Skip to content

PublishedResource

PublishedResource CRD schema reference (group syncagent.kcp.io)

PublishedResource describes how an API type (usually defined by a CRD) on the service cluster should be exposed in kcp workspaces. Besides controlling how namespaced and cluster-wide resources should be mapped, the GVK can also be transformed to provide a uniform, implementation-independent access to the APIs inside kcp.
Full name:
publishedresources.syncagent.kcp.io
Group:
syncagent.kcp.io
Singular name:
publishedresource
Plural name:
publishedresources
Scope:
Cluster
Versions:
v1alpha1

Version v1alpha1

Properties

.apiVersion

string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

.kind

string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

.metadata

object

.spec

object Required

PublishedResourceSpec describes the desired resource publication from a service cluster to kcp.

.spec.enableWorkspacePaths

boolean

EnableWorkspacePaths toggles whether the Sync Agent will not just store the kcp cluster name as a label on each locally synced object, but also the full workspace path. This is optional because it requires additional requests to kcp and should only be used if the workspace path is of interest on the service cluster side.

.spec.filter

object

If specified, the filter will be applied to the resources in a workspace and allow restricting which of them will be handled by the Sync Agent.

.spec.filter.namespace

object

When given, the namespace filter will be applied to a resource’s namespace.

.spec.filter.namespace.matchExpressions

array

matchExpressions is a list of label selector requirements. The requirements are ANDed.

.spec.filter.namespace.matchExpressions[*]

object

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

.spec.filter.namespace.matchExpressions[*].key

string Required

key is the label key that the selector applies to.

.spec.filter.namespace.matchExpressions[*].operator

string Required

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

.spec.filter.namespace.matchExpressions[*].values

array

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

.spec.filter.namespace.matchExpressions[*].values[*]

string

.spec.filter.namespace.matchLabels

object

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.

.spec.filter.resource

object

When given, the resource filter will be applied to a resource itself.

.spec.filter.resource.matchExpressions

array

matchExpressions is a list of label selector requirements. The requirements are ANDed.

.spec.filter.resource.matchExpressions[*]

object

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

.spec.filter.resource.matchExpressions[*].key

string Required

key is the label key that the selector applies to.

.spec.filter.resource.matchExpressions[*].operator

string Required

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

.spec.filter.resource.matchExpressions[*].values

array

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

.spec.filter.resource.matchExpressions[*].values[*]

string

.spec.filter.resource.matchLabels

object

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.

.spec.mutation

object

Mutation allows to configure “rewrite rules” to modify the objects in both directions during the synchronization.

.spec.mutation.spec

array

.spec.mutation.spec[*]

object

.spec.mutation.spec[*].delete

object

.spec.mutation.spec[*].delete.path

string Required

.spec.mutation.spec[*].regex

object

.spec.mutation.spec[*].regex.path

string Required

.spec.mutation.spec[*].regex.pattern

string

Pattern can be left empty to simply replace the entire value with the replacement.

.spec.mutation.spec[*].regex.replacement

string

.spec.mutation.spec[*].template

object

.spec.mutation.spec[*].template.path

string Required

.spec.mutation.spec[*].template.template

string Required

.spec.mutation.status

array

.spec.mutation.status[*]

object

.spec.mutation.status[*].delete

object

.spec.mutation.status[*].delete.path

string Required

.spec.mutation.status[*].regex

object

.spec.mutation.status[*].regex.path

string Required

.spec.mutation.status[*].regex.pattern

string

Pattern can be left empty to simply replace the entire value with the replacement.

.spec.mutation.status[*].regex.replacement

string

.spec.mutation.status[*].template

object

.spec.mutation.status[*].template.path

string Required

.spec.mutation.status[*].template.template

string Required

.spec.naming

object

Naming can be used to control how the namespace and names for local objects are formed. If not specified, the Sync Agent will use defensive defaults to prevent naming collisions in the service cluster. When configuring this, great care must be taken to not allow for naming collisions to happen; keep in mind that the same name/namespace can exists in many different kcp workspaces.

.spec.naming.name

string

The name field allows to control the name the local objects created by the Sync Agent. If left empty, “$remoteNamespaceHash-$remoteNameHash” is assumed. This guarantees unique names as long as the cluster name ($remoteClusterName) is used for the local namespace (the default unless configured otherwise). This is a string with placeholders. The following placeholders can be used:

  • $remoteClusterName – the kcp workspace’s cluster name (e.g. “1084s8ceexsehjm2”)
  • $remoteNamespace – the original namespace used by the consumer inside the kcp workspace (if targetNamespace is left empty, it’s equivalent to setting “$remote_ns”)
  • $remoteNamespaceHash – first 20 hex characters of the SHA-1 hash of $remoteNamespace
  • $remoteName – the original name of the object inside the kcp workspace (rarely used to construct local namespace names)
  • $remoteNameHash – first 20 hex characters of the SHA-1 hash of $remoteName

.spec.naming.namespace

string

For namespaced resources, the this field allows to control where the local objects will be created. If left empty, “$remoteClusterName” is assumed. This is a string with placeholders. The following placeholders can be used:

  • $remoteClusterName – the kcp workspace’s cluster name (e.g. “1084s8ceexsehjm2”)
  • $remoteNamespace – the original namespace used by the consumer inside the kcp workspace (if targetNamespace is left empty, it’s equivalent to setting “$remote_ns”)
  • $remoteNamespaceHash – first 20 hex characters of the SHA-1 hash of $remoteNamespace
  • $remoteName – the original name of the object inside the kcp workspace (rarely used to construct local namespace names)
  • $remoteNameHash – first 20 hex characters of the SHA-1 hash of $remoteName

.spec.projection

object

Projection is used to change the GVK of a published resource within kcp. This can be used to hide implementation details and provide a customized API experience to the user. All fields in the projection are optional. If a field is set, it will overwrite that field in the GVK. The namespaced field can be set to turn a cluster-wide resource namespaced or vice-versa.

.spec.projection.categories

array

Categories can be used to overwrite the original categories a resource was in. Set this to an empty list to remove all categories.

.spec.projection.categories[*]

string

.spec.projection.group

string

The API group, for example “myservice.example.com”. Leave empty to not modify the API group.

.spec.projection.kind

string

The resource Kind, for example “Database”. Setting this field will also overwrite the singular name by lowercasing the resource kind. In addition, if this is set, the plural name will also be updated by taking the lowercased kind name and appending an “s”. If this would yield an undesirable name, use the plural field to explicitly give the plural name.

.spec.projection.plural

string

When overwriting the Kind, it can be necessary to also override the plural name in case of more complex pluralization rules.

.spec.projection.scope

string

Whether or not the resource is namespaced.

.spec.projection.shortNames

array

ShortNames can be used to overwrite the original short names for a resource, usually when the Kind is remapped, new short names are also in order. Set this to an empty list to remove all short names.

.spec.projection.shortNames[*]

string

.spec.projection.version

string

The API version, for example “v1beta1”. Leave empty to not modify the version.

This field must not be set when multiple versions have been selected.

Deprecated: Use .versions instead.

.spec.projection.versions

object

Versions allows to map API versions onto new values in kcp. Leave empty to not modify the versions.

.spec.related

array

.spec.related[*]

object

.spec.related[*].identifier

string Required

Identifier is a unique name for this related resource. The name must be unique within one PublishedResource and is the key by which consumers (end users) can identify and consume the related resource. Common names are “connection-details” or “credentials”. The identifier must be an alphanumeric string.

.spec.related[*].kind

string Required

ConfigMap or Secret

.spec.related[*].mutation

object

Mutation configures optional transformation rules for the related resource. Status mutations are only performed when the related resource originates in kcp.

.spec.related[*].mutation.spec

array

.spec.related[*].mutation.spec[*]

object

.spec.related[*].mutation.spec[*].delete

object

.spec.related[*].mutation.spec[*].delete.path

string Required

.spec.related[*].mutation.spec[*].regex

object

.spec.related[*].mutation.spec[*].regex.path

string Required

.spec.related[*].mutation.spec[*].regex.pattern

string

Pattern can be left empty to simply replace the entire value with the replacement.

.spec.related[*].mutation.spec[*].regex.replacement

string

.spec.related[*].mutation.spec[*].template

object

.spec.related[*].mutation.spec[*].template.path

string Required

.spec.related[*].mutation.spec[*].template.template

string Required

.spec.related[*].mutation.status

array

.spec.related[*].mutation.status[*]

object

.spec.related[*].mutation.status[*].delete

object

.spec.related[*].mutation.status[*].delete.path

string Required

.spec.related[*].mutation.status[*].regex

object

.spec.related[*].mutation.status[*].regex.path

string Required

.spec.related[*].mutation.status[*].regex.pattern

string

Pattern can be left empty to simply replace the entire value with the replacement.

.spec.related[*].mutation.status[*].regex.replacement

string

.spec.related[*].mutation.status[*].template

object

.spec.related[*].mutation.status[*].template.path

string Required

.spec.related[*].mutation.status[*].template.template

string Required

.spec.related[*].object

object Required

Object describes how the related resource can be found on the origin side and where it is to supposed to be created on the destination side.

.spec.related[*].object.namespace

object

Namespace configures in what namespace the related object resides in. If not specified, the same namespace as the main object is assumed. If the main object is cluster-scoped, this field is required and an error will be raised during syncing if the field is not specified.

.spec.related[*].object.namespace.reference

object

Reference points to a field inside the main object. This reference is evaluated on both source and destination sides to find the related object.

Deprecated: Use Go templates instead.

.spec.related[*].object.namespace.reference.path

string Required

Path is a simplified JSONPath expression like “metadata.name”. A reference must always select at least something in the object, even if the value is discarded by the regular expression.

.spec.related[*].object.namespace.reference.regex

object

Regex is a Go regular expression that is optionally applied to the selected value from the path.

.spec.related[*].object.namespace.reference.regex.pattern

string

Pattern can be left empty to simply replace the entire value with the replacement.

.spec.related[*].object.namespace.reference.regex.replacement

string

Replacement is the string that the matched pattern is replaced with. It can contain references to groups in the pattern by using \N.

.spec.related[*].object.namespace.selector

object

Selector is a label selector that is useful if no reference is in the main resource (i.e. if the related object links back to its parent, instead of the parent pointing to the related object).

.spec.related[*].object.namespace.selector.matchExpressions

array

matchExpressions is a list of label selector requirements. The requirements are ANDed.

.spec.related[*].object.namespace.selector.matchExpressions[*]

object

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

.spec.related[*].object.namespace.selector.matchExpressions[*].key

string Required

key is the label key that the selector applies to.

.spec.related[*].object.namespace.selector.matchExpressions[*].operator

string Required

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

.spec.related[*].object.namespace.selector.matchExpressions[*].values

array

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

.spec.related[*].object.namespace.selector.matchExpressions[*].values[*]

string

.spec.related[*].object.namespace.selector.matchLabels

object

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.

.spec.related[*].object.namespace.selector.rewrite

object Required

.spec.related[*].object.namespace.selector.rewrite.regex

object

Regex is a Go regular expression that is optionally applied to the selected value from the path.

.spec.related[*].object.namespace.selector.rewrite.regex.pattern

string

Pattern can be left empty to simply replace the entire value with the replacement.

.spec.related[*].object.namespace.selector.rewrite.regex.replacement

string

Replacement is the string that the matched pattern is replaced with. It can contain references to groups in the pattern by using \N.

.spec.related[*].object.namespace.selector.rewrite.template

object

TemplateExpression is a Go templated string that can make use of variables to construct the resulting string.

.spec.related[*].object.namespace.selector.rewrite.template.template

string

.spec.related[*].object.namespace.template

object

Template is a Go templated string that can make use of variables to construct the resulting string.

.spec.related[*].object.namespace.template.template

string

.spec.related[*].object.reference

object

Reference points to a field inside the main object. This reference is evaluated on both source and destination sides to find the related object.

Deprecated: Use Go templates instead.

.spec.related[*].object.reference.path

string Required

Path is a simplified JSONPath expression like “metadata.name”. A reference must always select at least something in the object, even if the value is discarded by the regular expression.

.spec.related[*].object.reference.regex

object

Regex is a Go regular expression that is optionally applied to the selected value from the path.

.spec.related[*].object.reference.regex.pattern

string

Pattern can be left empty to simply replace the entire value with the replacement.

.spec.related[*].object.reference.regex.replacement

string

Replacement is the string that the matched pattern is replaced with. It can contain references to groups in the pattern by using \N.

.spec.related[*].object.selector

object

Selector is a label selector that is useful if no reference is in the main resource (i.e. if the related object links back to its parent, instead of the parent pointing to the related object).

.spec.related[*].object.selector.matchExpressions

array

matchExpressions is a list of label selector requirements. The requirements are ANDed.

.spec.related[*].object.selector.matchExpressions[*]

object

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

.spec.related[*].object.selector.matchExpressions[*].key

string Required

key is the label key that the selector applies to.

.spec.related[*].object.selector.matchExpressions[*].operator

string Required

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

.spec.related[*].object.selector.matchExpressions[*].values

array

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

.spec.related[*].object.selector.matchExpressions[*].values[*]

string

.spec.related[*].object.selector.matchLabels

object

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.

.spec.related[*].object.selector.rewrite

object Required

.spec.related[*].object.selector.rewrite.regex

object

Regex is a Go regular expression that is optionally applied to the selected value from the path.

.spec.related[*].object.selector.rewrite.regex.pattern

string

Pattern can be left empty to simply replace the entire value with the replacement.

.spec.related[*].object.selector.rewrite.regex.replacement

string

Replacement is the string that the matched pattern is replaced with. It can contain references to groups in the pattern by using \N.

.spec.related[*].object.selector.rewrite.template

object

TemplateExpression is a Go templated string that can make use of variables to construct the resulting string.

.spec.related[*].object.selector.rewrite.template.template

string

.spec.related[*].object.template

object

Template is a Go templated string that can make use of variables to construct the resulting string.

.spec.related[*].object.template.template

string

.spec.related[*].origin

string Required

.spec.resource

object Required

Describes the “source” Resource that exists on this, the service cluster, that should be exposed in kcp workspaces. All fields have to be specified.

.spec.resource.apiGroup

string Required

The API group of a resource, for example “storage.initroid.com”.

.spec.resource.kind

string Required

The resource Kind, for example “Database”.

.spec.resource.version

string

The API version, for example “v1beta1”. Setting this field will only publish the given version, otherwise all versions for the group/kind will be published.

Deprecated: Use .versions instead.

.spec.resource.versions

array

Versions allows to select a subset of versions to publish. Leave empty to publish all available versions.

.spec.resource.versions[*]

string

.status

object

Status contains reconciliation information for the published resource.

.status.resourceSchemaName

string