goharbor.io/v1alpha3/Harbor

string

.apiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

string

.kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

object

.metadata

object

.spec

HarborSpec defines the desired state of Harbor.

object

.spec .chartmuseum

boolean

.spec .chartmuseum .absoluteUrl

Harbor defaults ChartMuseum to returning relative urls, if you want using absolute url you should enable it

array

.spec .chartmuseum .certificateRefs

string

.spec .chartmuseum .image

Image name for the component.

string

.spec .chartmuseum .imagePullPolicy

Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

array

.spec .chartmuseum .imagePullSecrets

string

.spec .chartmuseum .imagePullSecrets[] .name

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

object

.spec .chartmuseum .nodeSelector

NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/

integer

.spec .chartmuseum .replicas

Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller

object

.spec .chartmuseum .resources

Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

array

.spec .chartmuseum .resources .claims

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.

string required

.spec .chartmuseum .resources .claims[] .name

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

object

.spec .chartmuseum .resources .limits

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

object

.spec .chartmuseum .resources .requests

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

string

.spec .chartmuseum .serviceAccountName

ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

object

.spec .chartmuseum .templateAnnotations

Custom annotations to be added into the pods

object

.spec .chartmuseum .templateLabels

Custom Labels to be added into the pods

array

.spec .chartmuseum .tolerations

If specified, the pod’s tolerations.

string

.spec .chartmuseum .tolerations[] .effect

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

string

.spec .chartmuseum .tolerations[] .key

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

string

.spec .chartmuseum .tolerations[] .operator

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

integer

.spec .chartmuseum .tolerations[] .tolerationSeconds

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

string

.spec .chartmuseum .tolerations[] .value

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

object

.spec .core

array

.spec .core .certificateRefs

string

.spec .core .image

Image name for the component.

string

.spec .core .imagePullPolicy

Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

array

.spec .core .imagePullSecrets

string

.spec .core .imagePullSecrets[] .name

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

object

.spec .core .metrics

boolean

.spec .core .metrics .enabled

string

.spec .core .metrics .path

The path of the metrics.

integer

.spec .core .metrics .port

The port of the metrics.

object

.spec .core .nodeSelector

NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/

integer

.spec .core .replicas

Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller

object

.spec .core .resources

Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

array

.spec .core .resources .claims

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.

string required

.spec .core .resources .claims[] .name

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

object

.spec .core .resources .limits

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

object

.spec .core .resources .requests

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

string

.spec .core .serviceAccountName

ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

object

.spec .core .templateAnnotations

Custom annotations to be added into the pods

object

.spec .core .templateLabels

Custom Labels to be added into the pods

object

.spec .core .tokenIssuer

ObjectReference is a reference to an object with a given name, kind and group.

string

.spec .core .tokenIssuer .group

Group of the resource being referred to.

string

.spec .core .tokenIssuer .kind

Kind of the resource being referred to.

string required

.spec .core .tokenIssuer .name

Name of the resource being referred to.

array

.spec .core .tolerations

If specified, the pod’s tolerations.

string

.spec .core .tolerations[] .effect

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

string

.spec .core .tolerations[] .key

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

string

.spec .core .tolerations[] .operator

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

integer

.spec .core .tolerations[] .tolerationSeconds

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

string

.spec .core .tolerations[] .value

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

object

.spec .database

Skip OpenAPI schema validation Use validating webhook to do verification (field required)

array required

.spec .database .hosts

string required

.spec .database .hosts[] .host

Name of host to connect to. If a host name begins with a slash, it specifies Unix-domain communication rather than TCP/IP communication; the value is the name of the directory in which the socket file is stored.

integer

.spec .database .hosts[] .port

Port number to connect to at the server host, or socket file name extension for Unix-domain connections. Zero, specifies the default port number established when PostgreSQL was built.

string

.spec .database .passwordRef

Secret containing the password to be used if the server demands password authentication.

string

.spec .database .prefix

string

.spec .database .sslMode

PostgreSQL has native support for using SSL connections to encrypt client/server communications for increased security.

string

.spec .database .username

PostgreSQL user name to connect as. Defaults to be the same as the operating system name of the user running the application.

object

.spec .exporter

object

.spec .exporter .cache

string

.spec .exporter .cache .cleanInterval

The interval to clean the cache info from the database and core.

string

.spec .exporter .cache .duration

The duration to cache info from the database and core.

string

.spec .exporter .image

Image name for the component.

string

.spec .exporter .imagePullPolicy

Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

array

.spec .exporter .imagePullSecrets

string

.spec .exporter .imagePullSecrets[] .name

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

object

.spec .exporter .nodeSelector

NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/

string

.spec .exporter .path

The metrics path of the exporter.

integer

.spec .exporter .port

The port of the exporter.

integer

.spec .exporter .replicas

Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller

object

.spec .exporter .resources

Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

array

.spec .exporter .resources .claims

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.

string required

.spec .exporter .resources .claims[] .name

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

object

.spec .exporter .resources .limits

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

object

.spec .exporter .resources .requests

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

string

.spec .exporter .serviceAccountName

ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

object

.spec .exporter .templateAnnotations

Custom annotations to be added into the pods

object

.spec .exporter .templateLabels

Custom Labels to be added into the pods

array

.spec .exporter .tolerations

If specified, the pod’s tolerations.

string

.spec .exporter .tolerations[] .effect

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

string

.spec .exporter .tolerations[] .key

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

string

.spec .exporter .tolerations[] .operator

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

integer

.spec .exporter .tolerations[] .tolerationSeconds

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

string

.spec .exporter .tolerations[] .value

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

object required

.spec .expose

object required

.spec .expose .core

object

.spec .expose .core .ingress

object

.spec .expose .core .ingress .annotations

string

.spec .expose .core .ingress .controller

Set to the type of ingress controller.

string required

.spec .expose .core .ingress .host

object

.spec .expose .core .tls

string

.spec .expose .core .tls .certificateRef

object

.spec .expose .notary

The ingress of the notary, required when notary component enabled.

object

.spec .expose .notary .ingress

object

.spec .expose .notary .ingress .annotations

string

.spec .expose .notary .ingress .controller

Set to the type of ingress controller.

string required

.spec .expose .notary .ingress .host

object

.spec .expose .notary .tls

string

.spec .expose .notary .tls .certificateRef

string required

.spec .externalURL

string required

.spec .harborAdminPasswordRef

object

.spec .imageChartStorage

Skip OpenAPI schema validation Use validating webhook to do verification (field required)

object

.spec .imageChartStorage .filesystem

FileSystem is an implementation of the storagedriver.StorageDriver interface which uses the local filesystem. The local filesystem can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/

object

.spec .imageChartStorage .filesystem .chartPersistentVolume

string required

.spec .imageChartStorage .filesystem .chartPersistentVolume .claimName

claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

string

.spec .imageChartStorage .filesystem .chartPersistentVolume .prefix

boolean

.spec .imageChartStorage .filesystem .chartPersistentVolume .readOnly

readOnly Will force the ReadOnly setting in VolumeMounts. Default false.

object required

.spec .imageChartStorage .filesystem .registryPersistentVolume

string required

.spec .imageChartStorage .filesystem .registryPersistentVolume .claimName

claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

integer

.spec .imageChartStorage .filesystem .registryPersistentVolume .maxthreads

string

.spec .imageChartStorage .filesystem .registryPersistentVolume .prefix

boolean

.spec .imageChartStorage .filesystem .registryPersistentVolume .readOnly

readOnly Will force the ReadOnly setting in VolumeMounts. Default false.

object

.spec .imageChartStorage .redirect

boolean

.spec .imageChartStorage .redirect .disable

object

.spec .imageChartStorage .s3

An implementation of the storagedriver.StorageDriver interface which uses Amazon S3 or S3 compatible services for object storage. See: https://docs.docker.com/registry/storage-drivers/s3/

string

.spec .imageChartStorage .s3 .accesskey

The AWS Access Key. If you use IAM roles, omit to fetch temporary credentials from IAM.

string required

.spec .imageChartStorage .s3 .bucket

The bucket name in which you want to store the registry’s data.

string

.spec .imageChartStorage .s3 .certificateRef

integer

.spec .imageChartStorage .s3 .chunksize

The S3 API requires multipart upload chunks to be at least 5MB.

boolean

.spec .imageChartStorage .s3 .encrypt

Specifies whether the registry stores the image in encrypted format or not. A boolean value.

string

.spec .imageChartStorage .s3 .keyid

KMS key ID to use for encryption (encrypt must be true, or this parameter is ignored).

string required

.spec .imageChartStorage .s3 .region

The AWS region in which your bucket exists. For the moment, the Go AWS library in use does not use the newer DNS based bucket routing. For a list of regions, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html

string

.spec .imageChartStorage .s3 .regionendpoint

Endpoint for S3 compatible storage services (Minio, etc).

string

.spec .imageChartStorage .s3 .rootdirectory

This is a prefix that is applied to all S3 keys to allow you to segment data in your bucket if necessary.

string

.spec .imageChartStorage .s3 .secretkeyRef

Reference to the secret containing the AWS Secret Key. If you use IAM roles, omit to fetch temporary credentials from IAM.

boolean

.spec .imageChartStorage .s3 .secure

boolean

.spec .imageChartStorage .s3 .skipverify

Skips TLS verification when the value is set to true.

string

.spec .imageChartStorage .s3 .storageclass

The S3 storage class applied to each registry file.

boolean

.spec .imageChartStorage .s3 .v4auth

Indicates whether the registry uses Version 4 of AWS’s authentication.

object

.spec .imageChartStorage .swift

An implementation of the storagedriver.StorageDriver interface that uses OpenStack Swift for object storage. See: https://docs.docker.com/registry/storage-drivers/swift/

string

.spec .imageChartStorage .swift .accesskey

The access key to generate temporary URLs. It is used by HP Cloud Object Storage in addition to the secretkey parameter.

string required

.spec .imageChartStorage .swift .authurl

URL for obtaining an auth token. https://storage.myprovider.com/v2.0 or https://storage.myprovider.com/v3/auth

string

.spec .imageChartStorage .swift .authversion

Specify the OpenStack Auth’s version, for example 3. By default the driver autodetects the auth’s version from the authurl.

integer

.spec .imageChartStorage .swift .chunksize

Size of the data segments for the Swift Dynamic Large Objects. This value should be a number.

string required

.spec .imageChartStorage .swift .container

The name of your Swift container where you wish to store the registry’s data. The driver creates the named container during its initialization.

string

.spec .imageChartStorage .swift .domain

Your Openstack domain name for Identity v3 API. You can either use domain or domainid.

string

.spec .imageChartStorage .swift .domainID

Your Openstack domain ID for Identity v3 API. You can either use domain or domainid.

string

.spec .imageChartStorage .swift .endpointtype

The endpoint type used when connecting to swift.

boolean

.spec .imageChartStorage .swift .insecureskipverify

Skips TLS verification if the value is set to true.

string

.spec .imageChartStorage .swift .passwordRef

Secret name containing the Openstack password.

string

.spec .imageChartStorage .swift .prefix

This is a prefix that is applied to all Swift keys to allow you to segment data in your container if necessary. Defaults to the container’s root.

string

.spec .imageChartStorage .swift .region

The Openstack region in which your container exists.

string

.spec .imageChartStorage .swift .secretkeyRef

The secret key used to generate temporary URLs.

string

.spec .imageChartStorage .swift .tenant

Your Openstack tenant name. You can either use tenant or tenantid.

string

.spec .imageChartStorage .swift .tenantID

Your Openstack tenant ID. You can either use tenant or tenantid.

string

.spec .imageChartStorage .swift .trustid

Your Openstack trust ID for Identity v3 API.

string

.spec .imageChartStorage .swift .username

The Openstack user name.

object

.spec .imageSource

string

.spec .imageSource .imagePullPolicy

Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

array

.spec .imageSource .imagePullSecrets

string

.spec .imageSource .imagePullSecrets[] .name

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

string

.spec .imageSource .repository

The default repository for the images of the components. eg docker.io/goharbor/

string

.spec .imageSource .tagSuffix

The tag suffix for the images of the images of the components. eg ‘-patch1’

object

.spec .internalTLS

boolean

.spec .internalTLS .enabled

object

.spec .jobservice

array

.spec .jobservice .certificateRefs

string

.spec .jobservice .image

Image name for the component.

string

.spec .jobservice .imagePullPolicy

Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

array

.spec .jobservice .imagePullSecrets

string

.spec .jobservice .imagePullSecrets[] .name

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

object

.spec .jobservice .nodeSelector

NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/

integer

.spec .jobservice .replicas

Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller

object

.spec .jobservice .resources

Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

array

.spec .jobservice .resources .claims

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.

string required

.spec .jobservice .resources .claims[] .name

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

object

.spec .jobservice .resources .limits

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

object

.spec .jobservice .resources .requests

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

string

.spec .jobservice .serviceAccountName

ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

object

.spec .jobservice .templateAnnotations

Custom annotations to be added into the pods

object

.spec .jobservice .templateLabels

Custom Labels to be added into the pods

array

.spec .jobservice .tolerations

If specified, the pod’s tolerations.

string

.spec .jobservice .tolerations[] .effect

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

string

.spec .jobservice .tolerations[] .key

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

string

.spec .jobservice .tolerations[] .operator

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

integer

.spec .jobservice .tolerations[] .tolerationSeconds

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

string

.spec .jobservice .tolerations[] .value

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

integer

.spec .jobservice .workerCount

string

.spec .logLevel

HarborLogLevel is the log level for Harbor.

object

.spec .notary

boolean

.spec .notary .migrationEnabled

Inject migration configuration to notary resources

object

.spec .notary .server

string

.spec .notary .server .image

Image name for the component.

string

.spec .notary .server .imagePullPolicy

Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

array

.spec .notary .server .imagePullSecrets

string

.spec .notary .server .imagePullSecrets[] .name

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

object

.spec .notary .server .nodeSelector

NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/

integer

.spec .notary .server .replicas

Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller

object

.spec .notary .server .resources

Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

array

.spec .notary .server .resources .claims

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.

string required

.spec .notary .server .resources .claims[] .name

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

object

.spec .notary .server .resources .limits

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

object

.spec .notary .server .resources .requests

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

string

.spec .notary .server .serviceAccountName

ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

object

.spec .notary .server .templateAnnotations

Custom annotations to be added into the pods

object

.spec .notary .server .templateLabels

Custom Labels to be added into the pods

array

.spec .notary .server .tolerations

If specified, the pod’s tolerations.

string

.spec .notary .server .tolerations[] .effect

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

string

.spec .notary .server .tolerations[] .key

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

string

.spec .notary .server .tolerations[] .operator

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

integer

.spec .notary .server .tolerations[] .tolerationSeconds

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

string

.spec .notary .server .tolerations[] .value

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

object

.spec .notary .signer

string

.spec .notary .signer .image

Image name for the component.

string

.spec .notary .signer .imagePullPolicy

Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

array

.spec .notary .signer .imagePullSecrets

string

.spec .notary .signer .imagePullSecrets[] .name

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

object

.spec .notary .signer .nodeSelector

NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/

integer

.spec .notary .signer .replicas

Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller

object

.spec .notary .signer .resources

Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

array

.spec .notary .signer .resources .claims

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.

string required

.spec .notary .signer .resources .claims[] .name

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

object

.spec .notary .signer .resources .limits

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

object

.spec .notary .signer .resources .requests

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

string

.spec .notary .signer .serviceAccountName

ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

object

.spec .notary .signer .templateAnnotations

Custom annotations to be added into the pods

object

.spec .notary .signer .templateLabels

Custom Labels to be added into the pods

array

.spec .notary .signer .tolerations

If specified, the pod’s tolerations.

string

.spec .notary .signer .tolerations[] .effect

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

string

.spec .notary .signer .tolerations[] .key

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

string

.spec .notary .signer .tolerations[] .operator

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

integer

.spec .notary .signer .tolerations[] .tolerationSeconds

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

string

.spec .notary .signer .tolerations[] .value

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

object

.spec .portal

string

.spec .portal .image

Image name for the component.

string

.spec .portal .imagePullPolicy

Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

array

.spec .portal .imagePullSecrets

string

.spec .portal .imagePullSecrets[] .name

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

object

.spec .portal .nodeSelector

NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/

integer

.spec .portal .replicas

Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller

object

.spec .portal .resources

Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

array

.spec .portal .resources .claims

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.

string required

.spec .portal .resources .claims[] .name

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

object

.spec .portal .resources .limits

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

object

.spec .portal .resources .requests

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

string

.spec .portal .serviceAccountName

ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

object

.spec .portal .templateAnnotations

Custom annotations to be added into the pods

object

.spec .portal .templateLabels

Custom Labels to be added into the pods

array

.spec .portal .tolerations

If specified, the pod’s tolerations.

string

.spec .portal .tolerations[] .effect

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

string

.spec .portal .tolerations[] .key

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

string

.spec .portal .tolerations[] .operator

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

integer

.spec .portal .tolerations[] .tolerationSeconds

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

string

.spec .portal .tolerations[] .value

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

object

.spec .proxy

array

.spec .proxy .components

string

.spec .proxy .httpProxy

string

.spec .proxy .httpsProxy

array

.spec .proxy .noProxy

object

.spec .redis

Skip OpenAPI schema validation Use validating webhook to do verification (field required)

string

.spec .redis .certificateRef

Secret containing the client certificate to authenticate with.

string required

.spec .redis .host

Server hostname.

string

.spec .redis .passwordRef

Secret containing the password to use when connecting to the server.

integer

.spec .redis .port

Server port.

string

.spec .redis .sentinelMasterSet

for Sentinel MasterSet.

object

.spec .registry

array

.spec .registry .certificateRefs

string

.spec .registry .image

Image name for the component.

string

.spec .registry .imagePullPolicy

Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

array

.spec .registry .imagePullSecrets

string

.spec .registry .imagePullSecrets[] .name

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

object

.spec .registry .metrics

boolean

.spec .registry .metrics .enabled

string

.spec .registry .metrics .path

The path of the metrics.

integer

.spec .registry .metrics .port

The port of the metrics.

object

.spec .registry .nodeSelector

NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/

boolean

.spec .registry .relativeURLs

integer

.spec .registry .replicas

Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller

object

.spec .registry .resources

Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

array

.spec .registry .resources .claims

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.

string required

.spec .registry .resources .claims[] .name

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

object

.spec .registry .resources .limits

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

object

.spec .registry .resources .requests

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

string

.spec .registry .serviceAccountName

ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

array

.spec .registry .storageMiddlewares

string required

.spec .registry .storageMiddlewares[] .name

string

.spec .registry .storageMiddlewares[] .optionsRef

object

.spec .registry .templateAnnotations

Custom annotations to be added into the pods

object

.spec .registry .templateLabels

Custom Labels to be added into the pods

array

.spec .registry .tolerations

If specified, the pod’s tolerations.

string

.spec .registry .tolerations[] .effect

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

string

.spec .registry .tolerations[] .key

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

string

.spec .registry .tolerations[] .operator

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

integer

.spec .registry .tolerations[] .tolerationSeconds

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

string

.spec .registry .tolerations[] .value

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

object

.spec .registryctl

string

.spec .registryctl .image

Image name for the component.

string

.spec .registryctl .imagePullPolicy

Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

array

.spec .registryctl .imagePullSecrets

string

.spec .registryctl .imagePullSecrets[] .name

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

object

.spec .registryctl .nodeSelector

NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/

integer

.spec .registryctl .replicas

Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller

object

.spec .registryctl .resources

Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

array

.spec .registryctl .resources .claims

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.

string required

.spec .registryctl .resources .claims[] .name

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

object

.spec .registryctl .resources .limits

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

object

.spec .registryctl .resources .requests

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

string

.spec .registryctl .serviceAccountName

ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

object

.spec .registryctl .templateAnnotations

Custom annotations to be added into the pods

object

.spec .registryctl .templateLabels

Custom Labels to be added into the pods

array

.spec .registryctl .tolerations

If specified, the pod’s tolerations.

string

.spec .registryctl .tolerations[] .effect

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

string

.spec .registryctl .tolerations[] .key

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

string

.spec .registryctl .tolerations[] .operator

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

integer

.spec .registryctl .tolerations[] .tolerationSeconds

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

string

.spec .registryctl .tolerations[] .value

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

object

.spec .trivy

array

.spec .trivy .certificateRefs

string

.spec .trivy .githubTokenRef

The name of the secret containing the token to connect to GitHub API.

string

.spec .trivy .image

Image name for the component.

string

.spec .trivy .imagePullPolicy

Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

array

.spec .trivy .imagePullSecrets

string

.spec .trivy .imagePullSecrets[] .name

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

object

.spec .trivy .nodeSelector

NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/

integer

.spec .trivy .replicas

Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller

object

.spec .trivy .resources

Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

array

.spec .trivy .resources .claims

Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.

string required

.spec .trivy .resources .claims[] .name

Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

object

.spec .trivy .resources .limits

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

object

.spec .trivy .resources .requests

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

string

.spec .trivy .serviceAccountName

ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

boolean

.spec .trivy .skipUpdate

The flag to enable or disable Trivy DB downloads from GitHub

object required

.spec .trivy .storage

object

.spec .trivy .storage .cachePersistentVolume

CachePersistentVolume specify the persistent volume used to store Trivy cache. If empty, empty dir will be used.

string required

.spec .trivy .storage .cachePersistentVolume .claimName

claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

string

.spec .trivy .storage .cachePersistentVolume .prefix

boolean

.spec .trivy .storage .cachePersistentVolume .readOnly

readOnly Will force the ReadOnly setting in VolumeMounts. Default false.

object

.spec .trivy .storage .reportsPersistentVolume

ReportsPersistentVolume specify the persistent volume used to store Trivy reports. If empty, empty dir will be used.

string required

.spec .trivy .storage .reportsPersistentVolume .claimName

claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

string

.spec .trivy .storage .reportsPersistentVolume .prefix

boolean

.spec .trivy .storage .reportsPersistentVolume .readOnly

readOnly Will force the ReadOnly setting in VolumeMounts. Default false.

object

.spec .trivy .templateAnnotations

Custom annotations to be added into the pods

object

.spec .trivy .templateLabels

Custom Labels to be added into the pods

array

.spec .trivy .tolerations

If specified, the pod’s tolerations.

string

.spec .trivy .tolerations[] .effect

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

string

.spec .trivy .tolerations[] .key

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

string

.spec .trivy .tolerations[] .operator

Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

integer

.spec .trivy .tolerations[] .tolerationSeconds

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

string

goharbor.io / v1alpha3 / Harbor