UNPKG

@kubernetes-models/argo-cd

Version:

Argo CD models

github.com/tommy351/kubernetes-models-ts/tree/master/third-party/argo-cd

tommy351/kubernetes-models-ts

241 lines (240 loc) 9.14 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
import { IObjectMeta } from "@kubernetes-models/apimachinery/apis/meta/v1/ObjectMeta"; import { Model, ModelData } from "@kubernetes-models/base"; /** * AppProject provides a logical grouping of applications, providing controls for: * \* where the apps may deploy to (cluster whitelist) * \* what may be deployed (repository whitelist, resource whitelist/blacklist) * \* who can access these applications (roles, OIDC group claims bindings) * \* and what they can do (RBAC policies) * \* automation access to these roles (JWT tokens) */ export interface IAppProject { /** * APIVersion defines the versioned schema of this representation of an object. * Servers should convert recognized schemas to the latest internal value, and * may reject unrecognized values. * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ "apiVersion": "argoproj.io/v1alpha1"; /** * Kind is a string value representing the REST resource this object represents. * Servers may infer this from the endpoint the client submits requests to. * Cannot be updated. * In CamelCase. * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ "kind": "AppProject"; "metadata": IObjectMeta; /** * AppProjectSpec is the specification of an AppProject */ "spec": { /** * ClusterResourceBlacklist contains list of blacklisted cluster level resources */ "clusterResourceBlacklist"?: Array<{ "group": string; "kind": string; }>; /** * ClusterResourceWhitelist contains list of whitelisted cluster level resources */ "clusterResourceWhitelist"?: Array<{ "group": string; "kind": string; }>; /** * Description contains optional project description */ "description"?: string; /** * DestinationServiceAccounts holds information about the service accounts to be impersonated for the application sync operation for each destination. */ "destinationServiceAccounts"?: Array<{ /** * DefaultServiceAccount to be used for impersonation during the sync operation */ "defaultServiceAccount": string; /** * Namespace specifies the target namespace for the application's resources. */ "namespace"?: string; /** * Server specifies the URL of the target cluster's Kubernetes control plane API. */ "server": string; }>; /** * Destinations contains list of destinations available for deployment */ "destinations"?: Array<{ /** * Name is an alternate way of specifying the target cluster by its symbolic name. This must be set if Server is not set. */ "name"?: string; /** * Namespace specifies the target namespace for the application's resources. * The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace */ "namespace"?: string; /** * Server specifies the URL of the target cluster's Kubernetes control plane API. This must be set if Name is not set. */ "server"?: string; }>; /** * NamespaceResourceBlacklist contains list of blacklisted namespace level resources */ "namespaceResourceBlacklist"?: Array<{ "group": string; "kind": string; }>; /** * NamespaceResourceWhitelist contains list of whitelisted namespace level resources */ "namespaceResourceWhitelist"?: Array<{ "group": string; "kind": string; }>; /** * OrphanedResources specifies if controller should monitor orphaned resources of apps in this project */ "orphanedResources"?: { /** * Ignore contains a list of resources that are to be excluded from orphaned resources monitoring */ "ignore"?: Array<{ "group"?: string; "kind"?: string; "name"?: string; }>; /** * Warn indicates if warning condition should be created for apps which have orphaned resources */ "warn"?: boolean; }; /** * PermitOnlyProjectScopedClusters determines whether destinations can only reference clusters which are project-scoped */ "permitOnlyProjectScopedClusters"?: boolean; /** * Roles are user defined RBAC roles associated with this project */ "roles"?: Array<{ /** * Description is a description of the role */ "description"?: string; /** * Groups are a list of OIDC group claims bound to this role */ "groups"?: Array<string>; /** * JWTTokens are a list of generated JWT tokens bound to this role */ "jwtTokens"?: Array<{ "exp"?: number; "iat": number; "id"?: string; }>; /** * Name is a name for this role */ "name": string; /** * Policies Stores a list of casbin formatted strings that define access policies for the role in the project */ "policies"?: Array<string>; }>; /** * SignatureKeys contains a list of PGP key IDs that commits in Git must be signed with in order to be allowed for sync */ "signatureKeys"?: Array<{ /** * The ID of the key in hexadecimal notation */ "keyID": string; }>; /** * SourceNamespaces defines the namespaces application resources are allowed to be created in */ "sourceNamespaces"?: Array<string>; /** * SourceRepos contains list of repository URLs which can be used for deployment */ "sourceRepos"?: Array<string>; /** * SyncWindows controls when syncs can be run for apps in this project */ "syncWindows"?: Array<{ /** * Applications contains a list of applications that the window will apply to */ "applications"?: Array<string>; /** * Clusters contains a list of clusters that the window will apply to */ "clusters"?: Array<string>; /** * Duration is the amount of time the sync window will be open */ "duration"?: string; /** * Kind defines if the window allows or blocks syncs */ "kind"?: string; /** * ManualSync enables manual syncs when they would otherwise be blocked */ "manualSync"?: boolean; /** * Namespaces contains a list of namespaces that the window will apply to */ "namespaces"?: Array<string>; /** * Schedule is the time the window will begin, specified in cron format */ "schedule"?: string; /** * TimeZone of the sync that will be applied to the schedule */ "timeZone"?: string; }>; }; /** * AppProjectStatus contains status information for AppProject CRs */ "status"?: { /** * JWTTokensByRole contains a list of JWT tokens issued for a given role */ "jwtTokensByRole"?: { [key: string]: { "items"?: Array<{ "exp"?: number; "iat": number; "id"?: string; }>; }; }; }; } /** * AppProject provides a logical grouping of applications, providing controls for: * \* where the apps may deploy to (cluster whitelist) * \* what may be deployed (repository whitelist, resource whitelist/blacklist) * \* who can access these applications (roles, OIDC group claims bindings) * \* and what they can do (RBAC policies) * \* automation access to these roles (JWT tokens) */ export declare class AppProject extends Model<IAppProject> implements IAppProject { "apiVersion": IAppProject["apiVersion"]; "kind": IAppProject["kind"]; "metadata": IAppProject["metadata"]; "spec": IAppProject["spec"]; "status"?: IAppProject["status"]; static apiVersion: IAppProject["apiVersion"]; static kind: IAppProject["kind"]; static is: import("@kubernetes-models/base").TypeMetaGuard<IAppProject>; constructor(data?: ModelData<IAppProject>); }