k8ts

// generated by cdk8s import { ApiObject, ApiObjectMetadata, GroupVersionKind } from 'cdk8s'; import { Construct } from 'constructs'; /** * Bucket is the Schema for the buckets API. * * @schema Bucket */ export class Bucket extends ApiObject { /** * Returns the apiVersion and kind for "Bucket" */ public static readonly GVK: GroupVersionKind = { apiVersion: 'source.toolkit.fluxcd.io/v1', kind: 'Bucket', } /** * Renders a Kubernetes manifest for "Bucket". * * This can be used to inline resource manifests inside other objects (e.g. as templates). * * @param props initialization props */ public static manifest(props: BucketProps = {}): any { return { ...Bucket.GVK, ...toJson_BucketProps(props), }; } /** * Defines a "Bucket" API object * @param scope the scope in which to define this object * @param id a scope-local name for the object * @param props initialization props */ public constructor(scope: Construct, id: string, props: BucketProps = {}) { super(scope, id, { ...Bucket.GVK, ...props, }); } /** * Renders the object to Kubernetes JSON. */ public toJson(): any { const resolved = super.toJson(); return { ...Bucket.GVK, ...toJson_BucketProps(resolved), }; } } /** * Bucket is the Schema for the buckets API. * * @schema Bucket */ export interface BucketProps { /** * @schema Bucket#metadata */ readonly metadata?: ApiObjectMetadata; /** * BucketSpec specifies the required configuration to produce an Artifact for * an object storage bucket. * * @schema Bucket#spec */ readonly spec?: BucketSpec; } /** * Converts an object of type 'BucketProps' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketProps(obj: BucketProps | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'metadata': obj.metadata, 'spec': toJson_BucketSpec(obj.spec), }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * BucketSpec specifies the required configuration to produce an Artifact for * an object storage bucket. * * @schema BucketSpec */ export interface BucketSpec { /** * BucketName is the name of the object storage bucket. * * @schema BucketSpec#bucketName */ readonly bucketName: string; /** * CertSecretRef can be given the name of a Secret containing * either or both of * * - a PEM-encoded client certificate (`tls.crt`) and private * key (`tls.key`); * - a PEM-encoded CA certificate (`ca.crt`) * * and whichever are supplied, will be used for connecting to the * bucket. The client cert and key are useful if you are * authenticating with a certificate; the CA cert is useful if * you are using a self-signed server certificate. The Secret must * be of type `Opaque` or `kubernetes.io/tls`. * * This field is only supported for the `generic` provider. * * @schema BucketSpec#certSecretRef */ readonly certSecretRef?: BucketSpecCertSecretRef; /** * Endpoint is the object storage address the BucketName is located at. * * @schema BucketSpec#endpoint */ readonly endpoint: string; /** * Ignore overrides the set of excluded patterns in the .sourceignore format * (which is the same as .gitignore). If not provided, a default will be used, * consult the documentation for your version to find out what those are. * * @schema BucketSpec#ignore */ readonly ignore?: string; /** * Insecure allows connecting to a non-TLS HTTP Endpoint. * * @schema BucketSpec#insecure */ readonly insecure?: boolean; /** * Interval at which the Bucket Endpoint is checked for updates. * This interval is approximate and may be subject to jitter to ensure * efficient use of resources. * * @schema BucketSpec#interval */ readonly interval: string; /** * Prefix to use for server-side filtering of files in the Bucket. * * @schema BucketSpec#prefix */ readonly prefix?: string; /** * Provider of the object storage bucket. * Defaults to 'generic', which expects an S3 (API) compatible object * storage. * * @default generic', which expects an S3 (API) compatible object * @schema BucketSpec#provider */ readonly provider?: BucketSpecProvider; /** * ProxySecretRef specifies the Secret containing the proxy configuration * to use while communicating with the Bucket server. * * @schema BucketSpec#proxySecretRef */ readonly proxySecretRef?: BucketSpecProxySecretRef; /** * Region of the Endpoint where the BucketName is located in. * * @schema BucketSpec#region */ readonly region?: string; /** * SecretRef specifies the Secret containing authentication credentials * for the Bucket. * * @schema BucketSpec#secretRef */ readonly secretRef?: BucketSpecSecretRef; /** * STS specifies the required configuration to use a Security Token * Service for fetching temporary credentials to authenticate in a * Bucket provider. * * This field is only supported for the `aws` and `generic` providers. * * @schema BucketSpec#sts */ readonly sts?: BucketSpecSts; /** * Suspend tells the controller to suspend the reconciliation of this * Bucket. * * @schema BucketSpec#suspend */ readonly suspend?: boolean; /** * Timeout for fetch operations, defaults to 60s. * * @schema BucketSpec#timeout */ readonly timeout?: string; } /** * Converts an object of type 'BucketSpec' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketSpec(obj: BucketSpec | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'bucketName': obj.bucketName, 'certSecretRef': toJson_BucketSpecCertSecretRef(obj.certSecretRef), 'endpoint': obj.endpoint, 'ignore': obj.ignore, 'insecure': obj.insecure, 'interval': obj.interval, 'prefix': obj.prefix, 'provider': obj.provider, 'proxySecretRef': toJson_BucketSpecProxySecretRef(obj.proxySecretRef), 'region': obj.region, 'secretRef': toJson_BucketSpecSecretRef(obj.secretRef), 'sts': toJson_BucketSpecSts(obj.sts), 'suspend': obj.suspend, 'timeout': obj.timeout, }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * CertSecretRef can be given the name of a Secret containing * either or both of * * - a PEM-encoded client certificate (`tls.crt`) and private * key (`tls.key`); * - a PEM-encoded CA certificate (`ca.crt`) * * and whichever are supplied, will be used for connecting to the * bucket. The client cert and key are useful if you are * authenticating with a certificate; the CA cert is useful if * you are using a self-signed server certificate. The Secret must * be of type `Opaque` or `kubernetes.io/tls`. * * This field is only supported for the `generic` provider. * * @schema BucketSpecCertSecretRef */ export interface BucketSpecCertSecretRef { /** * Name of the referent. * * @schema BucketSpecCertSecretRef#name */ readonly name: string; } /** * Converts an object of type 'BucketSpecCertSecretRef' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketSpecCertSecretRef(obj: BucketSpecCertSecretRef | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'name': obj.name, }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * Provider of the object storage bucket. * Defaults to 'generic', which expects an S3 (API) compatible object * storage. * * @default generic', which expects an S3 (API) compatible object * @schema BucketSpecProvider */ export enum BucketSpecProvider { /** generic */ GENERIC = "generic", /** aws */ AWS = "aws", /** gcp */ GCP = "gcp", /** azure */ AZURE = "azure", } /** * ProxySecretRef specifies the Secret containing the proxy configuration * to use while communicating with the Bucket server. * * @schema BucketSpecProxySecretRef */ export interface BucketSpecProxySecretRef { /** * Name of the referent. * * @schema BucketSpecProxySecretRef#name */ readonly name: string; } /** * Converts an object of type 'BucketSpecProxySecretRef' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketSpecProxySecretRef(obj: BucketSpecProxySecretRef | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'name': obj.name, }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * SecretRef specifies the Secret containing authentication credentials * for the Bucket. * * @schema BucketSpecSecretRef */ export interface BucketSpecSecretRef { /** * Name of the referent. * * @schema BucketSpecSecretRef#name */ readonly name: string; } /** * Converts an object of type 'BucketSpecSecretRef' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketSpecSecretRef(obj: BucketSpecSecretRef | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'name': obj.name, }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * STS specifies the required configuration to use a Security Token * Service for fetching temporary credentials to authenticate in a * Bucket provider. * * This field is only supported for the `aws` and `generic` providers. * * @schema BucketSpecSts */ export interface BucketSpecSts { /** * CertSecretRef can be given the name of a Secret containing * either or both of * * - a PEM-encoded client certificate (`tls.crt`) and private * key (`tls.key`); * - a PEM-encoded CA certificate (`ca.crt`) * * and whichever are supplied, will be used for connecting to the * STS endpoint. The client cert and key are useful if you are * authenticating with a certificate; the CA cert is useful if * you are using a self-signed server certificate. The Secret must * be of type `Opaque` or `kubernetes.io/tls`. * * This field is only supported for the `ldap` provider. * * @schema BucketSpecSts#certSecretRef */ readonly certSecretRef?: BucketSpecStsCertSecretRef; /** * Endpoint is the HTTP/S endpoint of the Security Token Service from * where temporary credentials will be fetched. * * @schema BucketSpecSts#endpoint */ readonly endpoint: string; /** * Provider of the Security Token Service. * * @schema BucketSpecSts#provider */ readonly provider: BucketSpecStsProvider; /** * SecretRef specifies the Secret containing authentication credentials * for the STS endpoint. This Secret must contain the fields `username` * and `password` and is supported only for the `ldap` provider. * * @schema BucketSpecSts#secretRef */ readonly secretRef?: BucketSpecStsSecretRef; } /** * Converts an object of type 'BucketSpecSts' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketSpecSts(obj: BucketSpecSts | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'certSecretRef': toJson_BucketSpecStsCertSecretRef(obj.certSecretRef), 'endpoint': obj.endpoint, 'provider': obj.provider, 'secretRef': toJson_BucketSpecStsSecretRef(obj.secretRef), }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * CertSecretRef can be given the name of a Secret containing * either or both of * * - a PEM-encoded client certificate (`tls.crt`) and private * key (`tls.key`); * - a PEM-encoded CA certificate (`ca.crt`) * * and whichever are supplied, will be used for connecting to the * STS endpoint. The client cert and key are useful if you are * authenticating with a certificate; the CA cert is useful if * you are using a self-signed server certificate. The Secret must * be of type `Opaque` or `kubernetes.io/tls`. * * This field is only supported for the `ldap` provider. * * @schema BucketSpecStsCertSecretRef */ export interface BucketSpecStsCertSecretRef { /** * Name of the referent. * * @schema BucketSpecStsCertSecretRef#name */ readonly name: string; } /** * Converts an object of type 'BucketSpecStsCertSecretRef' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketSpecStsCertSecretRef(obj: BucketSpecStsCertSecretRef | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'name': obj.name, }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * Provider of the Security Token Service. * * @schema BucketSpecStsProvider */ export enum BucketSpecStsProvider { /** aws */ AWS = "aws", /** ldap */ LDAP = "ldap", } /** * SecretRef specifies the Secret containing authentication credentials * for the STS endpoint. This Secret must contain the fields `username` * and `password` and is supported only for the `ldap` provider. * * @schema BucketSpecStsSecretRef */ export interface BucketSpecStsSecretRef { /** * Name of the referent. * * @schema BucketSpecStsSecretRef#name */ readonly name: string; } /** * Converts an object of type 'BucketSpecStsSecretRef' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketSpecStsSecretRef(obj: BucketSpecStsSecretRef | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'name': obj.name, }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * Bucket is the Schema for the buckets API * * @schema BucketV1Beta1 */ export class BucketV1Beta1 extends ApiObject { /** * Returns the apiVersion and kind for "BucketV1Beta1" */ public static readonly GVK: GroupVersionKind = { apiVersion: 'source.toolkit.fluxcd.io/v1beta1', kind: 'Bucket', } /** * Renders a Kubernetes manifest for "BucketV1Beta1". * * This can be used to inline resource manifests inside other objects (e.g. as templates). * * @param props initialization props */ public static manifest(props: BucketV1Beta1Props = {}): any { return { ...BucketV1Beta1.GVK, ...toJson_BucketV1Beta1Props(props), }; } /** * Defines a "BucketV1Beta1" API object * @param scope the scope in which to define this object * @param id a scope-local name for the object * @param props initialization props */ public constructor(scope: Construct, id: string, props: BucketV1Beta1Props = {}) { super(scope, id, { ...BucketV1Beta1.GVK, ...props, }); } /** * Renders the object to Kubernetes JSON. */ public toJson(): any { const resolved = super.toJson(); return { ...BucketV1Beta1.GVK, ...toJson_BucketV1Beta1Props(resolved), }; } } /** * Bucket is the Schema for the buckets API * * @schema BucketV1Beta1 */ export interface BucketV1Beta1Props { /** * @schema BucketV1Beta1#metadata */ readonly metadata?: ApiObjectMetadata; /** * BucketSpec defines the desired state of an S3 compatible bucket * * @schema BucketV1Beta1#spec */ readonly spec?: BucketV1Beta1Spec; } /** * Converts an object of type 'BucketV1Beta1Props' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketV1Beta1Props(obj: BucketV1Beta1Props | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'metadata': obj.metadata, 'spec': toJson_BucketV1Beta1Spec(obj.spec), }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * BucketSpec defines the desired state of an S3 compatible bucket * * @schema BucketV1Beta1Spec */ export interface BucketV1Beta1Spec { /** * AccessFrom defines an Access Control List for allowing cross-namespace references to this object. * * @schema BucketV1Beta1Spec#accessFrom */ readonly accessFrom?: BucketV1Beta1SpecAccessFrom; /** * The bucket name. * * @schema BucketV1Beta1Spec#bucketName */ readonly bucketName: string; /** * The bucket endpoint address. * * @schema BucketV1Beta1Spec#endpoint */ readonly endpoint: string; /** * Ignore overrides the set of excluded patterns in the .sourceignore format * (which is the same as .gitignore). If not provided, a default will be used, * consult the documentation for your version to find out what those are. * * @schema BucketV1Beta1Spec#ignore */ readonly ignore?: string; /** * Insecure allows connecting to a non-TLS S3 HTTP endpoint. * * @schema BucketV1Beta1Spec#insecure */ readonly insecure?: boolean; /** * The interval at which to check for bucket updates. * * @schema BucketV1Beta1Spec#interval */ readonly interval: string; /** * The S3 compatible storage provider name, default ('generic'). * * @schema BucketV1Beta1Spec#provider */ readonly provider?: BucketV1Beta1SpecProvider; /** * The bucket region. * * @schema BucketV1Beta1Spec#region */ readonly region?: string; /** * The name of the secret containing authentication credentials * for the Bucket. * * @schema BucketV1Beta1Spec#secretRef */ readonly secretRef?: BucketV1Beta1SpecSecretRef; /** * This flag tells the controller to suspend the reconciliation of this source. * * @schema BucketV1Beta1Spec#suspend */ readonly suspend?: boolean; /** * The timeout for download operations, defaults to 60s. * * @schema BucketV1Beta1Spec#timeout */ readonly timeout?: string; } /** * Converts an object of type 'BucketV1Beta1Spec' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketV1Beta1Spec(obj: BucketV1Beta1Spec | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'accessFrom': toJson_BucketV1Beta1SpecAccessFrom(obj.accessFrom), 'bucketName': obj.bucketName, 'endpoint': obj.endpoint, 'ignore': obj.ignore, 'insecure': obj.insecure, 'interval': obj.interval, 'provider': obj.provider, 'region': obj.region, 'secretRef': toJson_BucketV1Beta1SpecSecretRef(obj.secretRef), 'suspend': obj.suspend, 'timeout': obj.timeout, }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * AccessFrom defines an Access Control List for allowing cross-namespace references to this object. * * @schema BucketV1Beta1SpecAccessFrom */ export interface BucketV1Beta1SpecAccessFrom { /** * NamespaceSelectors is the list of namespace selectors to which this ACL applies. * Items in this list are evaluated using a logical OR operation. * * @schema BucketV1Beta1SpecAccessFrom#namespaceSelectors */ readonly namespaceSelectors: BucketV1Beta1SpecAccessFromNamespaceSelectors[]; } /** * Converts an object of type 'BucketV1Beta1SpecAccessFrom' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketV1Beta1SpecAccessFrom(obj: BucketV1Beta1SpecAccessFrom | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'namespaceSelectors': obj.namespaceSelectors?.map(y => toJson_BucketV1Beta1SpecAccessFromNamespaceSelectors(y)), }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * The S3 compatible storage provider name, default ('generic'). * * @schema BucketV1Beta1SpecProvider */ export enum BucketV1Beta1SpecProvider { /** generic */ GENERIC = "generic", /** aws */ AWS = "aws", /** gcp */ GCP = "gcp", } /** * The name of the secret containing authentication credentials * for the Bucket. * * @schema BucketV1Beta1SpecSecretRef */ export interface BucketV1Beta1SpecSecretRef { /** * Name of the referent. * * @schema BucketV1Beta1SpecSecretRef#name */ readonly name: string; } /** * Converts an object of type 'BucketV1Beta1SpecSecretRef' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketV1Beta1SpecSecretRef(obj: BucketV1Beta1SpecSecretRef | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'name': obj.name, }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * NamespaceSelector selects the namespaces to which this ACL applies. * An empty map of MatchLabels matches all namespaces in a cluster. * * @schema BucketV1Beta1SpecAccessFromNamespaceSelectors */ export interface BucketV1Beta1SpecAccessFromNamespaceSelectors { /** * MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels * map is equivalent to an element of matchExpressions, whose key field is "key", the * operator is "In", and the values array contains only "value". The requirements are ANDed. * * @schema BucketV1Beta1SpecAccessFromNamespaceSelectors#matchLabels */ readonly matchLabels?: { [key: string]: string }; } /** * Converts an object of type 'BucketV1Beta1SpecAccessFromNamespaceSelectors' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketV1Beta1SpecAccessFromNamespaceSelectors(obj: BucketV1Beta1SpecAccessFromNamespaceSelectors | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'matchLabels': ((obj.matchLabels) === undefined) ? undefined : (Object.entries(obj.matchLabels).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {})), }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * Bucket is the Schema for the buckets API. * * @schema BucketV1Beta2 */ export class BucketV1Beta2 extends ApiObject { /** * Returns the apiVersion and kind for "BucketV1Beta2" */ public static readonly GVK: GroupVersionKind = { apiVersion: 'source.toolkit.fluxcd.io/v1beta2', kind: 'Bucket', } /** * Renders a Kubernetes manifest for "BucketV1Beta2". * * This can be used to inline resource manifests inside other objects (e.g. as templates). * * @param props initialization props */ public static manifest(props: BucketV1Beta2Props = {}): any { return { ...BucketV1Beta2.GVK, ...toJson_BucketV1Beta2Props(props), }; } /** * Defines a "BucketV1Beta2" API object * @param scope the scope in which to define this object * @param id a scope-local name for the object * @param props initialization props */ public constructor(scope: Construct, id: string, props: BucketV1Beta2Props = {}) { super(scope, id, { ...BucketV1Beta2.GVK, ...props, }); } /** * Renders the object to Kubernetes JSON. */ public toJson(): any { const resolved = super.toJson(); return { ...BucketV1Beta2.GVK, ...toJson_BucketV1Beta2Props(resolved), }; } } /** * Bucket is the Schema for the buckets API. * * @schema BucketV1Beta2 */ export interface BucketV1Beta2Props { /** * @schema BucketV1Beta2#metadata */ readonly metadata?: ApiObjectMetadata; /** * BucketSpec specifies the required configuration to produce an Artifact for * an object storage bucket. * * @schema BucketV1Beta2#spec */ readonly spec?: BucketV1Beta2Spec; } /** * Converts an object of type 'BucketV1Beta2Props' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketV1Beta2Props(obj: BucketV1Beta2Props | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'metadata': obj.metadata, 'spec': toJson_BucketV1Beta2Spec(obj.spec), }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * BucketSpec specifies the required configuration to produce an Artifact for * an object storage bucket. * * @schema BucketV1Beta2Spec */ export interface BucketV1Beta2Spec { /** * AccessFrom specifies an Access Control List for allowing cross-namespace * references to this object. * NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 * * @schema BucketV1Beta2Spec#accessFrom */ readonly accessFrom?: BucketV1Beta2SpecAccessFrom; /** * BucketName is the name of the object storage bucket. * * @schema BucketV1Beta2Spec#bucketName */ readonly bucketName: string; /** * CertSecretRef can be given the name of a Secret containing * either or both of * * - a PEM-encoded client certificate (`tls.crt`) and private * key (`tls.key`); * - a PEM-encoded CA certificate (`ca.crt`) * * and whichever are supplied, will be used for connecting to the * bucket. The client cert and key are useful if you are * authenticating with a certificate; the CA cert is useful if * you are using a self-signed server certificate. The Secret must * be of type `Opaque` or `kubernetes.io/tls`. * * This field is only supported for the `generic` provider. * * @schema BucketV1Beta2Spec#certSecretRef */ readonly certSecretRef?: BucketV1Beta2SpecCertSecretRef; /** * Endpoint is the object storage address the BucketName is located at. * * @schema BucketV1Beta2Spec#endpoint */ readonly endpoint: string; /** * Ignore overrides the set of excluded patterns in the .sourceignore format * (which is the same as .gitignore). If not provided, a default will be used, * consult the documentation for your version to find out what those are. * * @schema BucketV1Beta2Spec#ignore */ readonly ignore?: string; /** * Insecure allows connecting to a non-TLS HTTP Endpoint. * * @schema BucketV1Beta2Spec#insecure */ readonly insecure?: boolean; /** * Interval at which the Bucket Endpoint is checked for updates. * This interval is approximate and may be subject to jitter to ensure * efficient use of resources. * * @schema BucketV1Beta2Spec#interval */ readonly interval: string; /** * Prefix to use for server-side filtering of files in the Bucket. * * @schema BucketV1Beta2Spec#prefix */ readonly prefix?: string; /** * Provider of the object storage bucket. * Defaults to 'generic', which expects an S3 (API) compatible object * storage. * * @default generic', which expects an S3 (API) compatible object * @schema BucketV1Beta2Spec#provider */ readonly provider?: BucketV1Beta2SpecProvider; /** * ProxySecretRef specifies the Secret containing the proxy configuration * to use while communicating with the Bucket server. * * @schema BucketV1Beta2Spec#proxySecretRef */ readonly proxySecretRef?: BucketV1Beta2SpecProxySecretRef; /** * Region of the Endpoint where the BucketName is located in. * * @schema BucketV1Beta2Spec#region */ readonly region?: string; /** * SecretRef specifies the Secret containing authentication credentials * for the Bucket. * * @schema BucketV1Beta2Spec#secretRef */ readonly secretRef?: BucketV1Beta2SpecSecretRef; /** * STS specifies the required configuration to use a Security Token * Service for fetching temporary credentials to authenticate in a * Bucket provider. * * This field is only supported for the `aws` and `generic` providers. * * @schema BucketV1Beta2Spec#sts */ readonly sts?: BucketV1Beta2SpecSts; /** * Suspend tells the controller to suspend the reconciliation of this * Bucket. * * @schema BucketV1Beta2Spec#suspend */ readonly suspend?: boolean; /** * Timeout for fetch operations, defaults to 60s. * * @schema BucketV1Beta2Spec#timeout */ readonly timeout?: string; } /** * Converts an object of type 'BucketV1Beta2Spec' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketV1Beta2Spec(obj: BucketV1Beta2Spec | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'accessFrom': toJson_BucketV1Beta2SpecAccessFrom(obj.accessFrom), 'bucketName': obj.bucketName, 'certSecretRef': toJson_BucketV1Beta2SpecCertSecretRef(obj.certSecretRef), 'endpoint': obj.endpoint, 'ignore': obj.ignore, 'insecure': obj.insecure, 'interval': obj.interval, 'prefix': obj.prefix, 'provider': obj.provider, 'proxySecretRef': toJson_BucketV1Beta2SpecProxySecretRef(obj.proxySecretRef), 'region': obj.region, 'secretRef': toJson_BucketV1Beta2SpecSecretRef(obj.secretRef), 'sts': toJson_BucketV1Beta2SpecSts(obj.sts), 'suspend': obj.suspend, 'timeout': obj.timeout, }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * AccessFrom specifies an Access Control List for allowing cross-namespace * references to this object. * NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 * * @schema BucketV1Beta2SpecAccessFrom */ export interface BucketV1Beta2SpecAccessFrom { /** * NamespaceSelectors is the list of namespace selectors to which this ACL applies. * Items in this list are evaluated using a logical OR operation. * * @schema BucketV1Beta2SpecAccessFrom#namespaceSelectors */ readonly namespaceSelectors: BucketV1Beta2SpecAccessFromNamespaceSelectors[]; } /** * Converts an object of type 'BucketV1Beta2SpecAccessFrom' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketV1Beta2SpecAccessFrom(obj: BucketV1Beta2SpecAccessFrom | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'namespaceSelectors': obj.namespaceSelectors?.map(y => toJson_BucketV1Beta2SpecAccessFromNamespaceSelectors(y)), }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * CertSecretRef can be given the name of a Secret containing * either or both of * * - a PEM-encoded client certificate (`tls.crt`) and private * key (`tls.key`); * - a PEM-encoded CA certificate (`ca.crt`) * * and whichever are supplied, will be used for connecting to the * bucket. The client cert and key are useful if you are * authenticating with a certificate; the CA cert is useful if * you are using a self-signed server certificate. The Secret must * be of type `Opaque` or `kubernetes.io/tls`. * * This field is only supported for the `generic` provider. * * @schema BucketV1Beta2SpecCertSecretRef */ export interface BucketV1Beta2SpecCertSecretRef { /** * Name of the referent. * * @schema BucketV1Beta2SpecCertSecretRef#name */ readonly name: string; } /** * Converts an object of type 'BucketV1Beta2SpecCertSecretRef' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketV1Beta2SpecCertSecretRef(obj: BucketV1Beta2SpecCertSecretRef | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'name': obj.name, }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * Provider of the object storage bucket. * Defaults to 'generic', which expects an S3 (API) compatible object * storage. * * @default generic', which expects an S3 (API) compatible object * @schema BucketV1Beta2SpecProvider */ export enum BucketV1Beta2SpecProvider { /** generic */ GENERIC = "generic", /** aws */ AWS = "aws", /** gcp */ GCP = "gcp", /** azure */ AZURE = "azure", } /** * ProxySecretRef specifies the Secret containing the proxy configuration * to use while communicating with the Bucket server. * * @schema BucketV1Beta2SpecProxySecretRef */ export interface BucketV1Beta2SpecProxySecretRef { /** * Name of the referent. * * @schema BucketV1Beta2SpecProxySecretRef#name */ readonly name: string; } /** * Converts an object of type 'BucketV1Beta2SpecProxySecretRef' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketV1Beta2SpecProxySecretRef(obj: BucketV1Beta2SpecProxySecretRef | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'name': obj.name, }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * SecretRef specifies the Secret containing authentication credentials * for the Bucket. * * @schema BucketV1Beta2SpecSecretRef */ export interface BucketV1Beta2SpecSecretRef { /** * Name of the referent. * * @schema BucketV1Beta2SpecSecretRef#name */ readonly name: string; } /** * Converts an object of type 'BucketV1Beta2SpecSecretRef' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketV1Beta2SpecSecretRef(obj: BucketV1Beta2SpecSecretRef | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'name': obj.name, }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * STS specifies the required configuration to use a Security Token * Service for fetching temporary credentials to authenticate in a * Bucket provider. * * This field is only supported for the `aws` and `generic` providers. * * @schema BucketV1Beta2SpecSts */ export interface BucketV1Beta2SpecSts { /** * CertSecretRef can be given the name of a Secret containing * either or both of * * - a PEM-encoded client certificate (`tls.crt`) and private * key (`tls.key`); * - a PEM-encoded CA certificate (`ca.crt`) * * and whichever are supplied, will be used for connecting to the * STS endpoint. The client cert and key are useful if you are * authenticating with a certificate; the CA cert is useful if * you are using a self-signed server certificate. The Secret must * be of type `Opaque` or `kubernetes.io/tls`. * * This field is only supported for the `ldap` provider. * * @schema BucketV1Beta2SpecSts#certSecretRef */ readonly certSecretRef?: BucketV1Beta2SpecStsCertSecretRef; /** * Endpoint is the HTTP/S endpoint of the Security Token Service from * where temporary credentials will be fetched. * * @schema BucketV1Beta2SpecSts#endpoint */ readonly endpoint: string; /** * Provider of the Security Token Service. * * @schema BucketV1Beta2SpecSts#provider */ readonly provider: BucketV1Beta2SpecStsProvider; /** * SecretRef specifies the Secret containing authentication credentials * for the STS endpoint. This Secret must contain the fields `username` * and `password` and is supported only for the `ldap` provider. * * @schema BucketV1Beta2SpecSts#secretRef */ readonly secretRef?: BucketV1Beta2SpecStsSecretRef; } /** * Converts an object of type 'BucketV1Beta2SpecSts' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketV1Beta2SpecSts(obj: BucketV1Beta2SpecSts | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'certSecretRef': toJson_BucketV1Beta2SpecStsCertSecretRef(obj.certSecretRef), 'endpoint': obj.endpoint, 'provider': obj.provider, 'secretRef': toJson_BucketV1Beta2SpecStsSecretRef(obj.secretRef), }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * NamespaceSelector selects the namespaces to which this ACL applies. * An empty map of MatchLabels matches all namespaces in a cluster. * * @schema BucketV1Beta2SpecAccessFromNamespaceSelectors */ export interface BucketV1Beta2SpecAccessFromNamespaceSelectors { /** * MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels * map is equivalent to an element of matchExpressions, whose key field is "key", the * operator is "In", and the values array contains only "value". The requirements are ANDed. * * @schema BucketV1Beta2SpecAccessFromNamespaceSelectors#matchLabels */ readonly matchLabels?: { [key: string]: string }; } /** * Converts an object of type 'BucketV1Beta2SpecAccessFromNamespaceSelectors' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketV1Beta2SpecAccessFromNamespaceSelectors(obj: BucketV1Beta2SpecAccessFromNamespaceSelectors | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'matchLabels': ((obj.matchLabels) === undefined) ? undefined : (Object.entries(obj.matchLabels).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {})), }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * CertSecretRef can be given the name of a Secret containing * either or both of * * - a PEM-encoded client certificate (`tls.crt`) and private * key (`tls.key`); * - a PEM-encoded CA certificate (`ca.crt`) * * and whichever are supplied, will be used for connecting to the * STS endpoint. The client cert and key are useful if you are * authenticating with a certificate; the CA cert is useful if * you are using a self-signed server certificate. The Secret must * be of type `Opaque` or `kubernetes.io/tls`. * * This field is only supported for the `ldap` provider. * * @schema BucketV1Beta2SpecStsCertSecretRef */ export interface BucketV1Beta2SpecStsCertSecretRef { /** * Name of the referent. * * @schema BucketV1Beta2SpecStsCertSecretRef#name */ readonly name: string; } /** * Converts an object of type 'BucketV1Beta2SpecStsCertSecretRef' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketV1Beta2SpecStsCertSecretRef(obj: BucketV1Beta2SpecStsCertSecretRef | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'name': obj.name, }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * Provider of the Security Token Service. * * @schema BucketV1Beta2SpecStsProvider */ export enum BucketV1Beta2SpecStsProvider { /** aws */ AWS = "aws", /** ldap */ LDAP = "ldap", } /** * SecretRef specifies the Secret containing authentication credentials * for the STS endpoint. This Secret must contain the fields `username` * and `password` and is supported only for the `ldap` provider. * * @schema BucketV1Beta2SpecStsSecretRef */ export interface BucketV1Beta2SpecStsSecretRef { /** * Name of the referent. * * @schema BucketV1Beta2SpecStsSecretRef#name */ readonly name: string; } /** * Converts an object of type 'BucketV1Beta2SpecStsSecretRef' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_BucketV1Beta2SpecStsSecretRef(obj: BucketV1Beta2SpecStsSecretRef | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'name': obj.name, }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * GitRepository is the Schema for the gitrepositories API. * * @schema GitRepository */ export class GitRepository extends ApiObject { /** * Returns the apiVersion and kind for "GitRepository" */ public static readonly GVK: GroupVersionKind = { apiVersion: 'source.toolkit.fluxcd.io/v1', kind: 'GitRepository', } /** * Renders a Kubernetes manifest for "GitRepository". * * This can be used to inline resource manifests inside other objects (e.g. as templates). * * @param props initialization props */ public static manifest(props: GitRepositoryProps = {}): any { return { ...GitRepository.GVK, ...toJson_GitRepositoryProps(props), }; } /** * Defines a "GitRepository" API object * @param scope the scope in which to define this object * @param id a scope-local name for the object * @param props initialization props */ public constructor(scope: Construct, id: string, props: GitRepositoryProps = {}) { super(scope, id, { ...GitRepository.GVK, ...props, }); } /** * Renders the object to Kubernetes JSON. */ public toJson(): any { const resolved = super.toJson(); return { ...GitRepository.GVK, ...toJson_GitRepositoryProps(resolved), }; } } /** * GitRepository is the Schema for the gitrepositories API. * * @schema GitRepository */ export interface GitRepositoryProps { /** * @schema GitRepository#metadata */ readonly metadata?: ApiObjectMetadata; /** * GitRepositorySpec specifies the required configuration to produce an * Artifact for a Git repository. * * @schema GitRepository#spec */ readonly spec?: GitRepositorySpec; } /** * Converts an object of type 'GitRepositoryProps' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_GitRepositoryProps(obj: GitRepositoryProps | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'metadata': obj.metadata, 'spec': toJson_GitRepositorySpec(obj.spec), }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * GitRepositorySpec specifies the required configuration to produce an * Artifact for a Git repository. * * @schema GitRepositorySpec */ export interface GitRepositorySpec { /** * Ignore overrides the set of excluded patterns in the .sourceignore format * (which is the same as .gitignore). If not provided, a default will be used, * consult the documentation for your version to find out what those are. * * @schema GitRepositorySpec#ignore */ readonly ignore?: string; /** * Include specifies a list of GitRepository resources which Artifacts * should be included in the Artifact produced for this GitRepository. * * @schema GitRepositorySpec#include */ readonly include?: GitRepositorySpecInclude[]; /** * Interval at which the GitRepository URL is checked for updates. * This interval is approximate and may be subject to jitter to ensure * efficient use of resources. * * @schema GitRepositorySpec#interval */ readonly interval: string; /** * Provider used for authentication, can be 'azure', 'github', 'generic'. * When not specified, defaults to 'generic'. * * @schema GitRepositorySpec#provider */ readonly provider?: GitRepositorySpecProvider; /** * ProxySecretRef specifies the Secret containing the proxy configuration * to use while communicating with the Git server. * * @schema GitRepositorySpec#proxySecretRef */ readonly proxySecretRef?: GitRepositorySpecProxySecretRef; /** * RecurseSubmodules enables the initialization of all submodules within * the GitRepository as cloned from the URL, using their default settings. * * @schema GitRepositorySpec#recurseSubmodules */ readonly recurseSubmodules?: boolean; /** * Reference specifies the Git reference to resolve and monitor for * changes, defaults to the 'master' branch. * * @schema GitRepositorySpec#ref */ readonly ref?: GitRepositorySpecRef; /** * SecretRef specifies the Secret containing authentication credentials for * the GitRepository. * For HTTPS repositories the Secret must contain 'username' and 'password' * fields for basic auth or 'bearerToken' field for token auth. * For SSH repositories the Secret must contain 'identity' * and 'known_hosts' fields. * * @schema GitRepositorySpec#secretRef */ readonly secretRef?: GitRepositorySpecSecretRef; /** * Suspend tells the controller to suspend the reconciliation of this * GitRepository. * * @schema GitRepositorySpec#suspend */ readonly suspend?: boolean; /** * Timeout for Git operations like cloning, defaults to 60s. * * @schema GitRepositorySpec#timeout */ readonly timeout?: string; /** * URL specifies the Git repository URL, it can be an HTTP/S or SSH address. * * @schema GitRepositorySpec#url */ readonly url: string; /** * Verification specifies the configuration to verify the Git commit * signature(s). * * @schema GitRepositorySpec#verify */ readonly verify?: GitRepositorySpecVerify; } /** * Converts an object of type 'GitRepositorySpec' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_GitRepositorySpec(obj: GitRepositorySpec | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'ignore': obj.ignore, 'include': obj.include?.map(y => toJson_GitRepositorySpecInclude(y)), 'interval': obj.interval, 'provider': obj.provider, 'proxySecretRef': toJson_GitRepositorySpecProxySecretRef(obj.proxySecretRef), 'recurseSubmodules': obj.recurseSubmodules, 'ref': toJson_GitRepositorySpecRef(obj.ref), 'secretRef': toJson_GitRepositorySpecSecretRef(obj.secretRef), 'suspend': obj.suspend, 'timeout': obj.timeout, 'url': obj.url, 'verify': toJson_GitRepositorySpecVerify(obj.verify), }; // filter undefined values return Object.entries(result).reduce((r, i) => (i[1] === undefined) ? r : ({ ...r, [i[0]]: i[1] }), {}); } /* eslint-enable max-len, quote-props */ /** * GitRepositoryInclude specifies a local reference to a GitRepository which * Artifact (sub-)contents must be included, and where they should be placed. * * @schema GitRepositorySpecInclude */ export interface GitRepositorySpecInclude { /** * FromPath specifies the path to copy contents from, defaults to the root * of the Artifact. * * @schema GitRepositorySpecInclude#fromPath */ readonly fromPath?: string; /** * GitRepositoryRef specifies the GitRepository which Artifact contents * must be included. * * @schema GitRepositorySpecInclude#repository */ readonly repository: GitRepositorySpecIncludeRepository; /** * ToPath specifies the path to copy contents to, defaults to the name of * the GitRepositoryRef. * * @schema GitRepositorySpecInclude#toPath */ readonly toPath?: string; } /** * Converts an object of type 'GitRepositorySpecInclude' to JSON representation. */ /* eslint-disable max-len, quote-props */ export function toJson_GitRepositorySpecInclude(obj: GitRepositorySpecInclude | undefined): Record<string, any> | undefined { if (obj === undefined) { return undefined; } const result = { 'fromPath': obj.fromPath, 'repository': toJson_GitRepositorySpecIncludeRepository(obj.repository), 'toPath': obj.toPath, };