From 5484170328e3fa31a1496bbf11d54937c74ebaad Mon Sep 17 00:00:00 2001 From: Mason Malone <651224+MasonM@users.noreply.github.com> Date: Thu, 5 Dec 2024 06:59:36 -0800 Subject: [PATCH 1/4] test: simple DB CLI for local development (#13715) Signed-off-by: Mason Malone <651224+MasonM@users.noreply.github.com> Signed-off-by: Mason Malone --- docs/running-locally.md | 24 +++++++ hack/db/main.go | 137 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 161 insertions(+) create mode 100644 hack/db/main.go diff --git a/docs/running-locally.md b/docs/running-locally.md index 2ddc19b1c2a6..947c99bdbf65 100644 --- a/docs/running-locally.md +++ b/docs/running-locally.md @@ -235,6 +235,30 @@ Tests often fail: that's good. To diagnose failure: If tests run slowly or time out, factory reset your Kubernetes cluster. +### Database Tooling + +The `go run ./hack/db` CLI provides a few useful commands for working with the DB locally: + +```console +$ go run ./hack/db +CLI for developers to use when working on the DB locally + +Usage: + db [command] + +Available Commands: + completion Generate the autocompletion script for the specified shell + fake-archived-workflows Insert randomly-generated workflows into argo_archived_workflows, for testing purposes + help Help about any command + migrate Force DB migration for given cluster/table + +Flags: + -c, --dsn string DSN connection string. For MySQL, use 'mysql:password@tcp/argo'. (default "postgres://postgres@localhost:5432/postgres") + -h, --help help for db + +Use "db [command] --help" for more information about a command. +``` + ### Debugging using Visual Studio Code When using the Dev Container with VSCode, use the `Attach to argo server` and/or `Attach to workflow controller` launch configurations to attach to the `argo` or `workflow-controller` processes, respectively. diff --git a/hack/db/main.go b/hack/db/main.go new file mode 100644 index 000000000000..8faf2d241789 --- /dev/null +++ b/hack/db/main.go @@ -0,0 +1,137 @@ +package main + +import ( + "context" + "fmt" + "os" + "strings" + "time" + + "github.com/spf13/cobra" + "github.com/upper/db/v4" + mysqladp "github.com/upper/db/v4/adapter/mysql" + postgresqladp "github.com/upper/db/v4/adapter/postgresql" + "k8s.io/apimachinery/pkg/util/rand" + "k8s.io/apimachinery/pkg/util/uuid" + + "github.com/argoproj/argo-workflows/v3/persist/sqldb" + wfv1 "github.com/argoproj/argo-workflows/v3/pkg/apis/workflow/v1alpha1" + "github.com/argoproj/argo-workflows/v3/util/instanceid" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +var session db.Session + +func main() { + var dsn string + rootCmd := &cobra.Command{ + Use: "db", + Short: "CLI for developers to use when working on the DB locally", + } + rootCmd.PersistentPreRunE = func(cmd *cobra.Command, args []string) (err error) { + session, err = createDBSession(dsn) + return + } + rootCmd.PersistentFlags().StringVarP(&dsn, "dsn", "d", "postgres://postgres@localhost:5432/postgres", "DSN connection string. For MySQL, use 'mysql:password@tcp/argo'.") + rootCmd.AddCommand(NewMigrateCommand()) + rootCmd.AddCommand(NewFakeDataCommand()) + + if err := rootCmd.Execute(); err != nil { + os.Exit(1) + } +} + +func NewMigrateCommand() *cobra.Command { + var cluster, table string + migrationCmd := &cobra.Command{ + Use: "migrate", + Short: "Force DB migration for given cluster/table", + RunE: func(cmd *cobra.Command, args []string) error { + return sqldb.NewMigrate(session, cluster, table).Exec(context.Background()) + }, + } + migrationCmd.Flags().StringVar(&cluster, "cluster", "default", "Cluster name") + migrationCmd.Flags().StringVar(&table, "table", "argo_workflows", "Table name") + return migrationCmd +} + +func NewFakeDataCommand() *cobra.Command { + var template string + var seed, rows int + var clusters, namespaces []string + fakeDataCmd := &cobra.Command{ + Use: "fake-archived-workflows", + Short: "Insert randomly-generated workflows into argo_archived_workflows, for testing purposes", + RunE: func(cmd *cobra.Command, args []string) error { + rand.Seed(int64(seed)) + fmt.Printf("Using seed %d\nClusters: %v\nNamespaces: %v\n", seed, clusters, namespaces) + + instanceIDService := instanceid.NewService("") + wfTmpl := wfv1.MustUnmarshalWorkflow(template) + + for i := 0; i < rows; i++ { + wf := randomizeWorkflow(wfTmpl, namespaces) + cluster := clusters[rand.Intn(len(clusters))] + wfArchive := sqldb.NewWorkflowArchive(session, cluster, "", instanceIDService) + if err := wfArchive.ArchiveWorkflow(wf); err != nil { + return err + } + } + fmt.Printf("Inserted %d rows\n", rows) + return nil + }, + } + fakeDataCmd.Flags().StringVar(&template, "template", "@workflow/controller/testdata/dag-exhausted-retries-xfail.yaml", "Workflow definition to use as a template") + fakeDataCmd.Flags().IntVar(&seed, "seed", rand.Int(), "Random number seed") + fakeDataCmd.Flags().IntVar(&rows, "rows", 10, "Number of rows to insert") + fakeDataCmd.Flags().StringArrayVarP(&clusters, "clusters", "c", []string{"default"}, "Cluster name(s). If multiple given, each Workflow will be randomly assigned to one") + fakeDataCmd.Flags().StringArrayVarP(&namespaces, "namespaces", "n", []string{"argo"}, "Namespace(s). If multiple given, each Workflow will be randomly assigned to one") + return fakeDataCmd +} + +func createDBSession(dsn string) (db.Session, error) { + if strings.HasPrefix(dsn, "postgres") { + url, err := postgresqladp.ParseURL(dsn) + if err != nil { + return nil, err + } + return postgresqladp.Open(url) + } else { + url, err := mysqladp.ParseURL(dsn) + if err != nil { + return nil, err + } + return mysqladp.Open(url) + } +} + +func randomPhase() wfv1.WorkflowPhase { + phases := []wfv1.WorkflowPhase{ + wfv1.WorkflowSucceeded, + wfv1.WorkflowFailed, + wfv1.WorkflowError, + } + return phases[rand.Intn(len(phases))] +} + +func randomTime() time.Time { + min := time.Date(2023, 1, 1, 0, 0, 0, 0, time.UTC).Unix() + max := time.Date(2024, 1, 1, 0, 0, 0, 0, time.UTC).Unix() + return time.Unix(rand.Int63nRange(min, max), 0) +} + +func randomizeWorkflow(wfTmpl *wfv1.Workflow, namespaces []string) *wfv1.Workflow { + wf := wfTmpl.DeepCopy() + wf.Name = rand.String(rand.IntnRange(10, 30)) + wf.Namespace = namespaces[rand.Intn(len(namespaces))] + wf.UID = uuid.NewUUID() + wf.Status.Phase = randomPhase() + startTime := randomTime() + wf.Status.StartedAt = metav1.NewTime(startTime) + wf.Status.FinishedAt = metav1.NewTime(startTime.Add(time.Second * time.Duration(rand.IntnRange(5, 300)))) + if wf.Labels == nil { + wf.Labels = map[string]string{} + } + wf.Labels["workflows.argoproj.io/phase"] = string(wf.Status.Phase) + return wf +} From de10e066da8e824fb28e2f79421af1cdb2665eb8 Mon Sep 17 00:00:00 2001 From: William Van Hevelingen Date: Thu, 5 Dec 2024 07:04:42 -0800 Subject: [PATCH 2/4] chore(deps)!: bump k8s dependencies to 1.31 (#13944) Signed-off-by: william.vanhevelingen Signed-off-by: Mason Malone <651224+MasonM@users.noreply.github.com> Co-authored-by: Mason Malone <651224+MasonM@users.noreply.github.com> --- Makefile | 4 +- api/jsonschema/schema.json | 44 ++- api/openapi-spec/swagger.json | 44 ++- cmd/workflow-controller/main.go | 2 +- docs/executor_swagger.md | 63 ++- docs/fields.md | 371 +++++++++++++++++- go.mod | 83 ++-- go.sum | 200 +++++----- .../argoproj.io_clusterworkflowtemplates.yaml | 101 +++++ .../crds/full/argoproj.io_cronworkflows.yaml | 101 +++++ .../base/crds/full/argoproj.io_workflows.yaml | 259 ++++++++++++ .../full/argoproj.io_workflowtasksets.yaml | 42 ++ .../full/argoproj.io_workflowtemplates.yaml | 101 +++++ pkg/apiclient/argo-server-client.go | 2 +- pkg/plugins/executor/swagger.yml | 70 +++- sdks/java/client/docs/ImageVolumeSource.md | 15 + .../client/docs/PersistentVolumeClaimSpec.md | 2 +- .../docs/PersistentVolumeClaimStatus.md | 2 +- sdks/java/client/docs/PodAffinityTerm.md | 4 +- .../java/client/docs/ProjectedVolumeSource.md | 2 +- sdks/java/client/docs/ResourceClaim.md | 1 + sdks/java/client/docs/VolumeProjection.md | 2 +- .../model/image_volume_source.py | 259 ++++++++++++ .../model/persistent_volume_claim_spec.py | 4 +- .../model/persistent_volume_claim_status.py | 4 +- .../argo_workflows/model/pod_affinity_term.py | 8 +- .../model/pod_security_context.py | 8 +- .../model/projected_volume_source.py | 4 +- .../argo_workflows/model/resource_claim.py | 4 + .../argo_workflows/model/security_context.py | 4 +- .../client/argo_workflows/model/volume.py | 6 + .../client/argo_workflows/models/__init__.py | 1 + .../docs/ClusterWorkflowTemplateServiceApi.md | 75 ++++ .../client/docs/CronWorkflowServiceApi.md | 75 ++++ .../client/docs/EventSourceServiceApi.md | 12 + sdks/python/client/docs/ImageVolumeSource.md | 14 + .../client/docs/PersistentVolumeClaimSpec.md | 2 +- .../docs/PersistentVolumeClaimStatus.md | 2 +- sdks/python/client/docs/PodAffinityTerm.md | 4 +- sdks/python/client/docs/PodSecurityContext.md | 3 +- .../client/docs/ProjectedVolumeSource.md | 2 +- sdks/python/client/docs/ResourceClaim.md | 1 + sdks/python/client/docs/SecurityContext.md | 2 +- sdks/python/client/docs/SensorServiceApi.md | 12 + sdks/python/client/docs/Volume.md | 1 + sdks/python/client/docs/VolumeProjection.md | 2 +- sdks/python/client/docs/WorkflowServiceApi.md | 128 ++++++ .../client/docs/WorkflowTemplateServiceApi.md | 75 ++++ util/telemetry/exporter_prometheus.go | 2 +- workflow/controller/controller.go | 71 ++-- workflow/controller/controller_test.go | 6 +- workflow/controller/rate_limiters.go | 8 +- workflow/cron/controller.go | 24 +- workflow/executor/agent.go | 2 +- workflow/gccontroller/gc_controller.go | 18 +- workflow/gccontroller/gc_controller_test.go | 2 +- workflow/metrics/metrics_test.go | 2 +- workflow/metrics/work_queue.go | 20 +- workflow/metrics/work_queue_test.go | 2 +- workflow/sync/sync_manager.go | 4 +- workflow/sync/sync_manager_test.go | 2 +- 61 files changed, 2081 insertions(+), 309 deletions(-) create mode 100644 sdks/java/client/docs/ImageVolumeSource.md create mode 100644 sdks/python/client/argo_workflows/model/image_volume_source.py create mode 100644 sdks/python/client/docs/ImageVolumeSource.md diff --git a/Makefile b/Makefile index 488ba239c079..365bbe42df3e 100644 --- a/Makefile +++ b/Makefile @@ -303,7 +303,7 @@ endif $(GOPATH)/bin/controller-gen: Makefile # update this in Nix when upgrading it here ifneq ($(USE_NIX), true) - go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.15.0 + go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.16.5 endif $(GOPATH)/bin/go-to-protobuf: Makefile # update this in Nix when upgrading it here @@ -666,7 +666,7 @@ dist/kubernetes.swagger.json: Makefile @mkdir -p dist # recurl will only fetch if the file doesn't exist, so delete it rm -f $@ - ./hack/recurl.sh $@ https://raw.githubusercontent.com/kubernetes/kubernetes/v1.30.3/api/openapi-spec/swagger.json + ./hack/recurl.sh $@ https://raw.githubusercontent.com/kubernetes/kubernetes/v1.31.3/api/openapi-spec/swagger.json pkg/apiclient/_.secondary.swagger.json: hack/api/swagger/secondaryswaggergen.go pkg/apis/workflow/v1alpha1/openapi_generated.go dist/kubernetes.swagger.json rm -Rf v3 vendor diff --git a/api/jsonschema/schema.json b/api/jsonschema/schema.json index 5153f7722101..6935e019d377 100644 --- a/api/jsonschema/schema.json +++ b/api/jsonschema/schema.json @@ -9514,6 +9514,20 @@ ], "type": "object" }, + "io.k8s.api.core.v1.ImageVolumeSource": { + "description": "ImageVolumeSource represents a image volume resource.", + "properties": { + "pullPolicy": { + "description": "Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.", + "type": "string" + }, + "reference": { + "description": "Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + "type": "string" + } + }, + "type": "object" + }, "io.k8s.api.core.v1.KeyToPath": { "description": "Maps a string key to a path within a volume.", "properties": { @@ -9857,7 +9871,7 @@ "type": "string" }, "volumeAttributesClassName": { - "description": "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.", + "description": "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).", "type": "string" }, "volumeMode": { @@ -9918,12 +9932,12 @@ "x-kubernetes-patch-strategy": "merge" }, "currentVolumeAttributesClassName": { - "description": "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is an alpha field and requires enabling VolumeAttributesClass feature.", + "description": "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is a beta field and requires enabling VolumeAttributesClass feature (off by default).", "type": "string" }, "modifyVolumeStatus": { "$ref": "#/definitions/io.k8s.api.core.v1.ModifyVolumeStatus", - "description": "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. This is an alpha field and requires enabling VolumeAttributesClass feature." + "description": "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. This is a beta field and requires enabling VolumeAttributesClass feature (off by default)." }, "phase": { "description": "phase represents the current phase of PersistentVolumeClaim.", @@ -10013,7 +10027,7 @@ "description": "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods." }, "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + "description": "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).", "items": { "type": "string" }, @@ -10021,7 +10035,7 @@ "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + "description": "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).", "items": { "type": "string" }, @@ -10151,7 +10165,7 @@ "description": "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows." }, "supplementalGroups": { - "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.", + "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.", "items": { "format": "int64", "type": "integer" @@ -10159,6 +10173,10 @@ "type": "array", "x-kubernetes-list-type": "atomic" }, + "supplementalGroupsPolicy": { + "description": "Defines how supplemental groups of the first container processes are calculated. Valid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, "sysctls": { "description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.", "items": { @@ -10267,7 +10285,7 @@ "type": "integer" }, "sources": { - "description": "sources is the list of volume projections", + "description": "sources is the list of volume projections. Each entry in this list handles one source.", "items": { "$ref": "#/definitions/io.k8s.api.core.v1.VolumeProjection" }, @@ -10363,6 +10381,10 @@ "name": { "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", "type": "string" + }, + "request": { + "description": "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.", + "type": "string" } }, "required": [ @@ -10625,7 +10647,7 @@ "type": "boolean" }, "procMount": { - "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "description": "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", "type": "string" }, "readOnlyRootFilesystem": { @@ -10932,6 +10954,10 @@ "$ref": "#/definitions/io.k8s.api.core.v1.HostPathVolumeSource", "description": "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" }, + "image": { + "$ref": "#/definitions/io.k8s.api.core.v1.ImageVolumeSource", + "description": "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type." + }, "iscsi": { "$ref": "#/definitions/io.k8s.api.core.v1.ISCSIVolumeSource", "description": "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" @@ -11047,7 +11073,7 @@ "type": "object" }, "io.k8s.api.core.v1.VolumeProjection": { - "description": "Projection that may be projected along with other supported volume types", + "description": "Projection that may be projected along with other supported volume types. Exactly one of these fields must be set.", "properties": { "clusterTrustBundle": { "$ref": "#/definitions/io.k8s.api.core.v1.ClusterTrustBundleProjection", diff --git a/api/openapi-spec/swagger.json b/api/openapi-spec/swagger.json index 6e170ecd5901..059db6cc2510 100644 --- a/api/openapi-spec/swagger.json +++ b/api/openapi-spec/swagger.json @@ -13511,6 +13511,20 @@ } } }, + "io.k8s.api.core.v1.ImageVolumeSource": { + "description": "ImageVolumeSource represents a image volume resource.", + "type": "object", + "properties": { + "pullPolicy": { + "description": "Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.", + "type": "string" + }, + "reference": { + "description": "Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.", + "type": "string" + } + } + }, "io.k8s.api.core.v1.KeyToPath": { "description": "Maps a string key to a path within a volume.", "type": "object", @@ -13855,7 +13869,7 @@ "type": "string" }, "volumeAttributesClassName": { - "description": "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.", + "description": "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).", "type": "string" }, "volumeMode": { @@ -13916,11 +13930,11 @@ "x-kubernetes-patch-strategy": "merge" }, "currentVolumeAttributesClassName": { - "description": "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is an alpha field and requires enabling VolumeAttributesClass feature.", + "description": "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is a beta field and requires enabling VolumeAttributesClass feature (off by default).", "type": "string" }, "modifyVolumeStatus": { - "description": "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. This is an alpha field and requires enabling VolumeAttributesClass feature.", + "description": "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. This is a beta field and requires enabling VolumeAttributesClass feature (off by default).", "$ref": "#/definitions/io.k8s.api.core.v1.ModifyVolumeStatus" }, "phase": { @@ -14014,7 +14028,7 @@ "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector" }, "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + "description": "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).", "type": "array", "items": { "type": "string" @@ -14022,7 +14036,7 @@ "x-kubernetes-list-type": "atomic" }, "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", + "description": "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).", "type": "array", "items": { "type": "string" @@ -14149,7 +14163,7 @@ "$ref": "#/definitions/io.k8s.api.core.v1.SeccompProfile" }, "supplementalGroups": { - "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.", + "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.", "type": "array", "items": { "type": "integer", @@ -14157,6 +14171,10 @@ }, "x-kubernetes-list-type": "atomic" }, + "supplementalGroupsPolicy": { + "description": "Defines how supplemental groups of the first container processes are calculated. Valid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.", + "type": "string" + }, "sysctls": { "description": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.", "type": "array", @@ -14265,7 +14283,7 @@ "type": "integer" }, "sources": { - "description": "sources is the list of volume projections", + "description": "sources is the list of volume projections. Each entry in this list handles one source.", "type": "array", "items": { "$ref": "#/definitions/io.k8s.api.core.v1.VolumeProjection" @@ -14364,6 +14382,10 @@ "name": { "description": "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.", "type": "string" + }, + "request": { + "description": "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.", + "type": "string" } } }, @@ -14623,7 +14645,7 @@ "type": "boolean" }, "procMount": { - "description": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", + "description": "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.", "type": "string" }, "readOnlyRootFilesystem": { @@ -14933,6 +14955,10 @@ "description": "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath", "$ref": "#/definitions/io.k8s.api.core.v1.HostPathVolumeSource" }, + "image": { + "description": "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.", + "$ref": "#/definitions/io.k8s.api.core.v1.ImageVolumeSource" + }, "iscsi": { "description": "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md", "$ref": "#/definitions/io.k8s.api.core.v1.ISCSIVolumeSource" @@ -15044,7 +15070,7 @@ } }, "io.k8s.api.core.v1.VolumeProjection": { - "description": "Projection that may be projected along with other supported volume types", + "description": "Projection that may be projected along with other supported volume types. Exactly one of these fields must be set.", "type": "object", "properties": { "clusterTrustBundle": { diff --git a/cmd/workflow-controller/main.go b/cmd/workflow-controller/main.go index 9b2247c62fd4..ad24683d01ce 100644 --- a/cmd/workflow-controller/main.go +++ b/cmd/workflow-controller/main.go @@ -70,7 +70,7 @@ func NewRootCommand() *cobra.Command { Use: CLIName, Short: "workflow-controller is the controller to operate on workflows", RunE: func(c *cobra.Command, args []string) error { - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) + defer runtimeutil.HandleCrashWithContext(context.Background(), runtimeutil.PanicHandlers...) cli.SetLogLevel(logLevel) cmdutil.SetGLogLevel(glogLevel) diff --git a/docs/executor_swagger.md b/docs/executor_swagger.md index 4dd0c7b4d798..c98dbbd9ecfc 100644 --- a/docs/executor_swagger.md +++ b/docs/executor_swagger.md @@ -431,9 +431,9 @@ of a single workflow step, which the executor will use as a default location to | cachingMode | [AzureDataDiskCachingMode](#azure-data-disk-caching-mode)| `AzureDataDiskCachingMode` | | | | | | diskName | string| `string` | | | diskName is the Name of the data disk in the blob storage | | | diskURI | string| `string` | | | diskURI is the URI of data disk in the blob storage | | -| fsType | string| `string` | | | fsType is Filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+optional | | +| fsType | string| `string` | | | fsType is Filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+optional
+default="ext4" | | | kind | [AzureDataDiskKind](#azure-data-disk-kind)| `AzureDataDiskKind` | | | | | -| readOnly | boolean| `bool` | | | readOnly Defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
+optional | | +| readOnly | boolean| `bool` | | | readOnly Defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
+optional
+default=false | | @@ -1786,7 +1786,7 @@ ISCSI volumes support ownership management and SELinux relabeling. | fsType | string| `string` | | | fsType is the filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem from compromising the machine
+optional | | | initiatorName | string| `string` | | | initiatorName is the custom iSCSI Initiator Name.
If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface
: will be created for the connection.
+optional | | | iqn | string| `string` | | | iqn is the target iSCSI Qualified Name. | | -| iscsiInterface | string| `string` | | | iscsiInterface is the interface Name that uses an iSCSI transport.
Defaults to 'default' (tcp).
+optional | | +| iscsiInterface | string| `string` | | | iscsiInterface is the interface Name that uses an iSCSI transport.
Defaults to 'default' (tcp).
+optional
+default="default" | | | lun | int32 (formatted integer)| `int32` | | | lun represents iSCSI Target Lun number. | | | portals | []string| `[]string` | | | portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port
is other than default (typically TCP ports 860 and 3260).
+optional
+listType=atomic | | | readOnly | boolean| `bool` | | | readOnly here will force the ReadOnly setting in VolumeMounts.
Defaults to false.
+optional | | @@ -1795,6 +1795,22 @@ ISCSI volumes support ownership management and SELinux relabeling. +### ImageVolumeSource + + + + + + +**Properties** + +| Name | Type | Go type | Required | Default | Description | Example | +|------|------|---------|:--------:| ------- |-------------|---------| +| pullPolicy | [PullPolicy](#pull-policy)| `PullPolicy` | | | | | +| reference | string| `string` | | | Required: Image or artifact reference to be used.
Behaves in the same way as pod.spec.containers[*].image.
Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.
More info: https://kubernetes.io/docs/concepts/containers/images
This field is optional to allow higher level config management to default or override
container images in workload controllers like Deployments and StatefulSets.
+optional | | + + + ### Inputs @@ -2561,7 +2577,7 @@ and allows a Source for provider-specific attributes | resources | [VolumeResourceRequirements](#volume-resource-requirements)| `VolumeResourceRequirements` | | | | | | selector | [LabelSelector](#label-selector)| `LabelSelector` | | | | | | storageClassName | string| `string` | | | storageClassName is the name of the StorageClass required by the claim.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
+optional | | -| volumeAttributesClassName | string| `string` | | | volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
If specified, the CSI driver will create or update the volume with the attributes defined
in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
will be set by the persistentvolume controller if it exists.
If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
exists.
More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
+featureGate=VolumeAttributesClass
+optional | | +| volumeAttributesClassName | string| `string` | | | volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
If specified, the CSI driver will create or update the volume with the attributes defined
in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
will be set by the persistentvolume controller if it exists.
If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
exists.
More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).
+featureGate=VolumeAttributesClass
+optional | | | volumeMode | [PersistentVolumeMode](#persistent-volume-mode)| `PersistentVolumeMode` | | | | | | volumeName | string| `string` | | | volumeName is the binding reference to the PersistentVolume backing this claim.
+optional | | @@ -2698,8 +2714,8 @@ a pod of the set of pods is running | Name | Type | Go type | Required | Default | Description | Example | |------|------|---------|:--------:| ------- |-------------|---------| | labelSelector | [LabelSelector](#label-selector)| `LabelSelector` | | | | | -| matchLabelKeys | []string| `[]string` | | | MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+listType=atomic
+optional | | -| mismatchLabelKeys | []string| `[]string` | | | MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+listType=atomic
+optional | | +| matchLabelKeys | []string| `[]string` | | | MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).

+listType=atomic
+optional | | +| mismatchLabelKeys | []string| `[]string` | | | MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).

+listType=atomic
+optional | | | namespaceSelector | [LabelSelector](#label-selector)| `LabelSelector` | | | | | | namespaces | []string| `[]string` | | | namespaces specifies a static list of namespace names that the term applies to.
The term is applied to the union of the namespaces listed in this field
and the ones selected by namespaceSelector.
null or empty namespaces list and null namespaceSelector means "this pod's namespace".
+optional
+listType=atomic | | | topologyKey | string| `string` | | | This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
the labelSelector in the specified namespaces, where co-located is defined as running on a node
whose value of the label with key topologyKey matches that of any node on which any of the
selected pods is running.
Empty topologyKey is not allowed. | | @@ -2761,7 +2777,8 @@ container.securityContext take precedence over field values of PodSecurityContex | runAsUser | int64 (formatted integer)| `int64` | | | The UID to run the entrypoint of the container process.
Defaults to user specified in image metadata if unspecified.
May also be set in SecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence
for that container.
Note that this field cannot be set when spec.os.name is windows.
+optional | | | seLinuxOptions | [SELinuxOptions](#s-e-linux-options)| `SELinuxOptions` | | | | | | seccompProfile | [SeccompProfile](#seccomp-profile)| `SeccompProfile` | | | | | -| supplementalGroups | []int64 (formatted integer)| `[]int64` | | | A list of groups applied to the first process run in each container, in addition
to the container's primary GID, the fsGroup (if specified), and group memberships
defined in the container image for the uid of the container process. If unspecified,
no additional groups are added to any container. Note that group memberships
defined in the container image for the uid of the container process are still effective,
even if they are not included in this list.
Note that this field cannot be set when spec.os.name is windows.
+optional
+listType=atomic | | +| supplementalGroups | []int64 (formatted integer)| `[]int64` | | | A list of groups applied to the first process run in each container, in
addition to the container's primary GID and fsGroup (if specified). If
the SupplementalGroupsPolicy feature is enabled, the
supplementalGroupsPolicy field determines whether these are in addition
to or instead of any group memberships defined in the container image.
If unspecified, no additional groups are added, though group memberships
defined in the container image may still be used, depending on the
supplementalGroupsPolicy field.
Note that this field cannot be set when spec.os.name is windows.
+optional
+listType=atomic | | +| supplementalGroupsPolicy | [SupplementalGroupsPolicy](#supplemental-groups-policy)| `SupplementalGroupsPolicy` | | | | | | sysctls | [][Sysctl](#sysctl)| `[]*Sysctl` | | | Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
sysctls (by the container runtime) might fail to launch.
Note that this field cannot be set when spec.os.name is windows.
+optional
+listType=atomic | | | windowsOptions | [WindowsSecurityContextOptions](#windows-security-context-options)| `WindowsSecurityContextOptions` | | | | | @@ -2872,7 +2889,7 @@ alive or ready to receive traffic. | Name | Type | Go type | Required | Default | Description | Example | |------|------|---------|:--------:| ------- |-------------|---------| | defaultMode | int32 (formatted integer)| `int32` | | | defaultMode are the mode bits used to set permissions on created files by default.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
Directories within the path are not affected by this setting.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
+optional | | -| sources | [][VolumeProjection](#volume-projection)| `[]*VolumeProjection` | | | sources is the list of volume projections
+optional
+listType=atomic | | +| sources | [][VolumeProjection](#volume-projection)| `[]*VolumeProjection` | | | sources is the list of volume projections. Each entry in this list
handles one source.
+optional
+listType=atomic | | @@ -3042,12 +3059,12 @@ cause implementors to also use a fixed point implementation. |------|------|---------|:--------:| ------- |-------------|---------| | fsType | string| `string` | | | fsType is the filesystem type of the volume that you want to mount.
Tip: Ensure that the filesystem type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem from compromising the machine
+optional | | | image | string| `string` | | | image is the rados image name.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it | | -| keyring | string| `string` | | | keyring is the path to key ring for RBDUser.
Default is /etc/ceph/keyring.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+optional | | +| keyring | string| `string` | | | keyring is the path to key ring for RBDUser.
Default is /etc/ceph/keyring.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+optional
+default="/etc/ceph/keyring" | | | monitors | []string| `[]string` | | | monitors is a collection of Ceph monitors.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+listType=atomic | | -| pool | string| `string` | | | pool is the rados pool name.
Default is rbd.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+optional | | +| pool | string| `string` | | | pool is the rados pool name.
Default is rbd.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+optional
+default="rbd" | | | readOnly | boolean| `bool` | | | readOnly here will force the ReadOnly setting in VolumeMounts.
Defaults to false.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+optional | | | secretRef | [LocalObjectReference](#local-object-reference)| `LocalObjectReference` | | | | | -| user | string| `string` | | | user is the rados user name.
Default is admin.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+optional | | +| user | string| `string` | | | user is the rados user name.
Default is admin.
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+optional
+default="admin" | | @@ -3092,6 +3109,7 @@ cause implementors to also use a fixed point implementation. | Name | Type | Go type | Required | Default | Description | Example | |------|------|---------|:--------:| ------- |-------------|---------| | name | string| `string` | | | Name must match the name of one entry in pod.spec.resourceClaims of
the Pod where this field is used. It makes that resource available
inside a container. | | +| request | string| `string` | | | Request is the name chosen for a request in the referenced claim.
If empty, everything from the claim is made available, otherwise
only the result of this request.

+optional | | @@ -3331,13 +3349,13 @@ cause implementors to also use a fixed point implementation. | Name | Type | Go type | Required | Default | Description | Example | |------|------|---------|:--------:| ------- |-------------|---------| -| fsType | string| `string` | | | fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs".
Default is "xfs".
+optional | | +| fsType | string| `string` | | | fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs".
Default is "xfs".
+optional
+default="xfs" | | | gateway | string| `string` | | | gateway is the host address of the ScaleIO API Gateway. | | | protectionDomain | string| `string` | | | protectionDomain is the name of the ScaleIO Protection Domain for the configured storage.
+optional | | | readOnly | boolean| `bool` | | | readOnly Defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
+optional | | | secretRef | [LocalObjectReference](#local-object-reference)| `LocalObjectReference` | | | | | | sslEnabled | boolean| `bool` | | | sslEnabled Flag enable/disable SSL communication with Gateway, default false
+optional | | -| storageMode | string| `string` | | | storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
Default is ThinProvisioned.
+optional | | +| storageMode | string| `string` | | | storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
Default is ThinProvisioned.
+optional
+default="ThinProvisioned" | | | storagePool | string| `string` | | | storagePool is the ScaleIO Storage Pool associated with the protection domain.
+optional | | | system | string| `string` | | | system is the name of the storage system as configured in ScaleIO. | | | volumeName | string| `string` | | | volumeName is the name of a volume already created in the ScaleIO system
that is associated with this volume source. | | @@ -3644,6 +3662,22 @@ otherwise). +### SupplementalGroupsPolicy + + +> SupplementalGroupsPolicy defines how supplemental groups +of the first container processes are calculated. ++enum + + + + +| Name | Type | Go type | Default | Description | Example | +|------|------|---------| ------- |-------------|---------| +| SupplementalGroupsPolicy | string| string | | SupplementalGroupsPolicy defines how supplemental groups
of the first container processes are calculated.
+enum | | + + + ### SuppliedValueFrom @@ -4081,6 +4115,7 @@ intent and helps make sure that UIDs and names do not get conflated. | gitRepo | [GitRepoVolumeSource](#git-repo-volume-source)| `GitRepoVolumeSource` | | | | | | glusterfs | [GlusterfsVolumeSource](#glusterfs-volume-source)| `GlusterfsVolumeSource` | | | | | | hostPath | [HostPathVolumeSource](#host-path-volume-source)| `HostPathVolumeSource` | | | | | +| image | [ImageVolumeSource](#image-volume-source)| `ImageVolumeSource` | | | | | | iscsi | [ISCSIVolumeSource](#i-s-c-s-i-volume-source)| `ISCSIVolumeSource` | | | | | | name | string| `string` | | | name of the volume.
Must be a DNS_LABEL and unique within the pod.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names | | | nfs | [NFSVolumeSource](#n-f-s-volume-source)| `NFSVolumeSource` | | | | | @@ -4137,7 +4172,7 @@ intent and helps make sure that UIDs and names do not get conflated. ### VolumeProjection -> Projection that may be projected along with other supported volume types +> Exactly one of these fields must be set. diff --git a/docs/fields.md b/docs/fields.md index 061266ba03c6..8387eb866c02 100644 --- a/docs/fields.md +++ b/docs/fields.md @@ -5171,7 +5171,8 @@ PodSecurityContext holds pod-level security attributes and common container sett |`runAsUser`|`integer`|The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.| |`seLinuxOptions`|[`SELinuxOptions`](#selinuxoptions)|The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.| |`seccompProfile`|[`SeccompProfile`](#seccompprofile)|The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.| -|`supplementalGroups`|`Array< integer >`|A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.| +|`supplementalGroups`|`Array< integer >`|A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.| +|`supplementalGroupsPolicy`|`string`|Defines how supplemental groups of the first container processes are calculated. Valid values are "Merge" and "Strict". If not specified, "Merge" is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.| |`sysctls`|`Array<`[`Sysctl`](#sysctl)`>`|Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.| |`windowsOptions`|[`WindowsSecurityContextOptions`](#windowssecuritycontextoptions)|The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.| @@ -5261,6 +5262,7 @@ Volume represents a named volume in a pod that may be accessed by any container |~~`gitRepo`~~|~~[`GitRepoVolumeSource`](#gitrepovolumesource)~~|~~gitRepo represents a git repository at a particular revision.~~ DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container.| |`glusterfs`|[`GlusterfsVolumeSource`](#glusterfsvolumesource)|glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md| |`hostPath`|[`HostPathVolumeSource`](#hostpathvolumesource)|hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath| +|`image`|[`ImageVolumeSource`](#imagevolumesource)|image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided: - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.| |`iscsi`|[`ISCSIVolumeSource`](#iscsivolumesource)|iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md| |`name`|`string`|name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names| |`nfs`|[`NFSVolumeSource`](#nfsvolumesource)|nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs| @@ -5877,7 +5879,7 @@ SecurityContext holds security configuration that will be applied to a container |`appArmorProfile`|[`AppArmorProfile`](#apparmorprofile)|appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.| |`capabilities`|[`Capabilities`](#capabilities)|The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.| |`privileged`|`boolean`|Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.| -|`procMount`|`string`|procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.| +|`procMount`|`string`|procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.| |`readOnlyRootFilesystem`|`boolean`|Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.| |`runAsGroup`|`integer`|The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.| |`runAsNonRoot`|`boolean`|Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.| @@ -6057,7 +6059,7 @@ PersistentVolumeClaimSpec describes the common attributes of storage devices and |`resources`|[`VolumeResourceRequirements`](#volumeresourcerequirements)|resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources| |`selector`|[`LabelSelector`](#labelselector)|selector is a label query over volumes to consider for binding.| |`storageClassName`|`string`|storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1| -|`volumeAttributesClassName`|`string`|volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.| +|`volumeAttributesClassName`|`string`|volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).| |`volumeMode`|`string`|volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.| |`volumeName`|`string`|volumeName is the binding reference to the PersistentVolume backing this claim.| @@ -6073,8 +6075,8 @@ PersistentVolumeClaimStatus is the current status of a persistent volume claim. |`allocatedResources`|[`Quantity`](#quantity)|allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as "example.com/my-custom-resource" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.| |`capacity`|[`Quantity`](#quantity)|capacity represents the actual resources of the underlying volume.| |`conditions`|`Array<`[`PersistentVolumeClaimCondition`](#persistentvolumeclaimcondition)`>`|conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'Resizing'.| -|`currentVolumeAttributesClassName`|`string`|currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is an alpha field and requires enabling VolumeAttributesClass feature.| -|`modifyVolumeStatus`|[`ModifyVolumeStatus`](#modifyvolumestatus)|ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. This is an alpha field and requires enabling VolumeAttributesClass feature.| +|`currentVolumeAttributesClassName`|`string`|currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is a beta field and requires enabling VolumeAttributesClass feature (off by default).| +|`modifyVolumeStatus`|[`ModifyVolumeStatus`](#modifyvolumestatus)|ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. This is a beta field and requires enabling VolumeAttributesClass feature (off by default).| |`phase`|`string`|phase represents the current phase of PersistentVolumeClaim.| ## AWSElasticBlockStoreVolumeSource @@ -6292,6 +6294,356 @@ Represents a host path mapped into a pod. Host path volumes do not support owner |`path`|`string`|path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath| |`type`|`string`|type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath| +## ImageVolumeSource + +ImageVolumeSource represents a image volume resource. + +
+Examples with this field (click to open) + +- [`archive-location.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/archive-location.yaml) + +- [`arguments-artifacts.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/arguments-artifacts.yaml) + +- [`arguments-parameters-from-configmap.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/arguments-parameters-from-configmap.yaml) + +- [`arguments-parameters.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/arguments-parameters.yaml) + +- [`artifact-disable-archive.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/artifact-disable-archive.yaml) + +- [`artifact-gc-workflow.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/artifact-gc-workflow.yaml) + +- [`artifact-passing-subpath.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/artifact-passing-subpath.yaml) + +- [`artifact-passing.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/artifact-passing.yaml) + +- [`artifact-path-placeholders.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/artifact-path-placeholders.yaml) + +- [`artifact-repository-ref.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/artifact-repository-ref.yaml) + +- [`artifactory-artifact.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/artifactory-artifact.yaml) + +- [`artifacts-workflowtemplate.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/artifacts-workflowtemplate.yaml) + +- [`buildkit-template.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/buildkit-template.yaml) + +- [`ci-output-artifact.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/ci-output-artifact.yaml) + +- [`ci-workflowtemplate.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/ci-workflowtemplate.yaml) + +- [`ci.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/ci.yaml) + +- [`clustertemplates.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/cluster-workflow-template/clustertemplates.yaml) + +- [`coinflip-recursive.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/coinflip-recursive.yaml) + +- [`coinflip.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/coinflip.yaml) + +- [`colored-logs.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/colored-logs.yaml) + +- [`conditional-artifacts.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/conditional-artifacts.yaml) + +- [`conditional-parameters.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/conditional-parameters.yaml) + +- [`conditionals-complex.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/conditionals-complex.yaml) + +- [`conditionals.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/conditionals.yaml) + +- [`graph-workflow.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/container-set-template/graph-workflow.yaml) + +- [`outputs-result-workflow.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/container-set-template/outputs-result-workflow.yaml) + +- [`parallel-workflow.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/container-set-template/parallel-workflow.yaml) + +- [`sequence-workflow.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/container-set-template/sequence-workflow.yaml) + +- [`workspace-workflow.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/container-set-template/workspace-workflow.yaml) + +- [`continue-on-fail.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/continue-on-fail.yaml) + +- [`cron-backfill.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/cron-backfill.yaml) + +- [`cron-when.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/cron-when.yaml) + +- [`cron-workflow-multiple-schedules.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/cron-workflow-multiple-schedules.yaml) + +- [`cron-workflow.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/cron-workflow.yaml) + +- [`custom-metrics.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/custom-metrics.yaml) + +- [`daemon-nginx.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/daemon-nginx.yaml) + +- [`daemon-step.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/daemon-step.yaml) + +- [`dag-coinflip.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-coinflip.yaml) + +- [`dag-conditional-artifacts.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-conditional-artifacts.yaml) + +- [`dag-conditional-parameters.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-conditional-parameters.yaml) + +- [`dag-continue-on-fail.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-continue-on-fail.yaml) + +- [`dag-custom-metrics.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-custom-metrics.yaml) + +- [`dag-daemon-task.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-daemon-task.yaml) + +- [`dag-diamond-steps.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-diamond-steps.yaml) + +- [`dag-diamond.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-diamond.yaml) + +- [`dag-disable-failFast.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-disable-failFast.yaml) + +- [`dag-enhanced-depends.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-enhanced-depends.yaml) + +- [`dag-inline-clusterworkflowtemplate.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-inline-clusterworkflowtemplate.yaml) + +- [`dag-inline-workflow.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-inline-workflow.yaml) + +- [`dag-inline-workflowtemplate.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-inline-workflowtemplate.yaml) + +- [`dag-multiroot.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-multiroot.yaml) + +- [`dag-nested.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-nested.yaml) + +- [`dag-targets.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-targets.yaml) + +- [`dag-task-level-timeout.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dag-task-level-timeout.yaml) + +- [`data-transformations.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/data-transformations.yaml) + +- [`default-pdb-support.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/default-pdb-support.yaml) + +- [`dns-config.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/dns-config.yaml) + +- [`exit-code-output-variable.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/exit-code-output-variable.yaml) + +- [`exit-handler-dag-level.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/exit-handler-dag-level.yaml) + +- [`exit-handler-slack.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/exit-handler-slack.yaml) + +- [`exit-handler-step-level.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/exit-handler-step-level.yaml) + +- [`exit-handler-with-artifacts.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/exit-handler-with-artifacts.yaml) + +- [`exit-handler-with-param.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/exit-handler-with-param.yaml) + +- [`exit-handlers.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/exit-handlers.yaml) + +- [`expression-destructure-json-complex.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/expression-destructure-json-complex.yaml) + +- [`expression-destructure-json.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/expression-destructure-json.yaml) + +- [`expression-reusing-verbose-snippets.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/expression-reusing-verbose-snippets.yaml) + +- [`expression-tag-template-workflow.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/expression-tag-template-workflow.yaml) + +- [`fibonacci-seq-conditional-param.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/fibonacci-seq-conditional-param.yaml) + +- [`forever.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/forever.yaml) + +- [`fun-with-gifs.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/fun-with-gifs.yaml) + +- [`gc-ttl.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/gc-ttl.yaml) + +- [`global-outputs.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/global-outputs.yaml) + +- [`global-parameters-from-configmap-referenced-as-local-variable.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/global-parameters-from-configmap-referenced-as-local-variable.yaml) + +- [`global-parameters-from-configmap.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/global-parameters-from-configmap.yaml) + +- [`global-parameters.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/global-parameters.yaml) + +- [`handle-large-output-results.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/handle-large-output-results.yaml) + +- [`hdfs-artifact.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/hdfs-artifact.yaml) + +- [`hello-hybrid.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/hello-hybrid.yaml) + +- [`hello-windows.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/hello-windows.yaml) + +- [`hello-world.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/hello-world.yaml) + +- [`image-pull-secrets.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/image-pull-secrets.yaml) + +- [`influxdb-ci.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/influxdb-ci.yaml) + +- [`init-container.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/init-container.yaml) + +- [`input-artifact-azure.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/input-artifact-azure.yaml) + +- [`input-artifact-gcs.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/input-artifact-gcs.yaml) + +- [`input-artifact-git.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/input-artifact-git.yaml) + +- [`input-artifact-http.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/input-artifact-http.yaml) + +- [`input-artifact-oss.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/input-artifact-oss.yaml) + +- [`input-artifact-raw.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/input-artifact-raw.yaml) + +- [`input-artifact-s3.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/input-artifact-s3.yaml) + +- [`intermediate-parameters.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/intermediate-parameters.yaml) + +- [`k8s-owner-reference.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/k8s-owner-reference.yaml) + +- [`k8s-wait-wf.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/k8s-wait-wf.yaml) + +- [`key-only-artifact.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/key-only-artifact.yaml) + +- [`label-value-from-workflow.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/label-value-from-workflow.yaml) + +- [`life-cycle-hooks-tmpl-level.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/life-cycle-hooks-tmpl-level.yaml) + +- [`life-cycle-hooks-wf-level.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/life-cycle-hooks-wf-level.yaml) + +- [`loops-arbitrary-sequential-steps.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/loops-arbitrary-sequential-steps.yaml) + +- [`loops-dag.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/loops-dag.yaml) + +- [`loops-maps.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/loops-maps.yaml) + +- [`loops-param-argument.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/loops-param-argument.yaml) + +- [`loops-param-result.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/loops-param-result.yaml) + +- [`loops-sequence.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/loops-sequence.yaml) + +- [`loops.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/loops.yaml) + +- [`map-reduce.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/map-reduce.yaml) + +- [`nested-workflow.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/nested-workflow.yaml) + +- [`node-selector.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/node-selector.yaml) + +- [`output-artifact-azure.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/output-artifact-azure.yaml) + +- [`output-artifact-gcs.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/output-artifact-gcs.yaml) + +- [`output-artifact-s3.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/output-artifact-s3.yaml) + +- [`output-parameter.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/output-parameter.yaml) + +- [`parallelism-limit.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/parallelism-limit.yaml) + +- [`parallelism-nested-dag.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/parallelism-nested-dag.yaml) + +- [`parallelism-nested-workflow.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/parallelism-nested-workflow.yaml) + +- [`parallelism-nested.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/parallelism-nested.yaml) + +- [`parallelism-template-limit.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/parallelism-template-limit.yaml) + +- [`parameter-aggregation-dag.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/parameter-aggregation-dag.yaml) + +- [`parameter-aggregation-script.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/parameter-aggregation-script.yaml) + +- [`parameter-aggregation.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/parameter-aggregation.yaml) + +- [`pod-gc-strategy-with-label-selector.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/pod-gc-strategy-with-label-selector.yaml) + +- [`pod-gc-strategy.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/pod-gc-strategy.yaml) + +- [`pod-metadata-wf-field.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/pod-metadata-wf-field.yaml) + +- [`pod-metadata.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/pod-metadata.yaml) + +- [`pod-spec-from-previous-step.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/pod-spec-from-previous-step.yaml) + +- [`pod-spec-patch-wf-tmpl.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/pod-spec-patch-wf-tmpl.yaml) + +- [`pod-spec-patch.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/pod-spec-patch.yaml) + +- [`pod-spec-yaml-patch.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/pod-spec-yaml-patch.yaml) + +- [`recursive-for-loop.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/recursive-for-loop.yaml) + +- [`resubmit.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/resubmit.yaml) + +- [`retry-backoff.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/retry-backoff.yaml) + +- [`retry-conditional.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/retry-conditional.yaml) + +- [`retry-container-to-completion.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/retry-container-to-completion.yaml) + +- [`retry-container.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/retry-container.yaml) + +- [`retry-on-error.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/retry-on-error.yaml) + +- [`retry-script.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/retry-script.yaml) + +- [`retry-with-steps.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/retry-with-steps.yaml) + +- [`scripts-bash.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/scripts-bash.yaml) + +- [`scripts-javascript.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/scripts-javascript.yaml) + +- [`scripts-python.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/scripts-python.yaml) + +- [`secrets.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/secrets.yaml) + +- [`sidecar-dind.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/sidecar-dind.yaml) + +- [`sidecar-nginx.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/sidecar-nginx.yaml) + +- [`sidecar.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/sidecar.yaml) + +- [`status-reference.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/status-reference.yaml) + +- [`step-level-timeout.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/step-level-timeout.yaml) + +- [`steps-inline-workflow.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/steps-inline-workflow.yaml) + +- [`steps.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/steps.yaml) + +- [`suspend-template-outputs.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/suspend-template-outputs.yaml) + +- [`suspend-template.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/suspend-template.yaml) + +- [`synchronization-mutex-tmpl-level-legacy.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/synchronization-mutex-tmpl-level-legacy.yaml) + +- [`synchronization-mutex-tmpl-level.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/synchronization-mutex-tmpl-level.yaml) + +- [`synchronization-mutex-wf-level-legacy.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/synchronization-mutex-wf-level-legacy.yaml) + +- [`synchronization-mutex-wf-level.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/synchronization-mutex-wf-level.yaml) + +- [`template-defaults.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/template-defaults.yaml) + +- [`template-on-exit.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/template-on-exit.yaml) + +- [`timeouts-step.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/timeouts-step.yaml) + +- [`timeouts-workflow.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/timeouts-workflow.yaml) + +- [`title-and-description-with-markdown.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/title-and-description-with-markdown.yaml) + +- [`volumes-emptydir.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/volumes-emptydir.yaml) + +- [`volumes-existing.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/volumes-existing.yaml) + +- [`volumes-pvc.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/volumes-pvc.yaml) + +- [`webhdfs-input-output-artifacts.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/webhdfs-input-output-artifacts.yaml) + +- [`withsequence-nested-result.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/withsequence-nested-result.yaml) + +- [`work-avoidance.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/work-avoidance.yaml) + +- [`event-consumer-workflowtemplate.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/workflow-event-binding/event-consumer-workflowtemplate.yaml) + +- [`templates.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/workflow-template/templates.yaml) + +- [`workflow-archive-logs.yaml`](https://github.com/argoproj/argo-workflows/blob/main/examples/workflow-template/workflow-archive-logs.yaml) +
+ +### Fields +| Field Name | Field Type | Description | +|:----------:|:----------:|---------------| +|`pullPolicy`|`string`|Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.| +|`reference`|`string`|Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.| + ## ISCSIVolumeSource Represents an ISCSI disk. ISCSI volumes can only be mounted as read/write once. ISCSI volumes support ownership management and SELinux relabeling. @@ -6367,7 +6719,7 @@ Represents a projected volume source | Field Name | Field Type | Description | |:----------:|:----------:|---------------| |`defaultMode`|`integer`|defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.| -|`sources`|`Array<`[`VolumeProjection`](#volumeprojection)`>`|sources is the list of volume projections| +|`sources`|`Array<`[`VolumeProjection`](#volumeprojection)`>`|sources is the list of volume projections. Each entry in this list handles one source.| ## QuobyteVolumeSource @@ -6635,6 +6987,7 @@ ResourceClaim references one entry in PodSpec.ResourceClaims. | Field Name | Field Type | Description | |:----------:|:----------:|---------------| |`name`|`string`|Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.| +|`request`|`string`|Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.| ## Quantity @@ -6701,8 +7054,8 @@ Defines a set of pods (namely those matching the labelSelector relative to the g | Field Name | Field Type | Description | |:----------:|:----------:|---------------| |`labelSelector`|[`LabelSelector`](#labelselector)|A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.| -|`matchLabelKeys`|`Array< string >`|MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.| -|`mismatchLabelKeys`|`Array< string >`|MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.| +|`matchLabelKeys`|`Array< string >`|MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).| +|`mismatchLabelKeys`|`Array< string >`|MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).| |`namespaceSelector`|[`LabelSelector`](#labelselector)|A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.| |`namespaces`|`Array< string >`|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".| |`topologyKey`|`string`|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.| @@ -6825,7 +7178,7 @@ PersistentVolumeClaimTemplate is used to produce PersistentVolumeClaim objects a ## VolumeProjection -Projection that may be projected along with other supported volume types +Projection that may be projected along with other supported volume types. Exactly one of these fields must be set. ### Fields | Field Name | Field Type | Description | diff --git a/go.mod b/go.mod index 30719b0457ff..bb5df27b3378 100644 --- a/go.mod +++ b/go.mod @@ -38,8 +38,8 @@ require ( github.com/jcmturner/gokrb5/v8 v8.4.4 github.com/klauspost/pgzip v1.2.6 github.com/minio/minio-go/v7 v7.0.77 - github.com/prometheus/client_golang v1.19.0 - github.com/prometheus/common v0.48.0 + github.com/prometheus/client_golang v1.19.1 + github.com/prometheus/common v0.55.0 github.com/robfig/cron/v3 v3.0.1 github.com/sethvargo/go-limiter v0.7.2 github.com/sirupsen/logrus v1.9.3 @@ -54,30 +54,30 @@ require ( github.com/valyala/fasttemplate v1.2.2 github.com/xeipuuv/gojsonschema v1.2.0 go.opentelemetry.io/contrib/instrumentation/runtime v0.48.0 - go.opentelemetry.io/otel v1.23.0 + go.opentelemetry.io/otel v1.32.0 go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.23.0 go.opentelemetry.io/otel/exporters/prometheus v0.45.1 - go.opentelemetry.io/otel/metric v1.23.0 - go.opentelemetry.io/otel/sdk v1.23.0 - go.opentelemetry.io/otel/sdk/metric v1.23.0 + go.opentelemetry.io/otel/metric v1.32.0 + go.opentelemetry.io/otel/sdk v1.32.0 + go.opentelemetry.io/otel/sdk/metric v1.32.0 golang.org/x/crypto v0.26.0 golang.org/x/exp v0.0.0-20230905200255-921286631fa9 - golang.org/x/oauth2 v0.16.0 + golang.org/x/oauth2 v0.21.0 golang.org/x/sync v0.8.0 golang.org/x/time v0.5.0 google.golang.org/api v0.163.0 - google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe - google.golang.org/grpc v1.61.0 + google.golang.org/genproto/googleapis/api v0.0.0-20240528184218-531527333157 + google.golang.org/grpc v1.65.0 gopkg.in/go-playground/webhooks.v5 v5.17.0 - k8s.io/api v0.30.3 - k8s.io/apimachinery v0.30.3 - k8s.io/cli-runtime v0.30.3 - k8s.io/client-go v0.30.3 + k8s.io/api v0.31.3 + k8s.io/apimachinery v0.31.3 + k8s.io/cli-runtime v0.31.3 + k8s.io/client-go v0.31.3 k8s.io/gengo v0.0.0-20220902162205-c0856e24416d - k8s.io/klog/v2 v2.120.1 + k8s.io/klog/v2 v2.130.1 k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 - k8s.io/kubectl v0.30.3 - k8s.io/utils v0.0.0-20230726121419-3b25d923346b + k8s.io/kubectl v0.31.3 + k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 sigs.k8s.io/yaml v1.4.0 zombiezen.com/go/sqlite v1.2.0 ) @@ -88,13 +88,15 @@ require ( github.com/alibabacloud-go/debug v0.0.0-20190504072949-9472017b5c68 // indirect github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.3 // indirect github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.2 // indirect - github.com/cenkalti/backoff/v4 v4.2.1 // indirect + github.com/blang/semver/v4 v4.0.0 // indirect + github.com/cenkalti/backoff/v4 v4.3.0 // indirect github.com/cloudflare/circl v1.3.7 // indirect github.com/containerd/stargz-snapshotter/estargz v0.14.3 // indirect github.com/cyphar/filepath-securejoin v0.2.4 // indirect github.com/distribution/reference v0.5.0 // indirect github.com/evilmonkeyinc/jsonpath v0.8.1 // indirect github.com/fatih/color v1.15.0 // indirect + github.com/fxamacker/cbor/v2 v2.7.0 // indirect github.com/go-ini/ini v1.67.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/gobwas/glob v0.2.4-0.20181002190808-e7a84e9525fe // indirect @@ -102,7 +104,7 @@ require ( github.com/golang-jwt/jwt/v5 v5.2.1 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/s2a-go v0.1.7 // indirect - github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.0 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect github.com/jackc/chunkreader/v2 v2.0.1 // indirect github.com/jackc/pgconn v1.14.3 // indirect github.com/jackc/pgio v1.0.0 // indirect @@ -120,7 +122,7 @@ require ( github.com/ncruces/go-strftime v0.1.9 // indirect github.com/pjbgf/sha1cd v0.3.0 // indirect github.com/pkg/errors v0.9.1 // indirect - github.com/prometheus/client_model v0.6.0 // indirect + github.com/prometheus/client_model v0.6.1 // indirect github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect github.com/sagikazarmark/locafero v0.4.0 // indirect github.com/sagikazarmark/slog-shim v0.1.0 // indirect @@ -128,26 +130,27 @@ require ( github.com/skeema/knownhosts v1.2.1 // indirect github.com/sourcegraph/conc v0.3.0 // indirect github.com/vbatts/tar-split v0.11.3 // indirect + github.com/x448/float16 v0.8.4 // indirect go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 // indirect - go.opentelemetry.io/otel/trace v1.23.0 // indirect - go.opentelemetry.io/proto/otlp v1.1.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 // indirect + go.opentelemetry.io/otel/trace v1.32.0 // indirect + go.opentelemetry.io/proto/otlp v1.3.1 // indirect go.uber.org/multierr v1.11.0 // indirect golang.org/x/mod v0.17.0 // indirect golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094 // indirect + gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect modernc.org/libc v1.41.0 // indirect modernc.org/mathutil v1.6.0 // indirect modernc.org/memory v1.7.2 // indirect modernc.org/sqlite v1.29.1 // indirect - sigs.k8s.io/kustomize/kustomize/v5 v5.0.4-0.20230601165947-6ce0bf390ce3 // indirect + sigs.k8s.io/kustomize/kustomize/v5 v5.4.2 // indirect ) require ( cloud.google.com/go v0.112.0 // indirect - cloud.google.com/go/compute v1.23.3 // indirect - cloud.google.com/go/compute/metadata v0.2.3 // indirect + cloud.google.com/go/compute/metadata v0.3.0 // indirect cloud.google.com/go/iam v1.1.5 // indirect github.com/Azure/azure-sdk-for-go v66.0.0+incompatible // indirect github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 @@ -185,7 +188,7 @@ require ( github.com/aws/smithy-go v1.20.3 // indirect github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20220706184558-ce46abcd012b // indirect github.com/beorn7/perks v1.0.1 // indirect - github.com/cespare/xxhash/v2 v2.2.0 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/chai2010/gettext-go v1.0.2 // indirect github.com/chrismellard/docker-credential-acr-env v0.0.0-20220327082430-c57b701bfc08 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect @@ -205,11 +208,10 @@ require ( github.com/fatih/structs v1.1.0 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect - github.com/fvbommel/sortorder v1.1.0 // indirect github.com/go-errors/errors v1.4.2 // indirect github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect github.com/go-git/go-billy/v5 v5.5.0 // indirect - github.com/go-logr/logr v1.4.1 // indirect + github.com/go-logr/logr v1.4.2 // indirect github.com/go-openapi/jsonpointer v0.20.2 // indirect github.com/go-openapi/swag v0.22.6 // indirect github.com/golang-jwt/jwt/v4 v4.5.1 // indirect @@ -253,8 +255,8 @@ require ( github.com/mitchellh/go-wordwrap v1.0.1 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/mitchellh/reflectwalk v1.0.2 // indirect - github.com/moby/spdystream v0.2.0 // indirect - github.com/moby/term v0.0.0-20221205130635-1aeaba878587 // indirect + github.com/moby/spdystream v0.4.0 // indirect + github.com/moby/term v0.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect @@ -267,11 +269,11 @@ require ( github.com/peterbourgon/diskv v2.0.1+incompatible // indirect github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect - github.com/prometheus/procfs v0.12.0 // indirect + github.com/prometheus/procfs v0.15.1 // indirect github.com/rs/xid v1.6.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/sanity-io/litter v1.5.5 // indirect - github.com/sergi/go-diff v1.1.0 // indirect + github.com/sergi/go-diff v1.2.0 // indirect github.com/shopspring/decimal v1.2.0 // indirect github.com/spf13/afero v1.11.0 // indirect github.com/spf13/cast v1.6.0 // indirect @@ -291,22 +293,21 @@ require ( go.opencensus.io v0.24.0 // indirect go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect golang.org/x/net v0.28.0 // indirect - golang.org/x/sys v0.24.0 + golang.org/x/sys v0.27.0 golang.org/x/term v0.23.0 golang.org/x/text v0.17.0 // indirect - google.golang.org/appengine v1.6.8 // indirect - google.golang.org/protobuf v1.33.0 // indirect + google.golang.org/protobuf v1.34.2 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/component-base v0.30.3 // indirect - k8s.io/component-helpers v0.30.3 // indirect - k8s.io/metrics v0.30.3 // indirect + k8s.io/component-base v0.31.3 // indirect + k8s.io/component-helpers v0.31.3 // indirect + k8s.io/metrics v0.31.3 // indirect moul.io/http2curl/v2 v2.3.0 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd - sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect - sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect + sigs.k8s.io/kustomize/api v0.17.2 // indirect + sigs.k8s.io/kustomize/kyaml v0.17.1 // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect ) diff --git a/go.sum b/go.sum index 25d52e0ee925..60644ad71a5b 100644 --- a/go.sum +++ b/go.sum @@ -3,10 +3,8 @@ cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= cloud.google.com/go v0.112.0 h1:tpFCD7hpHFlQ8yPwT3x+QeXqc2T6+n6T+hmABHfDUSM= cloud.google.com/go v0.112.0/go.mod h1:3jEEVwZ/MHU4djK5t5RHuKOA/GbLddgTdVubX1qnPD4= -cloud.google.com/go/compute v1.23.3 h1:6sVlXXBmbd7jNX0Ipq0trII3e4n1/MsADLK6a+aiVlk= -cloud.google.com/go/compute v1.23.3/go.mod h1:VCgBUoMnIVIR0CscqQiPJLAG25E3ZRZMzcFZeQ+h8CI= -cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= -cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= +cloud.google.com/go/compute/metadata v0.3.0 h1:Tz+eQXMEqDIKRsmY3cHTL6FVaynIjX2QxYC4trgAKZc= +cloud.google.com/go/compute/metadata v0.3.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= cloud.google.com/go/iam v1.1.5 h1:1jTsCu4bcsNsE4iiqNT5SHwrDRCfRmIaaaVFhRveTJI= cloud.google.com/go/iam v1.1.5/go.mod h1:rB6P/Ic3mykPbFio+vo7403drjlgvoWfYpJhMXEbzv8= cloud.google.com/go/storage v1.36.0 h1:P0mOkAcaJxhCTvAkMhxMfrTKiNcub4YmmPBtlhAyTr8= @@ -159,15 +157,17 @@ github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20220706184558- github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20220706184558-ce46abcd012b/go.mod h1:wHkLB7jZX+7D2RArMnwuFMvrLENsgd6zrwBEJo863aQ= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM= +github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= github.com/blushft/go-diagrams v0.0.0-20201006005127-c78c821223d9 h1:mV+hh0rMjzrhg7Jc/GKwpa+y/0BMHGOHdM9yY1GYyFI= github.com/blushft/go-diagrams v0.0.0-20201006005127-c78c821223d9/go.mod h1:nDeXEIaeDV+mAK1gBD3/RJH67DYPC0GdaznWN7sB07s= github.com/bmatcuk/doublestar v1.1.1/go.mod h1:UD6OnuiIn0yFxxA2le/rnRU1G4RaI4UvFv1sNto9p6w= github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= -github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM= -github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= +github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= +github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= -github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNSjIRk= github.com/chai2010/gettext-go v1.0.2/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA= github.com/chrismellard/docker-credential-acr-env v0.0.0-20220327082430-c57b701bfc08 h1:9Qh4lJ/KMr5iS1zfZ8I97+3MDpiKjl+0lZVUNBhdvRs= @@ -180,8 +180,8 @@ github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUK github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU= github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/cncf/xds/go v0.0.0-20231109132714-523115ebc101 h1:7To3pQ+pZo0i3dsWEbinPNFs5gPSBOsJtx3wTT94VBY= -github.com/cncf/xds/go v0.0.0-20231109132714-523115ebc101/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20240423153145-555b57ec207b h1:ga8SEFjZ60pxLcmhnThWgvH2wg8376yUJmPhEH4H3kw= +github.com/cncf/xds/go v0.0.0-20240423153145-555b57ec207b/go.mod h1:W+zGtBO5Y1IgJhy4+A9GOqVhqLpfZi+vwmdNXUehLA8= github.com/cockroachdb/apd v1.1.0 h1:3LFP3629v+1aKXU5Q37mxmRxX/pIu1nijXydLShEq5I= github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ= github.com/colinmarc/hdfs/v2 v2.4.0 h1:v6R8oBx/Wu9fHpdPoJJjpGSUxo8NhHIwrwsfhFvU9W0= @@ -243,8 +243,8 @@ github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymF github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/envoyproxy/protoc-gen-validate v1.0.2 h1:QkIBuU5k+x7/QXPvPPnWXWlCdaBFApVqftFV6k087DA= -github.com/envoyproxy/protoc-gen-validate v1.0.2/go.mod h1:GpiZQP3dDbg4JouG/NNS7QWXpgx6x8QiMKdmN72jogE= +github.com/envoyproxy/protoc-gen-validate v1.0.4 h1:gVPz/FMfvh57HdSJQyvBtF00j8JU4zdyUgIUNhlgg0A= +github.com/envoyproxy/protoc-gen-validate v1.0.4/go.mod h1:qys6tmnRsYrQqIhm2bvKZH4Blx/1gTIZ2UKVY1M+Yew= github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v5.8.0+incompatible h1:1Av9pn2FyxPdvrWNQszj1g6D6YthSmvCfcN6SYclTJg= github.com/evanphx/json-patch v5.8.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= @@ -268,8 +268,8 @@ github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMo github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/fvbommel/sortorder v1.1.0 h1:fUmoe+HLsBTctBDoaBwpQo5N+nrCp8g/BjKb/6ZQmYw= -github.com/fvbommel/sortorder v1.1.0/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui720w+kxuqRs0= +github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= +github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= github.com/gavv/httpexpect/v2 v2.16.0 h1:Ty2favARiTYTOkCRZGX7ojXXjGyNAIohM1lZ3vqaEwI= github.com/gavv/httpexpect/v2 v2.16.0/go.mod h1:uJLaO+hQ25ukBJtQi750PsztObHybNllN+t+MbbW8PY= github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= @@ -300,8 +300,8 @@ github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7 github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= -github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= @@ -317,9 +317,10 @@ github.com/go-openapi/swag v0.22.6/go.mod h1:Gl91UqO+btAM0plGGxHqJcQZ1ZTy6jbmrid github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI= github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gobwas/glob v0.2.4-0.20181002190808-e7a84e9525fe h1:zn8tqiUbec4wR94o7Qj3LZCAT6uGobhEgnDRg6isG5U= github.com/gobwas/glob v0.2.4-0.20181002190808-e7a84e9525fe/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= github.com/goccy/go-json v0.10.3 h1:KZ5WoDbxAIgm2HNbYckL0se1fHD6rz5j4ywS6ebzDqA= @@ -360,8 +361,6 @@ github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvq github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= @@ -384,7 +383,6 @@ github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= @@ -406,8 +404,8 @@ github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXi github.com/google/martian/v3 v3.3.2 h1:IqNFLAmvJOgVlpdEBiQbDc2EwKW77amAycfTuWKdfvw= github.com/google/martian/v3 v3.3.2/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20221118152302-e6195bd50e26 h1:Xim43kblpZXfIBQsbuBVKCudVG457BR2GZFIz3uw3hQ= -github.com/google/pprof v0.0.0-20221118152302-e6195bd50e26/go.mod h1:dDKJzRmX4S37WGHujM7tX//fmj1uioxKzKxz3lo4HJo= +github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af h1:kmjWCqn2qkEml422C2Rrd27c3VGxi6a/6HNq8QmHRKM= +github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af/go.mod h1:K1liHPHnj73Fdn/EKuT8nrFqBihUSKXoLYU0BuatOYo= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/s2a-go v0.1.7 h1:60BLSyTrOV4/haCDW4zb1guZItoSq8foHCXrAnjBo/o= github.com/google/s2a-go v0.1.7/go.mod h1:50CgR4k1jNlWBu4UfS4AcfhVe1r6pdZPygJ3R8F0Qdw= @@ -433,7 +431,6 @@ github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyC github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4= github.com/gorilla/sessions v1.2.1 h1:DHd3rPN5lE3Ts3D8rKkQ8x/0kqfeNmBAaiSi+o7FsgI= github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY= github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= @@ -445,8 +442,8 @@ github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 h1:Ovs26xHkKqVztRpIrF/92Bcuy github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= github.com/grpc-ecosystem/grpc-gateway v1.16.0 h1:gmcG1KaJ57LophUzW0Hy8NmPhnMZb4M0+kPpLofRdBo= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.0 h1:Wqo399gCIufwto+VfwCSvsnfGpF/w5E9CNxSwbpD6No= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.0/go.mod h1:qmOFXW2epJhM0qSnUUYpldc7gVz2KMQwJ/QYCDIa7XU= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 h1:bkypFPDjIYGfCYD5mRBvpqxfYX1YCS1PXdKYWi8FsN0= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0/go.mod h1:P+Lt/0by1T8bfcF3z737NnSbmxQAppXMRziHUxPOC8k= github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= @@ -637,10 +634,10 @@ github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RR github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= -github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= -github.com/moby/term v0.0.0-20221205130635-1aeaba878587 h1:HfkjXDfhgVaN5rmueG8cL8KKeFNecRCXFhaJ2qZ5SKA= -github.com/moby/term v0.0.0-20221205130635-1aeaba878587/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= +github.com/moby/spdystream v0.4.0 h1:Vy79D6mHeJJjiPdFEL2yku1kl0chZpJfZcPpb16BRl8= +github.com/moby/spdystream v0.4.0/go.mod h1:xBAYlnt/ay+11ShkdFKNAG7LsyK/tmNBVvVOwrfMgdI= +github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0= +github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -669,14 +666,14 @@ github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+ github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY= -github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM= +github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA= +github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.31.0 h1:54UJxxj6cPInHS3a35wm6BK/F9nHYueZ1NVujHDrnXE= -github.com/onsi/gomega v1.31.0/go.mod h1:DW9aCi7U6Yi40wNVAvT6kzFnEVEI5n3DloYBiKiT6zk= +github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= +github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0-rc3 h1:fzg1mXZFj8YdPeNkRXMg+zb88BFV0Ys52cJydRwBkb8= @@ -700,15 +697,15 @@ github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.19.0 h1:ygXvpU1AoN1MhdzckN+PyD9QJOSD4x7kmXYlnfbA6JU= -github.com/prometheus/client_golang v1.19.0/go.mod h1:ZRM9uEAypZakd+q/x7+gmsvXdURP+DABIEIjnmDdp+k= +github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE= +github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.6.0 h1:k1v3CzpSRUTrKMppY35TLwPvxHqBu0bYgxZzqGIgaos= -github.com/prometheus/client_model v0.6.0/go.mod h1:NTQHnmxFpouOD0DpvP4XujX3CdOAGQPoaGhyTchlyt8= -github.com/prometheus/common v0.48.0 h1:QO8U2CdOzSn1BBsmXJXduaaW+dY/5QLjfB8svtSzKKE= -github.com/prometheus/common v0.48.0/go.mod h1:0/KsvlIEfPQCQ5I2iNSAWKPZziNCvRs5EC6ILDTlAPc= -github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= -github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= +github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc= +github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8= +github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= +github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= github.com/remyoudompheng/bigfft v0.0.0-20190728182440-6a916e37a237/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE= @@ -737,8 +734,8 @@ github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdh github.com/segmentio/fasthash v1.0.3 h1:EI9+KE1EwvMLBWwjpRDc+fEM+prwxDYbslddQGtrmhM= github.com/segmentio/fasthash v1.0.3/go.mod h1:waKX8l2N8yckOgmSsXJi7x1ZfdKZ4x7KRMzBtS3oedY= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= -github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0= -github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= +github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= +github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/sethvargo/go-limiter v0.7.2 h1:FgC4N7RMpV5gMrUdda15FaFTkQ/L4fEqM7seXMs4oO8= github.com/sethvargo/go-limiter v0.7.2/go.mod h1:C0kbSFbiriE5k2FFOe18M1YZbAR2Fiwf72uGu0CXCcU= github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4= @@ -818,6 +815,8 @@ github.com/valyala/fasttemplate v1.2.2/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+ github.com/valyala/tcplisten v1.0.0/go.mod h1:T0xQ8SeCZGxckz9qRXTfG43PvQ/mcWh7FwZEA7Ioqkc= github.com/vbatts/tar-split v0.11.3 h1:hLFqsOLQ1SsppQNTMpkpPXClLDfC2A3Zgy9OUU+RVck= github.com/vbatts/tar-split v0.11.3/go.mod h1:9QlHN18E+fEH7RdG+QAJJcuya3rqT7eXSTY7wGrAokY= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= @@ -847,32 +846,34 @@ go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0 h1:UNQQKPfTDe1J81ViolILjTKPr9WetKW6uei2hFgJmFs= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0/go.mod h1:r9vWsPS/3AQItv3OSlEJ/E4mbrhUbbw18meOjArPtKQ= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 h1:sv9kVfal0MK0wBMCOGr+HeJm9v803BkJxGrk2au7j08= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0/go.mod h1:SK2UL73Zy1quvRPonmOmRDiWk1KBV3LyIeeIxcEApWw= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 h1:4K4tsIXefpVJtvA/8srF4V4y0akAoPHkIslgAkjixJA= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0/go.mod h1:jjdQuTGVsXV4vSs+CJ2qYDeDPf9yIJV23qlIzBm73Vg= go.opentelemetry.io/contrib/instrumentation/runtime v0.48.0 h1:dJlCKeq+zmO5Og4kgxqPvvJrzuD/mygs1g/NYM9dAsU= go.opentelemetry.io/contrib/instrumentation/runtime v0.48.0/go.mod h1:p+hpBCpLHpuUrR0lHgnHbUnbCBll1IhrcMIlycC+xYs= -go.opentelemetry.io/otel v1.23.0 h1:Df0pqjqExIywbMCMTxkAwzjLZtRf+bBKLbUcpxO2C9E= -go.opentelemetry.io/otel v1.23.0/go.mod h1:YCycw9ZeKhcJFrb34iVSkyT0iczq/zYDtZYFufObyB0= +go.opentelemetry.io/otel v1.32.0 h1:WnBN+Xjcteh0zdk01SVqV55d/m62NJLJdIyb4y/WO5U= +go.opentelemetry.io/otel v1.32.0/go.mod h1:00DCVSB0RQcnzlwyTfqtxSm+DRr9hpYrHjNGiBHVQIg= go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.23.0 h1:97CpJflo7dJK4A4SLMNoP2loDEAiG0ifF6MnLhtSHUY= go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.23.0/go.mod h1:YzC+4JHcK24PylBTZ78U0XJSYbhHY0uHYNqr+OlcLCs= go.opentelemetry.io/otel/exporters/prometheus v0.45.1 h1:R/bW3afad6q6VGU+MFYpnEdo0stEARMCdhWu6+JI6aI= go.opentelemetry.io/otel/exporters/prometheus v0.45.1/go.mod h1:wnHAfKRav5Dfp4iZhyWZ7SzQfT+rDZpEpYG7To+qJ1k= -go.opentelemetry.io/otel/metric v1.23.0 h1:pazkx7ss4LFVVYSxYew7L5I6qvLXHA0Ap2pwV+9Cnpo= -go.opentelemetry.io/otel/metric v1.23.0/go.mod h1:MqUW2X2a6Q8RN96E2/nqNoT+z9BSms20Jb7Bbp+HiTo= -go.opentelemetry.io/otel/sdk v1.23.0 h1:0KM9Zl2esnl+WSukEmlaAEjVY5HDZANOHferLq36BPc= -go.opentelemetry.io/otel/sdk v1.23.0/go.mod h1:wUscup7byToqyKJSilEtMf34FgdCAsFpFOjXnAwFfO0= -go.opentelemetry.io/otel/sdk/metric v1.23.0 h1:u81lMvmK6GMgN4Fty7K7S6cSKOZhMKJMK2TB+KaTs0I= -go.opentelemetry.io/otel/sdk/metric v1.23.0/go.mod h1:2LUOToN/FdX6wtfpHybOnCZjoZ6ViYajJYMiJ1LKDtQ= -go.opentelemetry.io/otel/trace v1.23.0 h1:37Ik5Ib7xfYVb4V1UtnT97T1jI+AoIYkJyPkuL4iJgI= -go.opentelemetry.io/otel/trace v1.23.0/go.mod h1:GSGTbIClEsuZrGIzoEHqsVfxgn5UkggkflQwDScNUsk= -go.opentelemetry.io/proto/otlp v1.1.0 h1:2Di21piLrCqJ3U3eXGCTPHE9R8Nh+0uglSnOyxikMeI= -go.opentelemetry.io/proto/otlp v1.1.0/go.mod h1:GpBHCBWiqvVLDqmHZsoMM3C5ySeKTC7ej/RNTae6MdY= +go.opentelemetry.io/otel/metric v1.32.0 h1:xV2umtmNcThh2/a/aCP+h64Xx5wsj8qqnkYZktzNa0M= +go.opentelemetry.io/otel/metric v1.32.0/go.mod h1:jH7CIbbK6SH2V2wE16W05BHCtIDzauciCRLoc/SyMv8= +go.opentelemetry.io/otel/sdk v1.32.0 h1:RNxepc9vK59A8XsgZQouW8ue8Gkb4jpWtJm9ge5lEG4= +go.opentelemetry.io/otel/sdk v1.32.0/go.mod h1:LqgegDBjKMmb2GC6/PrTnteJG39I8/vJCAP9LlJXEjU= +go.opentelemetry.io/otel/sdk/metric v1.32.0 h1:rZvFnvmvawYb0alrYkjraqJq0Z4ZUJAiyYCU9snn1CU= +go.opentelemetry.io/otel/sdk/metric v1.32.0/go.mod h1:PWeZlq0zt9YkYAp3gjKZ0eicRYvOh1Gd+X99x6GHpCQ= +go.opentelemetry.io/otel/trace v1.32.0 h1:WIC9mYrXf8TmY/EXuULKc8hR17vE+Hjv2cssQDe03fM= +go.opentelemetry.io/otel/trace v1.32.0/go.mod h1:+i4rkvCraA+tG6AzwloGaCtkx53Fa+L+V8e9a7YvhT8= +go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0= +go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8= go.starlark.net v0.0.0-20230525235612-a134d8f9ddca h1:VdD38733bfYv5tUZwEIskMM93VanwNIi5bIKnDrJdEY= go.starlark.net v0.0.0-20230525235612-a134d8f9ddca/go.mod h1:jxU+3+j+71eXOW14274+SmmuW82qJzl6iZSeqEtTGds= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4= go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= @@ -984,8 +985,8 @@ golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAG golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ= -golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o= +golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs= +golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1055,8 +1056,8 @@ golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg= -golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s= +golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -1084,7 +1085,6 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= @@ -1143,8 +1143,6 @@ google.golang.org/api v0.163.0/go.mod h1:6SulDkfoBIg4NFmCuZ39XeeAgSHCPecfSUuDyYl google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= -google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= @@ -1154,10 +1152,10 @@ google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfG google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac h1:ZL/Teoy/ZGnzyrqK/Optxxp2pmVh+fmJ97slxSRyzUg= google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac/go.mod h1:+Rvu7ElI+aLzyDQhpHMFMMltsD6m7nqpuWDd2CwJw3k= -google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe h1:0poefMBYvYbs7g5UkjS6HcxBPaTRAmznle9jnxYoAI8= -google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe/go.mod h1:4jWUdICTdgc3Ibxmr8nAJiiLHwQBY0UI0XZcEMaFKaA= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe h1:bQnxqljG/wqi4NTXu2+DJ3n7APcEA882QZ1JvhQAq9o= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe/go.mod h1:PAREbraiVEVGVdTZsVWjSbbTtSyGbAgIIvni8a8CD5s= +google.golang.org/genproto/googleapis/api v0.0.0-20240528184218-531527333157 h1:7whR9kGa5LUwFtpLm2ArCEejtnxlGeLbAyjFY8sGNFw= +google.golang.org/genproto/googleapis/api v0.0.0-20240528184218-531527333157/go.mod h1:99sLkeliLXfdj2J75X3Ho+rrVCaJze0uwN7zDDkjPVU= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094 h1:BwIjyKYGsK9dMCBOorzRri8MQwmi7mT9rGHsCEinZkA= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094/go.mod h1:Ue6ibwXGpU+dqIcODieyLOcgj7z8+IcskoNIgZxtrFY= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= @@ -1165,8 +1163,8 @@ google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8 google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= -google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0= -google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs= +google.golang.org/grpc v1.65.0 h1:bs/cUb4lp1G5iImFFd3u5ixQzweKizoZJAwBNLR42lc= +google.golang.org/grpc v1.65.0/go.mod h1:WgYC2ypjlB0EiQi6wdKixMqukr6lBc0Vo+oOgjrM5ZQ= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -1176,10 +1174,8 @@ google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= +google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -1187,6 +1183,8 @@ gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= +gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/go-playground/webhooks.v5 v5.17.0 h1:truBced5ZmkiNKK47cM8bMe86wUSjNks7SFMuNKwzlc= gopkg.in/go-playground/webhooks.v5 v5.17.0/go.mod h1:LZbya/qLVdbqDR1aKrGuWV6qbia2zCYSR5dpom2SInQ= @@ -1221,20 +1219,20 @@ honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= k8s.io/api v0.17.8/go.mod h1:N++Llhs8kCixMUoCaXXAyMMPbo8dDVnh+IQ36xZV2/0= -k8s.io/api v0.30.3 h1:ImHwK9DCsPA9uoU3rVh4QHAHHK5dTSv1nxJUapx8hoQ= -k8s.io/api v0.30.3/go.mod h1:GPc8jlzoe5JG3pb0KJCSLX5oAFIW3/qNJITlDj8BH04= +k8s.io/api v0.31.3 h1:umzm5o8lFbdN/hIXbrK9oRpOproJO62CV1zqxXrLgk8= +k8s.io/api v0.31.3/go.mod h1:UJrkIp9pnMOI9K2nlL6vwpxRzzEX5sWgn8kGQe92kCE= k8s.io/apimachinery v0.17.8/go.mod h1:Lg8zZ5iC/O8UjCqW6DNhcQG2m4TdjF9kwG3891OWbbA= -k8s.io/apimachinery v0.30.3 h1:q1laaWCmrszyQuSQCfNB8cFgCuDAoPszKY4ucAjDwHc= -k8s.io/apimachinery v0.30.3/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= -k8s.io/cli-runtime v0.30.3 h1:aG69oRzJuP2Q4o8dm+f5WJIX4ZBEwrvdID0+MXyUY6k= -k8s.io/cli-runtime v0.30.3/go.mod h1:hwrrRdd9P84CXSKzhHxrOivAR9BRnkMt0OeP5mj7X30= +k8s.io/apimachinery v0.31.3 h1:6l0WhcYgasZ/wk9ktLq5vLaoXJJr5ts6lkaQzgeYPq4= +k8s.io/apimachinery v0.31.3/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= +k8s.io/cli-runtime v0.31.3 h1:fEQD9Xokir78y7pVK/fCJN090/iYNrLHpFbGU4ul9TI= +k8s.io/cli-runtime v0.31.3/go.mod h1:Q2jkyTpl+f6AtodQvgDI8io3jrfr+Z0LyQBPJJ2Btq8= k8s.io/client-go v0.17.8/go.mod h1:SJsDS64AAtt9VZyeaQMb4Ck5etCitZ/FwajWdzua5eY= -k8s.io/client-go v0.30.3 h1:bHrJu3xQZNXIi8/MoxYtZBBWQQXwy16zqJwloXXfD3k= -k8s.io/client-go v0.30.3/go.mod h1:8d4pf8vYu665/kUbsxWAQ/JDBNWqfFeZnvFiVdmx89U= -k8s.io/component-base v0.30.3 h1:Ci0UqKWf4oiwy8hr1+E3dsnliKnkMLZMVbWzeorlk7s= -k8s.io/component-base v0.30.3/go.mod h1:C1SshT3rGPCuNtBs14RmVD2xW0EhRSeLvBh7AGk1quA= -k8s.io/component-helpers v0.30.3 h1:KPc8l0eGx9Wg2OcKc58k9ozNcVcOInAi3NGiuS2xJ/c= -k8s.io/component-helpers v0.30.3/go.mod h1:VOQ7g3q+YbKWwKeACG2BwPv4ftaN8jXYJ5U3xpzuYAE= +k8s.io/client-go v0.31.3 h1:CAlZuM+PH2cm+86LOBemaJI/lQ5linJ6UFxKX/SoG+4= +k8s.io/client-go v0.31.3/go.mod h1:2CgjPUTpv3fE5dNygAr2NcM8nhHzXvxB8KL5gYc3kJs= +k8s.io/component-base v0.31.3 h1:DMCXXVx546Rfvhj+3cOm2EUxhS+EyztH423j+8sOwhQ= +k8s.io/component-base v0.31.3/go.mod h1:xME6BHfUOafRgT0rGVBGl7TuSg8Z9/deT7qq6w7qjIU= +k8s.io/component-helpers v0.31.3 h1:0zGPD2PrekhFWgmz85XxlMEl7dfhlKC1tERZDe3onQc= +k8s.io/component-helpers v0.31.3/go.mod h1:HZ1HZx2TKXM7xSUV2cR9L5yDoyZPhhHQNaE3BPBLPUQ= k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20220902162205-c0856e24416d h1:U9tB195lKdzwqicbJvyJeOXV7Klv+wNAWENRnXEGi08= k8s.io/gengo v0.0.0-20220902162205-c0856e24416d/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= @@ -1243,18 +1241,18 @@ k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.5.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= -k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= -k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= +k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20200410145947-bcb3869e6f29/go.mod h1:F+5wygcW0wmRTnM3cOgIqGivxkwSWIWT5YdsDbeAOaU= k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= -k8s.io/kubectl v0.30.3 h1:YIBBvMdTW0xcDpmrOBzcpUVsn+zOgjMYIu7kAq+yqiI= -k8s.io/kubectl v0.30.3/go.mod h1:IcR0I9RN2+zzTRUa1BzZCm4oM0NLOawE6RzlDvd1Fpo= -k8s.io/metrics v0.30.3 h1:gKCpte5zykrOmQhZ8qmsxyJslMdiLN+sqbBfIWNpbGM= -k8s.io/metrics v0.30.3/go.mod h1:W06L2nXRhOwPkFYDJYWdEIS3u6JcJy3ebIPYbndRs6A= +k8s.io/kubectl v0.31.3 h1:3r111pCjPsvnR98oLLxDMwAeM6OPGmPty6gSKaLTQes= +k8s.io/kubectl v0.31.3/go.mod h1:lhMECDCbJN8He12qcKqs2QfmVo9Pue30geovBVpH5fs= +k8s.io/metrics v0.31.3 h1:DkT9I3gFlb2/z+/4BMY7WrQ/PnbukuV4Yli82v/KBCM= +k8s.io/metrics v0.31.3/go.mod h1:2w9gpd8z+13oJmaPR6p3kDyrDqnxSyoKpnOw2qLIdhI= k8s.io/utils v0.0.0-20191114184206-e782cd3c129f/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= modernc.org/b v1.0.4/go.mod h1:Oqc2xtmGT0tvBUsPZIanirLhxBCQZhM7Lu3TlzBj9w8= modernc.org/b v1.1.0/go.mod h1:yF+wmBAFjebNdVqZNTeNfmnLaLqq91wozvDLcuXz+ck= modernc.org/db v1.0.8/go.mod h1:L8Az96H46DF2+BGeaS6+WiEqLORR2sjp0yBn6LA/lAQ= @@ -1303,12 +1301,12 @@ moul.io/http2curl/v2 v2.3.0 h1:9r3JfDzWPcbIklMOs2TnIFzDYvfAZvjeavG6EzP7jYs= moul.io/http2curl/v2 v2.3.0/go.mod h1:RW4hyBjTWSYDOxapodpNEtX0g5Eb16sxklBqmd2RHcE= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 h1:XX3Ajgzov2RKUdc5jW3t5jwY7Bo7dcRm+tFxT+NfgY0= -sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3/go.mod h1:9n16EZKMhXBNSiUC5kSdFQJkdH3zbxS/JoO619G1VAY= -sigs.k8s.io/kustomize/kustomize/v5 v5.0.4-0.20230601165947-6ce0bf390ce3 h1:vq2TtoDcQomhy7OxXLUOzSbHMuMYq0Bjn93cDtJEdKw= -sigs.k8s.io/kustomize/kustomize/v5 v5.0.4-0.20230601165947-6ce0bf390ce3/go.mod h1:/d88dHCvoy7d0AKFT0yytezSGZKjsZBVs9YTkBHSGFk= -sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 h1:W6cLQc5pnqM7vh3b7HvGNfXrJ/xL6BDMS0v1V/HHg5U= -sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3/go.mod h1:JWP1Fj0VWGHyw3YUPjXSQnRnrwezrZSrApfX5S0nIag= +sigs.k8s.io/kustomize/api v0.17.2 h1:E7/Fjk7V5fboiuijoZHgs4aHuexi5Y2loXlVOAVAG5g= +sigs.k8s.io/kustomize/api v0.17.2/go.mod h1:UWTz9Ct+MvoeQsHcJ5e+vziRRkwimm3HytpZgIYqye0= +sigs.k8s.io/kustomize/kustomize/v5 v5.4.2 h1:9Zl5Gqg3XMdBEvkR54pVLCBj7FVO7W+VPNDDEzD6AyE= +sigs.k8s.io/kustomize/kustomize/v5 v5.4.2/go.mod h1:5ypfJVYlPb2MKKeoGknVLxvHemDlQT+szI4+KOhnD6k= +sigs.k8s.io/kustomize/kyaml v0.17.1 h1:TnxYQxFXzbmNG6gOINgGWQt09GghzgTP6mIurOgrLCQ= +sigs.k8s.io/kustomize/kyaml v0.17.1/go.mod h1:9V0mCjIEYjlXuCdYsSXvyoy2BTsLESH7TlGV81S282U= sigs.k8s.io/structured-merge-diff/v2 v2.0.1/go.mod h1:Wb7vfKAodbKgf6tn1Kl0VvGj7mRH6DGaRcixXEJXTsE= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= diff --git a/manifests/base/crds/full/argoproj.io_clusterworkflowtemplates.yaml b/manifests/base/crds/full/argoproj.io_clusterworkflowtemplates.yaml index 0cc5f7ca2477..ad68cb94e96f 100644 --- a/manifests/base/crds/full/argoproj.io_clusterworkflowtemplates.yaml +++ b/manifests/base/crds/full/argoproj.io_clusterworkflowtemplates.yaml @@ -2077,6 +2077,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -3373,6 +3375,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -3479,6 +3482,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -3560,6 +3564,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -3677,6 +3683,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4053,6 +4060,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4159,6 +4167,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4240,6 +4249,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -4357,6 +4368,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6762,6 +6774,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6870,6 +6883,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6951,6 +6965,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -7068,6 +7084,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9433,6 +9450,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9539,6 +9557,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9620,6 +9639,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -9739,6 +9760,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9906,6 +9928,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -10187,6 +10211,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -10295,6 +10320,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -10376,6 +10402,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -10493,6 +10521,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -10720,10 +10749,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -11083,6 +11114,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -11096,6 +11134,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -11344,6 +11383,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -11351,6 +11391,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -11362,6 +11403,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -11370,6 +11412,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -11387,6 +11430,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -12670,6 +12714,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -12776,6 +12821,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -12857,6 +12903,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -12974,6 +13022,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -13350,6 +13399,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -13456,6 +13506,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -13537,6 +13588,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -13654,6 +13707,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -16059,6 +16113,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -16167,6 +16222,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -16248,6 +16304,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -16365,6 +16423,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -18730,6 +18789,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -18836,6 +18896,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -18917,6 +18978,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -19036,6 +19099,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -19203,6 +19267,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -19484,6 +19550,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -19592,6 +19659,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -19673,6 +19741,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -19790,6 +19860,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -20017,10 +20088,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -20380,6 +20453,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -20393,6 +20473,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -20641,6 +20722,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -20648,6 +20730,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -20659,6 +20742,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -20667,6 +20751,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -20684,6 +20769,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -20984,10 +21070,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -21347,6 +21435,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -21360,6 +21455,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -21608,6 +21704,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -21615,6 +21712,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -21626,6 +21724,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -21634,6 +21733,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -21651,6 +21751,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string diff --git a/manifests/base/crds/full/argoproj.io_cronworkflows.yaml b/manifests/base/crds/full/argoproj.io_cronworkflows.yaml index 2f40c0771299..cd0458d2734f 100644 --- a/manifests/base/crds/full/argoproj.io_cronworkflows.yaml +++ b/manifests/base/crds/full/argoproj.io_cronworkflows.yaml @@ -2111,6 +2111,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -3407,6 +3409,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -3513,6 +3516,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -3594,6 +3598,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -3711,6 +3717,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4087,6 +4094,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4193,6 +4201,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4274,6 +4283,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -4391,6 +4402,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6796,6 +6808,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6904,6 +6917,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6985,6 +6999,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -7102,6 +7118,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9467,6 +9484,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9573,6 +9591,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9654,6 +9673,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -9773,6 +9794,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9940,6 +9962,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -10221,6 +10245,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -10329,6 +10354,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -10410,6 +10436,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -10527,6 +10555,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -10754,10 +10783,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -11117,6 +11148,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -11130,6 +11168,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -11378,6 +11417,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -11385,6 +11425,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -11396,6 +11437,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -11404,6 +11446,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -11421,6 +11464,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -12704,6 +12748,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -12810,6 +12855,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -12891,6 +12937,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -13008,6 +13056,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -13384,6 +13433,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -13490,6 +13540,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -13571,6 +13622,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -13688,6 +13741,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -16093,6 +16147,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -16201,6 +16256,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -16282,6 +16338,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -16399,6 +16457,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -18764,6 +18823,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -18870,6 +18930,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -18951,6 +19012,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -19070,6 +19133,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -19237,6 +19301,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -19518,6 +19584,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -19626,6 +19693,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -19707,6 +19775,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -19824,6 +19894,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -20051,10 +20122,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -20414,6 +20487,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -20427,6 +20507,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -20675,6 +20756,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -20682,6 +20764,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -20693,6 +20776,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -20701,6 +20785,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -20718,6 +20803,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -21018,10 +21104,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -21381,6 +21469,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -21394,6 +21489,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -21642,6 +21738,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -21649,6 +21746,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -21660,6 +21758,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -21668,6 +21767,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -21685,6 +21785,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string diff --git a/manifests/base/crds/full/argoproj.io_workflows.yaml b/manifests/base/crds/full/argoproj.io_workflows.yaml index da9968304348..99f7ce3ae171 100644 --- a/manifests/base/crds/full/argoproj.io_workflows.yaml +++ b/manifests/base/crds/full/argoproj.io_workflows.yaml @@ -2091,6 +2091,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -3387,6 +3389,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -3493,6 +3496,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -3574,6 +3578,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -3691,6 +3697,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4067,6 +4074,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4173,6 +4181,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4254,6 +4263,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -4371,6 +4382,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6776,6 +6788,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6884,6 +6897,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6965,6 +6979,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -7082,6 +7098,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9447,6 +9464,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9553,6 +9571,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9634,6 +9653,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -9753,6 +9774,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9920,6 +9942,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -10201,6 +10225,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -10309,6 +10334,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -10390,6 +10416,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -10507,6 +10535,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -10734,10 +10763,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -11097,6 +11128,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -11110,6 +11148,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -11358,6 +11397,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -11365,6 +11405,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -11376,6 +11417,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -11384,6 +11426,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -11401,6 +11444,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -12684,6 +12728,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -12790,6 +12835,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -12871,6 +12917,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -12988,6 +13036,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -13364,6 +13413,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -13470,6 +13520,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -13551,6 +13602,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -13668,6 +13721,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -16073,6 +16127,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -16181,6 +16236,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -16262,6 +16318,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -16379,6 +16437,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -18744,6 +18803,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -18850,6 +18910,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -18931,6 +18992,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -19050,6 +19113,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -19217,6 +19281,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -19498,6 +19564,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -19606,6 +19673,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -19687,6 +19755,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -19804,6 +19874,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -20031,10 +20102,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -20394,6 +20467,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -20407,6 +20487,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -20655,6 +20736,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -20662,6 +20744,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -20673,6 +20756,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -20681,6 +20765,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -20698,6 +20783,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -20998,10 +21084,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -21361,6 +21449,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -21374,6 +21469,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -21622,6 +21718,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -21629,6 +21726,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -21640,6 +21738,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -21648,6 +21747,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -21665,6 +21765,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -24103,10 +24204,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -24466,6 +24569,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -24479,6 +24589,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -24727,6 +24838,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -24734,6 +24846,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -24745,6 +24858,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -24753,6 +24867,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -24770,6 +24885,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -26064,6 +26180,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -26170,6 +26287,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -26251,6 +26369,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -26368,6 +26488,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -26744,6 +26865,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -26850,6 +26972,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -26931,6 +27054,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -27048,6 +27173,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -29453,6 +29579,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -29561,6 +29688,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -29642,6 +29770,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -29759,6 +29889,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -32124,6 +32255,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -32230,6 +32362,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -32311,6 +32444,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -32430,6 +32565,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -32597,6 +32733,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -32878,6 +33016,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -32986,6 +33125,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -33067,6 +33207,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -33184,6 +33326,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -33411,10 +33554,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -33774,6 +33919,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -33787,6 +33939,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -34035,6 +34188,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -34042,6 +34196,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -34053,6 +34208,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -34061,6 +34217,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -34078,6 +34235,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -36205,6 +36363,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -37501,6 +37661,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -37607,6 +37768,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -37688,6 +37850,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -37805,6 +37969,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -38181,6 +38346,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -38287,6 +38453,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -38368,6 +38535,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -38485,6 +38654,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -40890,6 +41060,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -40998,6 +41169,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -41079,6 +41251,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -41196,6 +41370,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -43561,6 +43736,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -43667,6 +43843,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -43748,6 +43925,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -43867,6 +44046,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -44034,6 +44214,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -44315,6 +44497,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -44423,6 +44606,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -44504,6 +44688,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -44621,6 +44807,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -44848,10 +45035,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -45211,6 +45400,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -45224,6 +45420,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -45472,6 +45669,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -45479,6 +45677,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -45490,6 +45689,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -45498,6 +45698,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -45515,6 +45716,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -46798,6 +47000,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -46904,6 +47107,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -46985,6 +47189,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -47102,6 +47308,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -47478,6 +47685,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -47584,6 +47792,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -47665,6 +47874,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -47782,6 +47993,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -50187,6 +50399,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -50295,6 +50508,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -50376,6 +50590,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -50493,6 +50709,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -52858,6 +53075,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -52964,6 +53182,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -53045,6 +53264,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -53164,6 +53385,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -53331,6 +53553,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -53612,6 +53836,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -53720,6 +53945,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -53801,6 +54027,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -53918,6 +54146,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -54145,10 +54374,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -54508,6 +54739,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -54521,6 +54759,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -54769,6 +55008,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -54776,6 +55016,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -54787,6 +55028,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -54795,6 +55037,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -54812,6 +55055,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -55112,10 +55356,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -55475,6 +55721,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -55488,6 +55741,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -55736,6 +55990,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -55743,6 +55998,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -55754,6 +56010,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -55762,6 +56019,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -55779,6 +56037,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string diff --git a/manifests/base/crds/full/argoproj.io_workflowtasksets.yaml b/manifests/base/crds/full/argoproj.io_workflowtasksets.yaml index 1811733493d8..9c1a7b458bba 100644 --- a/manifests/base/crds/full/argoproj.io_workflowtasksets.yaml +++ b/manifests/base/crds/full/argoproj.io_workflowtasksets.yaml @@ -1235,6 +1235,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -1341,6 +1342,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -1422,6 +1424,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -1539,6 +1543,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -1915,6 +1920,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -2021,6 +2027,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -2102,6 +2109,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -2219,6 +2228,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4624,6 +4634,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4732,6 +4743,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4813,6 +4825,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -4930,6 +4944,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -7295,6 +7310,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -7401,6 +7417,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -7482,6 +7499,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -7601,6 +7620,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -7768,6 +7788,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -8049,6 +8071,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -8157,6 +8180,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -8238,6 +8262,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -8355,6 +8381,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -8582,10 +8609,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -8945,6 +8974,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -8958,6 +8994,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -9206,6 +9243,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -9213,6 +9251,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -9224,6 +9263,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -9232,6 +9272,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -9249,6 +9290,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string diff --git a/manifests/base/crds/full/argoproj.io_workflowtemplates.yaml b/manifests/base/crds/full/argoproj.io_workflowtemplates.yaml index 330b98e7f927..ac95f76a9fda 100644 --- a/manifests/base/crds/full/argoproj.io_workflowtemplates.yaml +++ b/manifests/base/crds/full/argoproj.io_workflowtemplates.yaml @@ -2076,6 +2076,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -3372,6 +3374,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -3478,6 +3481,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -3559,6 +3563,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -3676,6 +3682,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4052,6 +4059,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4158,6 +4166,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4239,6 +4248,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -4356,6 +4367,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6761,6 +6773,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6869,6 +6882,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6950,6 +6964,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -7067,6 +7083,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9432,6 +9449,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9538,6 +9556,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9619,6 +9638,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -9738,6 +9759,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9905,6 +9927,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -10186,6 +10210,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -10294,6 +10319,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -10375,6 +10401,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -10492,6 +10520,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -10719,10 +10748,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -11082,6 +11113,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -11095,6 +11133,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -11343,6 +11382,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -11350,6 +11390,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -11361,6 +11402,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -11369,6 +11411,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -11386,6 +11429,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -12669,6 +12713,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -12775,6 +12820,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -12856,6 +12902,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -12973,6 +13021,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -13349,6 +13398,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -13455,6 +13505,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -13536,6 +13587,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -13653,6 +13706,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -16058,6 +16112,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -16166,6 +16221,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -16247,6 +16303,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -16364,6 +16422,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -18729,6 +18788,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -18835,6 +18895,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -18916,6 +18977,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -19035,6 +19098,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -19202,6 +19266,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -19483,6 +19549,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -19591,6 +19658,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -19672,6 +19740,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -19789,6 +19859,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -20016,10 +20087,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -20379,6 +20452,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -20392,6 +20472,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -20640,6 +20721,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -20647,6 +20729,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -20658,6 +20741,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -20666,6 +20750,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -20683,6 +20768,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -20983,10 +21069,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -21346,6 +21434,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -21359,6 +21454,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -21607,6 +21703,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -21614,6 +21711,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -21625,6 +21723,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -21633,6 +21732,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -21650,6 +21750,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string diff --git a/pkg/apiclient/argo-server-client.go b/pkg/apiclient/argo-server-client.go index 0a4419b2dc09..d68ed55574a0 100644 --- a/pkg/apiclient/argo-server-client.go +++ b/pkg/apiclient/argo-server-client.go @@ -66,7 +66,7 @@ func newClientConn(opts ArgoServerOpts) (*grpc.ClientConn, error) { if opts.Secure { creds = grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{InsecureSkipVerify: opts.InsecureSkipVerify})) } - conn, err := grpc.Dial(opts.URL, + conn, err := grpc.NewClient(opts.URL, grpc.WithDefaultCallOptions(grpc.MaxCallRecvMsgSize(MaxClientGRPCMessageSize)), creds, grpc.WithUnaryInterceptor(grpcutil.GetVersionHeaderClientUnaryInterceptor), diff --git a/pkg/plugins/executor/swagger.yml b/pkg/plugins/executor/swagger.yml index 0475c65fb801..f18cbe1967e5 100644 --- a/pkg/plugins/executor/swagger.yml +++ b/pkg/plugins/executor/swagger.yml @@ -328,6 +328,7 @@ definitions: Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. +optional + +default="ext4" type: string kind: $ref: '#/definitions/AzureDataDiskKind' @@ -336,6 +337,7 @@ definitions: readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. +optional + +default=false type: boolean title: AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. type: object @@ -1951,6 +1953,7 @@ definitions: iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). +optional + +default="default" type: string lun: description: lun represents iSCSI Target Lun number. @@ -1980,6 +1983,22 @@ definitions: type: string title: Represents an ISCSI disk. type: object + ImageVolumeSource: + properties: + pullPolicy: + $ref: '#/definitions/PullPolicy' + reference: + description: |- + Required: Image or artifact reference to be used. + Behaves in the same way as pod.spec.containers[*].image. + Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. + +optional + type: string + title: ImageVolumeSource represents a image volume resource. + type: object Inputs: description: Inputs are the mechanism for passing parameters, artifacts, volumes from one template to another properties: @@ -2624,7 +2643,7 @@ definitions: set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). +featureGate=VolumeAttributesClass +optional type: string @@ -2917,7 +2936,8 @@ definitions: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + +listType=atomic +optional items: @@ -2933,7 +2953,8 @@ definitions: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). + +listType=atomic +optional items: @@ -3063,12 +3084,14 @@ definitions: $ref: '#/definitions/SeccompProfile' supplementalGroups: description: |- - A list of groups applied to the first process run in each container, in addition - to the container's primary GID, the fsGroup (if specified), and group memberships - defined in the container image for the uid of the container process. If unspecified, - no additional groups are added to any container. Note that group memberships - defined in the container image for the uid of the container process are still effective, - even if they are not included in this list. + A list of groups applied to the first process run in each container, in + addition to the container's primary GID and fsGroup (if specified). If + the SupplementalGroupsPolicy feature is enabled, the + supplementalGroupsPolicy field determines whether these are in addition + to or instead of any group memberships defined in the container image. + If unspecified, no additional groups are added, though group memberships + defined in the container image may still be used, depending on the + supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows. +optional +listType=atomic @@ -3076,6 +3099,8 @@ definitions: format: int64 type: integer type: array + supplementalGroupsPolicy: + $ref: '#/definitions/SupplementalGroupsPolicy' sysctls: description: |- Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported @@ -3208,7 +3233,8 @@ definitions: type: integer sources: description: |- - sources is the list of volume projections + sources is the list of volume projections. Each entry in this list + handles one source. +optional +listType=atomic items: @@ -3381,6 +3407,7 @@ definitions: Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +optional + +default="/etc/ceph/keyring" type: string monitors: description: |- @@ -3396,6 +3423,7 @@ definitions: Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +optional + +default="rbd" type: string readOnly: description: |- @@ -3412,6 +3440,7 @@ definitions: Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it +optional + +default="admin" type: string title: Represents a Rados Block Device mount that lasts the lifetime of a pod. type: object @@ -3433,6 +3462,14 @@ definitions: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + + +optional + type: string title: ResourceClaim references one entry in PodSpec.ResourceClaims. type: object ResourceFieldSelector: @@ -3644,6 +3681,7 @@ definitions: Ex. "ext4", "xfs", "ntfs". Default is "xfs". +optional + +default="xfs" type: string gateway: description: gateway is the host address of the ScaleIO API Gateway. @@ -3671,6 +3709,7 @@ definitions: storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. +optional + +default="ThinProvisioned" type: string storagePool: description: |- @@ -4207,6 +4246,12 @@ definitions: type: string title: Represents a StorageOS persistent volume resource. type: object + SupplementalGroupsPolicy: + description: |- + SupplementalGroupsPolicy defines how supplemental groups + of the first container processes are calculated. + +enum + type: string SuppliedValueFrom: title: SuppliedValueFrom is a placeholder for a value to be filled in directly, either through the CLI, API, etc. type: object @@ -4798,6 +4843,8 @@ definitions: $ref: '#/definitions/GlusterfsVolumeSource' hostPath: $ref: '#/definitions/HostPathVolumeSource' + image: + $ref: '#/definitions/ImageVolumeSource' iscsi: $ref: '#/definitions/ISCSIVolumeSource' name: @@ -4877,7 +4924,7 @@ definitions: title: VolumeMount describes a mounting of a Volume within a container. type: object VolumeProjection: - description: Projection that may be projected along with other supported volume types + description: Exactly one of these fields must be set. properties: clusterTrustBundle: $ref: '#/definitions/ClusterTrustBundleProjection' @@ -4889,6 +4936,7 @@ definitions: $ref: '#/definitions/SecretProjection' serviceAccountToken: $ref: '#/definitions/ServiceAccountTokenProjection' + title: Projection that may be projected along with other supported volume types. type: object VolumeResourceRequirements: properties: diff --git a/sdks/java/client/docs/ImageVolumeSource.md b/sdks/java/client/docs/ImageVolumeSource.md new file mode 100644 index 000000000000..38700ffc2087 --- /dev/null +++ b/sdks/java/client/docs/ImageVolumeSource.md @@ -0,0 +1,15 @@ + + +# ImageVolumeSource + +ImageVolumeSource represents a image volume resource. + +## Properties + +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**pullPolicy** | **String** | Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. | [optional] +**reference** | **String** | Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. | [optional] + + + diff --git a/sdks/java/client/docs/PersistentVolumeClaimSpec.md b/sdks/java/client/docs/PersistentVolumeClaimSpec.md index 5832b622d773..c9cb0fcb3575 100644 --- a/sdks/java/client/docs/PersistentVolumeClaimSpec.md +++ b/sdks/java/client/docs/PersistentVolumeClaimSpec.md @@ -14,7 +14,7 @@ Name | Type | Description | Notes **resources** | [**VolumeResourceRequirements**](VolumeResourceRequirements.md) | | [optional] **selector** | [**LabelSelector**](LabelSelector.md) | | [optional] **storageClassName** | **String** | storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 | [optional] -**volumeAttributesClassName** | **String** | volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. | [optional] +**volumeAttributesClassName** | **String** | volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). | [optional] **volumeMode** | **String** | volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. | [optional] **volumeName** | **String** | volumeName is the binding reference to the PersistentVolume backing this claim. | [optional] diff --git a/sdks/java/client/docs/PersistentVolumeClaimStatus.md b/sdks/java/client/docs/PersistentVolumeClaimStatus.md index a53e1a085396..ed0f621ff089 100644 --- a/sdks/java/client/docs/PersistentVolumeClaimStatus.md +++ b/sdks/java/client/docs/PersistentVolumeClaimStatus.md @@ -13,7 +13,7 @@ Name | Type | Description | Notes **allocatedResources** | **Map<String, String>** | allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. | [optional] **capacity** | **Map<String, String>** | capacity represents the actual resources of the underlying volume. | [optional] **conditions** | [**List<PersistentVolumeClaimCondition>**](PersistentVolumeClaimCondition.md) | conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'Resizing'. | [optional] -**currentVolumeAttributesClassName** | **String** | currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is an alpha field and requires enabling VolumeAttributesClass feature. | [optional] +**currentVolumeAttributesClassName** | **String** | currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is a beta field and requires enabling VolumeAttributesClass feature (off by default). | [optional] **modifyVolumeStatus** | [**ModifyVolumeStatus**](ModifyVolumeStatus.md) | | [optional] **phase** | **String** | phase represents the current phase of PersistentVolumeClaim. | [optional] diff --git a/sdks/java/client/docs/PodAffinityTerm.md b/sdks/java/client/docs/PodAffinityTerm.md index bf9d7fd256d2..1cd68ca721d5 100644 --- a/sdks/java/client/docs/PodAffinityTerm.md +++ b/sdks/java/client/docs/PodAffinityTerm.md @@ -9,8 +9,8 @@ Defines a set of pods (namely those matching the labelSelector relative to the g Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **labelSelector** | [**LabelSelector**](LabelSelector.md) | | [optional] -**matchLabelKeys** | **List<String>** | MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. | [optional] -**mismatchLabelKeys** | **List<String>** | MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. | [optional] +**matchLabelKeys** | **List<String>** | MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | [optional] +**mismatchLabelKeys** | **List<String>** | MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | [optional] **namespaceSelector** | [**LabelSelector**](LabelSelector.md) | | [optional] **namespaces** | **List<String>** | namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\". | [optional] **topologyKey** | **String** | This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. | diff --git a/sdks/java/client/docs/ProjectedVolumeSource.md b/sdks/java/client/docs/ProjectedVolumeSource.md index 842bac85a0ea..6db522ebfec5 100644 --- a/sdks/java/client/docs/ProjectedVolumeSource.md +++ b/sdks/java/client/docs/ProjectedVolumeSource.md @@ -9,7 +9,7 @@ Represents a projected volume source Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **defaultMode** | **Integer** | defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. | [optional] -**sources** | [**List<VolumeProjection>**](VolumeProjection.md) | sources is the list of volume projections | [optional] +**sources** | [**List<VolumeProjection>**](VolumeProjection.md) | sources is the list of volume projections. Each entry in this list handles one source. | [optional] diff --git a/sdks/java/client/docs/ResourceClaim.md b/sdks/java/client/docs/ResourceClaim.md index 60050a483e2b..6fd8873a4cb1 100644 --- a/sdks/java/client/docs/ResourceClaim.md +++ b/sdks/java/client/docs/ResourceClaim.md @@ -9,6 +9,7 @@ ResourceClaim references one entry in PodSpec.ResourceClaims. Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **name** | **String** | Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. | +**request** | **String** | Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request. | [optional] diff --git a/sdks/java/client/docs/VolumeProjection.md b/sdks/java/client/docs/VolumeProjection.md index 9f0fefea1505..761d8e6cf6b0 100644 --- a/sdks/java/client/docs/VolumeProjection.md +++ b/sdks/java/client/docs/VolumeProjection.md @@ -2,7 +2,7 @@ # VolumeProjection -Projection that may be projected along with other supported volume types +Projection that may be projected along with other supported volume types. Exactly one of these fields must be set. ## Properties diff --git a/sdks/python/client/argo_workflows/model/image_volume_source.py b/sdks/python/client/argo_workflows/model/image_volume_source.py new file mode 100644 index 000000000000..36805d8de600 --- /dev/null +++ b/sdks/python/client/argo_workflows/model/image_volume_source.py @@ -0,0 +1,259 @@ +""" + Argo Workflows API + + Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. For more information, please see https://argo-workflows.readthedocs.io/en/latest/ # noqa: E501 + + The version of the OpenAPI document: VERSION + Generated by: https://openapi-generator.tech +""" + + +import re # noqa: F401 +import sys # noqa: F401 + +from argo_workflows.model_utils import ( # noqa: F401 + ApiTypeError, + ModelComposed, + ModelNormal, + ModelSimple, + cached_property, + change_keys_js_to_python, + convert_js_args_to_python_args, + date, + datetime, + file_type, + none_type, + validate_get_composed_info, + OpenApiModel +) +from argo_workflows.exceptions import ApiAttributeError + + + +class ImageVolumeSource(ModelNormal): + """NOTE: This class is auto generated by OpenAPI Generator. + Ref: https://openapi-generator.tech + + Do not edit the class manually. + + Attributes: + allowed_values (dict): The key is the tuple path to the attribute + and the for var_name this is (var_name,). The value is a dict + with a capitalized key describing the allowed value and an allowed + value. These dicts store the allowed enum values. + attribute_map (dict): The key is attribute name + and the value is json key in definition. + discriminator_value_class_map (dict): A dict to go from the discriminator + variable value to the discriminator class name. + validations (dict): The key is the tuple path to the attribute + and the for var_name this is (var_name,). The value is a dict + that stores validations for max_length, min_length, max_items, + min_items, exclusive_maximum, inclusive_maximum, exclusive_minimum, + inclusive_minimum, and regex. + additional_properties_type (tuple): A tuple of classes accepted + as additional properties values. + """ + + allowed_values = { + } + + validations = { + } + + @cached_property + def additional_properties_type(): + """ + This must be a method because a model may have properties that are + of type self, this must run after the class is loaded + """ + return (bool, date, datetime, dict, float, int, list, str, none_type,) # noqa: E501 + + _nullable = False + + @cached_property + def openapi_types(): + """ + This must be a method because a model may have properties that are + of type self, this must run after the class is loaded + + Returns + openapi_types (dict): The key is attribute name + and the value is attribute type. + """ + return { + 'pull_policy': (str,), # noqa: E501 + 'reference': (str,), # noqa: E501 + } + + @cached_property + def discriminator(): + return None + + + attribute_map = { + 'pull_policy': 'pullPolicy', # noqa: E501 + 'reference': 'reference', # noqa: E501 + } + + read_only_vars = { + } + + _composed_schemas = {} + + @classmethod + @convert_js_args_to_python_args + def _from_openapi_data(cls, *args, **kwargs): # noqa: E501 + """ImageVolumeSource - a model defined in OpenAPI + + Keyword Args: + _check_type (bool): if True, values for parameters in openapi_types + will be type checked and a TypeError will be + raised if the wrong type is input. + Defaults to True + _path_to_item (tuple/list): This is a list of keys or values to + drill down to the model in received_data + when deserializing a response + _spec_property_naming (bool): True if the variable names in the input data + are serialized names, as specified in the OpenAPI document. + False if the variable names in the input data + are pythonic names, e.g. snake case (default) + _configuration (Configuration): the instance to use when + deserializing a file_type parameter. + If passed, type conversion is attempted + If omitted no type conversion is done. + _visited_composed_classes (tuple): This stores a tuple of + classes that we have traveled through so that + if we see that class again we will not use its + discriminator again. + When traveling through a discriminator, the + composed schema that is + is traveled through is added to this set. + For example if Animal has a discriminator + petType and we pass in "Dog", and the class Dog + allOf includes Animal, we move through Animal + once using the discriminator, and pick Dog. + Then in Dog, we will make an instance of the + Animal class but this time we won't travel + through its discriminator because we passed in + _visited_composed_classes = (Animal,) + pull_policy (str): Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.. [optional] # noqa: E501 + reference (str): Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.. [optional] # noqa: E501 + """ + + _check_type = kwargs.pop('_check_type', True) + _spec_property_naming = kwargs.pop('_spec_property_naming', False) + _path_to_item = kwargs.pop('_path_to_item', ()) + _configuration = kwargs.pop('_configuration', None) + _visited_composed_classes = kwargs.pop('_visited_composed_classes', ()) + + self = super(OpenApiModel, cls).__new__(cls) + + if args: + raise ApiTypeError( + "Invalid positional arguments=%s passed to %s. Remove those invalid positional arguments." % ( + args, + self.__class__.__name__, + ), + path_to_item=_path_to_item, + valid_classes=(self.__class__,), + ) + + self._data_store = {} + self._check_type = _check_type + self._spec_property_naming = _spec_property_naming + self._path_to_item = _path_to_item + self._configuration = _configuration + self._visited_composed_classes = _visited_composed_classes + (self.__class__,) + + for var_name, var_value in kwargs.items(): + if var_name not in self.attribute_map and \ + self._configuration is not None and \ + self._configuration.discard_unknown_keys and \ + self.additional_properties_type is None: + # discard variable. + continue + setattr(self, var_name, var_value) + return self + + required_properties = set([ + '_data_store', + '_check_type', + '_spec_property_naming', + '_path_to_item', + '_configuration', + '_visited_composed_classes', + ]) + + @convert_js_args_to_python_args + def __init__(self, *args, **kwargs): # noqa: E501 + """ImageVolumeSource - a model defined in OpenAPI + + Keyword Args: + _check_type (bool): if True, values for parameters in openapi_types + will be type checked and a TypeError will be + raised if the wrong type is input. + Defaults to True + _path_to_item (tuple/list): This is a list of keys or values to + drill down to the model in received_data + when deserializing a response + _spec_property_naming (bool): True if the variable names in the input data + are serialized names, as specified in the OpenAPI document. + False if the variable names in the input data + are pythonic names, e.g. snake case (default) + _configuration (Configuration): the instance to use when + deserializing a file_type parameter. + If passed, type conversion is attempted + If omitted no type conversion is done. + _visited_composed_classes (tuple): This stores a tuple of + classes that we have traveled through so that + if we see that class again we will not use its + discriminator again. + When traveling through a discriminator, the + composed schema that is + is traveled through is added to this set. + For example if Animal has a discriminator + petType and we pass in "Dog", and the class Dog + allOf includes Animal, we move through Animal + once using the discriminator, and pick Dog. + Then in Dog, we will make an instance of the + Animal class but this time we won't travel + through its discriminator because we passed in + _visited_composed_classes = (Animal,) + pull_policy (str): Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.. [optional] # noqa: E501 + reference (str): Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.. [optional] # noqa: E501 + """ + + _check_type = kwargs.pop('_check_type', True) + _spec_property_naming = kwargs.pop('_spec_property_naming', False) + _path_to_item = kwargs.pop('_path_to_item', ()) + _configuration = kwargs.pop('_configuration', None) + _visited_composed_classes = kwargs.pop('_visited_composed_classes', ()) + + if args: + raise ApiTypeError( + "Invalid positional arguments=%s passed to %s. Remove those invalid positional arguments." % ( + args, + self.__class__.__name__, + ), + path_to_item=_path_to_item, + valid_classes=(self.__class__,), + ) + + self._data_store = {} + self._check_type = _check_type + self._spec_property_naming = _spec_property_naming + self._path_to_item = _path_to_item + self._configuration = _configuration + self._visited_composed_classes = _visited_composed_classes + (self.__class__,) + + for var_name, var_value in kwargs.items(): + if var_name not in self.attribute_map and \ + self._configuration is not None and \ + self._configuration.discard_unknown_keys and \ + self.additional_properties_type is None: + # discard variable. + continue + setattr(self, var_name, var_value) + if var_name in self.read_only_vars: + raise ApiAttributeError(f"`{var_name}` is a read-only attribute. Use `from_openapi_data` to instantiate " + f"class with read only attributes.") diff --git a/sdks/python/client/argo_workflows/model/persistent_volume_claim_spec.py b/sdks/python/client/argo_workflows/model/persistent_volume_claim_spec.py index bf5b1ddd552c..67ce71a99eac 100644 --- a/sdks/python/client/argo_workflows/model/persistent_volume_claim_spec.py +++ b/sdks/python/client/argo_workflows/model/persistent_volume_claim_spec.py @@ -168,7 +168,7 @@ def _from_openapi_data(cls, *args, **kwargs): # noqa: E501 resources (VolumeResourceRequirements): [optional] # noqa: E501 selector (LabelSelector): [optional] # noqa: E501 storage_class_name (str): storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. [optional] # noqa: E501 - volume_attributes_class_name (str): volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.. [optional] # noqa: E501 + volume_attributes_class_name (str): volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).. [optional] # noqa: E501 volume_mode (str): volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.. [optional] # noqa: E501 volume_name (str): volumeName is the binding reference to the PersistentVolume backing this claim.. [optional] # noqa: E501 """ @@ -258,7 +258,7 @@ def __init__(self, *args, **kwargs): # noqa: E501 resources (VolumeResourceRequirements): [optional] # noqa: E501 selector (LabelSelector): [optional] # noqa: E501 storage_class_name (str): storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1. [optional] # noqa: E501 - volume_attributes_class_name (str): volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.. [optional] # noqa: E501 + volume_attributes_class_name (str): volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).. [optional] # noqa: E501 volume_mode (str): volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.. [optional] # noqa: E501 volume_name (str): volumeName is the binding reference to the PersistentVolume backing this claim.. [optional] # noqa: E501 """ diff --git a/sdks/python/client/argo_workflows/model/persistent_volume_claim_status.py b/sdks/python/client/argo_workflows/model/persistent_volume_claim_status.py index 152899752e18..173fdf65cd07 100644 --- a/sdks/python/client/argo_workflows/model/persistent_volume_claim_status.py +++ b/sdks/python/client/argo_workflows/model/persistent_volume_claim_status.py @@ -161,7 +161,7 @@ def _from_openapi_data(cls, *args, **kwargs): # noqa: E501 allocated_resources ({str: (str,)}): allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.. [optional] # noqa: E501 capacity ({str: (str,)}): capacity represents the actual resources of the underlying volume.. [optional] # noqa: E501 conditions ([PersistentVolumeClaimCondition]): conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'Resizing'.. [optional] # noqa: E501 - current_volume_attributes_class_name (str): currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is an alpha field and requires enabling VolumeAttributesClass feature.. [optional] # noqa: E501 + current_volume_attributes_class_name (str): currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is a beta field and requires enabling VolumeAttributesClass feature (off by default).. [optional] # noqa: E501 modify_volume_status (ModifyVolumeStatus): [optional] # noqa: E501 phase (str): phase represents the current phase of PersistentVolumeClaim.. [optional] # noqa: E501 """ @@ -250,7 +250,7 @@ def __init__(self, *args, **kwargs): # noqa: E501 allocated_resources ({str: (str,)}): allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.. [optional] # noqa: E501 capacity ({str: (str,)}): capacity represents the actual resources of the underlying volume.. [optional] # noqa: E501 conditions ([PersistentVolumeClaimCondition]): conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'Resizing'.. [optional] # noqa: E501 - current_volume_attributes_class_name (str): currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is an alpha field and requires enabling VolumeAttributesClass feature.. [optional] # noqa: E501 + current_volume_attributes_class_name (str): currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is a beta field and requires enabling VolumeAttributesClass feature (off by default).. [optional] # noqa: E501 modify_volume_status (ModifyVolumeStatus): [optional] # noqa: E501 phase (str): phase represents the current phase of PersistentVolumeClaim.. [optional] # noqa: E501 """ diff --git a/sdks/python/client/argo_workflows/model/pod_affinity_term.py b/sdks/python/client/argo_workflows/model/pod_affinity_term.py index d6aa55c312de..8a9bd02b118d 100644 --- a/sdks/python/client/argo_workflows/model/pod_affinity_term.py +++ b/sdks/python/client/argo_workflows/model/pod_affinity_term.py @@ -154,8 +154,8 @@ def _from_openapi_data(cls, topology_key, *args, **kwargs): # noqa: E501 through its discriminator because we passed in _visited_composed_classes = (Animal,) label_selector (LabelSelector): [optional] # noqa: E501 - match_label_keys ([str]): MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.. [optional] # noqa: E501 - mismatch_label_keys ([str]): MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.. [optional] # noqa: E501 + match_label_keys ([str]): MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).. [optional] # noqa: E501 + mismatch_label_keys ([str]): MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).. [optional] # noqa: E501 namespace_selector (LabelSelector): [optional] # noqa: E501 namespaces ([str]): namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".. [optional] # noqa: E501 """ @@ -244,8 +244,8 @@ def __init__(self, topology_key, *args, **kwargs): # noqa: E501 through its discriminator because we passed in _visited_composed_classes = (Animal,) label_selector (LabelSelector): [optional] # noqa: E501 - match_label_keys ([str]): MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.. [optional] # noqa: E501 - mismatch_label_keys ([str]): MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.. [optional] # noqa: E501 + match_label_keys ([str]): MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).. [optional] # noqa: E501 + mismatch_label_keys ([str]): MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).. [optional] # noqa: E501 namespace_selector (LabelSelector): [optional] # noqa: E501 namespaces ([str]): namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".. [optional] # noqa: E501 """ diff --git a/sdks/python/client/argo_workflows/model/pod_security_context.py b/sdks/python/client/argo_workflows/model/pod_security_context.py index 09315d5119aa..80e01c7d5309 100644 --- a/sdks/python/client/argo_workflows/model/pod_security_context.py +++ b/sdks/python/client/argo_workflows/model/pod_security_context.py @@ -104,6 +104,7 @@ def openapi_types(): 'se_linux_options': (SELinuxOptions,), # noqa: E501 'seccomp_profile': (SeccompProfile,), # noqa: E501 'supplemental_groups': ([int],), # noqa: E501 + 'supplemental_groups_policy': (str,), # noqa: E501 'sysctls': ([Sysctl],), # noqa: E501 'windows_options': (WindowsSecurityContextOptions,), # noqa: E501 } @@ -123,6 +124,7 @@ def discriminator(): 'se_linux_options': 'seLinuxOptions', # noqa: E501 'seccomp_profile': 'seccompProfile', # noqa: E501 'supplemental_groups': 'supplementalGroups', # noqa: E501 + 'supplemental_groups_policy': 'supplementalGroupsPolicy', # noqa: E501 'sysctls': 'sysctls', # noqa: E501 'windows_options': 'windowsOptions', # noqa: E501 } @@ -176,7 +178,8 @@ def _from_openapi_data(cls, *args, **kwargs): # noqa: E501 run_as_user (int): The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 se_linux_options (SELinuxOptions): [optional] # noqa: E501 seccomp_profile (SeccompProfile): [optional] # noqa: E501 - supplemental_groups ([int]): A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 + supplemental_groups ([int]): A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 + supplemental_groups_policy (str): Defines how supplemental groups of the first container processes are calculated. Valid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 sysctls ([Sysctl]): Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 windows_options (WindowsSecurityContextOptions): [optional] # noqa: E501 """ @@ -268,7 +271,8 @@ def __init__(self, *args, **kwargs): # noqa: E501 run_as_user (int): The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 se_linux_options (SELinuxOptions): [optional] # noqa: E501 seccomp_profile (SeccompProfile): [optional] # noqa: E501 - supplemental_groups ([int]): A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 + supplemental_groups ([int]): A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 + supplemental_groups_policy (str): Defines how supplemental groups of the first container processes are calculated. Valid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 sysctls ([Sysctl]): Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 windows_options (WindowsSecurityContextOptions): [optional] # noqa: E501 """ diff --git a/sdks/python/client/argo_workflows/model/projected_volume_source.py b/sdks/python/client/argo_workflows/model/projected_volume_source.py index 3a7b186faae1..b5d89fb0e558 100644 --- a/sdks/python/client/argo_workflows/model/projected_volume_source.py +++ b/sdks/python/client/argo_workflows/model/projected_volume_source.py @@ -143,7 +143,7 @@ def _from_openapi_data(cls, *args, **kwargs): # noqa: E501 through its discriminator because we passed in _visited_composed_classes = (Animal,) default_mode (int): defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.. [optional] # noqa: E501 - sources ([VolumeProjection]): sources is the list of volume projections. [optional] # noqa: E501 + sources ([VolumeProjection]): sources is the list of volume projections. Each entry in this list handles one source.. [optional] # noqa: E501 """ _check_type = kwargs.pop('_check_type', True) @@ -226,7 +226,7 @@ def __init__(self, *args, **kwargs): # noqa: E501 through its discriminator because we passed in _visited_composed_classes = (Animal,) default_mode (int): defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.. [optional] # noqa: E501 - sources ([VolumeProjection]): sources is the list of volume projections. [optional] # noqa: E501 + sources ([VolumeProjection]): sources is the list of volume projections. Each entry in this list handles one source.. [optional] # noqa: E501 """ _check_type = kwargs.pop('_check_type', True) diff --git a/sdks/python/client/argo_workflows/model/resource_claim.py b/sdks/python/client/argo_workflows/model/resource_claim.py index a5dadcfc748a..c695e5eae246 100644 --- a/sdks/python/client/argo_workflows/model/resource_claim.py +++ b/sdks/python/client/argo_workflows/model/resource_claim.py @@ -82,6 +82,7 @@ def openapi_types(): """ return { 'name': (str,), # noqa: E501 + 'request': (str,), # noqa: E501 } @cached_property @@ -91,6 +92,7 @@ def discriminator(): attribute_map = { 'name': 'name', # noqa: E501 + 'request': 'request', # noqa: E501 } read_only_vars = { @@ -137,6 +139,7 @@ def _from_openapi_data(cls, name, *args, **kwargs): # noqa: E501 Animal class but this time we won't travel through its discriminator because we passed in _visited_composed_classes = (Animal,) + request (str): Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.. [optional] # noqa: E501 """ _check_type = kwargs.pop('_check_type', True) @@ -222,6 +225,7 @@ def __init__(self, name, *args, **kwargs): # noqa: E501 Animal class but this time we won't travel through its discriminator because we passed in _visited_composed_classes = (Animal,) + request (str): Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.. [optional] # noqa: E501 """ _check_type = kwargs.pop('_check_type', True) diff --git a/sdks/python/client/argo_workflows/model/security_context.py b/sdks/python/client/argo_workflows/model/security_context.py index 767ea7fc66fa..423618466b36 100644 --- a/sdks/python/client/argo_workflows/model/security_context.py +++ b/sdks/python/client/argo_workflows/model/security_context.py @@ -174,7 +174,7 @@ def _from_openapi_data(cls, *args, **kwargs): # noqa: E501 app_armor_profile (AppArmorProfile): [optional] # noqa: E501 capabilities (Capabilities): [optional] # noqa: E501 privileged (bool): Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 - proc_mount (str): procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 + proc_mount (str): procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 read_only_root_filesystem (bool): Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 run_as_group (int): The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 run_as_non_root (bool): Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.. [optional] # noqa: E501 @@ -267,7 +267,7 @@ def __init__(self, *args, **kwargs): # noqa: E501 app_armor_profile (AppArmorProfile): [optional] # noqa: E501 capabilities (Capabilities): [optional] # noqa: E501 privileged (bool): Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 - proc_mount (str): procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 + proc_mount (str): procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 read_only_root_filesystem (bool): Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 run_as_group (int): The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.. [optional] # noqa: E501 run_as_non_root (bool): Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.. [optional] # noqa: E501 diff --git a/sdks/python/client/argo_workflows/model/volume.py b/sdks/python/client/argo_workflows/model/volume.py index 7f5f0c1a54e8..86983bcf3f5a 100644 --- a/sdks/python/client/argo_workflows/model/volume.py +++ b/sdks/python/client/argo_workflows/model/volume.py @@ -47,6 +47,7 @@ def lazy_import(): from argo_workflows.model.git_repo_volume_source import GitRepoVolumeSource from argo_workflows.model.glusterfs_volume_source import GlusterfsVolumeSource from argo_workflows.model.host_path_volume_source import HostPathVolumeSource + from argo_workflows.model.image_volume_source import ImageVolumeSource from argo_workflows.model.iscsi_volume_source import ISCSIVolumeSource from argo_workflows.model.nfs_volume_source import NFSVolumeSource from argo_workflows.model.persistent_volume_claim_volume_source import PersistentVolumeClaimVolumeSource @@ -77,6 +78,7 @@ def lazy_import(): globals()['GlusterfsVolumeSource'] = GlusterfsVolumeSource globals()['HostPathVolumeSource'] = HostPathVolumeSource globals()['ISCSIVolumeSource'] = ISCSIVolumeSource + globals()['ImageVolumeSource'] = ImageVolumeSource globals()['NFSVolumeSource'] = NFSVolumeSource globals()['PersistentVolumeClaimVolumeSource'] = PersistentVolumeClaimVolumeSource globals()['PhotonPersistentDiskVolumeSource'] = PhotonPersistentDiskVolumeSource @@ -161,6 +163,7 @@ def openapi_types(): 'git_repo': (GitRepoVolumeSource,), # noqa: E501 'glusterfs': (GlusterfsVolumeSource,), # noqa: E501 'host_path': (HostPathVolumeSource,), # noqa: E501 + 'image': (ImageVolumeSource,), # noqa: E501 'iscsi': (ISCSIVolumeSource,), # noqa: E501 'nfs': (NFSVolumeSource,), # noqa: E501 'persistent_volume_claim': (PersistentVolumeClaimVolumeSource,), # noqa: E501 @@ -199,6 +202,7 @@ def discriminator(): 'git_repo': 'gitRepo', # noqa: E501 'glusterfs': 'glusterfs', # noqa: E501 'host_path': 'hostPath', # noqa: E501 + 'image': 'image', # noqa: E501 'iscsi': 'iscsi', # noqa: E501 'nfs': 'nfs', # noqa: E501 'persistent_volume_claim': 'persistentVolumeClaim', # noqa: E501 @@ -274,6 +278,7 @@ def _from_openapi_data(cls, name, *args, **kwargs): # noqa: E501 git_repo (GitRepoVolumeSource): [optional] # noqa: E501 glusterfs (GlusterfsVolumeSource): [optional] # noqa: E501 host_path (HostPathVolumeSource): [optional] # noqa: E501 + image (ImageVolumeSource): [optional] # noqa: E501 iscsi (ISCSIVolumeSource): [optional] # noqa: E501 nfs (NFSVolumeSource): [optional] # noqa: E501 persistent_volume_claim (PersistentVolumeClaimVolumeSource): [optional] # noqa: E501 @@ -388,6 +393,7 @@ def __init__(self, name, *args, **kwargs): # noqa: E501 git_repo (GitRepoVolumeSource): [optional] # noqa: E501 glusterfs (GlusterfsVolumeSource): [optional] # noqa: E501 host_path (HostPathVolumeSource): [optional] # noqa: E501 + image (ImageVolumeSource): [optional] # noqa: E501 iscsi (ISCSIVolumeSource): [optional] # noqa: E501 nfs (NFSVolumeSource): [optional] # noqa: E501 persistent_volume_claim (PersistentVolumeClaimVolumeSource): [optional] # noqa: E501 diff --git a/sdks/python/client/argo_workflows/models/__init__.py b/sdks/python/client/argo_workflows/models/__init__.py index 75e1b8f38746..30b811071c23 100644 --- a/sdks/python/client/argo_workflows/models/__init__.py +++ b/sdks/python/client/argo_workflows/models/__init__.py @@ -59,6 +59,7 @@ from argo_workflows.model.host_alias import HostAlias from argo_workflows.model.host_path_volume_source import HostPathVolumeSource from argo_workflows.model.iscsi_volume_source import ISCSIVolumeSource +from argo_workflows.model.image_volume_source import ImageVolumeSource from argo_workflows.model.io_argoproj_events_v1alpha1_amqp_consume_config import IoArgoprojEventsV1alpha1AMQPConsumeConfig from argo_workflows.model.io_argoproj_events_v1alpha1_amqp_event_source import IoArgoprojEventsV1alpha1AMQPEventSource from argo_workflows.model.io_argoproj_events_v1alpha1_amqp_exchange_declare_config import IoArgoprojEventsV1alpha1AMQPExchangeDeclareConfig diff --git a/sdks/python/client/docs/ClusterWorkflowTemplateServiceApi.md b/sdks/python/client/docs/ClusterWorkflowTemplateServiceApi.md index f0d815b1073b..db872830d3d4 100644 --- a/sdks/python/client/docs/ClusterWorkflowTemplateServiceApi.md +++ b/sdks/python/client/docs/ClusterWorkflowTemplateServiceApi.md @@ -1078,6 +1078,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -1766,6 +1767,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -2064,6 +2066,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -3275,6 +3278,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -4461,6 +4465,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -4589,6 +4594,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -4794,6 +4800,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -5761,6 +5768,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -6577,6 +6588,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -6875,6 +6887,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -8086,6 +8099,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -9272,6 +9286,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -9400,6 +9415,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -9605,6 +9621,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -10572,6 +10589,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -11103,6 +11124,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -12585,6 +12610,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -13273,6 +13299,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -13571,6 +13598,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -14782,6 +14810,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -15968,6 +15997,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -16096,6 +16126,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -16301,6 +16332,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -17268,6 +17300,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -18084,6 +18120,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -18382,6 +18419,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -19593,6 +19631,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -20779,6 +20818,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -20907,6 +20947,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -21112,6 +21153,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -22079,6 +22121,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -22610,6 +22656,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -23998,6 +24048,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -24686,6 +24737,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -24984,6 +25036,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -26195,6 +26248,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -27381,6 +27435,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -27509,6 +27564,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -27714,6 +27770,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -28681,6 +28738,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -29497,6 +29558,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -29795,6 +29857,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -31006,6 +31069,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -32192,6 +32256,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -32320,6 +32385,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -32525,6 +32591,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -33492,6 +33559,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -34023,6 +34094,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, diff --git a/sdks/python/client/docs/CronWorkflowServiceApi.md b/sdks/python/client/docs/CronWorkflowServiceApi.md index 361bc77da1a1..68878eb2ae51 100644 --- a/sdks/python/client/docs/CronWorkflowServiceApi.md +++ b/sdks/python/client/docs/CronWorkflowServiceApi.md @@ -1138,6 +1138,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -1826,6 +1827,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -2124,6 +2126,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -3335,6 +3338,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -4521,6 +4525,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -4649,6 +4654,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -4854,6 +4860,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -5821,6 +5828,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -6637,6 +6648,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -6935,6 +6947,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -8146,6 +8159,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -9332,6 +9346,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -9460,6 +9475,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -9665,6 +9681,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -10632,6 +10649,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -11163,6 +11184,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -12727,6 +12752,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -13415,6 +13441,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -13713,6 +13740,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -14924,6 +14952,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -16110,6 +16139,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -16238,6 +16268,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -16443,6 +16474,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -17410,6 +17442,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -18226,6 +18262,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -18524,6 +18561,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -19735,6 +19773,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -20921,6 +20960,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -21049,6 +21089,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -21254,6 +21295,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -22221,6 +22263,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -22752,6 +22798,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -24403,6 +24453,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -25091,6 +25142,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -25389,6 +25441,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -26600,6 +26653,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -27786,6 +27840,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -27914,6 +27969,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -28119,6 +28175,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -29086,6 +29143,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -29902,6 +29963,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -30200,6 +30262,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -31411,6 +31474,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -32597,6 +32661,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -32725,6 +32790,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -32930,6 +32996,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -33897,6 +33964,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -34428,6 +34499,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, diff --git a/sdks/python/client/docs/EventSourceServiceApi.md b/sdks/python/client/docs/EventSourceServiceApi.md index fa522c0d0bb7..506885b4e48b 100644 --- a/sdks/python/client/docs/EventSourceServiceApi.md +++ b/sdks/python/client/docs/EventSourceServiceApi.md @@ -1935,6 +1935,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -2080,6 +2081,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -2323,6 +2325,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -4905,6 +4911,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -5050,6 +5057,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -5293,6 +5301,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, diff --git a/sdks/python/client/docs/ImageVolumeSource.md b/sdks/python/client/docs/ImageVolumeSource.md new file mode 100644 index 000000000000..c0a0e774b90c --- /dev/null +++ b/sdks/python/client/docs/ImageVolumeSource.md @@ -0,0 +1,14 @@ +# ImageVolumeSource + +ImageVolumeSource represents a image volume resource. + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**pull_policy** | **str** | Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. | [optional] +**reference** | **str** | Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. | [optional] +**any string name** | **bool, date, datetime, dict, float, int, list, str, none_type** | any string name can be used but the value must be the correct type | [optional] + +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + + diff --git a/sdks/python/client/docs/PersistentVolumeClaimSpec.md b/sdks/python/client/docs/PersistentVolumeClaimSpec.md index 12318842b292..849fd1b36e09 100644 --- a/sdks/python/client/docs/PersistentVolumeClaimSpec.md +++ b/sdks/python/client/docs/PersistentVolumeClaimSpec.md @@ -11,7 +11,7 @@ Name | Type | Description | Notes **resources** | [**VolumeResourceRequirements**](VolumeResourceRequirements.md) | | [optional] **selector** | [**LabelSelector**](LabelSelector.md) | | [optional] **storage_class_name** | **str** | storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 | [optional] -**volume_attributes_class_name** | **str** | volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. | [optional] +**volume_attributes_class_name** | **str** | volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). | [optional] **volume_mode** | **str** | volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. | [optional] **volume_name** | **str** | volumeName is the binding reference to the PersistentVolume backing this claim. | [optional] **any string name** | **bool, date, datetime, dict, float, int, list, str, none_type** | any string name can be used but the value must be the correct type | [optional] diff --git a/sdks/python/client/docs/PersistentVolumeClaimStatus.md b/sdks/python/client/docs/PersistentVolumeClaimStatus.md index f88c6ddb88e8..d44f987f6edc 100644 --- a/sdks/python/client/docs/PersistentVolumeClaimStatus.md +++ b/sdks/python/client/docs/PersistentVolumeClaimStatus.md @@ -10,7 +10,7 @@ Name | Type | Description | Notes **allocated_resources** | **{str: (str,)}** | allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. | [optional] **capacity** | **{str: (str,)}** | capacity represents the actual resources of the underlying volume. | [optional] **conditions** | [**[PersistentVolumeClaimCondition]**](PersistentVolumeClaimCondition.md) | conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'Resizing'. | [optional] -**current_volume_attributes_class_name** | **str** | currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is an alpha field and requires enabling VolumeAttributesClass feature. | [optional] +**current_volume_attributes_class_name** | **str** | currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is a beta field and requires enabling VolumeAttributesClass feature (off by default). | [optional] **modify_volume_status** | [**ModifyVolumeStatus**](ModifyVolumeStatus.md) | | [optional] **phase** | **str** | phase represents the current phase of PersistentVolumeClaim. | [optional] **any string name** | **bool, date, datetime, dict, float, int, list, str, none_type** | any string name can be used but the value must be the correct type | [optional] diff --git a/sdks/python/client/docs/PodAffinityTerm.md b/sdks/python/client/docs/PodAffinityTerm.md index 71f0c6ecb309..3127328bac46 100644 --- a/sdks/python/client/docs/PodAffinityTerm.md +++ b/sdks/python/client/docs/PodAffinityTerm.md @@ -7,8 +7,8 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **topology_key** | **str** | This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. | **label_selector** | [**LabelSelector**](LabelSelector.md) | | [optional] -**match_label_keys** | **[str]** | MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. | [optional] -**mismatch_label_keys** | **[str]** | MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. | [optional] +**match_label_keys** | **[str]** | MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | [optional] +**mismatch_label_keys** | **[str]** | MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | [optional] **namespace_selector** | [**LabelSelector**](LabelSelector.md) | | [optional] **namespaces** | **[str]** | namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\". | [optional] **any string name** | **bool, date, datetime, dict, float, int, list, str, none_type** | any string name can be used but the value must be the correct type | [optional] diff --git a/sdks/python/client/docs/PodSecurityContext.md b/sdks/python/client/docs/PodSecurityContext.md index ec2eef1e604c..90a6238d30bf 100644 --- a/sdks/python/client/docs/PodSecurityContext.md +++ b/sdks/python/client/docs/PodSecurityContext.md @@ -13,7 +13,8 @@ Name | Type | Description | Notes **run_as_user** | **int** | The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. | [optional] **se_linux_options** | [**SELinuxOptions**](SELinuxOptions.md) | | [optional] **seccomp_profile** | [**SeccompProfile**](SeccompProfile.md) | | [optional] -**supplemental_groups** | **[int]** | A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows. | [optional] +**supplemental_groups** | **[int]** | A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows. | [optional] +**supplemental_groups_policy** | **str** | Defines how supplemental groups of the first container processes are calculated. Valid values are \"Merge\" and \"Strict\". If not specified, \"Merge\" is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows. | [optional] **sysctls** | [**[Sysctl]**](Sysctl.md) | Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. | [optional] **windows_options** | [**WindowsSecurityContextOptions**](WindowsSecurityContextOptions.md) | | [optional] **any string name** | **bool, date, datetime, dict, float, int, list, str, none_type** | any string name can be used but the value must be the correct type | [optional] diff --git a/sdks/python/client/docs/ProjectedVolumeSource.md b/sdks/python/client/docs/ProjectedVolumeSource.md index 885e63456b66..bd62a9ce1914 100644 --- a/sdks/python/client/docs/ProjectedVolumeSource.md +++ b/sdks/python/client/docs/ProjectedVolumeSource.md @@ -6,7 +6,7 @@ Represents a projected volume source Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **default_mode** | **int** | defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. | [optional] -**sources** | [**[VolumeProjection]**](VolumeProjection.md) | sources is the list of volume projections | [optional] +**sources** | [**[VolumeProjection]**](VolumeProjection.md) | sources is the list of volume projections. Each entry in this list handles one source. | [optional] **any string name** | **bool, date, datetime, dict, float, int, list, str, none_type** | any string name can be used but the value must be the correct type | [optional] [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) diff --git a/sdks/python/client/docs/ResourceClaim.md b/sdks/python/client/docs/ResourceClaim.md index 6bc50fcf05db..c1bd0014c2f4 100644 --- a/sdks/python/client/docs/ResourceClaim.md +++ b/sdks/python/client/docs/ResourceClaim.md @@ -6,6 +6,7 @@ ResourceClaim references one entry in PodSpec.ResourceClaims. Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **name** | **str** | Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. | +**request** | **str** | Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request. | [optional] **any string name** | **bool, date, datetime, dict, float, int, list, str, none_type** | any string name can be used but the value must be the correct type | [optional] [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) diff --git a/sdks/python/client/docs/SecurityContext.md b/sdks/python/client/docs/SecurityContext.md index 2fbe87da9e26..15fb56c82e46 100644 --- a/sdks/python/client/docs/SecurityContext.md +++ b/sdks/python/client/docs/SecurityContext.md @@ -9,7 +9,7 @@ Name | Type | Description | Notes **app_armor_profile** | [**AppArmorProfile**](AppArmorProfile.md) | | [optional] **capabilities** | [**Capabilities**](Capabilities.md) | | [optional] **privileged** | **bool** | Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. | [optional] -**proc_mount** | **str** | procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. | [optional] +**proc_mount** | **str** | procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. | [optional] **read_only_root_filesystem** | **bool** | Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. | [optional] **run_as_group** | **int** | The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. | [optional] **run_as_non_root** | **bool** | Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. | [optional] diff --git a/sdks/python/client/docs/SensorServiceApi.md b/sdks/python/client/docs/SensorServiceApi.md index 069c99c5f3b4..97dac8d12d00 100644 --- a/sdks/python/client/docs/SensorServiceApi.md +++ b/sdks/python/client/docs/SensorServiceApi.md @@ -585,6 +585,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -730,6 +731,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -973,6 +975,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -3070,6 +3076,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -3215,6 +3222,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -3458,6 +3466,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, diff --git a/sdks/python/client/docs/Volume.md b/sdks/python/client/docs/Volume.md index e2e0e30b6cbb..1781b76e9d12 100644 --- a/sdks/python/client/docs/Volume.md +++ b/sdks/python/client/docs/Volume.md @@ -23,6 +23,7 @@ Name | Type | Description | Notes **git_repo** | [**GitRepoVolumeSource**](GitRepoVolumeSource.md) | | [optional] **glusterfs** | [**GlusterfsVolumeSource**](GlusterfsVolumeSource.md) | | [optional] **host_path** | [**HostPathVolumeSource**](HostPathVolumeSource.md) | | [optional] +**image** | [**ImageVolumeSource**](ImageVolumeSource.md) | | [optional] **iscsi** | [**ISCSIVolumeSource**](ISCSIVolumeSource.md) | | [optional] **nfs** | [**NFSVolumeSource**](NFSVolumeSource.md) | | [optional] **persistent_volume_claim** | [**PersistentVolumeClaimVolumeSource**](PersistentVolumeClaimVolumeSource.md) | | [optional] diff --git a/sdks/python/client/docs/VolumeProjection.md b/sdks/python/client/docs/VolumeProjection.md index e88c1e4d8082..783ecfd6c859 100644 --- a/sdks/python/client/docs/VolumeProjection.md +++ b/sdks/python/client/docs/VolumeProjection.md @@ -1,6 +1,6 @@ # VolumeProjection -Projection that may be projected along with other supported volume types +Projection that may be projected along with other supported volume types. Exactly one of these fields must be set. ## Properties Name | Type | Description | Notes diff --git a/sdks/python/client/docs/WorkflowServiceApi.md b/sdks/python/client/docs/WorkflowServiceApi.md index 5065bd3ce070..ba9854fefa63 100644 --- a/sdks/python/client/docs/WorkflowServiceApi.md +++ b/sdks/python/client/docs/WorkflowServiceApi.md @@ -1093,6 +1093,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -1781,6 +1782,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -2079,6 +2081,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -3290,6 +3293,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -4476,6 +4480,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -4604,6 +4609,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -4809,6 +4815,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -5776,6 +5783,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -6592,6 +6603,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -6890,6 +6902,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -8101,6 +8114,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -9287,6 +9301,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -9415,6 +9430,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -9620,6 +9636,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -10587,6 +10604,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -11118,6 +11139,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -12572,6 +12597,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -13393,6 +13422,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -13691,6 +13721,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -14902,6 +14933,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -16088,6 +16120,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -16216,6 +16249,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -16421,6 +16455,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -17388,6 +17423,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -18537,6 +18576,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -19225,6 +19265,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -19523,6 +19564,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -20734,6 +20776,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -21920,6 +21963,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -22048,6 +22092,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -22253,6 +22298,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -23220,6 +23266,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -24036,6 +24086,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -24334,6 +24385,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -25545,6 +25597,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -26731,6 +26784,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -26859,6 +26913,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -27064,6 +27119,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -28031,6 +28087,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -28562,6 +28622,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -30086,6 +30150,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -30774,6 +30839,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -31072,6 +31138,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -32283,6 +32350,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -33469,6 +33537,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -33597,6 +33666,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -33802,6 +33872,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -34769,6 +34840,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -35585,6 +35660,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -35883,6 +35959,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -37094,6 +37171,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -38280,6 +38358,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -38408,6 +38487,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -38613,6 +38693,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -39580,6 +39661,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -40111,6 +40196,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -41565,6 +41654,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -42386,6 +42479,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -42684,6 +42778,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -43895,6 +43990,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -45081,6 +45177,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -45209,6 +45306,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -45414,6 +45512,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -46381,6 +46480,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -47530,6 +47633,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -48218,6 +48322,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -48516,6 +48621,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -49727,6 +49833,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -50913,6 +51020,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -51041,6 +51149,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -51246,6 +51355,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -52213,6 +52323,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -53029,6 +53143,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -53327,6 +53442,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -54538,6 +54654,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -55724,6 +55841,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -55852,6 +55970,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -56057,6 +56176,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -57024,6 +57144,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -57555,6 +57679,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, diff --git a/sdks/python/client/docs/WorkflowTemplateServiceApi.md b/sdks/python/client/docs/WorkflowTemplateServiceApi.md index 2319839824d7..f7e724357cd6 100644 --- a/sdks/python/client/docs/WorkflowTemplateServiceApi.md +++ b/sdks/python/client/docs/WorkflowTemplateServiceApi.md @@ -1080,6 +1080,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -1768,6 +1769,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -2066,6 +2068,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -3277,6 +3280,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -4463,6 +4467,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -4591,6 +4596,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -4796,6 +4802,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -5763,6 +5770,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -6579,6 +6590,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -6877,6 +6889,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -8088,6 +8101,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -9274,6 +9288,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -9402,6 +9417,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -9607,6 +9623,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -10574,6 +10591,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -11105,6 +11126,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -12594,6 +12619,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -13282,6 +13308,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -13580,6 +13607,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -14791,6 +14819,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -15977,6 +16006,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -16105,6 +16135,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -16310,6 +16341,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -17277,6 +17309,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -18093,6 +18129,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -18391,6 +18428,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -19602,6 +19640,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -20788,6 +20827,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -20916,6 +20956,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -21121,6 +21162,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -22088,6 +22130,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -22619,6 +22665,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -24021,6 +24071,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -24709,6 +24760,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -25007,6 +25059,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -26218,6 +26271,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -27404,6 +27458,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -27532,6 +27587,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -27737,6 +27793,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -28704,6 +28761,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -29520,6 +29581,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -29818,6 +29880,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -31029,6 +31092,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -32215,6 +32279,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -32343,6 +32408,7 @@ with argo_workflows.ApiClient(configuration) as api_client: supplemental_groups=[ 1, ], + supplemental_groups_policy="supplemental_groups_policy_example", sysctls=[ Sysctl( name="name_example", @@ -32548,6 +32614,7 @@ with argo_workflows.ApiClient(configuration) as api_client: claims=[ ResourceClaim( name="name_example", + request="request_example", ), ], limits={ @@ -33515,6 +33582,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, @@ -34046,6 +34117,10 @@ with argo_workflows.ApiClient(configuration) as api_client: path="path_example", type="type_example", ), + image=ImageVolumeSource( + pull_policy="pull_policy_example", + reference="reference_example", + ), iscsi=ISCSIVolumeSource( chap_auth_discovery=True, chap_auth_session=True, diff --git a/util/telemetry/exporter_prometheus.go b/util/telemetry/exporter_prometheus.go index 1ed45a90c91e..43d0b8437730 100644 --- a/util/telemetry/exporter_prometheus.go +++ b/util/telemetry/exporter_prometheus.go @@ -57,7 +57,7 @@ func (m *Metrics) RunPrometheusServer(ctx context.Context, isDummy bool) { if !m.config.Enabled { return } - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) + defer runtimeutil.HandleCrashWithContext(ctx, runtimeutil.PanicHandlers...) name := "" mux := http.NewServeMux() diff --git a/workflow/controller/controller.go b/workflow/controller/controller.go index ccce9cd43107..977c27af74fb 100644 --- a/workflow/controller/controller.go +++ b/workflow/controller/controller.go @@ -126,9 +126,9 @@ type WorkflowController struct { cwftmplInformer wfextvv1alpha1.ClusterWorkflowTemplateInformer podInformer cache.SharedIndexInformer configMapInformer cache.SharedIndexInformer - wfQueue workqueue.RateLimitingInterface - podCleanupQueue workqueue.RateLimitingInterface // pods to be deleted or labelled depend on GC strategy - wfArchiveQueue workqueue.RateLimitingInterface + wfQueue workqueue.TypedRateLimitingInterface[string] + podCleanupQueue workqueue.TypedRateLimitingInterface[string] // pods to be deleted or labelled depend on GC strategy + wfArchiveQueue workqueue.TypedRateLimitingInterface[string] throttler sync.Throttler workflowKeyLock syncpkg.KeyLock // used to lock workflows for exclusive modification or access session db.Session @@ -235,8 +235,8 @@ func NewWorkflowController(ctx context.Context, restConfig *rest.Config, kubecli workqueue.SetProvider(wfc.metrics) // must execute SetProvider before we create the queues wfc.wfQueue = wfc.metrics.RateLimiterWithBusyWorkers(ctx, &fixedItemIntervalRateLimiter{}, "workflow_queue") wfc.throttler = wfc.newThrottler() - wfc.podCleanupQueue = wfc.metrics.RateLimiterWithBusyWorkers(ctx, workqueue.DefaultControllerRateLimiter(), "pod_cleanup_queue") - wfc.wfArchiveQueue = wfc.metrics.RateLimiterWithBusyWorkers(ctx, workqueue.DefaultControllerRateLimiter(), "workflow_archive_queue") + wfc.podCleanupQueue = wfc.metrics.RateLimiterWithBusyWorkers(ctx, workqueue.DefaultTypedControllerRateLimiter[string](), "pod_cleanup_queue") + wfc.wfArchiveQueue = wfc.metrics.RateLimiterWithBusyWorkers(ctx, workqueue.DefaultTypedControllerRateLimiter[string](), "workflow_archive_queue") return &wfc, nil } @@ -251,7 +251,7 @@ func (wfc *WorkflowController) newThrottler() sync.Throttler { // runGCcontroller runs the workflow garbage collector controller func (wfc *WorkflowController) runGCcontroller(ctx context.Context, workflowTTLWorkers int) { - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) + defer runtimeutil.HandleCrashWithContext(ctx, runtimeutil.PanicHandlers...) gcCtrl := gccontroller.NewController(ctx, wfc.wfclientset, wfc.wfInformer, wfc.metrics, wfc.Config.RetentionPolicy) err := gcCtrl.Run(ctx.Done(), workflowTTLWorkers) @@ -261,7 +261,7 @@ func (wfc *WorkflowController) runGCcontroller(ctx context.Context, workflowTTLW } func (wfc *WorkflowController) runCronController(ctx context.Context, cronWorkflowWorkers int) { - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) + defer runtimeutil.HandleCrashWithContext(ctx, runtimeutil.PanicHandlers...) cronController := cron.NewCronController(ctx, wfc.wfclientset, wfc.dynamicInterface, wfc.namespace, wfc.GetManagedNamespace(), wfc.Config.InstanceID, wfc.metrics, wfc.eventRecorderManager, cronWorkflowWorkers, wfc.wftmplInformer, wfc.cwftmplInformer) cronController.Run(ctx) @@ -280,7 +280,7 @@ var indexers = cache.Indexers{ // Run starts a Workflow resource controller func (wfc *WorkflowController) Run(ctx context.Context, wfWorkers, workflowTTLWorkers, podCleanupWorkers, cronWorkflowWorkers, wfArchiveWorkers int) { - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) + defer runtimeutil.HandleCrashWithContext(ctx, runtimeutil.PanicHandlers...) // init DB after leader election (if enabled) if err := wfc.initDB(); err != nil { @@ -326,7 +326,7 @@ func (wfc *WorkflowController) Run(ctx context.Context, wfWorkers, workflowTTLWo } if os.Getenv("WATCH_CONTROLLER_SEMAPHORE_CONFIGMAPS") != "false" { - go wfc.runConfigMapWatcher(ctx.Done()) + go wfc.runConfigMapWatcher(ctx) } go wfc.wfInformer.Run(ctx.Done()) @@ -355,19 +355,19 @@ func (wfc *WorkflowController) Run(ctx context.Context, wfWorkers, workflowTTLWo for i := 0; i < podCleanupWorkers; i++ { go wait.UntilWithContext(ctx, wfc.runPodCleanup, time.Second) } - go wfc.workflowGarbageCollector(ctx.Done()) - go wfc.archivedWorkflowGarbageCollector(ctx.Done()) + go wfc.workflowGarbageCollector(ctx) + go wfc.archivedWorkflowGarbageCollector(ctx) go wfc.runGCcontroller(ctx, workflowTTLWorkers) go wfc.runCronController(ctx, cronWorkflowWorkers) - go wait.Until(wfc.syncManager.CheckWorkflowExistence, workflowExistenceCheckPeriod, ctx.Done()) + go wait.UntilWithContext(ctx, wfc.syncManager.CheckWorkflowExistence, workflowExistenceCheckPeriod) for i := 0; i < wfWorkers; i++ { - go wait.Until(wfc.runWorker, time.Second, ctx.Done()) + go wait.UntilWithContext(ctx, wfc.runWorker, time.Second) } for i := 0; i < wfArchiveWorkers; i++ { - go wait.Until(wfc.runArchiveWorker, time.Second, ctx.Done()) + go wait.UntilWithContext(ctx, wfc.runArchiveWorker, time.Second) } if cacheGCPeriod != 0 { go wait.JitterUntilWithContext(ctx, wfc.syncAllCacheForGC, cacheGCPeriod, 0.0, true) @@ -436,10 +436,9 @@ func (wfc *WorkflowController) initManagers(ctx context.Context) error { return nil } -func (wfc *WorkflowController) runConfigMapWatcher(stopCh <-chan struct{}) { - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) +func (wfc *WorkflowController) runConfigMapWatcher(ctx context.Context) { + defer runtimeutil.HandleCrashWithContext(ctx, runtimeutil.PanicHandlers...) - ctx := context.Background() retryWatcher, err := apiwatch.NewRetryWatcher("1", &cache.ListWatch{ WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) { return wfc.kubeclientset.CoreV1().ConfigMaps(wfc.managedNamespace).Watch(ctx, metav1.ListOptions{}) @@ -464,7 +463,7 @@ func (wfc *WorkflowController) runConfigMapWatcher(stopCh <-chan struct{}) { wfc.UpdateConfig(ctx) } wfc.notifySemaphoreConfigUpdate(cm) - case <-stopCh: + case <-ctx.Done(): return } } @@ -601,7 +600,7 @@ func (wfc *WorkflowController) processNextPodCleanupItem(ctx context.Context) bo wfc.podCleanupQueue.Done(key) }() - namespace, podName, action := parsePodCleanupKey(key.(podCleanupKey)) + namespace, podName, action := parsePodCleanupKey(podCleanupKey(key)) logCtx := log.WithFields(log.Fields{"key": key, "action": action}) logCtx.Info("cleaning up pod") err := func() error { @@ -688,15 +687,15 @@ func (wfc *WorkflowController) signalContainers(ctx context.Context, namespace s return time.Duration(*pod.Spec.TerminationGracePeriodSeconds) * time.Second, nil } -func (wfc *WorkflowController) workflowGarbageCollector(stopCh <-chan struct{}) { - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) +func (wfc *WorkflowController) workflowGarbageCollector(ctx context.Context) { + defer runtimeutil.HandleCrashWithContext(ctx, runtimeutil.PanicHandlers...) periodicity := env.LookupEnvDurationOr("WORKFLOW_GC_PERIOD", 5*time.Minute) log.WithField("periodicity", periodicity).Info("Performing periodic GC") ticker := time.NewTicker(periodicity) for { select { - case <-stopCh: + case <-ctx.Done(): ticker.Stop() return case <-ticker.C: @@ -773,8 +772,8 @@ func (wfc *WorkflowController) deleteOffloadedNodesForWorkflow(uid string, versi return nil } -func (wfc *WorkflowController) archivedWorkflowGarbageCollector(stopCh <-chan struct{}) { - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) +func (wfc *WorkflowController) archivedWorkflowGarbageCollector(ctx context.Context) { + defer runtimeutil.HandleCrashWithContext(ctx, runtimeutil.PanicHandlers...) periodicity := env.LookupEnvDurationOr("ARCHIVED_WORKFLOW_GC_PERIOD", 24*time.Hour) if wfc.Config.Persistence == nil { @@ -795,7 +794,7 @@ func (wfc *WorkflowController) archivedWorkflowGarbageCollector(stopCh <-chan st defer ticker.Stop() for { select { - case <-stopCh: + case <-ctx.Done(): return case <-ticker.C: log.Info("Performing archived workflow GC") @@ -807,18 +806,16 @@ func (wfc *WorkflowController) archivedWorkflowGarbageCollector(stopCh <-chan st } } -func (wfc *WorkflowController) runWorker() { - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) +func (wfc *WorkflowController) runWorker(ctx context.Context) { + defer runtimeutil.HandleCrashWithContext(ctx, runtimeutil.PanicHandlers...) - ctx := context.Background() for wfc.processNextItem(ctx) { } } -func (wfc *WorkflowController) runArchiveWorker() { - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) +func (wfc *WorkflowController) runArchiveWorker(ctx context.Context) { + defer runtimeutil.HandleCrashWithContext(ctx, runtimeutil.PanicHandlers...) - ctx := context.Background() for wfc.processNextArchiveItem(ctx) { } } @@ -831,10 +828,10 @@ func (wfc *WorkflowController) processNextItem(ctx context.Context) bool { } defer wfc.wfQueue.Done(key) - wfc.workflowKeyLock.Lock(key.(string)) - defer wfc.workflowKeyLock.Unlock(key.(string)) + wfc.workflowKeyLock.Lock(key) + defer wfc.workflowKeyLock.Unlock(key) - obj, ok := wfc.getWorkflowByKey(key.(string)) + obj, ok := wfc.getWorkflowByKey(key) if !ok { return true } @@ -871,7 +868,7 @@ func (wfc *WorkflowController) processNextItem(ctx context.Context) bool { woc := newWorkflowOperationCtx(wf, wfc) - if !(woc.GetShutdownStrategy().Enabled() && woc.GetShutdownStrategy() == wfv1.ShutdownStrategyTerminate) && !wfc.throttler.Admit(key.(string)) { + if !(woc.GetShutdownStrategy().Enabled() && woc.GetShutdownStrategy() == wfv1.ShutdownStrategyTerminate) && !wfc.throttler.Admit(key) { log.WithField("key", key).Info("Workflow processing has been postponed due to max parallelism limit") if woc.wf.Status.Phase == wfv1.WorkflowUnknown { woc.markWorkflowPhase(ctx, wfv1.WorkflowPending, "Workflow processing has been postponed because too many workflows are already running") @@ -884,7 +881,7 @@ func (wfc *WorkflowController) processNextItem(ctx context.Context) bool { defer func() { // must be done with woc if !reconciliationNeeded(woc.wf) { - wfc.throttler.Remove(key.(string)) + wfc.throttler.Remove(key) } }() @@ -914,7 +911,7 @@ func (wfc *WorkflowController) processNextArchiveItem(ctx context.Context) bool } defer wfc.wfArchiveQueue.Done(key) - obj, exists, err := wfc.wfInformer.GetIndexer().GetByKey(key.(string)) + obj, exists, err := wfc.wfInformer.GetIndexer().GetByKey(key) if err != nil { log.WithFields(log.Fields{"key": key, "error": err}).Error("Failed to get workflow from informer") return true diff --git a/workflow/controller/controller_test.go b/workflow/controller/controller_test.go index c7746f4b15fe..d9756765b858 100644 --- a/workflow/controller/controller_test.go +++ b/workflow/controller/controller_test.go @@ -312,9 +312,9 @@ func newController(options ...interface{}) (context.CancelFunc, *WorkflowControl { wfc.metrics, testExporter, _ = metrics.CreateDefaultTestMetrics() wfc.entrypoint = entrypoint.New(kube, wfc.Config.Images) - wfc.wfQueue = workqueue.NewRateLimitingQueue(workqueue.DefaultControllerRateLimiter()) + wfc.wfQueue = workqueue.NewTypedRateLimitingQueue(workqueue.DefaultTypedControllerRateLimiter[string]()) wfc.throttler = wfc.newThrottler() - wfc.podCleanupQueue = workqueue.NewRateLimitingQueue(workqueue.DefaultControllerRateLimiter()) + wfc.podCleanupQueue = workqueue.NewTypedRateLimitingQueue(workqueue.DefaultTypedControllerRateLimiter[string]()) wfc.rateLimiter = wfc.newRateLimiter() } @@ -755,7 +755,7 @@ func TestWorkflowController_archivedWorkflowGarbageCollector(t *testing.T) { cancel, controller := newController() defer cancel() - controller.archivedWorkflowGarbageCollector(make(chan struct{})) + controller.archivedWorkflowGarbageCollector(context.Background()) } const wfWithTmplRef = ` diff --git a/workflow/controller/rate_limiters.go b/workflow/controller/rate_limiters.go index 504bfb5e6117..eb7ad3f65c0b 100644 --- a/workflow/controller/rate_limiters.go +++ b/workflow/controller/rate_limiters.go @@ -22,14 +22,14 @@ func GetRequeueTime() time.Duration { type fixedItemIntervalRateLimiter struct{} -func (r *fixedItemIntervalRateLimiter) When(interface{}) time.Duration { +func (r *fixedItemIntervalRateLimiter) When(string) time.Duration { return GetRequeueTime() } -func (r *fixedItemIntervalRateLimiter) Forget(interface{}) {} +func (r *fixedItemIntervalRateLimiter) Forget(string) {} -func (r *fixedItemIntervalRateLimiter) NumRequeues(interface{}) int { +func (r *fixedItemIntervalRateLimiter) NumRequeues(string) int { return 1 } -var _ workqueue.RateLimiter = &fixedItemIntervalRateLimiter{} +var _ workqueue.TypedRateLimiter[string] = &fixedItemIntervalRateLimiter{} diff --git a/workflow/cron/controller.go b/workflow/cron/controller.go index 106bc33e588d..fdc454bb640e 100644 --- a/workflow/cron/controller.go +++ b/workflow/cron/controller.go @@ -48,7 +48,7 @@ type Controller struct { cronWfInformer informers.GenericInformer wftmplInformer wfextvv1alpha1.WorkflowTemplateInformer cwftmplInformer wfextvv1alpha1.ClusterWorkflowTemplateInformer - cronWfQueue workqueue.RateLimitingInterface + cronWfQueue workqueue.TypedRateLimitingInterface[string] dynamicInterface dynamic.Interface metrics *metrics.Metrics eventRecorderManager events.EventRecorderManager @@ -82,7 +82,7 @@ func NewCronController(ctx context.Context, wfclientset versioned.Interface, dyn cron: newCronFacade(), keyLock: sync.NewKeyLock(), dynamicInterface: dynamicInterface, - cronWfQueue: metrics.RateLimiterWithBusyWorkers(ctx, workqueue.DefaultControllerRateLimiter(), "cron_wf_queue"), + cronWfQueue: metrics.RateLimiterWithBusyWorkers(ctx, workqueue.DefaultTypedControllerRateLimiter[string](), "cron_wf_queue"), metrics: metrics, eventRecorderManager: eventRecorderManager, wftmplInformer: wftmplInformer, @@ -92,7 +92,7 @@ func NewCronController(ctx context.Context, wfclientset versioned.Interface, dyn } func (cc *Controller) Run(ctx context.Context) { - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) + defer runtimeutil.HandleCrashWithContext(ctx, runtimeutil.PanicHandlers...) defer cc.cronWfQueue.ShutDown() log.Infof("Starting CronWorkflow controller") if cc.instanceId != "" { @@ -136,7 +136,7 @@ func (cc *Controller) runCronWorker() { } func (cc *Controller) processNextCronItem(ctx context.Context) bool { - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) + defer runtimeutil.HandleCrashWithContext(ctx, runtimeutil.PanicHandlers...) key, quit := cc.cronWfQueue.Get() if quit { @@ -144,20 +144,20 @@ func (cc *Controller) processNextCronItem(ctx context.Context) bool { } defer cc.cronWfQueue.Done(key) - cc.keyLock.Lock(key.(string)) - defer cc.keyLock.Unlock(key.(string)) + cc.keyLock.Lock(key) + defer cc.keyLock.Unlock(key) logCtx := log.WithField("cronWorkflow", key) logCtx.Infof("Processing %s", key) - obj, exists, err := cc.cronWfInformer.Informer().GetIndexer().GetByKey(key.(string)) + obj, exists, err := cc.cronWfInformer.Informer().GetIndexer().GetByKey(key) if err != nil { logCtx.WithError(err).Error(fmt.Sprintf("Failed to get CronWorkflow '%s' from informer index", key)) return true } if !exists { logCtx.Infof("Deleting '%s'", key) - cc.cron.Delete(key.(string)) + cc.cron.Delete(key) return true } @@ -193,10 +193,10 @@ func (cc *Controller) processNextCronItem(ctx context.Context) bool { } // The job is currently scheduled, remove it and re add it. - cc.cron.Delete(key.(string)) + cc.cron.Delete(key) for _, schedule := range cronWf.Spec.GetSchedulesWithTimezone(ctx) { - lastScheduledTimeFunc, err := cc.cron.AddJob(key.(string), schedule, cronWorkflowOperationCtx) + lastScheduledTimeFunc, err := cc.cron.AddJob(key, schedule, cronWorkflowOperationCtx) if err != nil { logCtx.WithError(err).Error("could not schedule CronWorkflow") return true @@ -204,7 +204,7 @@ func (cc *Controller) processNextCronItem(ctx context.Context) bool { cronWorkflowOperationCtx.scheduledTimeFunc = lastScheduledTimeFunc } - logCtx.Infof("CronWorkflow %s added", key.(string)) + logCtx.Infof("CronWorkflow %s added", key) return true } @@ -256,7 +256,7 @@ func isCompleted(wf v1.Object) bool { } func (cc *Controller) syncAll(ctx context.Context) { - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) + defer runtimeutil.HandleCrashWithContext(ctx, runtimeutil.PanicHandlers...) log.Debug("Syncing all CronWorkflows") diff --git a/workflow/executor/agent.go b/workflow/executor/agent.go index d016069fd5a1..18ca1b7a2641 100644 --- a/workflow/executor/agent.go +++ b/workflow/executor/agent.go @@ -74,7 +74,7 @@ type response struct { } func (ae *AgentExecutor) Agent(ctx context.Context) error { - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) + defer runtimeutil.HandleCrashWithContext(ctx, runtimeutil.PanicHandlers...) taskWorkers := env.LookupEnvIntOr(common.EnvAgentTaskWorkers, 16) requeueTime := env.LookupEnvDurationOr(common.EnvAgentPatchRate, 10*time.Second) diff --git a/workflow/gccontroller/gc_controller.go b/workflow/gccontroller/gc_controller.go index 6e56ad279f09..9372a73d2aaa 100644 --- a/workflow/gccontroller/gc_controller.go +++ b/workflow/gccontroller/gc_controller.go @@ -31,7 +31,7 @@ var ticker *time.Ticker = time.NewTicker(50 * time.Millisecond) type Controller struct { wfclientset wfclientset.Interface wfInformer cache.SharedIndexInformer - workqueue workqueue.DelayingInterface + workqueue workqueue.TypedDelayingInterface[string] clock clock.WithTickerAndDelayedExecution metrics *metrics.Metrics orderedQueueLock sync.Mutex @@ -49,7 +49,7 @@ func NewController(ctx context.Context, wfClientset wfclientset.Interface, wfInf controller := &Controller{ wfclientset: wfClientset, wfInformer: wfInformer, - workqueue: metrics.RateLimiterWithBusyWorkers(ctx, workqueue.DefaultControllerRateLimiter(), "workflow_ttl_queue"), + workqueue: metrics.RateLimiterWithBusyWorkers(ctx, workqueue.DefaultTypedControllerRateLimiter[string](), "workflow_ttl_queue"), clock: clock.RealClock{}, metrics: metrics, orderedQueue: orderedQueue, @@ -79,10 +79,10 @@ func NewController(ctx context.Context, wfClientset wfclientset.Interface, wfInf }, Handler: cache.ResourceEventHandlerFuncs{ UpdateFunc: func(old, new interface{}) { - controller.retentionEnqueue(new) + controller.retentionEnqueue(ctx, new) }, AddFunc: func(obj interface{}) { - controller.retentionEnqueue(obj) + controller.retentionEnqueue(ctx, obj) }, }, }) @@ -92,7 +92,7 @@ func NewController(ctx context.Context, wfClientset wfclientset.Interface, wfInf return controller } -func (c *Controller) retentionEnqueue(obj interface{}) { +func (c *Controller) retentionEnqueue(ctx context.Context, obj interface{}) { // No need to queue the workflow if the retention policy is not set if c.retentionPolicy == nil { return @@ -108,7 +108,7 @@ func (c *Controller) retentionEnqueue(obj interface{}) { case wfv1.WorkflowSucceeded, wfv1.WorkflowFailed, wfv1.WorkflowError: c.orderedQueueLock.Lock() heap.Push(c.orderedQueue[phase], un) - c.runGC(phase) + c.runGC(ctx, phase) c.orderedQueueLock.Unlock() } } @@ -142,8 +142,8 @@ func (c *Controller) runWorker() { } // retentionGC queues workflows for deletion based upon the retention policy. -func (c *Controller) runGC(phase wfv1.WorkflowPhase) { - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) +func (c *Controller) runGC(ctx context.Context, phase wfv1.WorkflowPhase) { + defer runtimeutil.HandleCrashWithContext(ctx, runtimeutil.PanicHandlers...) var maxWorkflows int switch phase { case wfv1.WorkflowSucceeded: @@ -172,7 +172,7 @@ func (c *Controller) processNextWorkItem(ctx context.Context) bool { return false } defer c.workqueue.Done(key) - runtimeutil.HandleError(c.deleteWorkflow(ctx, key.(string))) + runtimeutil.HandleError(c.deleteWorkflow(ctx, key)) return true } diff --git a/workflow/gccontroller/gc_controller_test.go b/workflow/gccontroller/gc_controller_test.go index e1e77cdd4f09..e3033a5d430c 100644 --- a/workflow/gccontroller/gc_controller_test.go +++ b/workflow/gccontroller/gc_controller_test.go @@ -352,7 +352,7 @@ func newTTLController(t *testing.T) *Controller { wfclientset: wfclientset, wfInformer: wfInformer, clock: clock, - workqueue: workqueue.NewDelayingQueue(), + workqueue: workqueue.TypedNewDelayingQueue[string](), metrics: gcMetrics, } } diff --git a/workflow/metrics/metrics_test.go b/workflow/metrics/metrics_test.go index c8fbda52ab6b..b4933e844737 100644 --- a/workflow/metrics/metrics_test.go +++ b/workflow/metrics/metrics_test.go @@ -148,7 +148,7 @@ func TestWorkflowQueueMetrics(t *testing.T) { m, te, err := getSharedMetrics() require.NoError(t, err) attribs := attribute.NewSet(attribute.String(telemetry.AttribQueueName, "workflow_queue")) - wfQueue := m.RateLimiterWithBusyWorkers(m.Ctx, workqueue.DefaultControllerRateLimiter(), "workflow_queue") + wfQueue := m.RateLimiterWithBusyWorkers(m.Ctx, workqueue.DefaultTypedControllerRateLimiter[string](), "workflow_queue") defer wfQueue.ShutDown() assert.NotNil(t, m.AllInstruments[nameWorkersQueueDepth]) diff --git a/workflow/metrics/work_queue.go b/workflow/metrics/work_queue.go index 537643e719cc..41e1ee6f85c5 100644 --- a/workflow/metrics/work_queue.go +++ b/workflow/metrics/work_queue.go @@ -26,7 +26,7 @@ const ( var _ workqueue.MetricsProvider = &Metrics{} type workersBusyRateLimiterWorkQueue struct { - workqueue.RateLimitingInterface + workqueue.TypedRateLimitingInterface[string] workerType string busyGauge *telemetry.Instrument // Evil storage of context for compatibility with legacy interface to workqueue @@ -128,12 +128,12 @@ func addWorkQueueMetrics(_ context.Context, m *Metrics) error { return nil } -func (m *Metrics) RateLimiterWithBusyWorkers(ctx context.Context, workQueue workqueue.RateLimiter, queueName string) workqueue.RateLimitingInterface { +func (m *Metrics) RateLimiterWithBusyWorkers(ctx context.Context, workQueue workqueue.TypedRateLimiter[string], queueName string) workqueue.TypedRateLimitingInterface[string] { queue := workersBusyRateLimiterWorkQueue{ - RateLimitingInterface: workqueue.NewNamedRateLimitingQueue(workQueue, queueName), - workerType: queueName, - busyGauge: m.AllInstruments[nameWorkersBusy], - ctx: ctx, + TypedRateLimitingInterface: workqueue.NewTypedRateLimitingQueueWithConfig(workQueue, workqueue.TypedRateLimitingQueueConfig[string]{Name: queueName}), + workerType: queueName, + busyGauge: m.AllInstruments[nameWorkersBusy], + ctx: ctx, } queue.newWorker(ctx) return queue @@ -155,14 +155,14 @@ func (w *workersBusyRateLimiterWorkQueue) workerFree(ctx context.Context) { w.busyGauge.AddInt(ctx, -1, w.attributes()) } -func (w workersBusyRateLimiterWorkQueue) Get() (interface{}, bool) { - item, shutdown := w.RateLimitingInterface.Get() +func (w workersBusyRateLimiterWorkQueue) Get() (string, bool) { + item, shutdown := w.TypedRateLimitingInterface.Get() w.workerBusy(w.ctx) return item, shutdown } -func (w workersBusyRateLimiterWorkQueue) Done(item interface{}) { - w.RateLimitingInterface.Done(item) +func (w workersBusyRateLimiterWorkQueue) Done(item string) { + w.TypedRateLimitingInterface.Done(item) w.workerFree(w.ctx) } diff --git a/workflow/metrics/work_queue_test.go b/workflow/metrics/work_queue_test.go index 9c7f9766936b..0222a292e23e 100644 --- a/workflow/metrics/work_queue_test.go +++ b/workflow/metrics/work_queue_test.go @@ -17,7 +17,7 @@ func TestMetricsWorkQueue(t *testing.T) { attribsWT := attribute.NewSet(attribute.String(telemetry.AttribWorkerType, "test")) - queue := m.RateLimiterWithBusyWorkers(m.Ctx, workqueue.DefaultControllerRateLimiter(), "test") + queue := m.RateLimiterWithBusyWorkers(m.Ctx, workqueue.DefaultTypedControllerRateLimiter[string](), "test") defer queue.ShutDown() val, err := te.GetInt64CounterValue(nameWorkersBusy, &attribsWT) require.NoError(t, err) diff --git a/workflow/sync/sync_manager.go b/workflow/sync/sync_manager.go index fb0feda826d5..a234251336ef 100644 --- a/workflow/sync/sync_manager.go +++ b/workflow/sync/sync_manager.go @@ -47,8 +47,8 @@ func (sm *Manager) getWorkflowKey(key string) (string, error) { return fmt.Sprintf("%s/%s", items[0], items[1]), nil } -func (sm *Manager) CheckWorkflowExistence() { - defer runtimeutil.HandleCrash(runtimeutil.PanicHandlers...) +func (sm *Manager) CheckWorkflowExistence(ctx context.Context) { + defer runtimeutil.HandleCrashWithContext(ctx, runtimeutil.PanicHandlers...) log.Debug("Check the workflow existence") for _, lock := range sm.syncLockMap { diff --git a/workflow/sync/sync_manager_test.go b/workflow/sync/sync_manager_test.go index b70fd89de56e..1e77151bdb50 100644 --- a/workflow/sync/sync_manager_test.go +++ b/workflow/sync/sync_manager_test.go @@ -721,7 +721,7 @@ func TestCheckWorkflowExistence(t *testing.T) { assert.Len(mutex.getCurrentPending(), 1) assert.Len(semaphore.getCurrentHolders(), 1) assert.Len(semaphore.getCurrentPending(), 1) - syncManager.CheckWorkflowExistence() + syncManager.CheckWorkflowExistence(ctx) assert.Empty(mutex.getCurrentHolders()) assert.Len(mutex.getCurrentPending(), 1) assert.Empty(semaphore.getCurrentHolders()) From 9d1d2cd518628b2d4298b435386e82c7e7960f0d Mon Sep 17 00:00:00 2001 From: Tianchu Zhao Date: Fri, 6 Dec 2024 14:36:28 +1100 Subject: [PATCH 3/4] fix: cronOperator/serverResubmitWf retry create workflow on transient error. Fixes #13970 (#13971) Signed-off-by: Tianchu Zhao --- workflow/util/util.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/workflow/util/util.go b/workflow/util/util.go index 395928000c7a..d0ec8e5466d5 100644 --- a/workflow/util/util.go +++ b/workflow/util/util.go @@ -195,7 +195,13 @@ func SubmitWorkflow(ctx context.Context, wfIf v1alpha1.WorkflowInterface, wfClie } return wf, err } else { - return wfIf.Create(ctx, wf, metav1.CreateOptions{}) + var runWf *wfv1.Workflow + err = waitutil.Backoff(retry.DefaultRetry, func() (bool, error) { + var err error + runWf, err = wfIf.Create(ctx, wf, metav1.CreateOptions{}) + return !errorsutil.IsTransientErr(err), err + }) + return runWf, err } } From 10aaf3eb1873d88d3f9ab3027d9452b40c91d9d9 Mon Sep 17 00:00:00 2001 From: Son Bui Date: Fri, 6 Dec 2024 21:00:19 +0700 Subject: [PATCH 4/4] fix: replace deprecated `bouk/staticfiles` with native Go `embed`. fixes #11654 (#11707) Signed-off-by: Son Bui --- .github/workflows/ci-build.yaml | 2 +- .golangci.yml | 2 - Makefile | 33 ++++------- dev/nix/conf.nix | 1 - dev/nix/flake.nix | 13 ---- server/apiserver/argoserver.go | 3 +- server/static/files.go | 8 --- server/static/files.go.stub | 8 --- server/static/response-rewriter.go | 20 ------- server/static/static.go | 72 +++++++++++++++++----- server/static/static_test.go | 95 ++++++++++++++++++++++++++++++ ui/embed.go | 10 ++++ 12 files changed, 177 insertions(+), 90 deletions(-) delete mode 100644 server/static/files.go delete mode 100644 server/static/files.go.stub delete mode 100644 server/static/response-rewriter.go create mode 100644 server/static/static_test.go create mode 100644 ui/embed.go diff --git a/.github/workflows/ci-build.yaml b/.github/workflows/ci-build.yaml index a3fb946a11bd..e82fc021be95 100644 --- a/.github/workflows/ci-build.yaml +++ b/.github/workflows/ci-build.yaml @@ -142,7 +142,7 @@ jobs: go-version: "1.23" cache: true # windows run does not use makefile target because it does a lot more than just testing and is not cross-platform compatible - - run: go test -p 20 -covermode=atomic -coverprofile='coverage.out' $(go list ./... | select-string -Pattern 'github.com/argoproj/argo-workflows/v3/workflow/controller' , 'github.com/argoproj/argo-workflows/v3/server' -NotMatch) + - run: if (!(Test-Path "ui/dist/app/index.html")) { New-Item -ItemType Directory -Force -Path "ui/dist/app" | Out-Null; New-Item -ItemType File -Path "ui/dist/app/placeholder" | Out-Null }; go test -p 20 -covermode=atomic -coverprofile='coverage.out' $(go list ./... | select-string -Pattern 'github.com/argoproj/argo-workflows/v3/workflow/controller' , 'github.com/argoproj/argo-workflows/v3/server' -NotMatch) env: KUBECONFIG: /dev/null - name: Upload coverage report diff --git a/.golangci.yml b/.golangci.yml index b8b0227bd4f6..5574b2e7ff18 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -65,5 +65,3 @@ issues: - sdks - ui - vendor - exclude-files: - - server/static/files.go diff --git a/Makefile b/Makefile index 365bbe42df3e..c51b9e3d77e7 100644 --- a/Makefile +++ b/Makefile @@ -115,7 +115,7 @@ endif HACK_PKG_FILES_AS_PKGS ?= false ifeq ($(HACK_PKG_FILES_AS_PKGS),false) ARGOEXEC_PKG_FILES := $(shell go list -f '{{ join .Deps "\n" }}' ./cmd/argoexec/ | grep 'argoproj/argo-workflows/v3/' | xargs go list -f '{{ range $$file := .GoFiles }}{{ print $$.ImportPath "/" $$file "\n" }}{{ end }}' | cut -c 39-) - CLI_PKG_FILES := $(shell go list -f '{{ join .Deps "\n" }}' ./cmd/argo/ | grep 'argoproj/argo-workflows/v3/' | xargs go list -f '{{ range $$file := .GoFiles }}{{ print $$.ImportPath "/" $$file "\n" }}{{ end }}' | cut -c 39-) + CLI_PKG_FILES := $(shell [ -f ui/dist/app/index.html ] || (mkdir -p ui/dist/app && touch ui/dist/app/placeholder); go list -f '{{ join .Deps "\n" }}' ./cmd/argo/ | grep 'argoproj/argo-workflows/v3/' | xargs go list -f '{{ range $$file := .GoFiles }}{{ print $$.ImportPath "/" $$file "\n" }}{{ end }}' | cut -c 39-) CONTROLLER_PKG_FILES := $(shell go list -f '{{ join .Deps "\n" }}' ./cmd/workflow-controller/ | grep 'argoproj/argo-workflows/v3/' | xargs go list -f '{{ range $$file := .GoFiles }}{{ print $$.ImportPath "/" $$file "\n" }}{{ end }}' | cut -c 39-) else # Building argoexec on windows cannot rebuild the openapi, we need to fall back to the old @@ -165,25 +165,14 @@ endef cli: dist/argo ui/dist/app/index.html: $(shell find ui/src -type f && find ui -maxdepth 1 -type f) +ifeq ($(STATIC_FILES),true) # `yarn install` is fast (~2s), so you can call it safely. JOBS=max yarn --cwd ui install # `yarn build` is slow, so we guard it with a up-to-date check. JOBS=max yarn --cwd ui build - -$(GOPATH)/bin/staticfiles: Makefile -# update this in Nix when updating it here -ifneq ($(USE_NIX), true) - go install bou.ke/staticfiles@dd04075 -endif - -ifeq ($(STATIC_FILES),true) -server/static/files.go: $(GOPATH)/bin/staticfiles ui/dist/app/index.html - # Pack UI into a Go file - $(GOPATH)/bin/staticfiles -o server/static/files.go ui/dist/app else -server/static/files.go: - # Building without static files - cp ./server/static/files.go.stub ./server/static/files.go + @mkdir -p ui/dist/app + touch ui/dist/app/index.html endif dist/argo-linux-amd64: GOARGS = GOOS=linux GOARCH=amd64 @@ -198,16 +187,16 @@ dist/argo-windows-amd64: GOARGS = GOOS=windows GOARCH=amd64 dist/argo-windows-%.gz: dist/argo-windows-% gzip --force --keep dist/argo-windows-$*.exe -dist/argo-windows-%: server/static/files.go $(CLI_PKG_FILES) go.sum +dist/argo-windows-%: ui/dist/app/index.html $(CLI_PKG_FILES) go.sum CGO_ENABLED=0 $(GOARGS) go build -v -gcflags '${GCFLAGS}' -ldflags '${LDFLAGS} -extldflags -static' -o $@.exe ./cmd/argo dist/argo-%.gz: dist/argo-% gzip --force --keep dist/argo-$* -dist/argo-%: server/static/files.go $(CLI_PKG_FILES) go.sum +dist/argo-%: ui/dist/app/index.html $(CLI_PKG_FILES) go.sum CGO_ENABLED=0 $(GOARGS) go build -v -gcflags '${GCFLAGS}' -ldflags '${LDFLAGS} -extldflags -static' -o $@ ./cmd/argo -dist/argo: server/static/files.go $(CLI_PKG_FILES) go.sum +dist/argo: ui/dist/app/index.html $(CLI_PKG_FILES) go.sum ifeq ($(shell uname -s),Darwin) # if local, then build fast: use CGO and dynamic-linking go build -v -gcflags '${GCFLAGS}' -ldflags '${LDFLAGS}' -o $@ ./cmd/argo @@ -454,7 +443,7 @@ $(GOPATH)/bin/golangci-lint: Makefile curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b `go env GOPATH`/bin v1.61.0 .PHONY: lint -lint: server/static/files.go $(GOPATH)/bin/golangci-lint +lint: ui/dist/app/index.html $(GOPATH)/bin/golangci-lint rm -Rf v3 vendor # If you're using `woc.wf.Spec` or `woc.execWf.Status` your code probably won't work with WorkflowTemplate. # * Change `woc.wf.Spec` to `woc.execWf.Spec`. @@ -471,7 +460,7 @@ lint: server/static/files.go $(GOPATH)/bin/golangci-lint # for local we have a faster target that prints to stdout, does not use json, and can cache because it has no coverage .PHONY: test -test: server/static/files.go +test: ui/dist/app/index.html go build ./... env KUBECONFIG=/dev/null $(GOTEST) ./... # marker file, based on it's modification time, we know how long ago this target was run @@ -702,11 +691,11 @@ go-diagrams/diagram.dot: ./hack/docs/diagram.go docs/assets/diagram.png: go-diagrams/diagram.dot cd go-diagrams && dot -Tpng diagram.dot -o ../docs/assets/diagram.png -docs/fields.md: api/openapi-spec/swagger.json $(shell find examples -type f) hack/docs/fields.go +docs/fields.md: api/openapi-spec/swagger.json $(shell find examples -type f) ui/dist/app/index.html hack/docs/fields.go env ARGO_SECURE=false ARGO_INSECURE_SKIP_VERIFY=false ARGO_SERVER= ARGO_INSTANCEID= go run ./hack/docs fields # generates several other files -docs/cli/argo.md: $(CLI_PKG_FILES) go.sum server/static/files.go hack/docs/cli.go +docs/cli/argo.md: $(CLI_PKG_FILES) go.sum ui/dist/app/index.html hack/docs/cli.go go run ./hack/docs cli # docs diff --git a/dev/nix/conf.nix b/dev/nix/conf.nix index 1850eb2d0f22..520f6b187434 100644 --- a/dev/nix/conf.nix +++ b/dev/nix/conf.nix @@ -5,7 +5,6 @@ # Even then the buildFlags are not passed into Go, meaning you won't see the correct version info yet. # This is only intended for quick developing at the moment, gradually more functionality will be pushed here. rec { - staticFiles = false; # not acted upon version = "latest"; env = { DEFAULT_REQUEUE_TIME = "1s"; diff --git a/dev/nix/flake.nix b/dev/nix/flake.nix index 9152352e25ec..8e02eebddd71 100644 --- a/dev/nix/flake.nix +++ b/dev/nix/flake.nix @@ -307,17 +307,6 @@ doCheck = false; }; - staticfiles = pkgs.buildGoPackage rec { - name = "staticfiles"; - src = pkgs.fetchFromGitHub { - owner = "bouk"; - repo = "staticfiles"; - rev = "827d7f6389cd410d0aa3f3d472a4838557bf53dd"; - sha256 = "0xarhmsqypl8036w96ssdzjv3k098p2d4mkmw5f6hkp1m3j67j61"; - }; - - goPackagePath = "bou.ke/staticfiles"; - }; default = config.packages.${package.name}; }; @@ -338,7 +327,6 @@ config.packages.k8sio-tools config.packages.goreman config.packages.stern - config.packages.staticfiles config.packages.${package.name} nodePackages.shell.nodeDependencies gopls @@ -368,7 +356,6 @@ config.packages.k8sio-tools config.packages.goreman config.packages.stern - config.packages.staticfiles config.packages.${package.name} nodePackages.shell.nodeDependencies gopls diff --git a/server/apiserver/argoserver.go b/server/apiserver/argoserver.go index 390aaa3b371b..1369c384307a 100644 --- a/server/apiserver/argoserver.go +++ b/server/apiserver/argoserver.go @@ -58,6 +58,7 @@ import ( "github.com/argoproj/argo-workflows/v3/server/workflow/store" "github.com/argoproj/argo-workflows/v3/server/workflowarchive" "github.com/argoproj/argo-workflows/v3/server/workflowtemplate" + "github.com/argoproj/argo-workflows/v3/ui" grpcutil "github.com/argoproj/argo-workflows/v3/util/grpc" "github.com/argoproj/argo-workflows/v3/util/instanceid" "github.com/argoproj/argo-workflows/v3/util/json" @@ -435,7 +436,7 @@ func (as *argoServer) newHTTPServer(ctx context.Context, port int, artifactServe }) // we only enable HTST if we are secure mode, otherwise you would never be able access the UI - mux.HandleFunc("/", static.NewFilesServer(as.baseHRef, as.tlsConfig != nil && as.hsts, as.xframeOptions, as.accessControlAllowOrigin).ServerFiles) + mux.HandleFunc("/", static.NewFilesServer(as.baseHRef, as.tlsConfig != nil && as.hsts, as.xframeOptions, as.accessControlAllowOrigin, ui.Embedded).ServerFiles) return &httpServer } diff --git a/server/static/files.go b/server/static/files.go deleted file mode 100644 index 7179551ae2c9..000000000000 --- a/server/static/files.go +++ /dev/null @@ -1,8 +0,0 @@ -// File built without static files -package static - -import "net/http" - -func ServeHTTP(http.ResponseWriter, *http.Request) {} - -func Hash(string) string { return "" } diff --git a/server/static/files.go.stub b/server/static/files.go.stub deleted file mode 100644 index 7179551ae2c9..000000000000 --- a/server/static/files.go.stub +++ /dev/null @@ -1,8 +0,0 @@ -// File built without static files -package static - -import "net/http" - -func ServeHTTP(http.ResponseWriter, *http.Request) {} - -func Hash(string) string { return "" } diff --git a/server/static/response-rewriter.go b/server/static/response-rewriter.go deleted file mode 100644 index b824143ff7a7..000000000000 --- a/server/static/response-rewriter.go +++ /dev/null @@ -1,20 +0,0 @@ -package static - -import ( - "bytes" - "net/http" - "strconv" -) - -type responseRewriter struct { - http.ResponseWriter - old []byte - new []byte -} - -func (w *responseRewriter) Write(a []byte) (int, error) { - b := bytes.Replace(a, w.old, w.new, 1) - // status code and headers are printed out when we write data - w.Header().Set("Content-Length", strconv.Itoa(len(b))) - return w.ResponseWriter.Write(b) -} diff --git a/server/static/static.go b/server/static/static.go index f2df6d60b6f2..f9b03752a4d0 100644 --- a/server/static/static.go +++ b/server/static/static.go @@ -1,9 +1,17 @@ package static import ( + "bytes" + "embed" "fmt" + "io/fs" "net/http" + "regexp" "strings" + "time" + + "github.com/argoproj/argo-workflows/v3" + "github.com/argoproj/argo-workflows/v3/ui" ) type FilesServer struct { @@ -11,23 +19,16 @@ type FilesServer struct { hsts bool xframeOpts string corsAllowOrigin string + staticAssets embed.FS } -func NewFilesServer(baseHRef string, hsts bool, xframeOpts string, corsAllowOrigin string) *FilesServer { - return &FilesServer{baseHRef, hsts, xframeOpts, corsAllowOrigin} +var baseHRefRegex = regexp.MustCompile(``) + +func NewFilesServer(baseHRef string, hsts bool, xframeOpts string, corsAllowOrigin string, staticAssets embed.FS) *FilesServer { + return &FilesServer{baseHRef, hsts, xframeOpts, corsAllowOrigin, staticAssets} } func (s *FilesServer) ServerFiles(w http.ResponseWriter, r *http.Request) { - // If there is no stored static file, we'll redirect to the js app - if Hash(strings.TrimLeft(r.URL.Path, "/")) == "" { - r.URL.Path = "index.html" - } - - if r.URL.Path == "index.html" { - // hack to prevent ServerHTTP from giving us gzipped content which we can do our search-and-replace on - r.Header.Del("Accept-Encoding") - w = &responseRewriter{ResponseWriter: w, old: []byte(``), new: []byte(fmt.Sprintf(``, s.baseHRef))} - } if s.xframeOpts != "" { w.Header().Set("X-Frame-Options", s.xframeOpts) @@ -50,6 +51,49 @@ func (s *FilesServer) ServerFiles(w http.ResponseWriter, r *http.Request) { w.Header().Set("Strict-Transport-Security", "max-age=31536000") } - // in my IDE (IntelliJ) the next line is red for some reason - but this is fine - ServeHTTP(w, r) + if r.URL.Path == "/" || !s.uiAssetExists(r.URL.Path) { + data, err := s.getIndexData() + if err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + return + } + + modTime, err := time.Parse(argo.GetVersion().BuildDate, time.RFC3339) + if err != nil { + modTime = time.Now() + } + http.ServeContent(w, r, "index.html", modTime, bytes.NewReader(data)) + } else { + staticFS, _ := fs.Sub(s.staticAssets, ui.EMBED_PATH) + http.FileServer(http.FS(staticFS)).ServeHTTP(w, r) + } +} + +func (s *FilesServer) getIndexData() ([]byte, error) { + data, err := s.staticAssets.ReadFile(ui.EMBED_PATH + "/index.html") + if err != nil { + return data, err + } + if s.baseHRef != "/" && s.baseHRef != "" { + data = []byte(replaceBaseHRef(string(data), fmt.Sprintf(``, strings.Trim(s.baseHRef, "/")))) + } + + return data, nil +} + +func (s *FilesServer) uiAssetExists(filename string) bool { + f, err := s.staticAssets.Open(ui.EMBED_PATH + filename) + if err != nil { + return false + } + defer f.Close() + stat, err := f.Stat() + if err != nil { + return false + } + return !stat.IsDir() +} + +func replaceBaseHRef(data string, replaceWith string) string { + return baseHRefRegex.ReplaceAllString(data, replaceWith) } diff --git a/server/static/static_test.go b/server/static/static_test.go new file mode 100644 index 000000000000..e9682dbfe2c3 --- /dev/null +++ b/server/static/static_test.go @@ -0,0 +1,95 @@ +package static + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestReplaceBaseHRef(t *testing.T) { + testCases := []struct { + name string + data string + expected string + replaceWith string + }{ + { + name: "non-root basepath", + data: ` + + + + Argo + + + + + + + + +
+ +`, + expected: ` + + + + Argo + + + + + + + + +
+ +`, + replaceWith: ``, + }, + { + name: "root basepath", + data: ` + + + + Argo + + + + + + + + +
+ +`, + expected: ` + + + + Argo + + + + + + + + +
+ +`, + replaceWith: ``, + }, + } + for _, testCase := range testCases { + t.Run(testCase.name, func(t *testing.T) { + result := replaceBaseHRef(testCase.data, testCase.replaceWith) + assert.Equal(t, testCase.expected, result) + }) + } +} diff --git a/ui/embed.go b/ui/embed.go new file mode 100644 index 000000000000..5c9792fa48d7 --- /dev/null +++ b/ui/embed.go @@ -0,0 +1,10 @@ +package ui + +import "embed" + +const EMBED_PATH = "dist/app" + +// Embedded contains embedded UI resources +// +//go:embed dist/app +var Embedded embed.FS