From 2f5bd63a5e7b4fc1a7735f1250eaef6b921299a7 Mon Sep 17 00:00:00 2001 From: Rohith Jayawardene Date: Fri, 19 Jan 2024 14:11:51 +0000 Subject: [PATCH] [FEATURE] - Resource Count Delection Skipping (#1194) * [FEATURE] - Resource Count Delection Skipping When then configuration has not provisioned any ressources, we can skip the deletion job * fix: adding the suggested amendments * chore: adding a fake dummy module, that does nothing --- .gitignore | 1 - .../terraform.appvia.io_cloudresources.yaml | 190 +++- .../terraform.appvia.io_configurations.yaml | 144 ++- .../crds/terraform.appvia.io_contexts.yaml | 55 +- .../crds/terraform.appvia.io_plans.yaml | 50 +- .../crds/terraform.appvia.io_policies.yaml | 239 ++++- .../crds/terraform.appvia.io_providers.yaml | 132 ++- .../crds/terraform.appvia.io_revisions.yaml | 179 +++- .../terraform/v1alpha1/cloudresource_types.go | 2 +- .../terraform/v1alpha1/configuration_types.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 10 + pkg/controller/cloudresource/controller.go | 1 - pkg/controller/configuration/delete.go | 12 +- pkg/controller/configuration/delete_test.go | 68 +- pkg/controller/configuration/ensure.go | 3 +- .../configuration/reconcile_test.go | 3 +- pkg/register/assets.go | 989 ++++++++++++++---- test/e2e/assets/terraform/dummy-zero/main.tf | 14 + 18 files changed, 1656 insertions(+), 438 deletions(-) create mode 100644 test/e2e/assets/terraform/dummy-zero/main.tf diff --git a/.gitignore b/.gitignore index c82bf068f..d2ccbb84e 100644 --- a/.gitignore +++ b/.gitignore @@ -23,7 +23,6 @@ me.yaml tmp/ TODO TODO.md -main.tf # Terraform Related terraform.tfstate diff --git a/charts/terranetes-controller/crds/terraform.appvia.io_cloudresources.yaml b/charts/terranetes-controller/crds/terraform.appvia.io_cloudresources.yaml index e75321502..c80c73d13 100644 --- a/charts/terranetes-controller/crds/terraform.appvia.io_cloudresources.yaml +++ b/charts/terranetes-controller/crds/terraform.appvia.io_cloudresources.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: cloudresources.terraform.appvia.io spec: group: terraform.appvia.io @@ -46,10 +46,19 @@ spec: description: CloudResource is the schema for terraform definitions in terraform controller properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -57,7 +66,10 @@ spec: description: CloudResourceSpec defines the desired state of a terraform properties: auth: - description: Auth is used to configure any options required when the source of the terraform module is private or requires credentials to retrieve. This could be SSH keys or git user/pass or AWS credentials for an s3 bucket. + description: |- + Auth is used to configure any options required when the source of the terraform + module is private or requires credentials to retrieve. This could be SSH keys or git + user/pass or AWS credentials for an s3 bucket. properties: name: description: name is unique within a namespace to reference a secret resource. @@ -68,13 +80,21 @@ spec: type: object x-kubernetes-map-type: atomic enableAutoApproval: - description: EnableAutoApproval when enabled indicates the configuration does not need to be manually approved. On a change to the configuration, the controller will automatically approve the configuration. Note it still needs to adhere to any checks or policies. + description: |- + EnableAutoApproval when enabled indicates the configuration does not need to be + manually approved. On a change to the configuration, the controller will automatically + approve the configuration. Note it still needs to adhere to any checks or policies. type: boolean enableDriftDetection: - description: EnableDriftDetection when enabled run periodic reconciliation configurations looking for any drift between the expected and current state. If any drift is detected the status is changed and a kubernetes event raised. + description: |- + EnableDriftDetection when enabled run periodic reconciliation configurations looking + for any drift between the expected and current state. If any drift is detected the + status is changed and a kubernetes event raised. type: boolean plan: - description: Plan is the reference to the plan which this cloud resource is associated with. This field is required, and needs both the name and version the plan revision to use + description: |- + Plan is the reference to the plan which this cloud resource is associated with. This + field is required, and needs both the name and version the plan revision to use properties: name: description: Name is the name of the plan this configuration is associated with @@ -87,10 +107,14 @@ spec: - revision type: object providerRef: - description: ProviderRef is the reference to the provider which should be used to execute this configuration. + description: |- + ProviderRef is the reference to the provider which should be used to execute this + configuration. properties: name: - description: Name is the name of the provider which contains the credentials to use for this configuration. + description: |- + Name is the name of the provider which contains the credentials to use for this + configuration. type: string namespace: description: Namespace is the namespace of the provider itself. @@ -99,24 +123,36 @@ spec: - name type: object terraformVersion: - description: TerraformVersion provides the ability to override the default terraform version. Before changing this field its best to consult with platform administrator. As the value of this field is used to change the tag of the terraform container image. + description: |- + TerraformVersion provides the ability to override the default terraform version. Before + changing this field its best to consult with platform administrator. As the + value of this field is used to change the tag of the terraform container image. type: string valueFrom: - description: ValueFromSource is a collection of value from sources, where the source of the value is taken from a secret + description: |- + ValueFromSource is a collection of value from sources, where the source of the value + is taken from a secret items: description: ValueFromSource defines a value which is taken from a secret properties: context: - description: Context is the context is the name of the terraform context where the value should be retrieved from + description: |- + Context is the context is the name of the terraform context where the + value should be retrieved from type: string key: description: Key is the key in the secret which we should used for the value type: string name: - description: Name is the name which we use when injecting the value into the terraform code i.e. the secret may contain data.DB_HOST but you call this database_hostname. Note, for backwards compatiability if no name is provided, we using the key at the name + description: |- + Name is the name which we use when injecting the value into the terraform code + i.e. the secret may contain data.DB_HOST but you call this database_hostname. Note, + for backwards compatiability if no name is provided, we using the key at the name type: string optional: - description: Optional indicates the secret can be optional, i.e if the secret does not exist, or the key is not contained in the secret, we ignore the error + description: |- + Optional indicates the secret can be optional, i.e if the secret does not exist, or the key is + not contained in the secret, we ignore the error type: boolean secret: description: Secret is the name of the secret in the configuration namespace @@ -126,19 +162,31 @@ spec: type: object type: array variables: - description: Variables provides the inputs for the terraform module itself. These are passed to the terraform executor and used to execute the plan, apply and destroy phases. + description: |- + Variables provides the inputs for the terraform module itself. These are passed to the + terraform executor and used to execute the plan, apply and destroy phases. type: object x-kubernetes-preserve-unknown-fields: true writeConnectionSecretToRef: - description: WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module any module outputs are written to this secret. The outputs are automatically uppercased and ready to be consumed as environment variables. WriteConnectionSecretRef is the secret where the terraform outputs will be written. + description: |- + WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module + any module outputs are written to this secret. The outputs are automatically uppercased + and ready to be consumed as environment variables. + WriteConnectionSecretRef is the secret where the terraform outputs will be written. properties: keys: - description: Keys is a collection of name used to filter the terraform output. By default all keys from the output of the terraform state are written to the connection secret. Here we can define exactly which keys we want from that output. + description: |- + Keys is a collection of name used to filter the terraform output. By default all keys from the + output of the terraform state are written to the connection secret. Here we can define exactly + which keys we want from that output. items: type: string type: array name: - description: Name is the of the secret where you want to the terraform output to be written. The terraform outputs will be written to the secret as a key value pair. All are uppercased can read to be consumed by the workload. + description: |- + Name is the of the secret where you want to the terraform output to be written. The terraform outputs + will be written to the secret as a key value pair. All are uppercased can read to be consumed by the + workload. type: string required: - name @@ -155,14 +203,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -170,12 +224,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -188,7 +250,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -214,14 +281,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -229,12 +302,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -247,7 +328,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -262,10 +348,14 @@ spec: - type x-kubernetes-list-type: map costs: - description: Costs is the predicted costs of this configuration. Note this field is only populated when the integration has been configured by the administrator. + description: |- + Costs is the predicted costs of this configuration. Note this field is only populated + when the integration has been configured by the administrator. properties: enabled: - description: Enabled indicates if the cost integration was enabled when this configuration was last executed. + description: |- + Enabled indicates if the cost integration was enabled when this configuration was last + executed. type: boolean hourly: description: Hourly is the hourly estimated cost of the configuration @@ -290,7 +380,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation @@ -302,20 +394,30 @@ spec: type: string type: object resourceStatus: - description: ResourceStatus indicates the status of the resources and if the resources are insync with the configuration + description: |- + ResourceStatus indicates the status of the resources and if the resources are insync with the + configuration type: string resources: - description: Resources is the number of managed cloud resources which are currently under management. This field is taken from the terraform state itself. + description: |- + Resources is the number of managed cloud resources which are currently under management. + This field is taken from the terraform state itself. type: integer terraformVersion: - description: TerraformVersion is the version of terraform which was last used to run this configuration + description: |- + TerraformVersion is the version of terraform which was last used to run this + configuration type: string type: object costs: - description: Costs is the predicted costs of this configuration. Note this field is only populated when the integration has been configured by the administrator. + description: |- + Costs is the predicted costs of this configuration. Note this field is only populated + when the integration has been configured by the administrator. properties: enabled: - description: Enabled indicates if the cost integration was enabled when this configuration was last executed. + description: |- + Enabled indicates if the cost integration was enabled when this configuration was last + executed. type: boolean hourly: description: Hourly is the hourly estimated cost of the configuration @@ -337,7 +439,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation @@ -349,10 +453,14 @@ spec: type: string type: object resourceStatus: - description: ResourceStatus indicates the status of the resources and if the resources are insync with the configuration + description: |- + ResourceStatus indicates the status of the resources and if the resources are insync with the + configuration type: string resources: - description: Resources is the number of managed cloud resources which are currently under management. This field is taken from the terraform state itself. + description: |- + Resources is the number of managed cloud resources which are currently under management. + This field is taken from the terraform state itself. type: integer updateAvailable: description: UpdateAvailable indicates if there is a new version of the plan available diff --git a/charts/terranetes-controller/crds/terraform.appvia.io_configurations.yaml b/charts/terranetes-controller/crds/terraform.appvia.io_configurations.yaml index 3f4d114e2..9cbc1d92f 100644 --- a/charts/terranetes-controller/crds/terraform.appvia.io_configurations.yaml +++ b/charts/terranetes-controller/crds/terraform.appvia.io_configurations.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: configurations.terraform.appvia.io spec: group: terraform.appvia.io @@ -42,10 +42,19 @@ spec: description: Configuration is the schema for terraform definitions in terraform controller properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -53,7 +62,10 @@ spec: description: ConfigurationSpec defines the desired state of a terraform properties: auth: - description: Auth is used to configure any options required when the source of the terraform module is private or requires credentials to retrieve. This could be SSH keys or git user/pass or AWS credentials for an s3 bucket. + description: |- + Auth is used to configure any options required when the source of the terraform + module is private or requires credentials to retrieve. This could be SSH keys or git + user/pass or AWS credentials for an s3 bucket. properties: name: description: name is unique within a namespace to reference a secret resource. @@ -64,16 +76,27 @@ spec: type: object x-kubernetes-map-type: atomic enableAutoApproval: - description: EnableAutoApproval when enabled indicates the configuration does not need to be manually approved. On a change to the configuration, the controller will automatically approve the configuration. Note it still needs to adhere to any checks or policies. + description: |- + EnableAutoApproval when enabled indicates the configuration does not need to be + manually approved. On a change to the configuration, the controller will automatically + approve the configuration. Note it still needs to adhere to any checks or policies. type: boolean enableDriftDetection: - description: EnableDriftDetection when enabled run periodic reconciliation configurations looking for any drift between the expected and current state. If any drift is detected the status is changed and a kubernetes event raised. + description: |- + EnableDriftDetection when enabled run periodic reconciliation configurations looking + for any drift between the expected and current state. If any drift is detected the + status is changed and a kubernetes event raised. type: boolean module: - description: Module is the URL to the source of the terraform module. The format of the URL is a direct implementation of terraform's module reference. Please see the following repository for more details https://github.com/hashicorp/go-getter + description: |- + Module is the URL to the source of the terraform module. The format of the URL is + a direct implementation of terraform's module reference. Please see the following + repository for more details https://github.com/hashicorp/go-getter type: string plan: - description: Plan is an optional reference to a plan this configuration is associated with. If not set and a policy exists to enforce a plan, the configuration will be rejected. + description: |- + Plan is an optional reference to a plan this configuration is associated with. If + not set and a policy exists to enforce a plan, the configuration will be rejected. properties: name: description: Name is the name of the plan this configuration is associated with @@ -86,10 +109,14 @@ spec: - revision type: object providerRef: - description: ProviderRef is the reference to the provider which should be used to execute this configuration. + description: |- + ProviderRef is the reference to the provider which should be used to execute this + configuration. properties: name: - description: Name is the name of the provider which contains the credentials to use for this configuration. + description: |- + Name is the name of the provider which contains the credentials to use for this + configuration. type: string namespace: description: Namespace is the namespace of the provider itself. @@ -98,24 +125,36 @@ spec: - name type: object terraformVersion: - description: TerraformVersion provides the ability to override the default terraform version. Before changing this field its best to consult with platform administrator. As the value of this field is used to change the tag of the terraform container image. + description: |- + TerraformVersion provides the ability to override the default terraform version. Before + changing this field its best to consult with platform administrator. As the + value of this field is used to change the tag of the terraform container image. type: string valueFrom: - description: ValueFromSource is a collection of value from sources, where the source of the value is taken from a secret + description: |- + ValueFromSource is a collection of value from sources, where the source of the value + is taken from a secret items: description: ValueFromSource defines a value which is taken from a secret properties: context: - description: Context is the context is the name of the terraform context where the value should be retrieved from + description: |- + Context is the context is the name of the terraform context where the + value should be retrieved from type: string key: description: Key is the key in the secret which we should used for the value type: string name: - description: Name is the name which we use when injecting the value into the terraform code i.e. the secret may contain data.DB_HOST but you call this database_hostname. Note, for backwards compatiability if no name is provided, we using the key at the name + description: |- + Name is the name which we use when injecting the value into the terraform code + i.e. the secret may contain data.DB_HOST but you call this database_hostname. Note, + for backwards compatiability if no name is provided, we using the key at the name type: string optional: - description: Optional indicates the secret can be optional, i.e if the secret does not exist, or the key is not contained in the secret, we ignore the error + description: |- + Optional indicates the secret can be optional, i.e if the secret does not exist, or the key is + not contained in the secret, we ignore the error type: boolean secret: description: Secret is the name of the secret in the configuration namespace @@ -125,19 +164,31 @@ spec: type: object type: array variables: - description: Variables provides the inputs for the terraform module itself. These are passed to the terraform executor and used to execute the plan, apply and destroy phases. + description: |- + Variables provides the inputs for the terraform module itself. These are passed to the + terraform executor and used to execute the plan, apply and destroy phases. type: object x-kubernetes-preserve-unknown-fields: true writeConnectionSecretToRef: - description: WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module any module outputs are written to this secret. The outputs are automatically uppercased and ready to be consumed as environment variables. WriteConnectionSecretRef is the secret where the terraform outputs will be written. + description: |- + WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module + any module outputs are written to this secret. The outputs are automatically uppercased + and ready to be consumed as environment variables. + WriteConnectionSecretRef is the secret where the terraform outputs will be written. properties: keys: - description: Keys is a collection of name used to filter the terraform output. By default all keys from the output of the terraform state are written to the connection secret. Here we can define exactly which keys we want from that output. + description: |- + Keys is a collection of name used to filter the terraform output. By default all keys from the + output of the terraform state are written to the connection secret. Here we can define exactly + which keys we want from that output. items: type: string type: array name: - description: Name is the of the secret where you want to the terraform output to be written. The terraform outputs will be written to the secret as a key value pair. All are uppercased can read to be consumed by the workload. + description: |- + Name is the of the secret where you want to the terraform output to be written. The terraform outputs + will be written to the secret as a key value pair. All are uppercased can read to be consumed by the + workload. type: string required: - name @@ -154,14 +205,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -169,12 +226,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -187,7 +252,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -202,10 +272,14 @@ spec: - type x-kubernetes-list-type: map costs: - description: Costs is the predicted costs of this configuration. Note this field is only populated when the integration has been configured by the administrator. + description: |- + Costs is the predicted costs of this configuration. Note this field is only populated + when the integration has been configured by the administrator. properties: enabled: - description: Enabled indicates if the cost integration was enabled when this configuration was last executed. + description: |- + Enabled indicates if the cost integration was enabled when this configuration was last + executed. type: boolean hourly: description: Hourly is the hourly estimated cost of the configuration @@ -230,7 +304,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation @@ -242,13 +318,19 @@ spec: type: string type: object resourceStatus: - description: ResourceStatus indicates the status of the resources and if the resources are insync with the configuration + description: |- + ResourceStatus indicates the status of the resources and if the resources are insync with the + configuration type: string resources: - description: Resources is the number of managed cloud resources which are currently under management. This field is taken from the terraform state itself. + description: |- + Resources is the number of managed cloud resources which are currently under management. + This field is taken from the terraform state itself. type: integer terraformVersion: - description: TerraformVersion is the version of terraform which was last used to run this configuration + description: |- + TerraformVersion is the version of terraform which was last used to run this + configuration type: string type: object type: object diff --git a/charts/terranetes-controller/crds/terraform.appvia.io_contexts.yaml b/charts/terranetes-controller/crds/terraform.appvia.io_contexts.yaml index 7055afeca..3e39652a0 100644 --- a/charts/terranetes-controller/crds/terraform.appvia.io_contexts.yaml +++ b/charts/terranetes-controller/crds/terraform.appvia.io_contexts.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: contexts.terraform.appvia.io spec: group: terraform.appvia.io @@ -25,10 +25,19 @@ spec: description: Context is the schema for the context type properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -39,7 +48,10 @@ spec: additionalProperties: type: object x-kubernetes-preserve-unknown-fields: true - description: Variables is a list of variables which can be used globally by Context resources. The structure of the variables is a map of key/value pairs, which MUST have both a description and a value. + description: |- + Variables is a list of variables which can be used globally by Context resources. + The structure of the variables is a map of key/value pairs, which MUST have both + a description and a value. type: object required: - variables @@ -53,14 +65,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -68,12 +86,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -86,7 +112,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -113,7 +144,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation diff --git a/charts/terranetes-controller/crds/terraform.appvia.io_plans.yaml b/charts/terranetes-controller/crds/terraform.appvia.io_plans.yaml index 8a167ce38..065081719 100644 --- a/charts/terranetes-controller/crds/terraform.appvia.io_plans.yaml +++ b/charts/terranetes-controller/crds/terraform.appvia.io_plans.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: plans.terraform.appvia.io spec: group: terraform.appvia.io @@ -28,10 +28,19 @@ spec: description: Plan is the schema for the plan type properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -64,14 +73,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -79,12 +94,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -97,7 +120,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -124,7 +152,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation diff --git a/charts/terranetes-controller/crds/terraform.appvia.io_policies.yaml b/charts/terranetes-controller/crds/terraform.appvia.io_policies.yaml index 672c7fd0d..c1fadfc81 100644 --- a/charts/terranetes-controller/crds/terraform.appvia.io_policies.yaml +++ b/charts/terranetes-controller/crds/terraform.appvia.io_policies.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: policies.terraform.appvia.io spec: group: terraform.appvia.io @@ -25,10 +25,19 @@ spec: description: Policy is the schema for provider definitions in terraform controller properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -36,26 +45,44 @@ spec: description: PolicySpec defines the desired state of a provider properties: constraints: - description: Constraints provides a series or constraints that must be enforced on the selectored terraform configurations. + description: |- + Constraints provides a series or constraints that must be enforced on the selectored + terraform configurations. properties: checkov: - description: Checkov provides the ability to enforce a set of security standards on all configurations. These can be configured to target specific resources based on namespace and resource labels + description: |- + Checkov provides the ability to enforce a set of security standards on all configurations. + These can be configured to target specific resources based on namespace and resource + labels properties: checks: - description: Checks is a list of checks which should be applied against the configuration. Note, an empty list here implies checkov should run ALL checks. Please see https://www.checkov.io/5.Policy%20Index/terraform.html + description: |- + Checks is a list of checks which should be applied against the configuration. Note, an + empty list here implies checkov should run ALL checks. + Please see https://www.checkov.io/5.Policy%20Index/terraform.html items: type: string type: array external: - description: External is a collection of external checks which should be included in the scan. Each of the external sources and retrieved and sourced into /run/policy/NAME where they can be included as part of the scan + description: |- + External is a collection of external checks which should be included in the scan. Each + of the external sources and retrieved and sourced into /run/policy/NAME where they can + be included as part of the scan items: - description: ExternalCheck defines the definition for an external check - this comprises of the source and any optional secret + description: |- + ExternalCheck defines the definition for an external check - this comprises of the + source and any optional secret properties: name: - description: Name provides a arbitrary name to the checks - note, this name is used as the directory name when we source the code + description: |- + Name provides a arbitrary name to the checks - note, this name is used as the directory + name when we source the code type: string secretRef: - description: SecretRef is reference to secret which contains environment variables used by the source command to retrieve the code. This could be cloud credentials, ssh keys, git username and password etc + description: |- + SecretRef is reference to secret which contains environment variables used by the source + command to retrieve the code. This could be cloud credentials, ssh keys, git username + and password etc properties: name: description: name is unique within a namespace to reference a secret resource. @@ -66,29 +93,43 @@ spec: type: object x-kubernetes-map-type: atomic url: - description: URL is the source external checks - this is usually a git repository. The notation for this is https://github.com/hashicorp/go-getter + description: |- + URL is the source external checks - this is usually a git repository. The notation + for this is https://github.com/hashicorp/go-getter type: string type: object type: array selector: - description: Selector is the selector on the namespace or labels on the configuration. By leaving this fields empty you can implicitly selecting all configurations. + description: |- + Selector is the selector on the namespace or labels on the configuration. By leaving this + fields empty you can implicitly selecting all configurations. properties: namespace: - description: Namespace is used to filter a configuration based on the namespace labels of where it exists + description: |- + Namespace is used to filter a configuration based on the namespace labels of + where it exists properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -100,7 +141,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -110,16 +154,24 @@ spec: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -131,13 +183,18 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic type: object skipChecks: - description: SkipChecks is a collection of checkov checks which you can defined as skipped. The security scan will ignore any failures on these checks. + description: |- + SkipChecks is a collection of checkov checks which you can defined as skipped. The security + scan will ignore any failures on these checks. items: type: string type: array @@ -148,7 +205,10 @@ spec: description: Configuration is the configuration to use within the source directory type: string secretRef: - description: SecretRef is reference to secret which contains environment variables used by the source command to retrieve the code. This could be cloud credentials, ssh keys, git username and password etc + description: |- + SecretRef is reference to secret which contains environment variables used by the source + command to retrieve the code. This could be cloud credentials, ssh keys, git username + and password etc properties: name: description: name is unique within a namespace to reference a secret resource. @@ -159,37 +219,56 @@ spec: type: object x-kubernetes-map-type: atomic url: - description: URL is the source external checks - this is usually a git repository. The notation for this is https://github.com/hashicorp/go-getter + description: |- + URL is the source external checks - this is usually a git repository. The notation + for this is https://github.com/hashicorp/go-getter type: string type: object type: object modules: - description: Modules provides the ability to control the source for all terraform modules. Allowing platform teams to control where the modules can be downloaded from. + description: |- + Modules provides the ability to control the source for all terraform modules. Allowing + platform teams to control where the modules can be downloaded from. properties: allowed: - description: Allowed is a collection of regexes which are applied to the source of the terraform configuration. The configuration MUST match one or more of the regexes in order to be allowed to run. + description: |- + Allowed is a collection of regexes which are applied to the source of the terraform + configuration. The configuration MUST match one or more of the regexes in order to + be allowed to run. items: type: string type: array selector: - description: Selector is the selector on the namespace or labels on the configuration. By leaving this field empty you are implicitly selecting all configurations. + description: |- + Selector is the selector on the namespace or labels on the configuration. By leaving + this field empty you are implicitly selecting all configurations. properties: namespace: - description: Namespace is used to filter a configuration based on the namespace labels of where it exists + description: |- + Namespace is used to filter a configuration based on the namespace labels of + where it exists properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -201,7 +280,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -211,16 +293,24 @@ spec: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -232,7 +322,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -240,9 +333,13 @@ spec: type: object type: object defaults: - description: Defaults provides the ability to target specific terraform module based on namespace or resource labels and automatically inject variables into the configurations. + description: |- + Defaults provides the ability to target specific terraform module based on namespace or + resource labels and automatically inject variables into the configurations. items: - description: DefaultVariables provides platform administrators the ability to inject default variables into a configuration + description: |- + DefaultVariables provides platform administrators the ability to inject + default variables into a configuration properties: secrets: description: Secrets is a collection of secrets which are used to inject variables into the configuration @@ -253,26 +350,38 @@ spec: description: Selector is used to determine which configurations the variables should be injected into properties: modules: - description: Modules provides a collection of regexes which are used to match against the configuration module + description: |- + Modules provides a collection of regexes which are used to match against the + configuration module items: type: string type: array namespace: - description: Namespace selectors all configurations under one or more namespaces, determined by the labeling on the namespace. + description: |- + Namespace selectors all configurations under one or more namespaces, determined by the + labeling on the namespace. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -284,7 +393,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -298,7 +410,9 @@ spec: type: object type: array summary: - description: Summary is an optional field which can be used to define a summary of what the policy is configured to enforce. + description: |- + Summary is an optional field which can be used to define a summary of what the policy is + configured to enforce. type: string type: object status: @@ -310,14 +424,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -325,12 +445,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -343,7 +471,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -370,7 +503,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation diff --git a/charts/terranetes-controller/crds/terraform.appvia.io_providers.yaml b/charts/terranetes-controller/crds/terraform.appvia.io_providers.yaml index cdd2604b6..3c78df9bd 100644 --- a/charts/terranetes-controller/crds/terraform.appvia.io_providers.yaml +++ b/charts/terranetes-controller/crds/terraform.appvia.io_providers.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: providers.terraform.appvia.io spec: group: terraform.appvia.io @@ -31,10 +31,19 @@ spec: description: Provider is the schema for provider definitions in terraform controller properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -42,7 +51,11 @@ spec: description: ProviderSpec defines the desired state of a provider properties: backendTemplate: - description: BackendTemplate is the reference to a backend template used for the terraform state storage. This field can override the default backend template, which is supplied as a command line argument to the controller binary. The contents of the secret MUST be a single field 'backend.tf' which contains the backend template. + description: |- + BackendTemplate is the reference to a backend template used for the terraform + state storage. This field can override the default backend template, which is supplied as + a command line argument to the controller binary. The contents of the secret MUST be a + single field 'backend.tf' which contains the backend template. properties: name: description: name is unique within a namespace to reference a secret resource. @@ -57,7 +70,9 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true job: - description: Job defined a custom collection of labels and annotations to be applied to all jobs which are created and 'use' this provider. + description: |- + Job defined a custom collection of labels and annotations to be applied to all jobs + which are created and 'use' this provider. properties: annotations: additionalProperties: @@ -77,7 +92,9 @@ spec: description: Cluster is the name of the kubernetes cluster we use to pivot the data around type: string context: - description: Context is the context name of the Context we should create from the preload implementation + description: |- + Context is the context name of the Context we should create from the preload + implementation type: string enabled: description: Enabled indicates if the preloader is enabled @@ -90,10 +107,14 @@ spec: type: string type: object provider: - description: ProviderType defines the cloud provider which is being used, currently supported providers are aws, google or azurerm. + description: |- + ProviderType defines the cloud provider which is being used, currently supported providers are + aws, google or azurerm. type: string secretRef: - description: 'SecretRef is a reference to a kubernetes secret. This is required only when using the source: secret. The secret should include the environment variables required to by the terraform provider.' + description: |- + SecretRef is a reference to a kubernetes secret. This is required only when using the source: secret. + The secret should include the environment variables required to by the terraform provider. properties: name: description: name is unique within a namespace to reference a secret resource. @@ -104,24 +125,37 @@ spec: type: object x-kubernetes-map-type: atomic selector: - description: Selector provider the ability to filter who can use this provider. If empty, all users in the cluster is permitted to use the provider. Otherrise you can specify a selector which can use namespace and resource labels + description: |- + Selector provider the ability to filter who can use this provider. If empty, all users + in the cluster is permitted to use the provider. Otherrise you can specify a selector + which can use namespace and resource labels properties: namespace: - description: Namespace is used to filter a configuration based on the namespace labels of where it exists + description: |- + Namespace is used to filter a configuration based on the namespace labels of + where it exists properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -133,7 +167,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -143,16 +180,24 @@ spec: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -164,16 +209,24 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic type: object serviceAccount: - description: ServiceAccount is the name of a service account to use when the provider source is 'injected'. The service account should exist in the terraform controller namespace and be configure per cloud vendor requirements for pod identity. + description: |- + ServiceAccount is the name of a service account to use when the provider source is 'injected'. The + service account should exist in the terraform controller namespace and be configure per cloud vendor + requirements for pod identity. type: string source: - description: Source defines the type of credentials the provider is wrapper, this could be wrapping a static secret or using a managed identity. The currently supported values are secret and injected. + description: |- + Source defines the type of credentials the provider is wrapper, this could be wrapping a static secret + or using a managed identity. The currently supported values are secret and injected. type: string summary: description: Summary provides a human readable description of the provider @@ -191,14 +244,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -206,12 +265,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -224,7 +291,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -239,7 +311,9 @@ spec: - type x-kubernetes-list-type: map lastPreloadTime: - description: LastPreloadTime is the last time the provider was used to run a preload job + description: |- + LastPreloadTime is the last time the provider was used to run a preload + job format: date-time type: string lastReconcile: @@ -255,7 +329,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation diff --git a/charts/terranetes-controller/crds/terraform.appvia.io_revisions.yaml b/charts/terranetes-controller/crds/terraform.appvia.io_revisions.yaml index 1ae75d376..083f54de5 100644 --- a/charts/terranetes-controller/crds/terraform.appvia.io_revisions.yaml +++ b/charts/terranetes-controller/crds/terraform.appvia.io_revisions.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: revisions.terraform.appvia.io spec: group: terraform.appvia.io @@ -37,10 +37,19 @@ spec: description: Revision is the schema for a revision properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -48,10 +57,15 @@ spec: description: RevisionSpec defines the desired state of a configuration plan revision properties: configuration: - description: Configuration is the configuration which this revision is providing to the consumer. + description: |- + Configuration is the configuration which this revision is providing to the + consumer. properties: auth: - description: Auth is used to configure any options required when the source of the terraform module is private or requires credentials to retrieve. This could be SSH keys or git user/pass or AWS credentials for an s3 bucket. + description: |- + Auth is used to configure any options required when the source of the terraform + module is private or requires credentials to retrieve. This could be SSH keys or git + user/pass or AWS credentials for an s3 bucket. properties: name: description: name is unique within a namespace to reference a secret resource. @@ -62,16 +76,27 @@ spec: type: object x-kubernetes-map-type: atomic enableAutoApproval: - description: EnableAutoApproval when enabled indicates the configuration does not need to be manually approved. On a change to the configuration, the controller will automatically approve the configuration. Note it still needs to adhere to any checks or policies. + description: |- + EnableAutoApproval when enabled indicates the configuration does not need to be + manually approved. On a change to the configuration, the controller will automatically + approve the configuration. Note it still needs to adhere to any checks or policies. type: boolean enableDriftDetection: - description: EnableDriftDetection when enabled run periodic reconciliation configurations looking for any drift between the expected and current state. If any drift is detected the status is changed and a kubernetes event raised. + description: |- + EnableDriftDetection when enabled run periodic reconciliation configurations looking + for any drift between the expected and current state. If any drift is detected the + status is changed and a kubernetes event raised. type: boolean module: - description: Module is the URL to the source of the terraform module. The format of the URL is a direct implementation of terraform's module reference. Please see the following repository for more details https://github.com/hashicorp/go-getter + description: |- + Module is the URL to the source of the terraform module. The format of the URL is + a direct implementation of terraform's module reference. Please see the following + repository for more details https://github.com/hashicorp/go-getter type: string plan: - description: Plan is an optional reference to a plan this configuration is associated with. If not set and a policy exists to enforce a plan, the configuration will be rejected. + description: |- + Plan is an optional reference to a plan this configuration is associated with. If + not set and a policy exists to enforce a plan, the configuration will be rejected. properties: name: description: Name is the name of the plan this configuration is associated with @@ -84,10 +109,14 @@ spec: - revision type: object providerRef: - description: ProviderRef is the reference to the provider which should be used to execute this configuration. + description: |- + ProviderRef is the reference to the provider which should be used to execute this + configuration. properties: name: - description: Name is the name of the provider which contains the credentials to use for this configuration. + description: |- + Name is the name of the provider which contains the credentials to use for this + configuration. type: string namespace: description: Namespace is the namespace of the provider itself. @@ -96,24 +125,36 @@ spec: - name type: object terraformVersion: - description: TerraformVersion provides the ability to override the default terraform version. Before changing this field its best to consult with platform administrator. As the value of this field is used to change the tag of the terraform container image. + description: |- + TerraformVersion provides the ability to override the default terraform version. Before + changing this field its best to consult with platform administrator. As the + value of this field is used to change the tag of the terraform container image. type: string valueFrom: - description: ValueFromSource is a collection of value from sources, where the source of the value is taken from a secret + description: |- + ValueFromSource is a collection of value from sources, where the source of the value + is taken from a secret items: description: ValueFromSource defines a value which is taken from a secret properties: context: - description: Context is the context is the name of the terraform context where the value should be retrieved from + description: |- + Context is the context is the name of the terraform context where the + value should be retrieved from type: string key: description: Key is the key in the secret which we should used for the value type: string name: - description: Name is the name which we use when injecting the value into the terraform code i.e. the secret may contain data.DB_HOST but you call this database_hostname. Note, for backwards compatiability if no name is provided, we using the key at the name + description: |- + Name is the name which we use when injecting the value into the terraform code + i.e. the secret may contain data.DB_HOST but you call this database_hostname. Note, + for backwards compatiability if no name is provided, we using the key at the name type: string optional: - description: Optional indicates the secret can be optional, i.e if the secret does not exist, or the key is not contained in the secret, we ignore the error + description: |- + Optional indicates the secret can be optional, i.e if the secret does not exist, or the key is + not contained in the secret, we ignore the error type: boolean secret: description: Secret is the name of the secret in the configuration namespace @@ -123,19 +164,31 @@ spec: type: object type: array variables: - description: Variables provides the inputs for the terraform module itself. These are passed to the terraform executor and used to execute the plan, apply and destroy phases. + description: |- + Variables provides the inputs for the terraform module itself. These are passed to the + terraform executor and used to execute the plan, apply and destroy phases. type: object x-kubernetes-preserve-unknown-fields: true writeConnectionSecretToRef: - description: WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module any module outputs are written to this secret. The outputs are automatically uppercased and ready to be consumed as environment variables. WriteConnectionSecretRef is the secret where the terraform outputs will be written. + description: |- + WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module + any module outputs are written to this secret. The outputs are automatically uppercased + and ready to be consumed as environment variables. + WriteConnectionSecretRef is the secret where the terraform outputs will be written. properties: keys: - description: Keys is a collection of name used to filter the terraform output. By default all keys from the output of the terraform state are written to the connection secret. Here we can define exactly which keys we want from that output. + description: |- + Keys is a collection of name used to filter the terraform output. By default all keys from the + output of the terraform state are written to the connection secret. Here we can define exactly + which keys we want from that output. items: type: string type: array name: - description: Name is the of the secret where you want to the terraform output to be written. The terraform outputs will be written to the secret as a key value pair. All are uppercased can read to be consumed by the workload. + description: |- + Name is the of the secret where you want to the terraform output to be written. The terraform outputs + will be written to the secret as a key value pair. All are uppercased can read to be consumed by the + workload. type: string required: - name @@ -144,15 +197,21 @@ spec: - module type: object dependencies: - description: Dependencies is a collection of dependencies which this revision depends on such as a Provider, Terranetes version, or Revision + description: |- + Dependencies is a collection of dependencies which this revision depends on + such as a Provider, Terranetes version, or Revision items: - description: RevisionDependency defined a dependency for this revision. Currently we support Provider, Revision or Terranetes version + description: |- + RevisionDependency defined a dependency for this revision. Currently we support Provider, + Revision or Terranetes version properties: context: description: Revision indicates this revision has a dependency on a context resource properties: cloud: - description: Cloud is the name of the cloud vendor we are dependent on, such as aws, azurerm, which the context resource is associated with + description: |- + Cloud is the name of the cloud vendor we are dependent on, such as aws, azurerm, which + the context resource is associated with type: string name: description: Name is the name of the context resource we are dependent on @@ -164,7 +223,9 @@ spec: description: Provider indicates this revision has a dependency on a provider resource properties: cloud: - description: Cloud is the name of the cloud vendor we are dependent on, such as aws, azurerm, The controller we ensure we have the provider installed before we can apply the configuration + description: |- + Cloud is the name of the cloud vendor we are dependent on, such as aws, azurerm, The + controller we ensure we have the provider installed before we can apply the configuration type: string required: - cloud @@ -173,7 +234,9 @@ spec: description: Terranetes indicates this revision has a dependency on a terranetes controller properties: version: - description: Version is used to specify the version of the terranetes resource we are dependent on. This format is based on Semantic Versioning 2.0.0 and can use '>=', '>', '<=', and '<' + description: |- + Version is used to specify the version of the terranetes resource we are dependent on. + This format is based on Semantic Versioning 2.0.0 and can use '>=', '>', '<=', and '<' type: string required: - version @@ -181,19 +244,29 @@ spec: type: object type: array inputs: - description: Inputs is a collection of inputs which this revision the consumer of this revision can or must provide. This is usually limited to contextual information such as a name for the database, the size required, a bucket name, or policy. + description: |- + Inputs is a collection of inputs which this revision the consumer of this + revision can or must provide. This is usually limited to contextual information + such as a name for the database, the size required, a bucket name, or policy. items: - description: RevisionInput is a user defined input for a revision, such as a database name or a cache size etc. + description: |- + RevisionInput is a user defined input for a revision, such as a database name or + a cache size etc. properties: default: - description: Default is the default value for this input, this is a map which must contain the field 'value' => 'default value'. Default values can be any simple of complex type, such as string, int, bool, etc. + description: |- + Default is the default value for this input, this is a map which must contain + the field 'value' => 'default value'. Default values can be any simple of complex + type, such as string, int, bool, etc. type: object x-kubernetes-preserve-unknown-fields: true description: description: Description is a short description of the input and its purpose, capabilities, etc. type: string key: - description: Key is the name of the variable when presented to the terraform module. If this field is not specified, the name will be used as the key instead + description: |- + Key is the name of the variable when presented to the terraform module. If this field + is not specified, the name will be used as the key instead type: string required: description: Required indicates whether this input is required or not by the revision @@ -206,10 +279,14 @@ spec: type: object type: array plan: - description: Plan contains the information related to the name, version, description of the revision. + description: |- + Plan contains the information related to the name, version, description of + the revision. properties: categories: - description: Categories is a list of categories which this revision is grouped by, such as database, cache, etc. + description: |- + Categories is a list of categories which this revision is grouped by, such as database, + cache, etc. items: type: string type: array @@ -220,7 +297,10 @@ spec: description: Description is a short description of the revision and its purpose, capabilities, etc. type: string name: - description: Name is the name which this revision is grouped by, such as mysql, redis, etc. Multiple revisions can be grouped by the same name, presented as a list of revisions for a single plan name + description: |- + Name is the name which this revision is grouped by, such as mysql, redis, etc. Multiple + revisions can be grouped by the same name, presented as a list of revisions for a single + plan name type: string revision: description: Revision is the version of the revision, such as 1.0.0, 1.0.1, etc. @@ -243,14 +323,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -258,12 +344,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -276,7 +370,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -306,7 +405,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation diff --git a/pkg/apis/terraform/v1alpha1/cloudresource_types.go b/pkg/apis/terraform/v1alpha1/cloudresource_types.go index 7e4813e9a..d140c8711 100644 --- a/pkg/apis/terraform/v1alpha1/cloudresource_types.go +++ b/pkg/apis/terraform/v1alpha1/cloudresource_types.go @@ -189,7 +189,7 @@ type CloudResourceStatus struct { // Resources is the number of managed cloud resources which are currently under management. // This field is taken from the terraform state itself. // +kubebuilder:validation:Optional - Resources int `json:"resources,omitempty"` + Resources *int `json:"resources,omitempty"` // ResourceStatus indicates the status of the resources and if the resources are insync with the // configuration // +kubebuilder:validation:Optional diff --git a/pkg/apis/terraform/v1alpha1/configuration_types.go b/pkg/apis/terraform/v1alpha1/configuration_types.go index 1cce46ef1..1d5458f74 100644 --- a/pkg/apis/terraform/v1alpha1/configuration_types.go +++ b/pkg/apis/terraform/v1alpha1/configuration_types.go @@ -465,7 +465,7 @@ type ConfigurationStatus struct { // Resources is the number of managed cloud resources which are currently under management. // This field is taken from the terraform state itself. // +kubebuilder:validation:Optional - Resources int `json:"resources,omitempty"` + Resources *int `json:"resources,omitempty"` // ResourceStatus indicates the status of the resources and if the resources are insync with the // configuration ResourceStatus ResourceStatus `json:"resourceStatus,omitempty"` diff --git a/pkg/apis/terraform/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/terraform/v1alpha1/zz_generated.deepcopy.go index a00e3f70a..78a7fcb81 100644 --- a/pkg/apis/terraform/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/terraform/v1alpha1/zz_generated.deepcopy.go @@ -154,6 +154,11 @@ func (in *CloudResourceStatus) DeepCopyInto(out *CloudResourceStatus) { *out = new(CostStatus) **out = **in } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = new(int) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudResourceStatus. @@ -296,6 +301,11 @@ func (in *ConfigurationStatus) DeepCopyInto(out *ConfigurationStatus) { *out = new(CostStatus) **out = **in } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = new(int) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationStatus. diff --git a/pkg/controller/cloudresource/controller.go b/pkg/controller/cloudresource/controller.go index cdd9ab2b3..0bcf761e7 100644 --- a/pkg/controller/cloudresource/controller.go +++ b/pkg/controller/cloudresource/controller.go @@ -122,7 +122,6 @@ func (c *Controller) Add(mgr manager.Manager) error { "name": o.GetName(), "namespace": o.GetNamespace(), }) - logger.Debug("configuration changed detected") switch { case o.GetLabels() == nil: diff --git a/pkg/controller/configuration/delete.go b/pkg/controller/configuration/delete.go index 18b52ea35..642d30ab9 100644 --- a/pkg/controller/configuration/delete.go +++ b/pkg/controller/configuration/delete.go @@ -25,6 +25,7 @@ import ( log "github.com/sirupsen/logrus" batchv1 "k8s.io/api/batch/v1" v1 "k8s.io/api/core/v1" + "k8s.io/utils/ptr" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/reconcile" @@ -48,8 +49,18 @@ func (c *Controller) ensureTerraformDestroy(configuration *terraformv1alpha1.Con return reconcile.Result{}, nil } + // else we are deleting the resource configuration.Status.ResourceStatus = terraformv1alpha1.DestroyingResources + // @step: ensure we have a status and the resource count has been defined + if configuration.Status.Resources != nil { + if ptr.Deref(configuration.Status.Resources, 0) == 0 { + c.recorder.Event(configuration, v1.EventTypeNormal, "DeletionSkipped", "Configuration had zero resources, skipping terraform destroy") + + return reconcile.Result{}, nil + } + } + // @step: check we have a terraform state - else we can just continue secret := &v1.Secret{} secret.Namespace = c.ControllerNamespace @@ -129,7 +140,6 @@ func (c *Controller) ensureTerraformDestroy(configuration *terraformv1alpha1.Con return reconcile.Result{}, err } - } } cond.InProgress("Terraform destroy is running") diff --git a/pkg/controller/configuration/delete_test.go b/pkg/controller/configuration/delete_test.go index 98d87f3c5..89ebe7341 100644 --- a/pkg/controller/configuration/delete_test.go +++ b/pkg/controller/configuration/delete_test.go @@ -33,6 +33,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" kfake "k8s.io/client-go/kubernetes/fake" "k8s.io/utils/pointer" + "k8s.io/utils/ptr" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/client/fake" "sigs.k8s.io/controller-runtime/pkg/reconcile" @@ -62,6 +63,7 @@ var _ = Describe("Configuration Controller with Contexts", func() { secret := fixtures.NewValidAWSProviderSecret("terraform-system", "aws") provider = fixtures.NewValidAWSReadyProvider("aws", secret) configuration = fixtures.NewValidBucketConfiguration("default", "test") + configuration.Status.Resources = ptr.To(1) controller.EnsureConditionsRegistered(terraformv1alpha1.DefaultConfigurationConditions, configuration) configuration.Finalizers = []string{controllerName} @@ -81,10 +83,12 @@ var _ = Describe("Configuration Controller with Contexts", func() { Expect(cc.Create(context.Background(), configuration)).To(Succeed()) Expect(cc.Create(context.Background(), state)).To(Succeed()) + Expect(cc.Status().Update(context.Background(), configuration)).To(Succeed()) + Expect(cc.Get(context.Background(), configuration.GetNamespacedName(), configuration)).To(Succeed()) Expect(cc.Delete(context.Background(), configuration)).To(Succeed()) Expect(cc.Get(context.Background(), configuration.GetNamespacedName(), configuration)).To(Succeed()) - recorder := &controllertests.FakeRecorder{} + recorder = &controllertests.FakeRecorder{} ctrl = &Controller{ cc: cc, kc: kfake.NewSimpleClientset(), @@ -98,16 +102,11 @@ var _ = Describe("Configuration Controller with Contexts", func() { PolicyImage: "bridgecrew/checkov:2.0.1140", TerraformImage: "hashicorp/terraform:1.1.9", } - recorder = &controllertests.FakeRecorder{} ctrl.cache.SetDefault("default", fixtures.NewNamespace("default")) }) When("a configuration is deleted", func() { - BeforeEach(func() { - _ = recorder - }) - Context("we have a orphaned annotation", func() { BeforeEach(func() { configuration.Annotations = utils.MergeStringMaps(configuration.Annotations, @@ -132,6 +131,62 @@ var _ = Describe("Configuration Controller with Contexts", func() { }) }) + Context("and we are checking for resources", func() { + Context("but the resources is nil", func() { + BeforeEach(func() { + configuration.Status.Resources = nil + + Expect(cc.Status().Update(context.Background(), configuration)).To(Succeed()) + result, _, rerr = controllertests.Roll(context.TODO(), ctrl, configuration, 0) + }) + + It("should try to destroy the configuration", func() { + list := &batchv1.JobList{} + Expect(cc.List(context.Background(), list)).To(Succeed()) + Expect(list.Items).ToNot(HaveLen(0)) + }) + }) + + Context("but the resource count is not zero", func() { + BeforeEach(func() { + result, _, rerr = controllertests.Roll(context.TODO(), ctrl, configuration, 0) + }) + + It("should try to destroy the configuration", func() { + list := &batchv1.JobList{} + Expect(cc.List(context.Background(), list)).To(Succeed()) + Expect(list.Items).ToNot(HaveLen(0)) + }) + }) + + Context("but the configuration has no resources", func() { + BeforeEach(func() { + configuration.Status.Resources = ptr.To(0) + Expect(cc.Status().Update(context.Background(), configuration)).To(Succeed()) + Expect(cc.Get(context.Background(), configuration.GetNamespacedName(), configuration)).To(Succeed()) + + result, _, rerr = controllertests.Roll(context.TODO(), ctrl, configuration, 0) + }) + + It("should not create the destroy job", func() { + list := &batchv1.JobList{} + Expect(cc.List(context.Background(), list)).To(Succeed()) + Expect(list.Items).To(HaveLen(0)) + }) + + It("should have created an event", func() { + Expect(recorder.Events).To(HaveLen(1)) + Expect(recorder.Events[0]).To(Equal("(default/test) Normal DeletionSkipped: Configuration had zero resources, skipping terraform destroy")) + }) + + It("should have deleted the configuration", func() { + list := &terraformv1alpha1.ConfigurationList{} + Expect(cc.List(context.Background(), list)).To(Succeed()) + Expect(list.Items).To(HaveLen(0)) + }) + }) + }) + Context("and the provider is not ready", func() { BeforeEach(func() { provider.Status.GetCondition(corev1alpha1.ConditionReady).Status = metav1.ConditionFalse @@ -455,7 +510,6 @@ var _ = Describe("Configuration Controller with Contexts", func() { When("and no terraform configuration is job exists", func() { CommonChecks := func() { - It("should not error", func() { Expect(rerr).ToNot(HaveOccurred()) Expect(result.Requeue).To(BeFalse()) diff --git a/pkg/controller/configuration/ensure.go b/pkg/controller/configuration/ensure.go index 174ea54bd..78ce1b2a8 100644 --- a/pkg/controller/configuration/ensure.go +++ b/pkg/controller/configuration/ensure.go @@ -32,6 +32,7 @@ import ( batchv1 "k8s.io/api/batch/v1" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/utils/ptr" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/reconcile" @@ -1313,7 +1314,7 @@ func (c *Controller) ensureTerraformStatus(configuration *terraformv1alpha1.Conf return reconcile.Result{}, err } - configuration.Status.Resources = tfstate.CountResources() + configuration.Status.Resources = ptr.To(tfstate.CountResources()) configuration.Status.TerraformVersion = tfstate.TerraformVersion switch configuration.Status.ResourceStatus { diff --git a/pkg/controller/configuration/reconcile_test.go b/pkg/controller/configuration/reconcile_test.go index c60d76e7e..a851c5956 100644 --- a/pkg/controller/configuration/reconcile_test.go +++ b/pkg/controller/configuration/reconcile_test.go @@ -3021,7 +3021,8 @@ terraform { It("should have a resource count on the status", func() { Expect(cc.Get(context.TODO(), configuration.GetNamespacedName(), configuration)).ToNot(HaveOccurred()) - Expect(configuration.Status.Resources).To(Equal(1)) + Expect(configuration.Status.Resources).ToNot(BeNil()) + Expect(*configuration.Status.Resources).To(Equal(1)) }) It("should have a in resource status", func() { diff --git a/pkg/register/assets.go b/pkg/register/assets.go index 3bcf8245e..2b6e7df73 100644 --- a/pkg/register/assets.go +++ b/pkg/register/assets.go @@ -66,7 +66,7 @@ var _chartsTerranetesControllerCrdsTerraformAppviaIo_cloudresourcesYaml = []byte kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: cloudresources.terraform.appvia.io spec: group: terraform.appvia.io @@ -110,10 +110,19 @@ spec: description: CloudResource is the schema for terraform definitions in terraform controller properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -121,7 +130,10 @@ spec: description: CloudResourceSpec defines the desired state of a terraform properties: auth: - description: Auth is used to configure any options required when the source of the terraform module is private or requires credentials to retrieve. This could be SSH keys or git user/pass or AWS credentials for an s3 bucket. + description: |- + Auth is used to configure any options required when the source of the terraform + module is private or requires credentials to retrieve. This could be SSH keys or git + user/pass or AWS credentials for an s3 bucket. properties: name: description: name is unique within a namespace to reference a secret resource. @@ -132,13 +144,21 @@ spec: type: object x-kubernetes-map-type: atomic enableAutoApproval: - description: EnableAutoApproval when enabled indicates the configuration does not need to be manually approved. On a change to the configuration, the controller will automatically approve the configuration. Note it still needs to adhere to any checks or policies. + description: |- + EnableAutoApproval when enabled indicates the configuration does not need to be + manually approved. On a change to the configuration, the controller will automatically + approve the configuration. Note it still needs to adhere to any checks or policies. type: boolean enableDriftDetection: - description: EnableDriftDetection when enabled run periodic reconciliation configurations looking for any drift between the expected and current state. If any drift is detected the status is changed and a kubernetes event raised. + description: |- + EnableDriftDetection when enabled run periodic reconciliation configurations looking + for any drift between the expected and current state. If any drift is detected the + status is changed and a kubernetes event raised. type: boolean plan: - description: Plan is the reference to the plan which this cloud resource is associated with. This field is required, and needs both the name and version the plan revision to use + description: |- + Plan is the reference to the plan which this cloud resource is associated with. This + field is required, and needs both the name and version the plan revision to use properties: name: description: Name is the name of the plan this configuration is associated with @@ -151,10 +171,14 @@ spec: - revision type: object providerRef: - description: ProviderRef is the reference to the provider which should be used to execute this configuration. + description: |- + ProviderRef is the reference to the provider which should be used to execute this + configuration. properties: name: - description: Name is the name of the provider which contains the credentials to use for this configuration. + description: |- + Name is the name of the provider which contains the credentials to use for this + configuration. type: string namespace: description: Namespace is the namespace of the provider itself. @@ -163,24 +187,36 @@ spec: - name type: object terraformVersion: - description: TerraformVersion provides the ability to override the default terraform version. Before changing this field its best to consult with platform administrator. As the value of this field is used to change the tag of the terraform container image. + description: |- + TerraformVersion provides the ability to override the default terraform version. Before + changing this field its best to consult with platform administrator. As the + value of this field is used to change the tag of the terraform container image. type: string valueFrom: - description: ValueFromSource is a collection of value from sources, where the source of the value is taken from a secret + description: |- + ValueFromSource is a collection of value from sources, where the source of the value + is taken from a secret items: description: ValueFromSource defines a value which is taken from a secret properties: context: - description: Context is the context is the name of the terraform context where the value should be retrieved from + description: |- + Context is the context is the name of the terraform context where the + value should be retrieved from type: string key: description: Key is the key in the secret which we should used for the value type: string name: - description: Name is the name which we use when injecting the value into the terraform code i.e. the secret may contain data.DB_HOST but you call this database_hostname. Note, for backwards compatiability if no name is provided, we using the key at the name + description: |- + Name is the name which we use when injecting the value into the terraform code + i.e. the secret may contain data.DB_HOST but you call this database_hostname. Note, + for backwards compatiability if no name is provided, we using the key at the name type: string optional: - description: Optional indicates the secret can be optional, i.e if the secret does not exist, or the key is not contained in the secret, we ignore the error + description: |- + Optional indicates the secret can be optional, i.e if the secret does not exist, or the key is + not contained in the secret, we ignore the error type: boolean secret: description: Secret is the name of the secret in the configuration namespace @@ -190,19 +226,31 @@ spec: type: object type: array variables: - description: Variables provides the inputs for the terraform module itself. These are passed to the terraform executor and used to execute the plan, apply and destroy phases. + description: |- + Variables provides the inputs for the terraform module itself. These are passed to the + terraform executor and used to execute the plan, apply and destroy phases. type: object x-kubernetes-preserve-unknown-fields: true writeConnectionSecretToRef: - description: WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module any module outputs are written to this secret. The outputs are automatically uppercased and ready to be consumed as environment variables. WriteConnectionSecretRef is the secret where the terraform outputs will be written. + description: |- + WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module + any module outputs are written to this secret. The outputs are automatically uppercased + and ready to be consumed as environment variables. + WriteConnectionSecretRef is the secret where the terraform outputs will be written. properties: keys: - description: Keys is a collection of name used to filter the terraform output. By default all keys from the output of the terraform state are written to the connection secret. Here we can define exactly which keys we want from that output. + description: |- + Keys is a collection of name used to filter the terraform output. By default all keys from the + output of the terraform state are written to the connection secret. Here we can define exactly + which keys we want from that output. items: type: string type: array name: - description: Name is the of the secret where you want to the terraform output to be written. The terraform outputs will be written to the secret as a key value pair. All are uppercased can read to be consumed by the workload. + description: |- + Name is the of the secret where you want to the terraform output to be written. The terraform outputs + will be written to the secret as a key value pair. All are uppercased can read to be consumed by the + workload. type: string required: - name @@ -219,14 +267,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -234,12 +288,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -252,7 +314,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -278,14 +345,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -293,12 +366,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -311,7 +392,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -326,10 +412,14 @@ spec: - type x-kubernetes-list-type: map costs: - description: Costs is the predicted costs of this configuration. Note this field is only populated when the integration has been configured by the administrator. + description: |- + Costs is the predicted costs of this configuration. Note this field is only populated + when the integration has been configured by the administrator. properties: enabled: - description: Enabled indicates if the cost integration was enabled when this configuration was last executed. + description: |- + Enabled indicates if the cost integration was enabled when this configuration was last + executed. type: boolean hourly: description: Hourly is the hourly estimated cost of the configuration @@ -354,7 +444,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation @@ -366,20 +458,30 @@ spec: type: string type: object resourceStatus: - description: ResourceStatus indicates the status of the resources and if the resources are insync with the configuration + description: |- + ResourceStatus indicates the status of the resources and if the resources are insync with the + configuration type: string resources: - description: Resources is the number of managed cloud resources which are currently under management. This field is taken from the terraform state itself. + description: |- + Resources is the number of managed cloud resources which are currently under management. + This field is taken from the terraform state itself. type: integer terraformVersion: - description: TerraformVersion is the version of terraform which was last used to run this configuration + description: |- + TerraformVersion is the version of terraform which was last used to run this + configuration type: string type: object costs: - description: Costs is the predicted costs of this configuration. Note this field is only populated when the integration has been configured by the administrator. + description: |- + Costs is the predicted costs of this configuration. Note this field is only populated + when the integration has been configured by the administrator. properties: enabled: - description: Enabled indicates if the cost integration was enabled when this configuration was last executed. + description: |- + Enabled indicates if the cost integration was enabled when this configuration was last + executed. type: boolean hourly: description: Hourly is the hourly estimated cost of the configuration @@ -401,7 +503,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation @@ -413,10 +517,14 @@ spec: type: string type: object resourceStatus: - description: ResourceStatus indicates the status of the resources and if the resources are insync with the configuration + description: |- + ResourceStatus indicates the status of the resources and if the resources are insync with the + configuration type: string resources: - description: Resources is the number of managed cloud resources which are currently under management. This field is taken from the terraform state itself. + description: |- + Resources is the number of managed cloud resources which are currently under management. + This field is taken from the terraform state itself. type: integer updateAvailable: description: UpdateAvailable indicates if there is a new version of the plan available @@ -449,7 +557,7 @@ var _chartsTerranetesControllerCrdsTerraformAppviaIo_configurationsYaml = []byte kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: configurations.terraform.appvia.io spec: group: terraform.appvia.io @@ -489,10 +597,19 @@ spec: description: Configuration is the schema for terraform definitions in terraform controller properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -500,7 +617,10 @@ spec: description: ConfigurationSpec defines the desired state of a terraform properties: auth: - description: Auth is used to configure any options required when the source of the terraform module is private or requires credentials to retrieve. This could be SSH keys or git user/pass or AWS credentials for an s3 bucket. + description: |- + Auth is used to configure any options required when the source of the terraform + module is private or requires credentials to retrieve. This could be SSH keys or git + user/pass or AWS credentials for an s3 bucket. properties: name: description: name is unique within a namespace to reference a secret resource. @@ -511,16 +631,27 @@ spec: type: object x-kubernetes-map-type: atomic enableAutoApproval: - description: EnableAutoApproval when enabled indicates the configuration does not need to be manually approved. On a change to the configuration, the controller will automatically approve the configuration. Note it still needs to adhere to any checks or policies. + description: |- + EnableAutoApproval when enabled indicates the configuration does not need to be + manually approved. On a change to the configuration, the controller will automatically + approve the configuration. Note it still needs to adhere to any checks or policies. type: boolean enableDriftDetection: - description: EnableDriftDetection when enabled run periodic reconciliation configurations looking for any drift between the expected and current state. If any drift is detected the status is changed and a kubernetes event raised. + description: |- + EnableDriftDetection when enabled run periodic reconciliation configurations looking + for any drift between the expected and current state. If any drift is detected the + status is changed and a kubernetes event raised. type: boolean module: - description: Module is the URL to the source of the terraform module. The format of the URL is a direct implementation of terraform's module reference. Please see the following repository for more details https://github.com/hashicorp/go-getter + description: |- + Module is the URL to the source of the terraform module. The format of the URL is + a direct implementation of terraform's module reference. Please see the following + repository for more details https://github.com/hashicorp/go-getter type: string plan: - description: Plan is an optional reference to a plan this configuration is associated with. If not set and a policy exists to enforce a plan, the configuration will be rejected. + description: |- + Plan is an optional reference to a plan this configuration is associated with. If + not set and a policy exists to enforce a plan, the configuration will be rejected. properties: name: description: Name is the name of the plan this configuration is associated with @@ -533,10 +664,14 @@ spec: - revision type: object providerRef: - description: ProviderRef is the reference to the provider which should be used to execute this configuration. + description: |- + ProviderRef is the reference to the provider which should be used to execute this + configuration. properties: name: - description: Name is the name of the provider which contains the credentials to use for this configuration. + description: |- + Name is the name of the provider which contains the credentials to use for this + configuration. type: string namespace: description: Namespace is the namespace of the provider itself. @@ -545,24 +680,36 @@ spec: - name type: object terraformVersion: - description: TerraformVersion provides the ability to override the default terraform version. Before changing this field its best to consult with platform administrator. As the value of this field is used to change the tag of the terraform container image. + description: |- + TerraformVersion provides the ability to override the default terraform version. Before + changing this field its best to consult with platform administrator. As the + value of this field is used to change the tag of the terraform container image. type: string valueFrom: - description: ValueFromSource is a collection of value from sources, where the source of the value is taken from a secret + description: |- + ValueFromSource is a collection of value from sources, where the source of the value + is taken from a secret items: description: ValueFromSource defines a value which is taken from a secret properties: context: - description: Context is the context is the name of the terraform context where the value should be retrieved from + description: |- + Context is the context is the name of the terraform context where the + value should be retrieved from type: string key: description: Key is the key in the secret which we should used for the value type: string name: - description: Name is the name which we use when injecting the value into the terraform code i.e. the secret may contain data.DB_HOST but you call this database_hostname. Note, for backwards compatiability if no name is provided, we using the key at the name + description: |- + Name is the name which we use when injecting the value into the terraform code + i.e. the secret may contain data.DB_HOST but you call this database_hostname. Note, + for backwards compatiability if no name is provided, we using the key at the name type: string optional: - description: Optional indicates the secret can be optional, i.e if the secret does not exist, or the key is not contained in the secret, we ignore the error + description: |- + Optional indicates the secret can be optional, i.e if the secret does not exist, or the key is + not contained in the secret, we ignore the error type: boolean secret: description: Secret is the name of the secret in the configuration namespace @@ -572,19 +719,31 @@ spec: type: object type: array variables: - description: Variables provides the inputs for the terraform module itself. These are passed to the terraform executor and used to execute the plan, apply and destroy phases. + description: |- + Variables provides the inputs for the terraform module itself. These are passed to the + terraform executor and used to execute the plan, apply and destroy phases. type: object x-kubernetes-preserve-unknown-fields: true writeConnectionSecretToRef: - description: WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module any module outputs are written to this secret. The outputs are automatically uppercased and ready to be consumed as environment variables. WriteConnectionSecretRef is the secret where the terraform outputs will be written. + description: |- + WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module + any module outputs are written to this secret. The outputs are automatically uppercased + and ready to be consumed as environment variables. + WriteConnectionSecretRef is the secret where the terraform outputs will be written. properties: keys: - description: Keys is a collection of name used to filter the terraform output. By default all keys from the output of the terraform state are written to the connection secret. Here we can define exactly which keys we want from that output. + description: |- + Keys is a collection of name used to filter the terraform output. By default all keys from the + output of the terraform state are written to the connection secret. Here we can define exactly + which keys we want from that output. items: type: string type: array name: - description: Name is the of the secret where you want to the terraform output to be written. The terraform outputs will be written to the secret as a key value pair. All are uppercased can read to be consumed by the workload. + description: |- + Name is the of the secret where you want to the terraform output to be written. The terraform outputs + will be written to the secret as a key value pair. All are uppercased can read to be consumed by the + workload. type: string required: - name @@ -601,14 +760,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -616,12 +781,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -634,7 +807,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -649,10 +827,14 @@ spec: - type x-kubernetes-list-type: map costs: - description: Costs is the predicted costs of this configuration. Note this field is only populated when the integration has been configured by the administrator. + description: |- + Costs is the predicted costs of this configuration. Note this field is only populated + when the integration has been configured by the administrator. properties: enabled: - description: Enabled indicates if the cost integration was enabled when this configuration was last executed. + description: |- + Enabled indicates if the cost integration was enabled when this configuration was last + executed. type: boolean hourly: description: Hourly is the hourly estimated cost of the configuration @@ -677,7 +859,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation @@ -689,13 +873,19 @@ spec: type: string type: object resourceStatus: - description: ResourceStatus indicates the status of the resources and if the resources are insync with the configuration + description: |- + ResourceStatus indicates the status of the resources and if the resources are insync with the + configuration type: string resources: - description: Resources is the number of managed cloud resources which are currently under management. This field is taken from the terraform state itself. + description: |- + Resources is the number of managed cloud resources which are currently under management. + This field is taken from the terraform state itself. type: integer terraformVersion: - description: TerraformVersion is the version of terraform which was last used to run this configuration + description: |- + TerraformVersion is the version of terraform which was last used to run this + configuration type: string type: object type: object @@ -725,7 +915,7 @@ var _chartsTerranetesControllerCrdsTerraformAppviaIo_contextsYaml = []byte(`apiV kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: contexts.terraform.appvia.io spec: group: terraform.appvia.io @@ -748,10 +938,19 @@ spec: description: Context is the schema for the context type properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -762,7 +961,10 @@ spec: additionalProperties: type: object x-kubernetes-preserve-unknown-fields: true - description: Variables is a list of variables which can be used globally by Context resources. The structure of the variables is a map of key/value pairs, which MUST have both a description and a value. + description: |- + Variables is a list of variables which can be used globally by Context resources. + The structure of the variables is a map of key/value pairs, which MUST have both + a description and a value. type: object required: - variables @@ -776,14 +978,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -791,12 +999,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -809,7 +1025,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -836,7 +1057,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation @@ -875,7 +1098,7 @@ var _chartsTerranetesControllerCrdsTerraformAppviaIo_plansYaml = []byte(`apiVers kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: plans.terraform.appvia.io spec: group: terraform.appvia.io @@ -901,10 +1124,19 @@ spec: description: Plan is the schema for the plan type properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -937,14 +1169,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -952,12 +1190,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -970,7 +1216,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -997,7 +1248,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation @@ -1049,7 +1302,7 @@ var _chartsTerranetesControllerCrdsTerraformAppviaIo_policiesYaml = []byte(`apiV kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: policies.terraform.appvia.io spec: group: terraform.appvia.io @@ -1072,10 +1325,19 @@ spec: description: Policy is the schema for provider definitions in terraform controller properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1083,26 +1345,44 @@ spec: description: PolicySpec defines the desired state of a provider properties: constraints: - description: Constraints provides a series or constraints that must be enforced on the selectored terraform configurations. + description: |- + Constraints provides a series or constraints that must be enforced on the selectored + terraform configurations. properties: checkov: - description: Checkov provides the ability to enforce a set of security standards on all configurations. These can be configured to target specific resources based on namespace and resource labels + description: |- + Checkov provides the ability to enforce a set of security standards on all configurations. + These can be configured to target specific resources based on namespace and resource + labels properties: checks: - description: Checks is a list of checks which should be applied against the configuration. Note, an empty list here implies checkov should run ALL checks. Please see https://www.checkov.io/5.Policy%20Index/terraform.html + description: |- + Checks is a list of checks which should be applied against the configuration. Note, an + empty list here implies checkov should run ALL checks. + Please see https://www.checkov.io/5.Policy%20Index/terraform.html items: type: string type: array external: - description: External is a collection of external checks which should be included in the scan. Each of the external sources and retrieved and sourced into /run/policy/NAME where they can be included as part of the scan + description: |- + External is a collection of external checks which should be included in the scan. Each + of the external sources and retrieved and sourced into /run/policy/NAME where they can + be included as part of the scan items: - description: ExternalCheck defines the definition for an external check - this comprises of the source and any optional secret + description: |- + ExternalCheck defines the definition for an external check - this comprises of the + source and any optional secret properties: name: - description: Name provides a arbitrary name to the checks - note, this name is used as the directory name when we source the code + description: |- + Name provides a arbitrary name to the checks - note, this name is used as the directory + name when we source the code type: string secretRef: - description: SecretRef is reference to secret which contains environment variables used by the source command to retrieve the code. This could be cloud credentials, ssh keys, git username and password etc + description: |- + SecretRef is reference to secret which contains environment variables used by the source + command to retrieve the code. This could be cloud credentials, ssh keys, git username + and password etc properties: name: description: name is unique within a namespace to reference a secret resource. @@ -1113,29 +1393,43 @@ spec: type: object x-kubernetes-map-type: atomic url: - description: URL is the source external checks - this is usually a git repository. The notation for this is https://github.com/hashicorp/go-getter + description: |- + URL is the source external checks - this is usually a git repository. The notation + for this is https://github.com/hashicorp/go-getter type: string type: object type: array selector: - description: Selector is the selector on the namespace or labels on the configuration. By leaving this fields empty you can implicitly selecting all configurations. + description: |- + Selector is the selector on the namespace or labels on the configuration. By leaving this + fields empty you can implicitly selecting all configurations. properties: namespace: - description: Namespace is used to filter a configuration based on the namespace labels of where it exists + description: |- + Namespace is used to filter a configuration based on the namespace labels of + where it exists properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -1147,7 +1441,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -1157,16 +1454,24 @@ spec: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -1178,13 +1483,18 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic type: object skipChecks: - description: SkipChecks is a collection of checkov checks which you can defined as skipped. The security scan will ignore any failures on these checks. + description: |- + SkipChecks is a collection of checkov checks which you can defined as skipped. The security + scan will ignore any failures on these checks. items: type: string type: array @@ -1195,7 +1505,10 @@ spec: description: Configuration is the configuration to use within the source directory type: string secretRef: - description: SecretRef is reference to secret which contains environment variables used by the source command to retrieve the code. This could be cloud credentials, ssh keys, git username and password etc + description: |- + SecretRef is reference to secret which contains environment variables used by the source + command to retrieve the code. This could be cloud credentials, ssh keys, git username + and password etc properties: name: description: name is unique within a namespace to reference a secret resource. @@ -1206,37 +1519,56 @@ spec: type: object x-kubernetes-map-type: atomic url: - description: URL is the source external checks - this is usually a git repository. The notation for this is https://github.com/hashicorp/go-getter + description: |- + URL is the source external checks - this is usually a git repository. The notation + for this is https://github.com/hashicorp/go-getter type: string type: object type: object modules: - description: Modules provides the ability to control the source for all terraform modules. Allowing platform teams to control where the modules can be downloaded from. + description: |- + Modules provides the ability to control the source for all terraform modules. Allowing + platform teams to control where the modules can be downloaded from. properties: allowed: - description: Allowed is a collection of regexes which are applied to the source of the terraform configuration. The configuration MUST match one or more of the regexes in order to be allowed to run. + description: |- + Allowed is a collection of regexes which are applied to the source of the terraform + configuration. The configuration MUST match one or more of the regexes in order to + be allowed to run. items: type: string type: array selector: - description: Selector is the selector on the namespace or labels on the configuration. By leaving this field empty you are implicitly selecting all configurations. + description: |- + Selector is the selector on the namespace or labels on the configuration. By leaving + this field empty you are implicitly selecting all configurations. properties: namespace: - description: Namespace is used to filter a configuration based on the namespace labels of where it exists + description: |- + Namespace is used to filter a configuration based on the namespace labels of + where it exists properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -1248,7 +1580,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -1258,16 +1593,24 @@ spec: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -1279,7 +1622,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -1287,9 +1633,13 @@ spec: type: object type: object defaults: - description: Defaults provides the ability to target specific terraform module based on namespace or resource labels and automatically inject variables into the configurations. + description: |- + Defaults provides the ability to target specific terraform module based on namespace or + resource labels and automatically inject variables into the configurations. items: - description: DefaultVariables provides platform administrators the ability to inject default variables into a configuration + description: |- + DefaultVariables provides platform administrators the ability to inject + default variables into a configuration properties: secrets: description: Secrets is a collection of secrets which are used to inject variables into the configuration @@ -1300,26 +1650,38 @@ spec: description: Selector is used to determine which configurations the variables should be injected into properties: modules: - description: Modules provides a collection of regexes which are used to match against the configuration module + description: |- + Modules provides a collection of regexes which are used to match against the + configuration module items: type: string type: array namespace: - description: Namespace selectors all configurations under one or more namespaces, determined by the labeling on the namespace. + description: |- + Namespace selectors all configurations under one or more namespaces, determined by the + labeling on the namespace. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -1331,7 +1693,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -1345,7 +1710,9 @@ spec: type: object type: array summary: - description: Summary is an optional field which can be used to define a summary of what the policy is configured to enforce. + description: |- + Summary is an optional field which can be used to define a summary of what the policy is + configured to enforce. type: string type: object status: @@ -1357,14 +1724,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -1372,12 +1745,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -1390,7 +1771,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1417,7 +1803,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation @@ -1456,7 +1844,7 @@ var _chartsTerranetesControllerCrdsTerraformAppviaIo_providersYaml = []byte(`api kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: providers.terraform.appvia.io spec: group: terraform.appvia.io @@ -1485,10 +1873,19 @@ spec: description: Provider is the schema for provider definitions in terraform controller properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1496,7 +1893,11 @@ spec: description: ProviderSpec defines the desired state of a provider properties: backendTemplate: - description: BackendTemplate is the reference to a backend template used for the terraform state storage. This field can override the default backend template, which is supplied as a command line argument to the controller binary. The contents of the secret MUST be a single field 'backend.tf' which contains the backend template. + description: |- + BackendTemplate is the reference to a backend template used for the terraform + state storage. This field can override the default backend template, which is supplied as + a command line argument to the controller binary. The contents of the secret MUST be a + single field 'backend.tf' which contains the backend template. properties: name: description: name is unique within a namespace to reference a secret resource. @@ -1511,7 +1912,9 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true job: - description: Job defined a custom collection of labels and annotations to be applied to all jobs which are created and 'use' this provider. + description: |- + Job defined a custom collection of labels and annotations to be applied to all jobs + which are created and 'use' this provider. properties: annotations: additionalProperties: @@ -1531,7 +1934,9 @@ spec: description: Cluster is the name of the kubernetes cluster we use to pivot the data around type: string context: - description: Context is the context name of the Context we should create from the preload implementation + description: |- + Context is the context name of the Context we should create from the preload + implementation type: string enabled: description: Enabled indicates if the preloader is enabled @@ -1544,10 +1949,14 @@ spec: type: string type: object provider: - description: ProviderType defines the cloud provider which is being used, currently supported providers are aws, google or azurerm. + description: |- + ProviderType defines the cloud provider which is being used, currently supported providers are + aws, google or azurerm. type: string secretRef: - description: 'SecretRef is a reference to a kubernetes secret. This is required only when using the source: secret. The secret should include the environment variables required to by the terraform provider.' + description: |- + SecretRef is a reference to a kubernetes secret. This is required only when using the source: secret. + The secret should include the environment variables required to by the terraform provider. properties: name: description: name is unique within a namespace to reference a secret resource. @@ -1558,24 +1967,37 @@ spec: type: object x-kubernetes-map-type: atomic selector: - description: Selector provider the ability to filter who can use this provider. If empty, all users in the cluster is permitted to use the provider. Otherrise you can specify a selector which can use namespace and resource labels + description: |- + Selector provider the ability to filter who can use this provider. If empty, all users + in the cluster is permitted to use the provider. Otherrise you can specify a selector + which can use namespace and resource labels properties: namespace: - description: Namespace is used to filter a configuration based on the namespace labels of where it exists + description: |- + Namespace is used to filter a configuration based on the namespace labels of + where it exists properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -1587,7 +2009,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -1597,16 +2022,24 @@ spec: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -1618,16 +2051,24 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic type: object serviceAccount: - description: ServiceAccount is the name of a service account to use when the provider source is 'injected'. The service account should exist in the terraform controller namespace and be configure per cloud vendor requirements for pod identity. + description: |- + ServiceAccount is the name of a service account to use when the provider source is 'injected'. The + service account should exist in the terraform controller namespace and be configure per cloud vendor + requirements for pod identity. type: string source: - description: Source defines the type of credentials the provider is wrapper, this could be wrapping a static secret or using a managed identity. The currently supported values are secret and injected. + description: |- + Source defines the type of credentials the provider is wrapper, this could be wrapping a static secret + or using a managed identity. The currently supported values are secret and injected. type: string summary: description: Summary provides a human readable description of the provider @@ -1645,14 +2086,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -1660,12 +2107,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -1678,7 +2133,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1693,7 +2153,9 @@ spec: - type x-kubernetes-list-type: map lastPreloadTime: - description: LastPreloadTime is the last time the provider was used to run a preload job + description: |- + LastPreloadTime is the last time the provider was used to run a preload + job format: date-time type: string lastReconcile: @@ -1709,7 +2171,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation @@ -1748,7 +2212,7 @@ var _chartsTerranetesControllerCrdsTerraformAppviaIo_revisionsYaml = []byte(`api kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: revisions.terraform.appvia.io spec: group: terraform.appvia.io @@ -1783,10 +2247,19 @@ spec: description: Revision is the schema for a revision properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1794,10 +2267,15 @@ spec: description: RevisionSpec defines the desired state of a configuration plan revision properties: configuration: - description: Configuration is the configuration which this revision is providing to the consumer. + description: |- + Configuration is the configuration which this revision is providing to the + consumer. properties: auth: - description: Auth is used to configure any options required when the source of the terraform module is private or requires credentials to retrieve. This could be SSH keys or git user/pass or AWS credentials for an s3 bucket. + description: |- + Auth is used to configure any options required when the source of the terraform + module is private or requires credentials to retrieve. This could be SSH keys or git + user/pass or AWS credentials for an s3 bucket. properties: name: description: name is unique within a namespace to reference a secret resource. @@ -1808,16 +2286,27 @@ spec: type: object x-kubernetes-map-type: atomic enableAutoApproval: - description: EnableAutoApproval when enabled indicates the configuration does not need to be manually approved. On a change to the configuration, the controller will automatically approve the configuration. Note it still needs to adhere to any checks or policies. + description: |- + EnableAutoApproval when enabled indicates the configuration does not need to be + manually approved. On a change to the configuration, the controller will automatically + approve the configuration. Note it still needs to adhere to any checks or policies. type: boolean enableDriftDetection: - description: EnableDriftDetection when enabled run periodic reconciliation configurations looking for any drift between the expected and current state. If any drift is detected the status is changed and a kubernetes event raised. + description: |- + EnableDriftDetection when enabled run periodic reconciliation configurations looking + for any drift between the expected and current state. If any drift is detected the + status is changed and a kubernetes event raised. type: boolean module: - description: Module is the URL to the source of the terraform module. The format of the URL is a direct implementation of terraform's module reference. Please see the following repository for more details https://github.com/hashicorp/go-getter + description: |- + Module is the URL to the source of the terraform module. The format of the URL is + a direct implementation of terraform's module reference. Please see the following + repository for more details https://github.com/hashicorp/go-getter type: string plan: - description: Plan is an optional reference to a plan this configuration is associated with. If not set and a policy exists to enforce a plan, the configuration will be rejected. + description: |- + Plan is an optional reference to a plan this configuration is associated with. If + not set and a policy exists to enforce a plan, the configuration will be rejected. properties: name: description: Name is the name of the plan this configuration is associated with @@ -1830,10 +2319,14 @@ spec: - revision type: object providerRef: - description: ProviderRef is the reference to the provider which should be used to execute this configuration. + description: |- + ProviderRef is the reference to the provider which should be used to execute this + configuration. properties: name: - description: Name is the name of the provider which contains the credentials to use for this configuration. + description: |- + Name is the name of the provider which contains the credentials to use for this + configuration. type: string namespace: description: Namespace is the namespace of the provider itself. @@ -1842,24 +2335,36 @@ spec: - name type: object terraformVersion: - description: TerraformVersion provides the ability to override the default terraform version. Before changing this field its best to consult with platform administrator. As the value of this field is used to change the tag of the terraform container image. + description: |- + TerraformVersion provides the ability to override the default terraform version. Before + changing this field its best to consult with platform administrator. As the + value of this field is used to change the tag of the terraform container image. type: string valueFrom: - description: ValueFromSource is a collection of value from sources, where the source of the value is taken from a secret + description: |- + ValueFromSource is a collection of value from sources, where the source of the value + is taken from a secret items: description: ValueFromSource defines a value which is taken from a secret properties: context: - description: Context is the context is the name of the terraform context where the value should be retrieved from + description: |- + Context is the context is the name of the terraform context where the + value should be retrieved from type: string key: description: Key is the key in the secret which we should used for the value type: string name: - description: Name is the name which we use when injecting the value into the terraform code i.e. the secret may contain data.DB_HOST but you call this database_hostname. Note, for backwards compatiability if no name is provided, we using the key at the name + description: |- + Name is the name which we use when injecting the value into the terraform code + i.e. the secret may contain data.DB_HOST but you call this database_hostname. Note, + for backwards compatiability if no name is provided, we using the key at the name type: string optional: - description: Optional indicates the secret can be optional, i.e if the secret does not exist, or the key is not contained in the secret, we ignore the error + description: |- + Optional indicates the secret can be optional, i.e if the secret does not exist, or the key is + not contained in the secret, we ignore the error type: boolean secret: description: Secret is the name of the secret in the configuration namespace @@ -1869,19 +2374,31 @@ spec: type: object type: array variables: - description: Variables provides the inputs for the terraform module itself. These are passed to the terraform executor and used to execute the plan, apply and destroy phases. + description: |- + Variables provides the inputs for the terraform module itself. These are passed to the + terraform executor and used to execute the plan, apply and destroy phases. type: object x-kubernetes-preserve-unknown-fields: true writeConnectionSecretToRef: - description: WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module any module outputs are written to this secret. The outputs are automatically uppercased and ready to be consumed as environment variables. WriteConnectionSecretRef is the secret where the terraform outputs will be written. + description: |- + WriteConnectionSecretToRef is the name for a secret. On execution of the terraform module + any module outputs are written to this secret. The outputs are automatically uppercased + and ready to be consumed as environment variables. + WriteConnectionSecretRef is the secret where the terraform outputs will be written. properties: keys: - description: Keys is a collection of name used to filter the terraform output. By default all keys from the output of the terraform state are written to the connection secret. Here we can define exactly which keys we want from that output. + description: |- + Keys is a collection of name used to filter the terraform output. By default all keys from the + output of the terraform state are written to the connection secret. Here we can define exactly + which keys we want from that output. items: type: string type: array name: - description: Name is the of the secret where you want to the terraform output to be written. The terraform outputs will be written to the secret as a key value pair. All are uppercased can read to be consumed by the workload. + description: |- + Name is the of the secret where you want to the terraform output to be written. The terraform outputs + will be written to the secret as a key value pair. All are uppercased can read to be consumed by the + workload. type: string required: - name @@ -1890,15 +2407,21 @@ spec: - module type: object dependencies: - description: Dependencies is a collection of dependencies which this revision depends on such as a Provider, Terranetes version, or Revision + description: |- + Dependencies is a collection of dependencies which this revision depends on + such as a Provider, Terranetes version, or Revision items: - description: RevisionDependency defined a dependency for this revision. Currently we support Provider, Revision or Terranetes version + description: |- + RevisionDependency defined a dependency for this revision. Currently we support Provider, + Revision or Terranetes version properties: context: description: Revision indicates this revision has a dependency on a context resource properties: cloud: - description: Cloud is the name of the cloud vendor we are dependent on, such as aws, azurerm, which the context resource is associated with + description: |- + Cloud is the name of the cloud vendor we are dependent on, such as aws, azurerm, which + the context resource is associated with type: string name: description: Name is the name of the context resource we are dependent on @@ -1910,7 +2433,9 @@ spec: description: Provider indicates this revision has a dependency on a provider resource properties: cloud: - description: Cloud is the name of the cloud vendor we are dependent on, such as aws, azurerm, The controller we ensure we have the provider installed before we can apply the configuration + description: |- + Cloud is the name of the cloud vendor we are dependent on, such as aws, azurerm, The + controller we ensure we have the provider installed before we can apply the configuration type: string required: - cloud @@ -1919,7 +2444,9 @@ spec: description: Terranetes indicates this revision has a dependency on a terranetes controller properties: version: - description: Version is used to specify the version of the terranetes resource we are dependent on. This format is based on Semantic Versioning 2.0.0 and can use '>=', '>', '<=', and '<' + description: |- + Version is used to specify the version of the terranetes resource we are dependent on. + This format is based on Semantic Versioning 2.0.0 and can use '>=', '>', '<=', and '<' type: string required: - version @@ -1927,19 +2454,29 @@ spec: type: object type: array inputs: - description: Inputs is a collection of inputs which this revision the consumer of this revision can or must provide. This is usually limited to contextual information such as a name for the database, the size required, a bucket name, or policy. + description: |- + Inputs is a collection of inputs which this revision the consumer of this + revision can or must provide. This is usually limited to contextual information + such as a name for the database, the size required, a bucket name, or policy. items: - description: RevisionInput is a user defined input for a revision, such as a database name or a cache size etc. + description: |- + RevisionInput is a user defined input for a revision, such as a database name or + a cache size etc. properties: default: - description: Default is the default value for this input, this is a map which must contain the field 'value' => 'default value'. Default values can be any simple of complex type, such as string, int, bool, etc. + description: |- + Default is the default value for this input, this is a map which must contain + the field 'value' => 'default value'. Default values can be any simple of complex + type, such as string, int, bool, etc. type: object x-kubernetes-preserve-unknown-fields: true description: description: Description is a short description of the input and its purpose, capabilities, etc. type: string key: - description: Key is the name of the variable when presented to the terraform module. If this field is not specified, the name will be used as the key instead + description: |- + Key is the name of the variable when presented to the terraform module. If this field + is not specified, the name will be used as the key instead type: string required: description: Required indicates whether this input is required or not by the revision @@ -1952,10 +2489,14 @@ spec: type: object type: array plan: - description: Plan contains the information related to the name, version, description of the revision. + description: |- + Plan contains the information related to the name, version, description of + the revision. properties: categories: - description: Categories is a list of categories which this revision is grouped by, such as database, cache, etc. + description: |- + Categories is a list of categories which this revision is grouped by, such as database, + cache, etc. items: type: string type: array @@ -1966,7 +2507,10 @@ spec: description: Description is a short description of the revision and its purpose, capabilities, etc. type: string name: - description: Name is the name which this revision is grouped by, such as mysql, redis, etc. Multiple revisions can be grouped by the same name, presented as a list of revisions for a single plan name + description: |- + Name is the name which this revision is grouped by, such as mysql, redis, etc. Multiple + revisions can be grouped by the same name, presented as a list of revisions for a single + plan name type: string revision: description: Revision is the version of the revision, such as 1.0.0, 1.0.1, etc. @@ -1989,14 +2533,20 @@ spec: description: Condition is the current observed condition of some aspect of a resource properties: detail: - description: Detail is any additional human-readable detail to understand this condition, for example, the full underlying error which caused an issue + description: |- + Detail is any additional human-readable detail to understand this condition, for example, + the full underlying error which caused an issue type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + description: |- + LastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: Message is a human readable message indicating details about the transition. This may be an empty string. + description: |- + Message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string name: @@ -2004,12 +2554,20 @@ spec: minLength: 1 type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + description: |- + Reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -2022,7 +2580,12 @@ spec: - Unknown type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + Type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2052,7 +2615,9 @@ spec: type: string type: object lastSuccess: - description: LastSuccess descibes the generation and time of the last reconciliation which resulted in a Success status + description: |- + LastSuccess descibes the generation and time of the last reconciliation which resulted in + a Success status properties: generation: description: Generation is the generation reconciled on the last reconciliation diff --git a/test/e2e/assets/terraform/dummy-zero/main.tf b/test/e2e/assets/terraform/dummy-zero/main.tf new file mode 100644 index 000000000..a1ded02e5 --- /dev/null +++ b/test/e2e/assets/terraform/dummy-zero/main.tf @@ -0,0 +1,14 @@ +variable "sentence" { + description = "The sentence to print" + type = string + default = "The sentence has not been set" +} + +terraform { + required_version = ">= 1.0" +} + +output "sentence" { + description = "A sentence used to test inputs to configurations" + value = var.sentence +}