defaults to 'false'.
1703 | type: boolean
1704 | retries:
1705 | description: |-
1706 | Retries is the number of retries that should be attempted on failures before
1707 | bailing. Remediation, using an uninstall, is performed between each attempt.
1708 | Defaults to '0', a negative integer equals to unlimited retries.
1709 | type: integer
1710 | type: object
1711 | replace:
1712 | description: |-
1713 | Replace tells the Helm install action to re-use the 'ReleaseName', but only
1714 | if that name is a deleted release which remains in the history.
1715 | type: boolean
1716 | skipCRDs:
1717 | description: |-
1718 | SkipCRDs tells the Helm install action to not install any CRDs. By default,
1719 | CRDs are installed if not already present.
1720 |
1721 | Deprecated use CRD policy (`crds`) attribute with value `Skip` instead.
1722 | type: boolean
1723 | timeout:
1724 | description: |-
1725 | Timeout is the time to wait for any individual Kubernetes operation (like
1726 | Jobs for hooks) during the performance of a Helm install action. Defaults to
1727 | 'HelmReleaseSpec.Timeout'.
1728 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
1729 | type: string
1730 | type: object
1731 | interval:
1732 | description: Interval at which to reconcile the Helm release.
1733 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
1734 | type: string
1735 | kubeConfig:
1736 | description: |-
1737 | KubeConfig for reconciling the HelmRelease on a remote cluster.
1738 | When used in combination with HelmReleaseSpec.ServiceAccountName,
1739 | forces the controller to act on behalf of that Service Account at the
1740 | target cluster.
1741 | If the --default-service-account flag is set, its value will be used as
1742 | a controller level fallback for when HelmReleaseSpec.ServiceAccountName
1743 | is empty.
1744 | properties:
1745 | configMapRef:
1746 | description: |-
1747 | ConfigMapRef holds an optional name of a ConfigMap that contains
1748 | the following keys:
1749 |
1750 | - `provider`: the provider to use. One of `aws`, `azure`, `gcp`, or
1751 | `generic`. Required.
1752 | - `cluster`: the fully qualified resource name of the Kubernetes
1753 | cluster in the cloud provider API. Not used by the `generic`
1754 | provider. Required when one of `address` or `ca.crt` is not set.
1755 | - `address`: the address of the Kubernetes API server. Required
1756 | for `generic`. For the other providers, if not specified, the
1757 | first address in the cluster resource will be used, and if
1758 | specified, it must match one of the addresses in the cluster
1759 | resource.
1760 | If audiences is not set, will be used as the audience for the
1761 | `generic` provider.
1762 | - `ca.crt`: the optional PEM-encoded CA certificate for the
1763 | Kubernetes API server. If not set, the controller will use the
1764 | CA certificate from the cluster resource.
1765 | - `audiences`: the optional audiences as a list of
1766 | line-break-separated strings for the Kubernetes ServiceAccount
1767 | token. Defaults to the `address` for the `generic` provider, or
1768 | to specific values for the other providers depending on the
1769 | provider.
1770 | - `serviceAccountName`: the optional name of the Kubernetes
1771 | ServiceAccount in the same namespace that should be used
1772 | for authentication. If not specified, the controller
1773 | ServiceAccount will be used.
1774 |
1775 | Mutually exclusive with SecretRef.
1776 | properties:
1777 | name:
1778 | description: Name of the referent.
1779 | type: string
1780 | required:
1781 | - name
1782 | type: object
1783 | secretRef:
1784 | description: |-
1785 | SecretRef holds an optional name of a secret that contains a key with
1786 | the kubeconfig file as the value. If no key is set, the key will default
1787 | to 'value'. Mutually exclusive with ConfigMapRef.
1788 | It is recommended that the kubeconfig is self-contained, and the secret
1789 | is regularly updated if credentials such as a cloud-access-token expire.
1790 | Cloud specific `cmd-path` auth helpers will not function without adding
1791 | binaries and credentials to the Pod that is responsible for reconciling
1792 | Kubernetes resources. Supported only for the generic provider.
1793 | properties:
1794 | key:
1795 | description: Key in the Secret, when not specified an implementation-specific
1796 | default key is used.
1797 | type: string
1798 | name:
1799 | description: Name of the Secret.
1800 | type: string
1801 | required:
1802 | - name
1803 | type: object
1804 | type: object
1805 | x-kubernetes-validations:
1806 | - message: exactly one of spec.kubeConfig.configMapRef or spec.kubeConfig.secretRef
1807 | must be specified
1808 | rule: has(self.configMapRef) || has(self.secretRef)
1809 | - message: exactly one of spec.kubeConfig.configMapRef or spec.kubeConfig.secretRef
1810 | must be specified
1811 | rule: '!has(self.configMapRef) || !has(self.secretRef)'
1812 | maxHistory:
1813 | description: |-
1814 | MaxHistory is the number of revisions saved by Helm for this HelmRelease.
1815 | Use '0' for an unlimited number of revisions; defaults to '5'.
1816 | type: integer
1817 | persistentClient:
1818 | description: |-
1819 | PersistentClient tells the controller to use a persistent Kubernetes
1820 | client for this release. When enabled, the client will be reused for the
1821 | duration of the reconciliation, instead of being created and destroyed
1822 | for each (step of a) Helm action.
1823 |
1824 | This can improve performance, but may cause issues with some Helm charts
1825 | that for example do create Custom Resource Definitions during installation
1826 | outside Helm's CRD lifecycle hooks, which are then not observed to be
1827 | available by e.g. post-install hooks.
1828 |
1829 | If not set, it defaults to true.
1830 | type: boolean
1831 | postRenderers:
1832 | description: |-
1833 | PostRenderers holds an array of Helm PostRenderers, which will be applied in order
1834 | of their definition.
1835 | items:
1836 | description: PostRenderer contains a Helm PostRenderer specification.
1837 | properties:
1838 | kustomize:
1839 | description: Kustomization to apply as PostRenderer.
1840 | properties:
1841 | images:
1842 | description: |-
1843 | Images is a list of (image name, new name, new tag or digest)
1844 | for changing image names, tags or digests. This can also be achieved with a
1845 | patch, but this operator is simpler to specify.
1846 | items:
1847 | description: Image contains an image name, a new name,
1848 | a new tag or digest, which will replace the original
1849 | name and tag.
1850 | properties:
1851 | digest:
1852 | description: |-
1853 | Digest is the value used to replace the original image tag.
1854 | If digest is present NewTag value is ignored.
1855 | type: string
1856 | name:
1857 | description: Name is a tag-less image name.
1858 | type: string
1859 | newName:
1860 | description: NewName is the value used to replace
1861 | the original name.
1862 | type: string
1863 | newTag:
1864 | description: NewTag is the value used to replace the
1865 | original tag.
1866 | type: string
1867 | required:
1868 | - name
1869 | type: object
1870 | type: array
1871 | patches:
1872 | description: |-
1873 | Strategic merge and JSON patches, defined as inline YAML objects,
1874 | capable of targeting objects based on kind, label and annotation selectors.
1875 | items:
1876 | description: |-
1877 | Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should
1878 | be applied to.
1879 | properties:
1880 | patch:
1881 | description: |-
1882 | Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with
1883 | an array of operation objects.
1884 | type: string
1885 | target:
1886 | description: Target points to the resources that the
1887 | patch document should be applied to.
1888 | properties:
1889 | annotationSelector:
1890 | description: |-
1891 | AnnotationSelector is a string that follows the label selection expression
1892 | https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
1893 | It matches with the resource annotations.
1894 | type: string
1895 | group:
1896 | description: |-
1897 | Group is the API group to select resources from.
1898 | Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
1899 | https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
1900 | type: string
1901 | kind:
1902 | description: |-
1903 | Kind of the API Group to select resources from.
1904 | Together with Group and Version it is capable of unambiguously
1905 | identifying and/or selecting resources.
1906 | https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
1907 | type: string
1908 | labelSelector:
1909 | description: |-
1910 | LabelSelector is a string that follows the label selection expression
1911 | https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
1912 | It matches with the resource labels.
1913 | type: string
1914 | name:
1915 | description: Name to match resources with.
1916 | type: string
1917 | namespace:
1918 | description: Namespace to select resources from.
1919 | type: string
1920 | version:
1921 | description: |-
1922 | Version of the API Group to select resources from.
1923 | Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
1924 | https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
1925 | type: string
1926 | type: object
1927 | required:
1928 | - patch
1929 | type: object
1930 | type: array
1931 | patchesJson6902:
1932 | description: |-
1933 | JSON 6902 patches, defined as inline YAML objects.
1934 |
1935 | Deprecated: use Patches instead.
1936 | items:
1937 | description: JSON6902Patch contains a JSON6902 patch and
1938 | the target the patch should be applied to.
1939 | properties:
1940 | patch:
1941 | description: Patch contains the JSON6902 patch document
1942 | with an array of operation objects.
1943 | items:
1944 | description: |-
1945 | JSON6902 is a JSON6902 operation object.
1946 | https://datatracker.ietf.org/doc/html/rfc6902#section-4
1947 | properties:
1948 | from:
1949 | description: |-
1950 | From contains a JSON-pointer value that references a location within the target document where the operation is
1951 | performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations.
1952 | type: string
1953 | op:
1954 | description: |-
1955 | Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or
1956 | "test".
1957 | https://datatracker.ietf.org/doc/html/rfc6902#section-4
1958 | enum:
1959 | - test
1960 | - remove
1961 | - add
1962 | - replace
1963 | - move
1964 | - copy
1965 | type: string
1966 | path:
1967 | description: |-
1968 | Path contains the JSON-pointer value that references a location within the target document where the operation
1969 | is performed. The meaning of the value depends on the value of Op.
1970 | type: string
1971 | value:
1972 | description: |-
1973 | Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into
1974 | account by all operations.
1975 | x-kubernetes-preserve-unknown-fields: true
1976 | required:
1977 | - op
1978 | - path
1979 | type: object
1980 | type: array
1981 | target:
1982 | description: Target points to the resources that the
1983 | patch document should be applied to.
1984 | properties:
1985 | annotationSelector:
1986 | description: |-
1987 | AnnotationSelector is a string that follows the label selection expression
1988 | https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
1989 | It matches with the resource annotations.
1990 | type: string
1991 | group:
1992 | description: |-
1993 | Group is the API group to select resources from.
1994 | Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
1995 | https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
1996 | type: string
1997 | kind:
1998 | description: |-
1999 | Kind of the API Group to select resources from.
2000 | Together with Group and Version it is capable of unambiguously
2001 | identifying and/or selecting resources.
2002 | https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
2003 | type: string
2004 | labelSelector:
2005 | description: |-
2006 | LabelSelector is a string that follows the label selection expression
2007 | https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
2008 | It matches with the resource labels.
2009 | type: string
2010 | name:
2011 | description: Name to match resources with.
2012 | type: string
2013 | namespace:
2014 | description: Namespace to select resources from.
2015 | type: string
2016 | version:
2017 | description: |-
2018 | Version of the API Group to select resources from.
2019 | Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
2020 | https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
2021 | type: string
2022 | type: object
2023 | required:
2024 | - patch
2025 | - target
2026 | type: object
2027 | type: array
2028 | patchesStrategicMerge:
2029 | description: |-
2030 | Strategic merge patches, defined as inline YAML objects.
2031 |
2032 | Deprecated: use Patches instead.
2033 | items:
2034 | x-kubernetes-preserve-unknown-fields: true
2035 | type: array
2036 | type: object
2037 | type: object
2038 | type: array
2039 | releaseName:
2040 | description: |-
2041 | ReleaseName used for the Helm release. Defaults to a composition of
2042 | '[TargetNamespace-]Name'.
2043 | maxLength: 53
2044 | minLength: 1
2045 | type: string
2046 | rollback:
2047 | description: Rollback holds the configuration for Helm rollback actions
2048 | for this HelmRelease.
2049 | properties:
2050 | cleanupOnFail:
2051 | description: |-
2052 | CleanupOnFail allows deletion of new resources created during the Helm
2053 | rollback action when it fails.
2054 | type: boolean
2055 | disableHooks:
2056 | description: DisableHooks prevents hooks from running during the
2057 | Helm rollback action.
2058 | type: boolean
2059 | disableWait:
2060 | description: |-
2061 | DisableWait disables the waiting for resources to be ready after a Helm
2062 | rollback has been performed.
2063 | type: boolean
2064 | disableWaitForJobs:
2065 | description: |-
2066 | DisableWaitForJobs disables waiting for jobs to complete after a Helm
2067 | rollback has been performed.
2068 | type: boolean
2069 | force:
2070 | description: Force forces resource updates through a replacement
2071 | strategy.
2072 | type: boolean
2073 | recreate:
2074 | description: Recreate performs pod restarts for the resource if
2075 | applicable.
2076 | type: boolean
2077 | timeout:
2078 | description: |-
2079 | Timeout is the time to wait for any individual Kubernetes operation (like
2080 | Jobs for hooks) during the performance of a Helm rollback action. Defaults to
2081 | 'HelmReleaseSpec.Timeout'.
2082 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
2083 | type: string
2084 | type: object
2085 | serviceAccountName:
2086 | description: |-
2087 | The name of the Kubernetes service account to impersonate
2088 | when reconciling this HelmRelease.
2089 | maxLength: 253
2090 | minLength: 1
2091 | type: string
2092 | storageNamespace:
2093 | description: |-
2094 | StorageNamespace used for the Helm storage.
2095 | Defaults to the namespace of the HelmRelease.
2096 | maxLength: 63
2097 | minLength: 1
2098 | type: string
2099 | suspend:
2100 | description: |-
2101 | Suspend tells the controller to suspend reconciliation for this HelmRelease,
2102 | it does not apply to already started reconciliations. Defaults to false.
2103 | type: boolean
2104 | targetNamespace:
2105 | description: |-
2106 | TargetNamespace to target when performing operations for the HelmRelease.
2107 | Defaults to the namespace of the HelmRelease.
2108 | maxLength: 63
2109 | minLength: 1
2110 | type: string
2111 | test:
2112 | description: Test holds the configuration for Helm test actions for
2113 | this HelmRelease.
2114 | properties:
2115 | enable:
2116 | description: |-
2117 | Enable enables Helm test actions for this HelmRelease after an Helm install
2118 | or upgrade action has been performed.
2119 | type: boolean
2120 | filters:
2121 | description: Filters is a list of tests to run or exclude from
2122 | running.
2123 | items:
2124 | description: Filter holds the configuration for individual Helm
2125 | test filters.
2126 | properties:
2127 | exclude:
2128 | description: Exclude specifies whether the named test should
2129 | be excluded.
2130 | type: boolean
2131 | name:
2132 | description: Name is the name of the test.
2133 | maxLength: 253
2134 | minLength: 1
2135 | type: string
2136 | required:
2137 | - name
2138 | type: object
2139 | type: array
2140 | ignoreFailures:
2141 | description: |-
2142 | IgnoreFailures tells the controller to skip remediation when the Helm tests
2143 | are run but fail. Can be overwritten for tests run after install or upgrade
2144 | actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'.
2145 | type: boolean
2146 | timeout:
2147 | description: |-
2148 | Timeout is the time to wait for any individual Kubernetes operation during
2149 | the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'.
2150 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
2151 | type: string
2152 | type: object
2153 | timeout:
2154 | description: |-
2155 | Timeout is the time to wait for any individual Kubernetes operation (like Jobs
2156 | for hooks) during the performance of a Helm action. Defaults to '5m0s'.
2157 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
2158 | type: string
2159 | uninstall:
2160 | description: Uninstall holds the configuration for Helm uninstall
2161 | actions for this HelmRelease.
2162 | properties:
2163 | deletionPropagation:
2164 | default: background
2165 | description: |-
2166 | DeletionPropagation specifies the deletion propagation policy when
2167 | a Helm uninstall is performed.
2168 | enum:
2169 | - background
2170 | - foreground
2171 | - orphan
2172 | type: string
2173 | disableHooks:
2174 | description: DisableHooks prevents hooks from running during the
2175 | Helm rollback action.
2176 | type: boolean
2177 | disableWait:
2178 | description: |-
2179 | DisableWait disables waiting for all the resources to be deleted after
2180 | a Helm uninstall is performed.
2181 | type: boolean
2182 | keepHistory:
2183 | description: |-
2184 | KeepHistory tells Helm to remove all associated resources and mark the
2185 | release as deleted, but retain the release history.
2186 | type: boolean
2187 | timeout:
2188 | description: |-
2189 | Timeout is the time to wait for any individual Kubernetes operation (like
2190 | Jobs for hooks) during the performance of a Helm uninstall action. Defaults
2191 | to 'HelmReleaseSpec.Timeout'.
2192 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
2193 | type: string
2194 | type: object
2195 | upgrade:
2196 | description: Upgrade holds the configuration for Helm upgrade actions
2197 | for this HelmRelease.
2198 | properties:
2199 | cleanupOnFail:
2200 | description: |-
2201 | CleanupOnFail allows deletion of new resources created during the Helm
2202 | upgrade action when it fails.
2203 | type: boolean
2204 | crds:
2205 | description: |-
2206 | CRDs upgrade CRDs from the Helm Chart's crds directory according
2207 | to the CRD upgrade policy provided here. Valid values are `Skip`,
2208 | `Create` or `CreateReplace`. Default is `Skip` and if omitted
2209 | CRDs are neither installed nor upgraded.
2210 |
2211 | Skip: do neither install nor replace (update) any CRDs.
2212 |
2213 | Create: new CRDs are created, existing CRDs are neither updated nor deleted.
2214 |
2215 | CreateReplace: new CRDs are created, existing CRDs are updated (replaced)
2216 | but not deleted.
2217 |
2218 | By default, CRDs are not applied during Helm upgrade action. With this
2219 | option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm.
2220 | https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
2221 | enum:
2222 | - Skip
2223 | - Create
2224 | - CreateReplace
2225 | type: string
2226 | disableHooks:
2227 | description: DisableHooks prevents hooks from running during the
2228 | Helm upgrade action.
2229 | type: boolean
2230 | disableOpenAPIValidation:
2231 | description: |-
2232 | DisableOpenAPIValidation prevents the Helm upgrade action from validating
2233 | rendered templates against the Kubernetes OpenAPI Schema.
2234 | type: boolean
2235 | disableWait:
2236 | description: |-
2237 | DisableWait disables the waiting for resources to be ready after a Helm
2238 | upgrade has been performed.
2239 | type: boolean
2240 | disableWaitForJobs:
2241 | description: |-
2242 | DisableWaitForJobs disables waiting for jobs to complete after a Helm
2243 | upgrade has been performed.
2244 | type: boolean
2245 | force:
2246 | description: Force forces resource updates through a replacement
2247 | strategy.
2248 | type: boolean
2249 | preserveValues:
2250 | description: |-
2251 | PreserveValues will make Helm reuse the last release's values and merge in
2252 | overrides from 'Values'. Setting this flag makes the HelmRelease
2253 | non-declarative.
2254 | type: boolean
2255 | remediation:
2256 | description: |-
2257 | Remediation holds the remediation configuration for when the Helm upgrade
2258 | action for the HelmRelease fails. The default is to not perform any action.
2259 | properties:
2260 | ignoreTestFailures:
2261 | description: |-
2262 | IgnoreTestFailures tells the controller to skip remediation when the Helm
2263 | tests are run after an upgrade action but fail.
2264 | Defaults to 'Test.IgnoreFailures'.
2265 | type: boolean
2266 | remediateLastFailure:
2267 | description: |-
2268 | RemediateLastFailure tells the controller to remediate the last failure, when
2269 | no retries remain. Defaults to 'false' unless 'Retries' is greater than 0.
2270 | type: boolean
2271 | retries:
2272 | description: |-
2273 | Retries is the number of retries that should be attempted on failures before
2274 | bailing. Remediation, using 'Strategy', is performed between each attempt.
2275 | Defaults to '0', a negative integer equals to unlimited retries.
2276 | type: integer
2277 | strategy:
2278 | description: Strategy to use for failure remediation. Defaults
2279 | to 'rollback'.
2280 | enum:
2281 | - rollback
2282 | - uninstall
2283 | type: string
2284 | type: object
2285 | timeout:
2286 | description: |-
2287 | Timeout is the time to wait for any individual Kubernetes operation (like
2288 | Jobs for hooks) during the performance of a Helm upgrade action. Defaults to
2289 | 'HelmReleaseSpec.Timeout'.
2290 | pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
2291 | type: string
2292 | type: object
2293 | values:
2294 | description: Values holds the values for this Helm release.
2295 | x-kubernetes-preserve-unknown-fields: true
2296 | valuesFrom:
2297 | description: |-
2298 | ValuesFrom holds references to resources containing Helm values for this HelmRelease,
2299 | and information about how they should be merged.
2300 | items:
2301 | description: |-
2302 | ValuesReference contains a reference to a resource containing Helm values,
2303 | and optionally the key they can be found at.
2304 | properties:
2305 | kind:
2306 | description: Kind of the values referent, valid values are ('Secret',
2307 | 'ConfigMap').
2308 | enum:
2309 | - Secret
2310 | - ConfigMap
2311 | type: string
2312 | name:
2313 | description: |-
2314 | Name of the values referent. Should reside in the same namespace as the
2315 | referring resource.
2316 | maxLength: 253
2317 | minLength: 1
2318 | type: string
2319 | optional:
2320 | description: |-
2321 | Optional marks this ValuesReference as optional. When set, a not found error
2322 | for the values reference is ignored, but any ValuesKey, TargetPath or
2323 | transient error will still result in a reconciliation failure.
2324 | type: boolean
2325 | targetPath:
2326 | description: |-
2327 | TargetPath is the YAML dot notation path the value should be merged at. When
2328 | set, the ValuesKey is expected to be a single flat value. Defaults to 'None',
2329 | which results in the values getting merged at the root.
2330 | maxLength: 250
2331 | pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$
2332 | type: string
2333 | valuesKey:
2334 | description: |-
2335 | ValuesKey is the data key where the values.yaml or a specific value can be
2336 | found at. Defaults to 'values.yaml'.
2337 | maxLength: 253
2338 | pattern: ^[\-._a-zA-Z0-9]+$
2339 | type: string
2340 | required:
2341 | - kind
2342 | - name
2343 | type: object
2344 | type: array
2345 | required:
2346 | - interval
2347 | type: object
2348 | x-kubernetes-validations:
2349 | - message: either chart or chartRef must be set
2350 | rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart)
2351 | && has(self.chartRef))
2352 | status:
2353 | default:
2354 | observedGeneration: -1
2355 | description: HelmReleaseStatus defines the observed state of a HelmRelease.
2356 | properties:
2357 | conditions:
2358 | description: Conditions holds the conditions for the HelmRelease.
2359 | items:
2360 | description: Condition contains details for one aspect of the current
2361 | state of this API Resource.
2362 | properties:
2363 | lastTransitionTime:
2364 | description: |-
2365 | lastTransitionTime is the last time the condition transitioned from one status to another.
2366 | This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
2367 | format: date-time
2368 | type: string
2369 | message:
2370 | description: |-
2371 | message is a human readable message indicating details about the transition.
2372 | This may be an empty string.
2373 | maxLength: 32768
2374 | type: string
2375 | observedGeneration:
2376 | description: |-
2377 | observedGeneration represents the .metadata.generation that the condition was set based upon.
2378 | For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
2379 | with respect to the current state of the instance.
2380 | format: int64
2381 | minimum: 0
2382 | type: integer
2383 | reason:
2384 | description: |-
2385 | reason contains a programmatic identifier indicating the reason for the condition's last transition.
2386 | Producers of specific condition types may define expected values and meanings for this field,
2387 | and whether the values are considered a guaranteed API.
2388 | The value should be a CamelCase string.
2389 | This field may not be empty.
2390 | maxLength: 1024
2391 | minLength: 1
2392 | pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
2393 | type: string
2394 | status:
2395 | description: status of the condition, one of True, False, Unknown.
2396 | enum:
2397 | - "True"
2398 | - "False"
2399 | - Unknown
2400 | type: string
2401 | type:
2402 | description: type of condition in CamelCase or in foo.example.com/CamelCase.
2403 | maxLength: 316
2404 | pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
2405 | type: string
2406 | required:
2407 | - lastTransitionTime
2408 | - message
2409 | - reason
2410 | - status
2411 | - type
2412 | type: object
2413 | type: array
2414 | failures:
2415 | description: |-
2416 | Failures is the reconciliation failure count against the latest desired
2417 | state. It is reset after a successful reconciliation.
2418 | format: int64
2419 | type: integer
2420 | helmChart:
2421 | description: |-
2422 | HelmChart is the namespaced name of the HelmChart resource created by
2423 | the controller for the HelmRelease.
2424 | type: string
2425 | history:
2426 | description: |-
2427 | History holds the history of Helm releases performed for this HelmRelease
2428 | up to the last successfully completed release.
2429 | items:
2430 | description: |-
2431 | Snapshot captures a point-in-time copy of the status information for a Helm release,
2432 | as managed by the controller.
2433 | properties:
2434 | apiVersion:
2435 | description: |-
2436 | APIVersion is the API version of the Snapshot.
2437 | Provisional: when the calculation method of the Digest field is changed,
2438 | this field will be used to distinguish between the old and new methods.
2439 | type: string
2440 | appVersion:
2441 | description: AppVersion is the chart app version of the release
2442 | object in storage.
2443 | type: string
2444 | chartName:
2445 | description: ChartName is the chart name of the release object
2446 | in storage.
2447 | type: string
2448 | chartVersion:
2449 | description: |-
2450 | ChartVersion is the chart version of the release object in
2451 | storage.
2452 | type: string
2453 | configDigest:
2454 | description: |-
2455 | ConfigDigest is the checksum of the config (better known as
2456 | "values") of the release object in storage.
2457 | It has the format of `<algo>:<checksum>`.
2458 | type: string
2459 | deleted:
2460 | description: Deleted is when the release was deleted.
2461 | format: date-time
2462 | type: string
2463 | digest:
2464 | description: |-
2465 | Digest is the checksum of the release object in storage.
2466 | It has the format of `<algo>:<checksum>`.
2467 | type: string
2468 | firstDeployed:
2469 | description: FirstDeployed is when the release was first deployed.
2470 | format: date-time
2471 | type: string
2472 | lastDeployed:
2473 | description: LastDeployed is when the release was last deployed.
2474 | format: date-time
2475 | type: string
2476 | name:
2477 | description: Name is the name of the release.
2478 | type: string
2479 | namespace:
2480 | description: Namespace is the namespace the release is deployed
2481 | to.
2482 | type: string
2483 | ociDigest:
2484 | description: OCIDigest is the digest of the OCI artifact associated
2485 | with the release.
2486 | type: string
2487 | status:
2488 | description: Status is the current state of the release.
2489 | type: string
2490 | testHooks:
2491 | additionalProperties:
2492 | description: |-
2493 | TestHookStatus holds the status information for a test hook as observed
2494 | to be run by the controller.
2495 | properties:
2496 | lastCompleted:
2497 | description: LastCompleted is the time the test hook last
2498 | completed.
2499 | format: date-time
2500 | type: string
2501 | lastStarted:
2502 | description: LastStarted is the time the test hook was
2503 | last started.
2504 | format: date-time
2505 | type: string
2506 | phase:
2507 | description: Phase the test hook was observed to be in.
2508 | type: string
2509 | type: object
2510 | description: |-
2511 | TestHooks is the list of test hooks for the release as observed to be
2512 | run by the controller.
2513 | type: object
2514 | version:
2515 | description: Version is the version of the release object in
2516 | storage.
2517 | type: integer
2518 | required:
2519 | - chartName
2520 | - chartVersion
2521 | - configDigest
2522 | - digest
2523 | - firstDeployed
2524 | - lastDeployed
2525 | - name
2526 | - namespace
2527 | - status
2528 | - version
2529 | type: object
2530 | type: array
2531 | installFailures:
2532 | description: |-
2533 | InstallFailures is the install failure count against the latest desired
2534 | state. It is reset after a successful reconciliation.
2535 | format: int64
2536 | type: integer
2537 | lastAppliedRevision:
2538 | description: |-
2539 | LastAppliedRevision is the revision of the last successfully applied
2540 | source.
2541 |
2542 | Deprecated: the revision can now be found in the History.
2543 | type: string
2544 | lastAttemptedConfigDigest:
2545 | description: |-
2546 | LastAttemptedConfigDigest is the digest for the config (better known as
2547 | "values") of the last reconciliation attempt.
2548 | type: string
2549 | lastAttemptedGeneration:
2550 | description: |-
2551 | LastAttemptedGeneration is the last generation the controller attempted
2552 | to reconcile.
2553 | format: int64
2554 | type: integer
2555 | lastAttemptedReleaseAction:
2556 | description: |-
2557 | LastAttemptedReleaseAction is the last release action performed for this
2558 | HelmRelease. It is used to determine the active remediation strategy.
2559 | enum:
2560 | - install
2561 | - upgrade
2562 | type: string
2563 | lastAttemptedRevision:
2564 | description: |-
2565 | LastAttemptedRevision is the Source revision of the last reconciliation
2566 | attempt. For OCIRepository sources, the 12 first characters of the digest are
2567 | appended to the chart version e.g. "1.2.3+1234567890ab".
2568 | type: string
2569 | lastAttemptedRevisionDigest:
2570 | description: |-
2571 | LastAttemptedRevisionDigest is the digest of the last reconciliation attempt.
2572 | This is only set for OCIRepository sources.
2573 | type: string
2574 | lastAttemptedValuesChecksum:
2575 | description: |-
2576 | LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last
2577 | reconciliation attempt.
2578 |
2579 | Deprecated: Use LastAttemptedConfigDigest instead.
2580 | type: string
2581 | lastHandledForceAt:
2582 | description: |-
2583 | LastHandledForceAt holds the value of the most recent force request
2584 | value, so a change of the annotation value can be detected.
2585 | type: string
2586 | lastHandledReconcileAt:
2587 | description: |-
2588 | LastHandledReconcileAt holds the value of the most recent
2589 | reconcile request value, so a change of the annotation value
2590 | can be detected.
2591 | type: string
2592 | lastHandledResetAt:
2593 | description: |-
2594 | LastHandledResetAt holds the value of the most recent reset request
2595 | value, so a change of the annotation value can be detected.
2596 | type: string
2597 | lastReleaseRevision:
2598 | description: |-
2599 | LastReleaseRevision is the revision of the last successful Helm release.
2600 |
2601 | Deprecated: Use History instead.
2602 | type: integer
2603 | observedGeneration:
2604 | description: ObservedGeneration is the last observed generation.
2605 | format: int64
2606 | type: integer
2607 | observedPostRenderersDigest:
2608 | description: |-
2609 | ObservedPostRenderersDigest is the digest for the post-renderers of
2610 | the last successful reconciliation attempt.
2611 | type: string
2612 | storageNamespace:
2613 | description: |-
2614 | StorageNamespace is the namespace of the Helm release storage for the
2615 | current release.
2616 | maxLength: 63
2617 | minLength: 1
2618 | type: string
2619 | upgradeFailures:
2620 | description: |-
2621 | UpgradeFailures is the upgrade failure count against the latest desired
2622 | state. It is reset after a successful reconciliation.
2623 | format: int64
2624 | type: integer
2625 | type: object
2626 | type: object
2627 | served: true
2628 | storage: false
2629 | subresources:
2630 | status: {}
2631 | ---
2632 | apiVersion: v1
2633 | kind: ServiceAccount
2634 | metadata:
2635 | labels:
2636 | app.kubernetes.io/component: helm-controller
2637 | app.kubernetes.io/part-of: flux
2638 | name: helm-controller
2639 | ---
2640 | apiVersion: apps/v1
2641 | kind: Deployment
2642 | metadata:
2643 | labels:
2644 | app.kubernetes.io/component: helm-controller
2645 | app.kubernetes.io/part-of: flux
2646 | control-plane: controller
2647 | name: helm-controller
2648 | spec:
2649 | replicas: 1
2650 | selector:
2651 | matchLabels:
2652 | app: helm-controller
2653 | template:
2654 | metadata:
2655 | annotations:
2656 | prometheus.io/port: "8080"
2657 | prometheus.io/scrape: "true"
2658 | labels:
2659 | app: helm-controller
2660 | app.kubernetes.io/component: helm-controller
2661 | app.kubernetes.io/part-of: flux
2662 | spec:
2663 | containers:
2664 | - args:
2665 | - --events-addr=http://notification-controller.flux-system.svc.cluster.local./
2666 | - --watch-all-namespaces
2667 | - --log-level=info
2668 | - --log-encoding=json
2669 | - --enable-leader-election
2670 | env:
2671 | - name: RUNTIME_NAMESPACE
2672 | valueFrom:
2673 | fieldRef:
2674 | fieldPath: metadata.namespace
2675 | - name: GOMEMLIMIT
2676 | valueFrom:
2677 | resourceFieldRef:
2678 | containerName: manager
2679 | resource: limits.memory
2680 | image: fluxcd/helm-controller:v1.4.5
2681 | imagePullPolicy: IfNotPresent
2682 | livenessProbe:
2683 | httpGet:
2684 | path: /healthz
2685 | port: healthz
2686 | name: manager
2687 | ports:
2688 | - containerPort: 8080
2689 | name: http-prom
2690 | protocol: TCP
2691 | - containerPort: 9440
2692 | name: healthz
2693 | protocol: TCP
2694 | readinessProbe:
2695 | httpGet:
2696 | path: /readyz
2697 | port: healthz
2698 | resources:
2699 | limits:
2700 | cpu: 1000m
2701 | memory: 1Gi
2702 | requests:
2703 | cpu: 100m
2704 | memory: 64Mi
2705 | securityContext:
2706 | allowPrivilegeEscalation: false
2707 | capabilities:
2708 | drop:
2709 | - ALL
2710 | readOnlyRootFilesystem: true
2711 | runAsNonRoot: true
2712 | seccompProfile:
2713 | type: RuntimeDefault
2714 | volumeMounts:
2715 | - mountPath: /tmp
2716 | name: temp
2717 | priorityClassName: system-cluster-critical
2718 | securityContext:
2719 | fsGroup: 1337
2720 | serviceAccountName: helm-controller
2721 | terminationGracePeriodSeconds: 600
2722 | volumes:
2723 | - emptyDir: {}
2724 | name: temp
2725 |
```