PublishedResource
PublishedResource CRD schema reference (group syncagent.kcp.io)
Version v1alpha1
Properties
.apiVersion
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
.kind
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
.metadata
.spec
PublishedResourceSpec describes the desired resource publication from a service cluster to kcp.
.spec.enableWorkspacePaths
EnableWorkspacePaths toggles whether the Sync Agent will not just store the kcp cluster name as a label on each locally synced object, but also the full workspace path. This is optional because it requires additional requests to kcp and should only be used if the workspace path is of interest on the service cluster side.
.spec.filter
If specified, the filter will be applied to the resources in a workspace and allow restricting which of them will be handled by the Sync Agent.
.spec.filter.namespace
When given, the namespace filter will be applied to a resource’s namespace.
.spec.filter.namespace.matchExpressions
matchExpressions is a list of label selector requirements. The requirements are ANDed.
.spec.filter.namespace.matchExpressions[*]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.filter.namespace.matchExpressions[*].key
key is the label key that the selector applies to.
.spec.filter.namespace.matchExpressions[*].operator
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
.spec.filter.namespace.matchExpressions[*].values
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
.spec.filter.namespace.matchExpressions[*].values[*]
.spec.filter.namespace.matchLabels
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
.spec.filter.resource
When given, the resource filter will be applied to a resource itself.
.spec.filter.resource.matchExpressions
matchExpressions is a list of label selector requirements. The requirements are ANDed.
.spec.filter.resource.matchExpressions[*]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.filter.resource.matchExpressions[*].key
key is the label key that the selector applies to.
.spec.filter.resource.matchExpressions[*].operator
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
.spec.filter.resource.matchExpressions[*].values
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
.spec.filter.resource.matchExpressions[*].values[*]
.spec.filter.resource.matchLabels
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
.spec.mutation
Mutation allows to configure “rewrite rules” to modify the objects in both directions during the synchronization.
.spec.mutation.spec
.spec.mutation.spec[*]
.spec.mutation.spec[*].delete
.spec.mutation.spec[*].delete.path
.spec.mutation.spec[*].regex
.spec.mutation.spec[*].regex.path
.spec.mutation.spec[*].regex.pattern
Pattern can be left empty to simply replace the entire value with the replacement.
.spec.mutation.spec[*].regex.replacement
.spec.mutation.spec[*].template
.spec.mutation.spec[*].template.path
.spec.mutation.spec[*].template.template
.spec.mutation.status
.spec.mutation.status[*]
.spec.mutation.status[*].delete
.spec.mutation.status[*].delete.path
.spec.mutation.status[*].regex
.spec.mutation.status[*].regex.path
.spec.mutation.status[*].regex.pattern
Pattern can be left empty to simply replace the entire value with the replacement.
.spec.mutation.status[*].regex.replacement
.spec.mutation.status[*].template
.spec.mutation.status[*].template.path
.spec.mutation.status[*].template.template
.spec.naming
Naming can be used to control how the namespace and names for local objects are formed. If not specified, the Sync Agent will use defensive defaults to prevent naming collisions in the service cluster. When configuring this, great care must be taken to not allow for naming collisions to happen; keep in mind that the same name/namespace can exists in many different kcp workspaces.
.spec.naming.name
The name field allows to control the name the local objects created by the Sync Agent. If left empty, “$remoteNamespaceHash-$remoteNameHash” is assumed. This guarantees unique names as long as the cluster name ($remoteClusterName) is used for the local namespace (the default unless configured otherwise). This is a string with placeholders. The following placeholders can be used:
- $remoteClusterName – the kcp workspace’s cluster name (e.g. “1084s8ceexsehjm2”)
- $remoteNamespace – the original namespace used by the consumer inside the kcp workspace (if targetNamespace is left empty, it’s equivalent to setting “$remote_ns”)
- $remoteNamespaceHash – first 20 hex characters of the SHA-1 hash of $remoteNamespace
- $remoteName – the original name of the object inside the kcp workspace (rarely used to construct local namespace names)
- $remoteNameHash – first 20 hex characters of the SHA-1 hash of $remoteName
.spec.naming.namespace
For namespaced resources, the this field allows to control where the local objects will be created. If left empty, “$remoteClusterName” is assumed. This is a string with placeholders. The following placeholders can be used:
- $remoteClusterName – the kcp workspace’s cluster name (e.g. “1084s8ceexsehjm2”)
- $remoteNamespace – the original namespace used by the consumer inside the kcp workspace (if targetNamespace is left empty, it’s equivalent to setting “$remote_ns”)
- $remoteNamespaceHash – first 20 hex characters of the SHA-1 hash of $remoteNamespace
- $remoteName – the original name of the object inside the kcp workspace (rarely used to construct local namespace names)
- $remoteNameHash – first 20 hex characters of the SHA-1 hash of $remoteName
.spec.projection
Projection is used to change the GVK of a published resource within kcp. This can be used to hide implementation details and provide a customized API experience to the user. All fields in the projection are optional. If a field is set, it will overwrite that field in the GVK. The namespaced field can be set to turn a cluster-wide resource namespaced or vice-versa.
.spec.projection.categories
Categories can be used to overwrite the original categories a resource was in. Set this to an empty list to remove all categories.
.spec.projection.categories[*]
.spec.projection.group
The API group, for example “myservice.example.com”. Leave empty to not modify the API group.
.spec.projection.kind
The resource Kind, for example “Database”. Setting this field will also overwrite the singular name by lowercasing the resource kind. In addition, if this is set, the plural name will also be updated by taking the lowercased kind name and appending an “s”. If this would yield an undesirable name, use the plural field to explicitly give the plural name.
.spec.projection.plural
When overwriting the Kind, it can be necessary to also override the plural name in case of more complex pluralization rules.
.spec.projection.scope
Whether or not the resource is namespaced.
.spec.projection.shortNames
ShortNames can be used to overwrite the original short names for a resource, usually when the Kind is remapped, new short names are also in order. Set this to an empty list to remove all short names.
.spec.projection.shortNames[*]
.spec.projection.version
The API version, for example “v1beta1”. Leave empty to not modify the version.
This field must not be set when multiple versions have been selected.
Deprecated: Use .versions instead.
.spec.projection.versions
Versions allows to map API versions onto new values in kcp. Leave empty to not modify the versions.
.spec.related
.spec.related[*]
.spec.related[*].identifier
Identifier is a unique name for this related resource. The name must be unique within one PublishedResource and is the key by which consumers (end users) can identify and consume the related resource. Common names are “connection-details” or “credentials”. The identifier must be an alphanumeric string.
.spec.related[*].kind
ConfigMap or Secret
.spec.related[*].mutation
Mutation configures optional transformation rules for the related resource. Status mutations are only performed when the related resource originates in kcp.
.spec.related[*].mutation.spec
.spec.related[*].mutation.spec[*]
.spec.related[*].mutation.spec[*].delete
.spec.related[*].mutation.spec[*].delete.path
.spec.related[*].mutation.spec[*].regex
.spec.related[*].mutation.spec[*].regex.path
.spec.related[*].mutation.spec[*].regex.pattern
Pattern can be left empty to simply replace the entire value with the replacement.
.spec.related[*].mutation.spec[*].regex.replacement
.spec.related[*].mutation.spec[*].template
.spec.related[*].mutation.spec[*].template.path
.spec.related[*].mutation.spec[*].template.template
.spec.related[*].mutation.status
.spec.related[*].mutation.status[*]
.spec.related[*].mutation.status[*].delete
.spec.related[*].mutation.status[*].delete.path
.spec.related[*].mutation.status[*].regex
.spec.related[*].mutation.status[*].regex.path
.spec.related[*].mutation.status[*].regex.pattern
Pattern can be left empty to simply replace the entire value with the replacement.
.spec.related[*].mutation.status[*].regex.replacement
.spec.related[*].mutation.status[*].template
.spec.related[*].mutation.status[*].template.path
.spec.related[*].mutation.status[*].template.template
.spec.related[*].object
Object describes how the related resource can be found on the origin side and where it is to supposed to be created on the destination side.
.spec.related[*].object.namespace
Namespace configures in what namespace the related object resides in. If not specified, the same namespace as the main object is assumed. If the main object is cluster-scoped, this field is required and an error will be raised during syncing if the field is not specified.
.spec.related[*].object.namespace.reference
Reference points to a field inside the main object. This reference is evaluated on both source and destination sides to find the related object.
Deprecated: Use Go templates instead.
.spec.related[*].object.namespace.reference.path
Path is a simplified JSONPath expression like “metadata.name”. A reference must always select at least something in the object, even if the value is discarded by the regular expression.
.spec.related[*].object.namespace.reference.regex
Regex is a Go regular expression that is optionally applied to the selected value from the path.
.spec.related[*].object.namespace.reference.regex.pattern
Pattern can be left empty to simply replace the entire value with the replacement.
.spec.related[*].object.namespace.reference.regex.replacement
Replacement is the string that the matched pattern is replaced with. It can contain references to groups in the pattern by using \N.
.spec.related[*].object.namespace.selector
Selector is a label selector that is useful if no reference is in the main resource (i.e. if the related object links back to its parent, instead of the parent pointing to the related object).
.spec.related[*].object.namespace.selector.matchExpressions
matchExpressions is a list of label selector requirements. The requirements are ANDed.
.spec.related[*].object.namespace.selector.matchExpressions[*]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.related[*].object.namespace.selector.matchExpressions[*].key
key is the label key that the selector applies to.
.spec.related[*].object.namespace.selector.matchExpressions[*].operator
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
.spec.related[*].object.namespace.selector.matchExpressions[*].values
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
.spec.related[*].object.namespace.selector.matchExpressions[*].values[*]
.spec.related[*].object.namespace.selector.matchLabels
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
.spec.related[*].object.namespace.selector.rewrite
.spec.related[*].object.namespace.selector.rewrite.regex
Regex is a Go regular expression that is optionally applied to the selected value from the path.
.spec.related[*].object.namespace.selector.rewrite.regex.pattern
Pattern can be left empty to simply replace the entire value with the replacement.
.spec.related[*].object.namespace.selector.rewrite.regex.replacement
Replacement is the string that the matched pattern is replaced with. It can contain references to groups in the pattern by using \N.
.spec.related[*].object.namespace.selector.rewrite.template
TemplateExpression is a Go templated string that can make use of variables to construct the resulting string.
.spec.related[*].object.namespace.selector.rewrite.template.template
.spec.related[*].object.namespace.template
Template is a Go templated string that can make use of variables to construct the resulting string.
.spec.related[*].object.namespace.template.template
.spec.related[*].object.reference
Reference points to a field inside the main object. This reference is evaluated on both source and destination sides to find the related object.
Deprecated: Use Go templates instead.
.spec.related[*].object.reference.path
Path is a simplified JSONPath expression like “metadata.name”. A reference must always select at least something in the object, even if the value is discarded by the regular expression.
.spec.related[*].object.reference.regex
Regex is a Go regular expression that is optionally applied to the selected value from the path.
.spec.related[*].object.reference.regex.pattern
Pattern can be left empty to simply replace the entire value with the replacement.
.spec.related[*].object.reference.regex.replacement
Replacement is the string that the matched pattern is replaced with. It can contain references to groups in the pattern by using \N.
.spec.related[*].object.selector
Selector is a label selector that is useful if no reference is in the main resource (i.e. if the related object links back to its parent, instead of the parent pointing to the related object).
.spec.related[*].object.selector.matchExpressions
matchExpressions is a list of label selector requirements. The requirements are ANDed.
.spec.related[*].object.selector.matchExpressions[*]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.related[*].object.selector.matchExpressions[*].key
key is the label key that the selector applies to.
.spec.related[*].object.selector.matchExpressions[*].operator
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
.spec.related[*].object.selector.matchExpressions[*].values
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
.spec.related[*].object.selector.matchExpressions[*].values[*]
.spec.related[*].object.selector.matchLabels
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
.spec.related[*].object.selector.rewrite
.spec.related[*].object.selector.rewrite.regex
Regex is a Go regular expression that is optionally applied to the selected value from the path.
.spec.related[*].object.selector.rewrite.regex.pattern
Pattern can be left empty to simply replace the entire value with the replacement.
.spec.related[*].object.selector.rewrite.regex.replacement
Replacement is the string that the matched pattern is replaced with. It can contain references to groups in the pattern by using \N.
.spec.related[*].object.selector.rewrite.template
TemplateExpression is a Go templated string that can make use of variables to construct the resulting string.
.spec.related[*].object.selector.rewrite.template.template
.spec.related[*].object.template
Template is a Go templated string that can make use of variables to construct the resulting string.
.spec.related[*].object.template.template
.spec.related[*].origin
.spec.resource
Describes the “source” Resource that exists on this, the service cluster, that should be exposed in kcp workspaces. All fields have to be specified.
.spec.resource.apiGroup
The API group of a resource, for example “storage.initroid.com”.
.spec.resource.kind
The resource Kind, for example “Database”.
.spec.resource.version
The API version, for example “v1beta1”. Setting this field will only publish the given version, otherwise all versions for the group/kind will be published.
Deprecated: Use .versions instead.
.spec.resource.versions
Versions allows to select a subset of versions to publish. Leave empty to publish all available versions.
.spec.resource.versions[*]
.status
Status contains reconciliation information for the published resource.