From b14ace626d6be1067958f2b4d854e5be5c3daaa0 Mon Sep 17 00:00:00 2001 From: Jorge Turrado Ferrero Date: Thu, 25 Apr 2024 15:37:09 +0200 Subject: [PATCH] Release: KEDA v2.14.0 (#630) * Packaged new Helm chart version Signed-off-by: Jorge Turrado * fix typo Signed-off-by: Jorge Turrado --------- Signed-off-by: Jorge Turrado --- docs/index.yaml | 171 +- docs/keda-2.14.0.tgz | Bin 0 -> 93203 bytes keda/Chart.yaml | 4 +- .../templates/crds/crd-cloudeventsources.yaml | 60 +- .../crd-clustertriggerauthentications.yaml | 82 +- keda/templates/crds/crd-scaledjobs.yaml | 7288 ++++++++--------- keda/templates/crds/crd-scaledobjects.yaml | 148 +- .../crds/crd-triggerauthentications.yaml | 82 +- 8 files changed, 3705 insertions(+), 4130 deletions(-) create mode 100644 docs/keda-2.14.0.tgz diff --git a/docs/index.yaml b/docs/index.yaml index cbfa20ad..c7575435 100644 --- a/docs/index.yaml +++ b/docs/index.yaml @@ -3,7 +3,7 @@ entries: external-scaler-azure-cosmos-db: - apiVersion: v2 appVersion: 0.1.0 - created: "2024-02-29T15:16:41.003014+01:00" + created: "2024-04-25T15:28:51.732986+02:00" description: Event-based autoscaler for Azure Cosmos DB change feed consumer applications digest: a905dedb01db68575cf591eb0b8f6fa1aa1343f0ec239615081e4b57590d8ae9 home: https://github.com/kedacore/external-scaler-azure-cosmos-db @@ -22,9 +22,32 @@ entries: - https://kedacore.github.io/charts/external-scaler-azure-cosmos-db-0.1.0.tgz version: 0.1.0 keda: + - apiVersion: v2 + appVersion: 2.14.0 + created: "2024-04-25T15:28:51.808647+02:00" + description: Event-based autoscaler for workloads on Kubernetes + digest: bdd669a80a8bc9d1e651b7680f4227cbc374a861e89c0ed3120e328b4aacfd39 + home: https://github.com/kedacore/keda + icon: https://raw.githubusercontent.com/kedacore/keda/main/images/keda-logo-500x500-white.png + kubeVersion: '>=v1.23.0-0' + maintainers: + - email: ahmels@microsoft.com + name: Ahmed ElSayed + - email: jorge_turrado@hotmail.es + name: Jorge Turrado + - email: kerkhove.tom@gmail.com + name: Tom Kerkhove + - email: zbynek@kedify.io + name: Zbynek Roubalik + name: keda + sources: + - https://github.com/kedacore/keda + urls: + - https://kedacore.github.io/charts/keda-2.14.0.tgz + version: 2.14.0 - apiVersion: v2 appVersion: 2.13.1 - created: "2024-02-29T15:16:41.071947+01:00" + created: "2024-04-25T15:28:51.806154+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 3d1bb0537755ebeafacf1da9f91fbcbbac7b673b0e4141cc827e32635e68c228 home: https://github.com/kedacore/keda @@ -47,7 +70,7 @@ entries: version: 2.13.2 - apiVersion: v2 appVersion: 2.13.0 - created: "2024-02-29T15:16:41.069229+01:00" + created: "2024-04-25T15:28:51.802771+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 00ae78109f89f16b12bb5cf23f7071c6c2fe09294514d4f7fd3850c6ce2b8a57 home: https://github.com/kedacore/keda @@ -70,7 +93,7 @@ entries: version: 2.13.1 - apiVersion: v2 appVersion: 2.13.0 - created: "2024-02-29T15:16:41.066409+01:00" + created: "2024-04-25T15:28:51.799948+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 0dcc74315d6ca02fbadcfc5e358040580c0ad7919921e07ebf2dcc0b1d2d5f03 home: https://github.com/kedacore/keda @@ -93,7 +116,7 @@ entries: version: 2.13.0 - apiVersion: v2 appVersion: 2.12.1 - created: "2024-02-29T15:16:41.063317+01:00" + created: "2024-04-25T15:28:51.796808+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: ee87da063be94f3f65661656602775c38ab723374c9892ecc73c1cea269e64c0 home: https://github.com/kedacore/keda @@ -116,7 +139,7 @@ entries: version: 2.12.1 - apiVersion: v2 appVersion: 2.12.0 - created: "2024-02-29T15:16:41.060697+01:00" + created: "2024-04-25T15:28:51.794032+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 5ae5ef24c2e4c38450bb31b7987aea8b19a828c0c6cfa66b8e7ffbc65ebf164d home: https://github.com/kedacore/keda @@ -139,7 +162,7 @@ entries: version: 2.12.0 - apiVersion: v2 appVersion: 2.11.2 - created: "2024-02-29T15:16:41.057814+01:00" + created: "2024-04-25T15:28:51.790794+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 1fc274ebf7c405031297166fa3295f13bc9470f3ca688d595b7549d072b062cd home: https://github.com/kedacore/keda @@ -162,7 +185,7 @@ entries: version: 2.11.2 - apiVersion: v2 appVersion: 2.11.1 - created: "2024-02-29T15:16:41.054883+01:00" + created: "2024-04-25T15:28:51.788018+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 7d10ab788d363c95f496f28d48a74ab7789a5d04c63d9fa3e5d55967c988c0ed home: https://github.com/kedacore/keda @@ -185,7 +208,7 @@ entries: version: 2.11.1 - apiVersion: v2 appVersion: 2.11.0 - created: "2024-02-29T15:16:41.052387+01:00" + created: "2024-04-25T15:28:51.785736+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 8a2100ac1c47053e118b177676fbc07fe427fb9878c31ee7f8b73df0e2a77a06 home: https://github.com/kedacore/keda @@ -208,7 +231,7 @@ entries: version: 2.11.0 - apiVersion: v2 appVersion: 2.10.1 - created: "2024-02-29T15:16:41.050049+01:00" + created: "2024-04-25T15:28:51.783191+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 2e75903cda0780a4a8115dc199541315eaccdbfc3ec3da5ab492c8825080cc99 home: https://github.com/kedacore/keda @@ -231,7 +254,7 @@ entries: version: 2.10.2 - apiVersion: v2 appVersion: 2.10.0 - created: "2024-02-29T15:16:41.047624+01:00" + created: "2024-04-25T15:28:51.780819+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 7216ff7cff5567152b895017b97a95b41b788589c4be82169d92906519a24f25 home: https://github.com/kedacore/keda @@ -254,7 +277,7 @@ entries: version: 2.10.1 - apiVersion: v2 appVersion: 2.10.0 - created: "2024-02-29T15:16:41.045391+01:00" + created: "2024-04-25T15:28:51.778035+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 4be1fc8dba9d0e17ff475ca3dcb1183b07164ccaddfc48c67f6369a56f1b1777 home: https://github.com/kedacore/keda @@ -277,7 +300,7 @@ entries: version: 2.10.0 - apiVersion: v2 appVersion: 2.9.3 - created: "2024-02-29T15:16:41.114372+01:00" + created: "2024-04-25T15:28:51.852611+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: c455dc8d908b6e8575fe0dbe8275861355cb242a5768f23cd909e543fe077438 home: https://github.com/kedacore/keda @@ -300,7 +323,7 @@ entries: version: 2.9.4 - apiVersion: v2 appVersion: 2.9.2 - created: "2024-02-29T15:16:41.112308+01:00" + created: "2024-04-25T15:28:51.850241+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 52a5de6f5585fb2cfe44ba9ddadcf4cd4208138795313e25ee654d82a424faef home: https://github.com/kedacore/keda @@ -323,7 +346,7 @@ entries: version: 2.9.3 - apiVersion: v2 appVersion: 2.9.2 - created: "2024-02-29T15:16:41.110458+01:00" + created: "2024-04-25T15:28:51.848358+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: a1f14048f1788cde92a42412fa789e34d48bb4a8e94d4b43e0c70c8b8c326e43 home: https://github.com/kedacore/keda @@ -346,7 +369,7 @@ entries: version: 2.9.2 - apiVersion: v2 appVersion: 2.9.1 - created: "2024-02-29T15:16:41.108246+01:00" + created: "2024-04-25T15:28:51.845974+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 004f2f37845a324badc7228585755ddfd8f5feea957cdca7de9b39499ce1a8d8 home: https://github.com/kedacore/keda @@ -369,7 +392,7 @@ entries: version: 2.9.1 - apiVersion: v2 appVersion: 2.9.0 - created: "2024-02-29T15:16:41.106366+01:00" + created: "2024-04-25T15:28:51.843995+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: e0f84de35c0378027f43a732f12a164db05e45947687203020c0031baeee5826 home: https://github.com/kedacore/keda @@ -392,7 +415,7 @@ entries: version: 2.9.0 - apiVersion: v2 appVersion: 2.8.2 - created: "2024-02-29T15:16:41.103843+01:00" + created: "2024-04-25T15:28:51.84134+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: bbd9f4f9312781de5363145d5a937d7c084ea1139f12f5e7f153b3f174332517 home: https://github.com/kedacore/keda @@ -415,7 +438,7 @@ entries: version: 2.8.4 - apiVersion: v2 appVersion: 2.8.2 - created: "2024-02-29T15:16:41.101907+01:00" + created: "2024-04-25T15:28:51.839512+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 04934ca1e41970ca687de13db697cc7fdc24d367af570eba47bed01ad981e1b1 home: https://github.com/kedacore/keda @@ -438,7 +461,7 @@ entries: version: 2.8.3 - apiVersion: v2 appVersion: 2.8.1 - created: "2024-02-29T15:16:41.099964+01:00" + created: "2024-04-25T15:28:51.837398+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: e7bc80a5dde861a5f62b73e9d5c4ce139339b07438344668485fdc435f3109b4 home: https://github.com/kedacore/keda @@ -461,7 +484,7 @@ entries: version: 2.8.2 - apiVersion: v2 appVersion: 2.8.0 - created: "2024-02-29T15:16:41.09818+01:00" + created: "2024-04-25T15:28:51.835462+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: df15ce1a4a27df2f3eb85c7cc803de53dec526bcad92d732a0944bd5288f4845 home: https://github.com/kedacore/keda @@ -484,7 +507,7 @@ entries: version: 2.8.1 - apiVersion: v2 appVersion: 2.8.0 - created: "2024-02-29T15:16:41.096224+01:00" + created: "2024-04-25T15:28:51.833698+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: afa9410e4e6e805979e5c22a17db6dc7dc2720c28b3f176d2eef2708ef0d0a32 home: https://github.com/kedacore/keda @@ -507,7 +530,7 @@ entries: version: 2.8.0 - apiVersion: v2 appVersion: 2.7.1 - created: "2024-02-29T15:16:41.0947+01:00" + created: "2024-04-25T15:28:51.831918+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: eec27b3d7075a8c51cce1fb8d456ac3d458b3bf72fde1cda67c4b554df1e9838 home: https://github.com/kedacore/keda @@ -530,7 +553,7 @@ entries: version: 2.7.2 - apiVersion: v2 appVersion: 2.7.1 - created: "2024-02-29T15:16:41.093149+01:00" + created: "2024-04-25T15:28:51.830032+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: aa1644eb53ec44294993d0611169bd863db39f2bedca1d9ed64b05fbef74087c home: https://github.com/kedacore/keda @@ -553,7 +576,7 @@ entries: version: 2.7.1 - apiVersion: v2 appVersion: 2.7.0 - created: "2024-02-29T15:16:41.091377+01:00" + created: "2024-04-25T15:28:51.828329+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: f23894c1c4403f36797a0f2ccb497a3b4f2fe761e00b841cc7e1c8ce110d6dc5 home: https://github.com/kedacore/keda @@ -576,7 +599,7 @@ entries: version: 2.7.0 - apiVersion: v2 appVersion: 2.6.1 - created: "2024-02-29T15:16:41.089885+01:00" + created: "2024-04-25T15:28:51.826648+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: af7ec480a66e9f033ab44d28b3df518c0def8ea289996c413dae34e307a0a033 home: https://github.com/kedacore/keda @@ -598,7 +621,7 @@ entries: version: 2.6.2 - apiVersion: v2 appVersion: 2.6.0 - created: "2024-02-29T15:16:41.088434+01:00" + created: "2024-04-25T15:28:51.824867+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: b6cf54875f34e8cda992f1ccfe7d594a2f75d25b573a8149721e69ab5ebe3d1d home: https://github.com/kedacore/keda @@ -620,7 +643,7 @@ entries: version: 2.6.1 - apiVersion: v2 appVersion: 2.6.0 - created: "2024-02-29T15:16:41.086659+01:00" + created: "2024-04-25T15:28:51.823496+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 1788eb5f7febdff68275ec5446d30f7f51d0259f343a024639ab1d46228fa00c home: https://github.com/kedacore/keda @@ -642,7 +665,7 @@ entries: version: 2.6.0 - apiVersion: v2 appVersion: 2.5.0 - created: "2024-02-29T15:16:41.085278+01:00" + created: "2024-04-25T15:28:51.822106+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: b23ffc14ff517dbf1e892593364a0b9e660afe2cd49c2e11e8589e0f271ef254 home: https://github.com/kedacore/keda @@ -664,7 +687,7 @@ entries: version: 2.5.1 - apiVersion: v2 appVersion: 2.5.0 - created: "2024-02-29T15:16:41.083925+01:00" + created: "2024-04-25T15:28:51.820286+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: a8c62e7b9e38adf3ef1837e2828cbd29dfd6c7633e8260bd2aa68c70307c8149 home: https://github.com/kedacore/keda @@ -684,7 +707,7 @@ entries: version: 2.5.0 - apiVersion: v2 appVersion: 2.4.0 - created: "2024-02-29T15:16:41.08239+01:00" + created: "2024-04-25T15:28:51.818811+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 41a092fcda3518068d27cf7b86afa5ea2577c8435055ee214bfba11f3a86ef7b home: https://github.com/kedacore/keda @@ -704,7 +727,7 @@ entries: version: 2.4.0 - apiVersion: v2 appVersion: 2.3.0 - created: "2024-02-29T15:16:41.080944+01:00" + created: "2024-04-25T15:28:51.816914+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 8f9d78fb5d090e9887f7914ec8db637344361a8881bb4d8f4c1a9225964b72e0 home: https://github.com/kedacore/keda @@ -724,7 +747,7 @@ entries: version: 2.3.2 - apiVersion: v2 appVersion: 2.3.0 - created: "2024-02-29T15:16:41.079421+01:00" + created: "2024-04-25T15:28:51.815154+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: c36eef4718068eee2ac8d3d54e10b15c6ca2b4d1970c84797387152393804578 home: https://github.com/kedacore/keda @@ -744,7 +767,7 @@ entries: version: 2.3.0 - apiVersion: v2 appVersion: 2.2.0 - created: "2024-02-29T15:16:41.076502+01:00" + created: "2024-04-25T15:28:51.813606+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 6b6b25799c11e01d2a7edb34d8cf3fb6f82393e7c4e9faa07c38271afad49704 home: https://github.com/kedacore/keda @@ -764,7 +787,7 @@ entries: version: 2.2.2 - apiVersion: v2 appVersion: 2.2.0 - created: "2024-02-29T15:16:41.075081+01:00" + created: "2024-04-25T15:28:51.812165+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 7ec5c403d0ad315d2eb9ec0c9d73b36c0baced870f397884d467d46014f24631 home: https://github.com/kedacore/keda @@ -784,7 +807,7 @@ entries: version: 2.2.1 - apiVersion: v2 appVersion: 2.2.0 - created: "2024-02-29T15:16:41.073674+01:00" + created: "2024-04-25T15:28:51.810616+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 42b530656687cabb1408abcb137a5d7515243465b65a3a6006927987441fadc0 home: https://github.com/kedacore/keda @@ -804,7 +827,7 @@ entries: version: 2.2.0 - apiVersion: v2 appVersion: 2.1.0 - created: "2024-02-29T15:16:41.042862+01:00" + created: "2024-04-25T15:28:51.775821+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 65e2fb98c55740251d7ffa1680ef0edeb42954576deac3856dd468473e321747 home: https://github.com/kedacore/keda @@ -824,7 +847,7 @@ entries: version: 2.1.3 - apiVersion: v2 appVersion: 2.1.0 - created: "2024-02-29T15:16:41.041419+01:00" + created: "2024-04-25T15:28:51.773987+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: f336ab24d5ebf96d28da95a03931f2701bb44ce6bb7c30991e3ad14959e2e7e4 home: https://github.com/kedacore/keda @@ -844,7 +867,7 @@ entries: version: 2.1.2 - apiVersion: v2 appVersion: 2.1.0 - created: "2024-02-29T15:16:41.039727+01:00" + created: "2024-04-25T15:28:51.77259+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: b6e752d05797cd50ce95a96ae1b6cf8b2b87fc10c27391172beb1acd9fcb18a2 home: https://github.com/kedacore/keda @@ -864,7 +887,7 @@ entries: version: 2.1.1 - apiVersion: v2 appVersion: 2.1.0 - created: "2024-02-29T15:16:41.038349+01:00" + created: "2024-04-25T15:28:51.771155+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 91998f9165176f972b954ef9d4077942979cb5e863bb7d76ed29c48f63533531 home: https://github.com/kedacore/keda @@ -884,7 +907,7 @@ entries: version: 2.1.0 - apiVersion: v2 appVersion: 2.0.0 - created: "2024-02-29T15:16:41.037009+01:00" + created: "2024-04-25T15:28:51.76921+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: ce2e848f5d7a067d74feb3745da5a834cccdfaa665b5b59d43ad06baa4cdfd04 home: https://github.com/kedacore/keda @@ -904,7 +927,7 @@ entries: version: 2.0.1 - apiVersion: v1 appVersion: 2.0.0 - created: "2024-02-29T15:16:41.035722+01:00" + created: "2024-04-25T15:28:51.767856+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: dba8b0e793085165c7d155f9393c5ff112d4714dbce0201404ceb0e67d1b2deb home: https://github.com/kedacore/keda @@ -924,7 +947,7 @@ entries: version: 2.0.0 - apiVersion: v1 appVersion: 2.0.0-rc2 - created: "2024-02-29T15:16:41.033801+01:00" + created: "2024-04-25T15:28:51.766148+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: bad82c28c5ca1d5e69fac4bfcc7a999d5d2b2afd9b19ff6deb9a48811110eb0d home: https://github.com/kedacore/keda @@ -944,7 +967,7 @@ entries: version: 2.0.0-rc3 - apiVersion: v2 appVersion: 2.0.0-rc2 - created: "2024-02-29T15:16:41.032488+01:00" + created: "2024-04-25T15:28:51.764835+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: a4042ba14e595a8e82c9a39d8987625b89292aa86029686a3603b724fda36ca0 home: https://github.com/kedacore/keda @@ -965,7 +988,7 @@ entries: version: 2.0.0-rc2 - apiVersion: v1 appVersion: 2.0.0-rc - created: "2024-02-29T15:16:41.031183+01:00" + created: "2024-04-25T15:28:51.763002+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 3a952f2aaa0ea35ee4335f0b168f44fcf37c5c5ab7e9b9bba7e731c42f04ad61 home: https://github.com/kedacore/keda @@ -985,7 +1008,7 @@ entries: version: 2.0.0-rc - apiVersion: v1 appVersion: 2.0.0-beta - created: "2024-02-29T15:16:41.029742+01:00" + created: "2024-04-25T15:28:51.76161+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: fbafc7ae564c13a0eab7062667759f6e93595c97125731a27e8290574e1d570c home: https://github.com/kedacore/keda @@ -1005,7 +1028,7 @@ entries: version: 2.0.0-beta1.2 - apiVersion: v1 appVersion: 2.0.0-beta - created: "2024-02-29T15:16:41.027237+01:00" + created: "2024-04-25T15:28:51.759359+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: db9e7d2423423463285f2e9d5b940a63b41d6555ba9fcab8fda0e6a757ccefa9 home: https://github.com/kedacore/keda @@ -1025,7 +1048,7 @@ entries: version: 2.0.0-beta1.1 - apiVersion: v1 appVersion: 2.0.0-beta - created: "2024-02-29T15:16:41.024886+01:00" + created: "2024-04-25T15:28:51.75664+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: f0a8f0b854246ee2258ec8f10528f2811681ad2e41946dc455586f1ba9818e01 home: https://github.com/kedacore/keda @@ -1045,7 +1068,7 @@ entries: version: 2.0.0-beta - apiVersion: v1 appVersion: 1.5.0 - created: "2024-02-29T15:16:41.02263+01:00" + created: "2024-04-25T15:28:51.75447+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 07b15ddae4f1c40747de063100a668ac15d504cd0548eac0e1a04381fcaa3b37 home: https://github.com/kedacore/keda @@ -1065,7 +1088,7 @@ entries: version: 1.5.0 - apiVersion: v1 appVersion: 1.4.1 - created: "2024-02-29T15:16:41.02066+01:00" + created: "2024-04-25T15:28:51.752646+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: f8bf80186ac3343998021a1721d06a67fdacd1dab92e4a4992620903b52004a4 home: https://github.com/kedacore/keda @@ -1085,7 +1108,7 @@ entries: version: 1.4.2 - apiVersion: v1 appVersion: 1.4.1 - created: "2024-02-29T15:16:41.018688+01:00" + created: "2024-04-25T15:28:51.750786+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 97a2e5c0beff93bb71ff861da0f29d09dcf988e724784f8b7c56ac9872c37a81 home: https://github.com/kedacore/keda @@ -1101,7 +1124,7 @@ entries: version: 1.4.1 - apiVersion: v1 appVersion: 1.4.0 - created: "2024-02-29T15:16:41.016953+01:00" + created: "2024-04-25T15:28:51.749069+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 1c4dbc502b935898ecaa178b5f0a172be5d75302c729dd96224a19f0dfe7964f home: https://github.com/kedacore/keda @@ -1117,7 +1140,7 @@ entries: version: 1.4.0 - apiVersion: v1 appVersion: 1.4.0 - created: "2024-02-29T15:16:41.01488+01:00" + created: "2024-04-25T15:28:51.746903+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: 6fccc45972ba1e3e9b2a6d3a20d4c6da4e8e1707e28cbf9f52114811628e7498 home: https://github.com/kedacore/keda @@ -1133,7 +1156,7 @@ entries: version: 1.3.2 - apiVersion: v1 appVersion: 1.3.0 - created: "2024-02-29T15:16:41.013147+01:00" + created: "2024-04-25T15:28:51.745167+02:00" description: Event-based autoscaler for workloads on Kubernetes digest: e13bcb65816ed59b10b32fa6db8f61668635459d56c2d599bb3c0bcc5dcc1368 home: https://github.com/kedacore/keda @@ -1149,7 +1172,7 @@ entries: version: 1.3.1 - apiVersion: v1 appVersion: 1.3.0 - created: "2024-02-29T15:16:41.011054+01:00" + created: "2024-04-25T15:28:51.743424+02:00" description: Event based autoscaler for Azure Functions deployments on Kubernetes digest: 28fed67bbc6ee61357743991f6c66a88b3749d9d7e9d26322f4f9116d038acb8 home: https://github.com/kedacore/keda @@ -1165,7 +1188,7 @@ entries: version: 1.3.0 - apiVersion: v1 appVersion: 1.2.0 - created: "2024-02-29T15:16:41.009268+01:00" + created: "2024-04-25T15:28:51.7411+02:00" description: Event based autoscaler for Azure Functions deployments on Kubernetes digest: e041dbed2455fef34f2908594a42fc8a7f163a1f48be46c2f93dea46e36fc733 home: https://github.com/kedacore/keda @@ -1181,7 +1204,7 @@ entries: version: 1.2.0 - apiVersion: v1 appVersion: 1.1.0 - created: "2024-02-29T15:16:41.007207+01:00" + created: "2024-04-25T15:28:51.739052+02:00" description: Event based autoscaler for Azure Functions deployments on Kubernetes digest: c624e6620a9a6f265f51a82ee0d8267dcb2637dd3777306afbb271746234ff2d home: https://github.com/kedacore/keda @@ -1197,7 +1220,7 @@ entries: version: 1.1.0 - apiVersion: v1 appVersion: 1.0.0 - created: "2024-02-29T15:16:41.004892+01:00" + created: "2024-04-25T15:28:51.736726+02:00" description: Event based autoscaler for Azure Functions deployments on Kubernetes digest: ef934588dce70d874ea69692e082b8a70ad19095090b8d4fa7b5cb69b2cecaf6 home: https://github.com/kedacore/keda @@ -1214,7 +1237,7 @@ entries: keda-add-ons-http: - apiVersion: v2 appVersion: 0.7.0 - created: "2024-02-29T15:16:41.121612+01:00" + created: "2024-04-25T15:28:51.860213+02:00" description: Event-based autoscaler for HTTP workloads on Kubernetes digest: 11df2793e3f5c12e6558a77e67e850472d5e3dcb489a764194c69fcb81ab3100 home: https://github.com/kedacore/http-add-on @@ -1237,7 +1260,7 @@ entries: version: 0.7.0 - apiVersion: v2 appVersion: 0.6.0 - created: "2024-02-29T15:16:41.120926+01:00" + created: "2024-04-25T15:28:51.859465+02:00" description: Event-based autoscaler for HTTP workloads on Kubernetes digest: 435c6c9c221b8e98774c662250a091b872222584510e3b7f1df2a838afa81252 home: https://github.com/kedacore/http-add-on @@ -1260,7 +1283,7 @@ entries: version: 0.6.0 - apiVersion: v2 appVersion: 0.5.0 - created: "2024-02-29T15:16:41.120342+01:00" + created: "2024-04-25T15:28:51.858833+02:00" description: Event-based autoscaler for HTTP workloads on Kubernetes digest: 2f7a41ea8fbed944ea789e5811edcb263275452d6c8928a4647d78d0d9895b15 home: https://github.com/kedacore/http-add-on @@ -1283,7 +1306,7 @@ entries: version: 0.5.3 - apiVersion: v2 appVersion: 0.5.0 - created: "2024-02-29T15:16:41.119664+01:00" + created: "2024-04-25T15:28:51.858176+02:00" description: Event-based autoscaler for HTTP workloads on Kubernetes digest: cc4459e84407bc2b29203ad02ddcea31471ce3b3d1c4a91c0d7f6be212725c38 home: https://github.com/kedacore/http-add-on @@ -1306,7 +1329,7 @@ entries: version: 0.5.2 - apiVersion: v2 appVersion: 0.5.0 - created: "2024-02-29T15:16:41.119163+01:00" + created: "2024-04-25T15:28:51.857678+02:00" description: Event-based autoscaler for HTTP workloads on Kubernetes digest: 802dd7fa808a092b1c3669e217b6295c600929351fd7ad9ff6485b5ffa7ac87d home: https://github.com/kedacore/http-add-on @@ -1329,7 +1352,7 @@ entries: version: 0.5.1 - apiVersion: v2 appVersion: 0.5.0 - created: "2024-02-29T15:16:41.118643+01:00" + created: "2024-04-25T15:28:51.857161+02:00" description: Event-based autoscaler for HTTP workloads on Kubernetes digest: 436f37e50c6a2cb406b13144778163070b3903a77750ac2afd71a13c07edd7d3 home: https://github.com/kedacore/http-add-on @@ -1352,7 +1375,7 @@ entries: version: 0.5.0 - apiVersion: v2 appVersion: 0.4.0 - created: "2024-02-29T15:16:41.118141+01:00" + created: "2024-04-25T15:28:51.85666+02:00" description: Event-based autoscaler for HTTP workloads on Kubernetes digest: ed7e2d31de0f5afff393e1c8857968b68777ff2e29678351ae6e85dfeb54e2f1 home: https://github.com/kedacore/http-add-on @@ -1375,7 +1398,7 @@ entries: version: 0.4.1 - apiVersion: v2 appVersion: 0.4.0 - created: "2024-02-29T15:16:41.117673+01:00" + created: "2024-04-25T15:28:51.856222+02:00" description: Event-based autoscaler for HTTP workloads on Kubernetes digest: 63a58740d9a528b16cff62eb78ab7c33ac1bb00c1f5d4802cd3de1229f24b1c8 home: https://github.com/kedacore/http-add-on @@ -1398,7 +1421,7 @@ entries: version: 0.4.0 - apiVersion: v2 appVersion: 0.3.0 - created: "2024-02-29T15:16:41.117226+01:00" + created: "2024-04-25T15:28:51.855776+02:00" description: Event-based autoscaler for HTTP workloads on Kubernetes digest: 79ace4c4fa1521f9e072c34917155db49047b024f77054df2a089aca9a686b14 home: https://github.com/kedacore/http-add-on @@ -1423,7 +1446,7 @@ entries: version: 0.3.1 - apiVersion: v2 appVersion: 0.3.0 - created: "2024-02-29T15:16:41.116786+01:00" + created: "2024-04-25T15:28:51.855308+02:00" description: Event-based autoscaler for HTTP workloads on Kubernetes digest: e48c9139df0d83cea4b1faed0094d87707243dbfe620eab2254c7d810ed0f4c2 home: https://github.com/kedacore/http-add-on @@ -1447,7 +1470,7 @@ entries: version: 0.3.0 - apiVersion: v2 appVersion: 0.2.0 - created: "2024-02-29T15:16:41.116311+01:00" + created: "2024-04-25T15:28:51.85485+02:00" description: Event-based autoscaler for HTTP workloads on Kubernetes digest: ba2bc1bc4445a0aca8e71726f5e0797941a67f5d98764c56be300f6b2c5c008b home: https://github.com/kedacore/http-add-on @@ -1471,7 +1494,7 @@ entries: version: 0.2.2 - apiVersion: v2 appVersion: 0.2.0 - created: "2024-02-29T15:16:41.115816+01:00" + created: "2024-04-25T15:28:51.854333+02:00" description: Event-based autoscaler for HTTP workloads on Kubernetes digest: 0dc118417aad98e528e499fdd5e4e8a43465d071dd954612ff5d0289756d372c home: https://github.com/kedacore/http-add-on @@ -1495,7 +1518,7 @@ entries: version: 0.2.1 - apiVersion: v2 appVersion: 0.2.0 - created: "2024-02-29T15:16:41.115356+01:00" + created: "2024-04-25T15:28:51.853821+02:00" description: Event-based autoscaler for HTTP workloads on Kubernetes digest: 2c209e2a1287a54934cd7e1345fddc5b2b6c2a51c92d07a314f3e08e304af321 home: https://github.com/kedacore/http-add-on @@ -1519,7 +1542,7 @@ entries: version: 0.2.0 - apiVersion: v2 appVersion: 0.1.0 - created: "2024-02-29T15:16:41.114919+01:00" + created: "2024-04-25T15:28:51.853267+02:00" description: Event-based autoscaler for HTTP workloads on Kubernetes digest: 51bc31412a28fe78a0d0b2cdb76aae1af9eda9707ceecdfdde7106b7a2ceb8cb home: https://github.com/kedacore/http-add-on @@ -1543,7 +1566,7 @@ entries: version: 0.1.0 - apiVersion: v2 appVersion: 0.0.1 - created: "2024-02-29T15:16:41.114657+01:00" + created: "2024-04-25T15:28:51.852932+02:00" description: Event-based autoscaler for HTTP workloads on Kubernetes digest: 0cbcd436721095d7f40750a917ed22d7c83883bdb256edfd43a40a5a0b4f5c17 home: https://github.com/kedacore/http-add-on @@ -1565,4 +1588,4 @@ entries: urls: - https://kedacore.github.io/charts/keda-add-ons-http-0.0.1.tgz version: 0.0.1 -generated: "2024-02-29T15:16:41.002426+01:00" +generated: "2024-04-25T15:28:51.732106+02:00" diff --git a/docs/keda-2.14.0.tgz b/docs/keda-2.14.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..7c102d3fef47ca0409201a93b1180e982edf5106 GIT binary patch literal 93203 zcmV)7K*zryiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0POvHcjLCTI1Kl1eG0_W-?80e$@W}(e9md(dYr_`T)b>2S$*?M zI}iy;h)IA2KzWojUGLX;zTWdmo`sDIFCrz9l07pGk+m`wNo;J~_8l9yB*cejGc43- zf#c|R_fd|Hj*gx`eG2~`9UYbbJwAGN{JZ0)&yOEJefI3};%mp4{(zBpN~h!Pe(_CkjOyLM8UK3Ibmuz#*%~x zr;5t}M?|0r7wC?Q+lb>(BF@k^>6i#c6p@1&kI4y|DV4~R!^0_6vvfQPczmdrUcd!` zKL#|=@ZDzu-;K5g|_oLquXsqZ5Q@F^S~oF%1Nld;)C`5Mo$& z=5!X55S>TYctOIf&QDxS$=_8f1P=M0~jY+<*T6gBR$Er(+z^+ktrsV=Q?p0s`G!J0J7X zGWgI7wJ-NlU>D7CloEMw3}7YwKR$Z?_~==g{y%wo)YJcmD38!fGQnx2kXZyk%Jrfc z4IZJJ8I_1igwbD5U%whoxQMY*Bt#P$5&gkS5=2-KG{=JCaYQ6i9E}M|u+$uaGR4t? zrvfPwClOXejs}Bi#K$-~86X6NTmOO3BQzYMFX4@Oj0Bldsl)>D3Hs*z5*aOlQh2%q zX@uSacg4{Gn$kI82qy`$^jClV6^UXLXca-oOS_ta~tfpekh%JAOwmM|FW|K6EE_pkPrL^2I#2unm_suX2YbQbY61gTUGY~43T;PEhr4*S~1 zLav2CSN|paI&p7D5f5-Q7z84O#Q{KGk_lx*qPrPUGa`_h5!2zbtCteZ@SIpmNSRbP zib#mKK#Z%ACVS@D2~r{@0|)Xfm5Rp*GsYFxb0m>WNI)kvz)@tzRYM;jgu{@USv<|Y zHVgNcU+s#RaDIZuSlC`Wgmb;uLo5><7^;1TRWQ?kfJm=9L~}Cz$g>Ifj!2l|48i~& zzj41|ftZHh*o7}iAc)cpq!I>4uLeWvW%=n#9^4XPUmC)GnMTnyfRHEXhaU$6MwG_R zt|vE$=S;I9WM860zoj676L=Gzpb3s7ao>Lt;W-x?KRtuxYG^N@5l!R$0YVe_@&xUe zM}GaEMiIXQ?D+(d_ex+yrh-U`L>gIsYN}LWW!{*nbNs;kLI&75z`D|)OuzGA6$aQZ z!5oLmWdC9ADO9^6NkjvDO_ae=XEf%=#EB_-jy1Ih~SV2gjt9*^U=ga2|St5 zz_k0K ze#aDz2?|r8almMTX~Z>q12kR{ENqu4LqF)QhCE319KpW-anGr8AhpTaVaNk{2*Q>+ zG($iREiF5IG^5km5YI7ptb{Ng5~70>uO~iPQ`$q*B53G@2!x2p;I&!zU=lx4L$S z6-F}FRMc1+zNu*zUQRHObR{s8mi=jTLerPC3=>O!?OOfebTXlgs>P20CE+2G!Hk3{ zbYOXDq8ofmBuWGcNJwCs=avt=!xq##G@&F4HNmz|PBQwO@bHu=>Y8<8hn|anq*Rdb zC9H>QkHp24asT-IJqc1U$@qFh6yY(6u1Q1!PemRXQi5Vlp3mRAzRTjjXTGF$?qX4#$)o%9(v))D^TlPUT|E-=9n)Iu3R# z20$;5jYi>uQPp51I15Olk$|r6ex)m+@41M=&vv)e>sMML)tf&Nd~A8A@7UfCny}@_ zU113U(NkF7%0tg+h6xXce&lk`BiqhU5FAqYODZf>nhZ_Lhx?kpxz8^3Gt(zM85Bn^ zNrV^IB;YKRC+P7rc$W}CdFY=4A4EvgcAl#2F+9~YJ{9C+!ep)aVA>U*kYUva745QXRjy-OvrKee)AD!xN2=t`hD zN225*h|vL&L#yaeHa!fP1VUrq9X^5|L-SaxZbgkcgkgF4=GrJp3%f^2af$0LGU-eS z`OcK|z(OsjWol`|>0$$f%Ka_qhwH_{Dzj8C8#a&)Yps8+rNt_-VR>3UVgcgA$qyfT zn6@KHRF2=)1c|(5I8R)>dDYvF(H@8s)>?@;m|DHjL6DfwjXiVzcy#=DKW~-F>!O!j zC?_dcn&pLrt8OGdY7nnoI=_$+gl7 z+cfjv)Gg*8a(l+sMbcLOv0w=qg34>Hg7 zEBH!J5wy4Du&!{2uYp+dg)e~xPEz>9ipF7~l_g(~3n_9CSJm;`ImC%7>}B(y5s>v; zDdAx@ejb<|_@*5wf8G}Na{cva55yP;9_4Ej-H?l-xcbZK8Im(F8;%JWEC&b$f@p$J zP?2itx)_NZkRR}LD##Qo5_ac~8t=nL8Kj{#F$x|L39Qh@m>_t9_U4q_9Uu}?bpU*k zX-Ur4zu{KKyW-&2H`1r;+xO)j`RyB;&VeB@z|6#%VDt_`Hr^qbjs-C>zPSM~!xv`C zrrBB7x=wgSCf`sH%=4rBib`-SS&`WRwJpmu(dwm<;VPQOEClR8<+XzfQAFnBkdJ>N zff~t#1S5EIgT<7nD>8X!Y^gUh;&o_7Na&&paU{9x1i)L-Aq(naf+8|eh{TCn9ArcK z4kz?W!P7*Zpg+6=l;8Poo}fP*+I~6RJsZSFh;h9dGlnRk`nAG}OwtHMeJqF@Car~} z-c2{=?+3_)*kogGh8;PSP7oGTo(TSv3G3FZ?v}F9a7~`7!N6KmPlEsi^+7p!q-Kv` zWGf1km()u;^12!tc3P#t*E9xasv%ZuTe&^m-xKuz46e|udR zj~jkVSQ-1%Wk#ZSRX+^m9HTH~ufUo=xG9RV!v(Z$ zv}qhDIwvow0Cm_a*w-dlPeTP2){WHZ&zdZsLM7yDfk5D(dI$tny6e2dNHbSmB>?me zAK{;!Ig1uSK_I%L#gZt5CBjAkL7ZiVnoAz;$^BeRtObK8t3y0z4K-gRJVb@&-4AO| z1th<>fsy$oY6ncD5XfkFlZEL%&k#x_p4#=*eWYA?X4l~=Ef<5%QlMmq)o=!0O5lq( zgkh%8Md(761<{;eSBMrPy%8l@!Zo+R*Wzm@T4S^to7_wnhtt?FYG!J*Y?0k$hW5?s zG;Z9B(5|Vh7d2h5qqwFE*&=?RZYV&j(2cs4vP@xb2}9(4LWSu;n3_LEs}?cKt&N6D z1zZE1>kS_2(pYsqP>f&>(l)Vca8H1-^me<@z0#W5kPY5gDFx;#5AQL zIixrqf?6}2aN!*JLpvsNG*fZ3kEj#UoqV2!yVnqvjBH96Y_lM68d5M5>pp0VNB-k2 zEC}S`pP(J7T;KI51U%j;;Z;rXuHNWBF@y2e<6`z6)?$n26(|vWPD2ydvPJZDd#8f= z{Z<}C8;6b=y1u!FBPkF=NLZL~$`nKd5e&rA9K*`+yCMOPW5PlbIyzHTAK@tGQbGKG zfF+Sz?x9rj$~Jp$Ta_nhN3+#N^V5>fYz^Fc6soI7Izg9^UC3BcCscPb&kOi#TcLN8)_R$U7v&gG_8e9H9Lk-;P5 znYwv(jrK&g7xqVHu-p+xG~-cdHd|4FFvnYFSPdTekp+pKc=7yjDv}@|LP?ZhHFJY} z$-{wubMxx@OusbeTpIQ7D=cU9jEe+)2j-^_*||AjQ0~~wVF(D`yt+31iuiO&*|f%V z@yfhK5t)-HvoOBR9SqT5;wa*GBy>JD^e!ahbo%Z9y`yZx^}j?2F5VqzZiKZ2pvaU6 zOE9LO8EQ_C89F*}r>#h+H-l7yvMIC!NSq)Iav4K&Cbk8NKS|EsX?)%VoJk&$cg7D#OpiuPqlilV7sCw3hf4m(=SRo-PcaFeJbCh8 z1~>ZyKJ$M3bKCj}vafTJ>%do&F;bO`PJ3itKEa$(^uzLH~RPM^Q$j+?LZcqIzjMlwJGJ(-CN5J zhTq06Gfd!zYZ9bF%a)K1<-PjRAGOU+hYTK}&z&p6)FEh0B7XPd-Xq`52OWsW*~bPO+}mK^CrG+sMDqKG6x8p?~=N>34}ty6ZiKJoxXZyOj~*yE(M*_ zh)l`3X7E<{%7hX@aQK!*i!0967c?SrAr*;pCN)WdfXB(D;1e1V*NAmfrx33G(jR|b zGb(wawUv=srh=dF=u||zZDWjzH16XaAG3{(3tral<%EY_cX0yIchwuYy3wj*!y1FF z?PZa&Q~8E7J$?l(le_{`gNHLJaF;nPTSObXyCSzJ>zk4=_-D8b8~qOVb0|Mh7ueb4E+@-(CF#Y zC(R+`iIaz6oYg1jc@9*SL&nWe9a2kfnMde*;><=y1q+LrdBFL8ryt8eP{=KT>${oo@Q1o=lwq(c9JA{tXAe_YDhW9dkd z*qM(V4+xUf#Y}0!5kp!Ry$fDb%UYn3()UM4@p2WY(H7M@+P6%@J}$f~qy&R_kv!ce z(k2R=hXhF*C0rHu+#pgvI~wP!4auAa;1|GB(kTOXC*vVG+}|JQe|=!GrV7Sc%_Aam zL1J6RL(@1l#4H>t-;hQo`(;y)xX|S5M2kgdoJl1x*k=nI>&AYDa$l_9LFQO`Qz)w! zw>$LP4(9rW2cyt1Ab!kUT(s}8rcV{QvPwbkl_Brl0^V!F-B$&>SBARR2D(>;xvvUx zZ+955RX{vUOCl%-@i)R!!ZD7zY*b5MT63$3K65NX%LwiWi)Ob*wRcWL&5w8)3 z$DTzhRamV_p=J<)``^JO}d6w+gC+LY0B5w&vP9r+c=LxiDflPCpF#?1PK1Eo6 zTl7%mLmTyw#gx%Fjlml3QlEW9BL?>PC?yRCET-%xl0LcZ&8zF<$95r8i6k+3(juZH z$a~h~lz_tOh?VZLRV%VRk`YD*hZe!EYcrA=xfv1@%s4me9@?{kpQ$91G%{O3i3Kci zjwqWGspu3dg1~wxjRVMVUlb91E44IucKNOThs+5>5$CrED>UVTrwVeI>A7Md5mIT) z#zZM1mO8BWlQ{-o$YAIDUE_H;uNt1^#E*5}uk-f_m-*_PAzU0a_&9OLC?78|ttPlQ z_LmFy+Zskss?Emr$Sm>A?c(!v0IT^NQmYlLu|d+$Qk!yq zog&Dp>dWEtx#~^YuZ*N0lpzr|r-C!kTXG3iLF=;~6q{F-GfieHxEf(|5K^+-KId<~ z`}>>I*XM&rj!B=O-Sao!4Zk~m_3int#=?y3oJVO)Of0kc+c@~LXqYUsP?kkauXHn=W$sBI=F{!<>$HoL^a-wA_cfQDBn?v!PZRMRIg&?<>nD4^SBP)d2vr=vsAb*Bw zb;~XWCfDvI57)Mt6ycVeeNz#3ZqL(DnMGQ`(HSl4jL_>;r8Y`2h*C-CHss87?$U8g zx2%iU*fGvpn*=5W2|dhk^uw6vra z^|&V))>${o3*&+*BIY>K@}F6aek1x=e;EjzkPux=Kvd4~$~Mja`~UxcY_yyG8l2St z*ycEPL0sA=x&CzX| z*j0Ux^73i%T<Kgk0!(fIfD^;P)xah8LY4RNrbh60#;LIntWKj+DmMlE9gompnk4yi0J5tBB8%R%K z>()tKpWl&$rPeD`ZX2HP?FYwP+MZNBgC?P(L^n}tk#Iufv!@BdYz@$Sw3~0#lz}#mtJ@2b(e={upe4?=~b6r zb=g>TDN0ZGtGaC1Ru|P}!zR0_E*mzwZr^Q0bW755ue)Tu$v~Ows46#Q@tZC0%m!Gvn_>)e;RQm4 zTcb4)oAl}}B>zIc{DOXO#&uM9{_C$GkiJidpo9gwUp7z#B=2%Hp(~ibO6|)uj6(nxbQ6US^ermFlvJpw{A6P)X4qY4+?i(t|Ama_4b3_e$e|od%Ho_ zi{5U~+YNfV!EeiM@Gb zZha^>Ge9<7&>NpNm5Zs_rapT(Rx@-rBZAbRiiK}#fXrXI&IvknaP+_CP~oySRiZOZ zV`B5#q|nZwBlA29YOPU>&T>^;&MGCKbZqL zE^V7(P+9xse75;zW>$qkL*pqG7n;qx+TnPC@~tDVe-MGDbWWH}u8FU6D{#jzL7Ypq zc^bL|_J^e_2F!3sujq^yrMa}nhb^qq;mh*K!0}5+_Ij9GgNKg{!(nD)*r!7ed*5o& z8j~9mClRDD&Jo!P%M09yu^5_4!|a3M@d?_QaK5wdyT>PJXN*PmU1p3}t``}lcEWRc zd#+rzcgQ|w#Cx-D<52&L5fIutu;T{xBr8ZeAAX zac+|^i-e!LgMGFa|mO?`OvJudYHPW&0v~b z@Gc_))UF2$!`Te()Ff&st>D2RA;L22n)rS}q<*9d6L4i8y4`(hPQ}$E!E%c|!>E); zq-7J!C$>PsoWR5$l+NY){A8Mg!$n-!UR&#E0cGfyU(o1^LBcJcW|wOZEHCpOBH_hvNHv@Yr%~u`JCTCA|h!mHre$N@9wY) zW*+@_Sq{v6q67+?2Chs%7?2+R2{G;`A(tOgW~4hWpPp)dpf$tXk!jz3Voq}XQEE<1 zC+>KxIcs9hY8hLr%nooPoKSzn(IvQ;ALA&Q;p4&`33gxH2s)h-aazcZX+Ly#$7H9K z%{Ik%au^iyvOg+|+`4J|TqY#QAe54-yMxXy9j5_KZl$~3rf@%xN`)TLLq3_H)9bT~ z3xoxnH~xx5vAM-LGP#N1@(DS>GNANSxV$U|=J$GQ=gcq!2Qw{KghWq$j`&59IfeQT zC&{RIpxW&Fa5!F^px^(Zm)NiGvc%z3jnKDnvh%7YfBy5I{{?ULUw{6W z`3C;Zihg+Ff4z9|SsB#m#h+g+LwCRd^oxJF5B~L8p?Ki>2Q-|0YGMDm0=fZSz`CXY za2TMIf0baJn2s(%2jKATv;3?4fRD<+EvBF4VZW%tec(s;#YygQe$4;147~8;1kig{ zfx7|z*}wGv|CT-e>_t}owi@`~0QRHH7t7H7gywKuH|BPbKg(c${pj(^!6GvH|SSvK&+P4uF)i9Y+6!$JT2@^f3Bl~=|fzn}e9U%CB99yNIM^_O3M`IpZ> z|NK8*6g~&wtLCtI`Sa(WKdM*`TY`T1`CtB4@pvoHPyXY}ld9)i0sh&u>P5U2;2!iq zvkt;SH2n2f_&vxujnC(VsbMJSoG^5nDlP+Tl2vKdW*-gFX#zJ5gHVfeAH;CAD2rR7d#cn=C?Cy;t*XhlkpcC8S_+?>z%C3n&;DI zS#Z}_qb0LSQ>td^7_QFH^#d-*p)?;E-02bmStbP%T5O!QGeAg7IXEX{Ebt?yaxY z&HaykJS<(M(5UyAL1z6qC3h~K;43cZ&zvb7L1=+n{X|H#_toX;elBqob#9Mb{DBMz zBTFMSORz=-M^T23{Bad_CCM)Hp^ThiVN?v$8RZ?)zy3NH-bWdHe|q)i;?0+6h+1L< z8GT41NPv}AZxgV^pqNgfBsJ3XRTkS+Pf&Pg`T!=rv_rpq>Q7DXSqN# zI-Le9sXf( z2J{dGK(vh~o`s&SV;j&rHaXjw%i~66A6+;TIJdK&mFY$_Z{?4q(sUB^!y3@N#pBuGNJF$&M<>-Z56gN zEz&l@0=~+|6D-t_PYN)-&g6s&CwiE{KTQ%h{*@p-pVc6% zs+6>ZOu(s|jhb0-GvMa6H0ZfGsu_83sKOnfWv70H22+l8G@l^F|BB;i%~w_Z{m>h} zR7&(eAN&E_eP{!37C7$A5Z2KDqvy{bm+1eC=Z|~;--8sp+BG5fv?UjbIm*RZj@;G0 zYdjUNOPEbp}Ztt-F&I;c2~s4KgTivEchWg%e- zJvE=_Hl>RISwRi$Mi>;rLF$5n1}-=xunBSVA+dQfUN?gI5XO5YAZz!(iex@Uu?rzs zv;Utwd-0;U{~sSe?fw4`Q%c-!?cQ&?m2)Aph5fvKpOqGzY`f!l9CNm`)0TuAghB=v zKLD*5uKIRV+i2H{BRLN?syxaQ5o4Kp$zx1e1FV+s+UVTD7NDARxh1$ZgWyfGZRfOc z#i|ars=THK6?7cLH?jc6PD?|HkcL8Q#7fbt6(4)et$(K*|0Ss zlohfMLapQr7s;9n?XC&Uc6gCU`i5HKnUTW^9NSbbNK>uRfH;3!)%3mv8u`kbp#kIU z>e@kXfk>fx1tuS%Hn>XugTqAu-bnZRT?6~ylV?XI{qOmU;g25^ zq5Vk9TKfMW_P;XyfARe3lb-%RMEPXt|3_^rtRh=&IF7D=4fWyF?>*A7^8Obg{BIaU zJPpa5FlCPalii`q?8pT5z3K0a9G}oIHBadA`DIfk8b}c zi}DzFB(Ll#!ci1?PhmP&yPmOPew-rR5+8q z?AcqpGc%>I;55t}hW|vxjc*_>?*{lm*>q$BX#Cc-qR7&FO8`!C0?e6)3X$^H02N+E zRH|<(U%#T#UX2)~0!I~CS&5BJ(+G>@_nNQ-JRv8@6P<8?oCDw5K{J|pDIhi28IRJK zc_YtHk~5QwV8InJV&!Kkt1$g7|^|-8l^uos*sYAMIy_1M%jiOF0BL{F_73 zIk7Nzy4U75!tV4pPY64`y!h_Pb>VR->tuQStQT3L8NWmJDoGd}f52K2a~D25&4rOk z%5MEno9B&^T+U0BKc8GUW>LWCpTp7-4BZLqAa}^A8F4d0LfdZ>Ge;#7BoRcq2rvB@ zGh~AGM{uo0)GFI8|K8L%nLFLrJGYEP@$TBv7d!hd7}_ z=m>-5Hj2YX#dI95EG;QhVB58r9=#9YG`t06@8$Kg;KCEH&aZE>1J*E8_CSUIbZK1N z{OHl7Y(j*o=QBV0q=*nqW9+Ch9miD3{H@YuuxCJGA$esIVwI)&bLE1eGaQrXObZ_m zJ6C#EOw2{<6Cwm4nx(+2Inbtf^-z_UyZyR)^|=DfsC`A3pJuu0FrO`> z3~gy$>tdZjZz?fafkjB9qRd!qRxihw*_TB|gazfPM0a>$uCR}(GTd=_>{qV<{BtS@ z?5i&Y4R3ftgX&RT4F*BNE<+jX-mjg~RkMR&hFlXX=Dl*Jba6NIcj;Ox=sor-6|{Ya zR=k9TaGj2`g|vE=otMA&Yi&X!rJ3Qx-um8pc|oS#kQmB+qxnqrAW%i(+R?A!7#f^Q z_G?p0+nlGFfW30k>gW_x;+Df0nj0jlC2 ztRMCVANJZES-t;Mj(Fv@{hdRe=OtMSO1vq`w@V;GSNDC@XGOr*rq8d;=-#3`DkF=mh{ z%wD?=l@Vnj2t#aIJVsr=k!HjsiKq1vR3p}eWfgy@!2JePA#Z6P{#IOu_4a?z zIVv+IwDkq7w*NnSdURa2|37~5_(gC3e~9v_+5de=*B%!|tgD@UD_w#6d5?f~{_Vv? zOvx5NFZmElUc~$HWE77-)p;{k?d=+e#!5fN%9NW$pGN(s75gYthzaw%UsG6Wnx(G z*6Q6_y<6)Ob8A%+gC*Zq*@|C75?1=R?xbNOg*!KD@j5MiUh8Hu+0V+Kw>19da&~t$ zykkfm?*n1G0nr7v(iei)S{T~^L;mFGH)K)iRO}8{m)lkS&6l-Si(;wwnQa7kwSOaD zhPrDFzN+-ZRpVIe?`ezQurQ@7KW)_V`c{Y8s$6L>U(=M?Bi9c3ey3EGey8+1#qJcy z4c70Hs?zV0-~29F7p&kVvX$>WH>&(<4HBh0Tb9fEkS%1xwsOWBm%=cW<}PD<8MV1i zIKpbeMT{6$bWRX08hpwnCcz9dDyxTi{oZuoHHKiN_=?LFVKYUi7g5#qb(d^10-U6lpx{PQP0II-fjLv0(gVb{`%sjXf8u4?Cn zuK)m|VS_b)@eMw37u4jQm#5k+(NP{`D`>Wv;U74@-!Z1^E`u(+kXzuZZd*A(bUa`nZ z8@)iEy7y=u&oB8!s-V|0b3vw+5r_>Cvp4T`2wiI;9tQxJHD9b1MpuQ~t%~HfD`)A=iUxsteM1)D{aR;6&40Vj zh6=2vS`z-Ql1;5KszyAmnU5ysR4v}Vg!_QGSe$Pju?@;4^uvW1e0%k3BY3LG5S?+#HcF05#u*+#6VWI-)OI`qacD=AMv~v6rQ_e&G@&)CG*aKzof__ZLcPweG4u_# zF?kqP{Te4ePIMSCnCkBZ_eqHC(s&SE!6@SJ#y-5xs`avrHCi%xbxu7Z68@$5G9}V#=(% zlciFCXmPVliznBzvTkWv@u4pJLw@)^%|-T*i)k7pYob{1JPv zTVe9*ZCbre%a-1z)!Vdsn^vy$Hm%;KRR^}WX)OWRJWl4*vuM$}&Gl)8+7!>AuZgw! zs_^j|s{ni)a8X5Ox&+(Ugu*a%G1)3gXgS!h9M8Jl!zKE8*c`|$eYtcNzVt~$GZT*TnP4`=3!%bIPul`H;UdN>$UsYQ zG`YrAi4i-3<7!64Rv{`?L&`hAN(J2_ZjH=ct3yQV2??a;%M%l2bM=Au%#w)v7UJry zlIx|o;VM#hZz5hXNl@X&Meb9vew>M z=hkMe@ZV|0t~Su!hjDJzOxGLb8X4s3jdAscxYb6uH3qm9#T(#X<1E|2btX(^JoR@7nW1@2oy1_6t%m0kl2$;%@9QDq_bnjVjLq_gKm0h#og6oytYFhH zNp>0B($$2^nY}ATrZvs1y8HEt;BZlM^((yFyon92mu=q2CDvL>O(W)IqedJF90h{F z5Z}<4NQL91i1xIIbLjH(ZYhJf-=bRo(h{}#+F!GiZB%r6dEsI7nZf(a;C*KBPb@RI z-|I`+z(XRnmYLnmR^;fe)a%NG&CL~VXRFVqtk9dy{diyVvHXf^optew#uBr*;sOYpR&qcrP*%Ya=EYryMm zIyM(DQkL>mMhn{qG$s>wt({y*MPj4`;K7k1BBo3)EUNz7P>(wJsf1mda7m3<%*-QL z-!ZaWN~SU)EF>Y?!w}5l?>tsB!PDss;kqbfLk{*244F|hhO3OD2$9KzKu03zp;SCc zNT}()CTT>WJ7?}UNYua=M5eK>H^sE(y0_f&eg1TXLAQDd>oUf{EuTzkwg>9CSXdg5 ziO_pr5HodlN@FZ;4UMM~R=>T-vIeTVhgr}3^K~Oov4Pu;z$FnEEF|x@HxiKs>jj|Y zak-;vMp^wL)9Tgx%F#1#uyjL+zSpaYFg%V(SZu8Zwyp@S!-NP6j!JY(66MYsCOq7& zTb^UAf>}wa{E3f;0BC4o4VJF&0PSXH^h1!}B`K#)L4dBIkQ2Q%EK~Nuy}tL56w|7v$}Oqcxo!@!I%;Sx7|v~1FD7J0+K*7K)ycG*z7HL ze29+s4{G4!Ii?X@9&4#hMkQ*AO9tD}nfl$@bTYMO!N`gks@tqwnBiZE2he1r<4~DR z#X-dyaq^1WCt-!6=;zd4`Gy6KA`(#uX>X5u(-o$kP zBc~T5SOFEjwR}tymO5m9zo(~0SJ)r^ehDC9)4-JCVxzy##f zv305CQc3mdw?Q~*G8I^(8m1snTayKnx8&}?T?}l|sDUbPX(Fv$D!tJ0H6K^^ab2{0 zwm7$_Mp)%AlY|O8Z$cTBGZJda11i)2)uN-d!;A?MDFZ=jgwQon#)!ZXOQWbv^K4_r z&Qm9UBs@ftP8p8mQl%&Y)Qsq1L-KOlP`9hugNE)kkD6wHEEG{b&f}X0OQn${O-RGB z7kqN4={oH@WOcNz#5mQi+#)2m{Un+aMufK)>cKS*5ttPiYg=W>MCHmWqSwf~Vgv6`%Cy{@ zG9cj#o`O^q5TP(-=uWQ*_b}v?O;<9V363PuEC7HWpjuBvR*@65(mMZKj0y9Zr+i_L5Y;CBKxT{H@68Q6V0VHHPlo~BM2nXAeS3m!yFeY z4za)q2{WK0guXCph(;26jSDcr1`*&?8WZD+o`Z~qz;dlA3s-28vcR5f5`qLOT8t3- zir;D7;sE`XrvO}%S{b%D`TwiO>Ye6HrV%~acUnFHlZ4hPsG6B5l_*5-GC%3z{CG?h zKCV+LPA@M$#O8jK&D3zgQ!(UsY?$zH=q6{y-X3!vkxGp?#_zuXZPy4=TjWbIeotc@ z<@l0OtBrV9Wxz0^0j^s$ruu;qHLGk4Hu!Ud-a^P(!8%|nuQCY`iOBna5ZH}Wy1K^B zt*G$guSQtQk`kGbgXK&sBH2yJtdUe^#x`eNh{!}~P{3N90n=LW03%nq*5;rYD4%Eq zd_S;p30Oq^I)8U&rSNx71~VdRt-O}m6^df?+8J04a7;{hH7QN>?$60ZpsG^oBdee< zRuHd&S}UGEHHcDK(2J+A{e`KqN{Iih*e7yQ(Uy0A8dpfCP7cjUoOR~flp(A@@SD=P z9%333V`ajDN(;0Fpo)|+O-d+3QV|?3tjFYzMp3&+(dPo%w(g=$Kt!i4Wqc&TM<-ArDg6Mo4SSuR~GeYW)j4)!fiuz*)SWyY2 zRLgq!)^MwwO~`;>p-7WBQHz7ZNr^F;;W_20&{AcjM`LJ}+?1&T2L^qs)<>`JRQaTIC27XO-%`peQ9ZcXOhA8V=n`V+MxjaD6`ZMKngIn7R> z@X&cQ+@^w73<-umL3JWp?}lYdH4hGnSe2j%gfk4)QH)hE1JloC)|Oe-g2b2tHMcr- z)*hWQF6v!e$SG`$7h7?5u|hj;_jp=S*gPwm$Zf0KK*`z-QC|8hKre5KQ-xwK6?%Mx zNCcqGPyppxH54mP)uUDm1EKPIztW>y^ugo8s-e=1YkuQc$u8?dTrV)1@|Ho+183*& zsX7DWBWRH9l80xW_8y>dsz8w(b2U3C>{`l5 z8N4*I^~33T%j!WzFrU_7YQmy)^^;l>nUx_ZK40^(=IN54b>-=~dHohLKBrl#9j54D1c6x5`HB4u9O=q?guyWKOZn zXi`Xklnt0)4tsLnxw~3UzYU*8e$ZvkvkyzkIl}gQYv^cSQ>;cU!RcyE$9#x!eow>7 z9(9#kkl|eHWC<>nIfa}~5LPH6SnEKna{L-Kh0tD1r!$ZZ;xtk;iHHVnVkAKBbx*Us z0>Xr_+qu?UT`pEl-z^ZEU8BzK8-9~FT`Wy!!=Zb_)o*h2G}LX3-~%#pRKv_2QPQ2p zQl_zI=fw%tU2dUAv?PtD_xD8@i&~VOF-N!{GE5Ma3I@?jORFsVN76|X}B%C*F~=c+Yc0`aBxoP zfrKNDX!mHhY@~BBG8fruYq&k~bi*1s@}8ia5#-skmR69gthI+^Wxb8NT-MpVtG}OzoP|xwu?z)wU$xw@%5r%%s)_!Q#RwD(V!PN*QQ_i*xE9>=ygy+rp*1%b$ zi8;gg+6J*ixL`*0uu+1QBBG{^5+hyPPPSnz*vz8JoR6%~{05dpQyT7{_Jq4^TYOtw z5|_4rnY9u7K5LQ#{cd*sNX^i|YF$r4+FhYil}V+pbYXU7cIVyZmxZob&kefaR-MAd zzBg=(7G3jM44{{XOhd*CFPC?gL!@DQ`NJwVB5kCkwZ4sJUB<|)+~Wkn+PjbG$)*Mp zTGmcXv&E0@^G=?^f$dcvs=9mHm(gs%d)lz!Iu?u-k7?CiVXib8hoQB#t#S-CPJz0n zI~_W*?m__Y&#edrSar3}Rc6=SJQ|=1Uhb@nv8Z!vI4+o!;q*ui)Jm&E^`}F0V_g-L zP2URZQpm+2-|1#;`$=8qbzPkGe^GFNXr*m$1~P_EQxFmpuHn-Zz~P!3Ih5qUHD+@rfQH1Pg_Ch?oOoR*K*ii?b;$jh$x2=$)2Nh@$XO23 zk})@9KPjvA{l3xaR}?J@fz~#CqYu{5qThn2TZ)U)IL|4$g8(VYrbDf3 z4{ffvLlZQ8_z3>>QMc8bcfFJdBXRy->lAXe&Qlouay66s!KoT%0#*hDo09h$FKHr1 zAvk^W^1%WNPD_}V^&*@!ePfhuvC?hZwr$%uZQHhO_i5Xe_85ch=bP6<4 z2_t=r6ioOpg2aXuxk}1(YEv(~j*#uB7NUmSavI3+^a&jeXNy&k0uQ5Y&E1{7u#g_e z#tQmXe@0{cyoVQMDrCv~1mw36YWId_Mk~`}Yi`4o6ZM?@V4gbh6UW}scy5amu~f;r z5y*|Fr+*JL}24kCPt7TYoEl$PB<2DrdbTrB~#>5+MfVh z{eTQIH$Eum)3h3wI8}G^$E`clpc`XM94Kr_W@!ZAH+`Miwo$!%I!M%f6co9Pvdd>V zY=x6#4dtK;%D{UdnnU5nsWFoj=Ew5Av;VrtJXv91AK8N!OnNj7wONTs!NVMYkx!-z zG{}uP3zbxv9?u)DcEgE?CR!W8OJVv#G4?1k91W4&mipL3v1wyIz*Po-(%t{efWVFx zqcQp1Rs)XlT_Ye)emFc$y#p@I&E#Xf)^;2e6 zeWq^fUkmB>f#i#sWpTqmmfKERFk}2f6-%=le{X^>@F!*n-u>vR^a7tBygZ$1IxxC- z`Njx3;@F5l*!V)(8_Zhdip8wC1F?+;V#64i$9U*GoRCIRL;^#C`dQYCA!l7P+0oKpAE=YF#Vnp7$lBq5ZP@NMTL^& z7TU@PVNU5x^MivxbQal4`YBKk@1rRkO;cJZ9HaG2m`zw zr>q(A@V?jr8QR|$U%tF-$!69|ghUJoq8IS*dLB)$bNzVT#O>~pJK2RjybXTN4l=0= z{20B2wh}#JD4WiKiU*SUCmN?x_hlTH^~B%=9{_TGS#eAQt3sAN5cPl>@@3d>dJH(i zc{JQHjCnW}#tK;n!W|l!{?b^?P`Hq;1-W`(un%R~LZB%e=TZy>kb3iEfEOxp`Vx=AnaexO8EuOKl%u^K- z)>L?06Vqu`;gNk`t!Bz;ngd3(ANZ7E<8n7q(^fE*#DWX4=)fRP{iEnY2^;;ufErRp zI$E$Hfs6-hqqgoWY$FQVycMQ#)%B^CVnzFD{c&!0Zo_A^ShZ6OGDs@(*;wJQ6rlLxZi%l5oo8vj;Gc*2Ytt4w#Z56Umu}hmXs$@nRhxp;e}Z zhb)HcGR9zw?EsKn*4?p!jcN)SDJ#C1s`3I#Lw@-c)D1~V-3@8sawa1V zD`_WaspW~R_$xGjMdSPjq!+&d{h>;-?x@yp=hq7Sc6`hKI^Nj?ujo&Ek-Zn=mb?_JRm0=%Hl`R@)GsFma`(U*#6>fGWYe|Nmqe`A9&3YT zw)(Mx>glz>qTOnG{NQ3&QX(z64J|!3wx9x;=zMeT2`}bCiuF;32rg`~Ia4sjru29e z8xG58Mf8=_7K!MKiI593?4m0HC6Zdf1HeS`mDEtVN^L#1XCmi{4%}P-M>jfh4gxI& zM{b%MsBR87)-o}AH+-I;WIH6%-G3Jb)PPyD=~Id+6J{A!o1-fx(6$#TTUz=?-U&5XFJF1jH5 zc4UM1*sQUP#cVd!j%(qqDn>I=Ta3y^vH4RjMR2cBnpGj~TGcHrD#0RSV7!2tHj<|( zGOKnopWnAiDu0GSv(}|nhDjntVdrup@77w`>rnNWL_*il`4YebX1R{g1y%KF1`l7= z)$xteX(?ou!zp&9NukDqn4Bp76h&DGBrszuu3_O1u=`ndR+~$s&g#wjHl9t0Y#HQX zr>!MnX05gHd=2(lL`UotGyGe8srdrq4UJA0+tf|9sYS7Zu0JR_BZ`K5FmEke37@h_ z^Qt@w>C(!su=1fW;})5^uKYW5sWs$pp$hjxLUvUwv8{kL8Y(&fO$V0GRR=Q{Mhcf$ zH+zJ;UFMaI*4#C|2vQ5wNxch5E84;eN6efIIH@5wTPb|n%|W3f%1X z-aTtV{64_Xxal1^KCMx3=VxD(m~Hs0!>a{{$1@J939#vnD-K(Bb?nT9lGr|t4@3@2 zel&8Mk)a;}=5cEj&K`~VJMd_XABMU87c|Q6y@J6TTEQ;0%av5!`Ww^_!86p4gR4lJw4B%9+lq;-TEJKln?Mu(MuswjlW?K7atKd-@EZkxEPjVifh5F z&QV3%#wLHY5f|~59v{V!IJ>jU&TK@b-BuB9Ybk{t-b$obl z`Se^@{id*!_)t}Ip(@qimDOe9&y@^Rl79;(=1c$mrk~2|G62q$3|z{$|1aO7(LA%V zb#kFg_3L1K{{PP!b*10QQ~7_n-rs9lS=isF1NOGW<^JZ&s~}G{K18t8egr6 z^L>SCFb3GtK@$#bs_nySYw@1+lj#Obravz>67|CxivIzc74t4R>CNBN*(!ItME+Vq;}cNJ*S|8dSMyc$ ztCHUNF}Wop`Rl;ocNB`}sh?SYhv?$`DZ(f8H&e}c`k%4+9liJe8A|~KF?ObB87 zpnhXyEL+&@HLOknKn;MwDE$%@!1^>Bc_0RYLRM&TnemLKi38Rm=&SRD2C>dJW0t!c zvN!`{hDr9VErB^`n>AbCXBy4{P5*!?5ke@<0fm4fT?Sy196vl|o`H>~EQr(#BKBj+ zi82YZ?hTwa0NR4(Gu9)vT2ZkW`V~`fQU?XzBKj$ihms?7fy%Ae=5t#gTE{aHb5yE2gq$~;*@f|H-hvxNKh zbpvQ2@Q=kj4QT@dYs&NM%m1J&V?-ixRtJp3L1!j5Mw=mcCpV4ZGJEGl_X;2+T2l^W zr3@>4=#ehq^Bi$~Ob936DH4i26v)>hd4!0*Y1ynzQbJmrG4J%(X$DCfF^IZ2a2 z-vLIWeb`kG)_b!1>*zR#&}DCdby%pQDAtrPG-Yow!-A-3UD*ygFW1ZA$S$*>U0VY= z^Ccw>K|O{_cGwFuED%bGqz!9d z^~@>z(%?D6KIko8vxgh|xtX#1Y|FC3cM;ou49cG>oso@?1I!o+r$EL013UXHooyw? za2pu#+U()L>2Ke=`_HMVA$0T;wJAbp1|Gk+5~CF@jrnzkW;A`~=hR<5E}rDMf0=C+ z>?$7Ygp=z{VQc?30I9Gk7&oa**N4*{>#SGUI$)1C3c8`#wz5E5%}bFRYm5eI*J&Fr z(NOggAZ3XQ6>pkOE!8A%gLi4Kk*MSYtvL31b~d1VS#{{+e~f2+_?i?Uh*1c0nMaZoiIOontNK| zw^#dmw_`Lq8$9~ta~8CK<|%C}(hqU%(c*;1g!on_LpE`@9ULk}EUMe!q5*aA0$NXQ z5kD6IQ!`uXcXIL;7@Ah3N)n{!M|ES^1Ud3|5D6*Gz)w>eZUKr}J|Bc++2o{YMnaH% zVXx~&{9`_%R}41W{Gy;dkvW)~QMtI_rai&?9M8}M7x}!)oIYn-n8x}YH=}M_w(l^D z+2&|m56F3V1ej!y=#qpP71XVUh`WE_BKZ5kz5KS{LU(bJ`7gg`*iZg`EnLUm+~4?( zrQ6SLg3~IbKthT}g&xA{1M{2o-pm!A$_d{BrJ@+aBKmhL%z@J_Wv8#4D#J97MuPYT}~VvU+5H4h}xN4H8lm zFg80}Jk#yAXxY#BVSq|_>i0(*B01IH@=Gug*Do`KDmwU=9`>=DR=nwz7y@P=tq+&Q zd;Fu_FvkvD&8~Xi^KNV(?YfAz7X^61E*Y3!;oARCwDh5W>TQ&P|5S4eg&TeXU5K-+ zNopWb8trz=Cg&)~jk9=at9Gx^p=YqZ^pylfP6f%8W7hZ~?4*w2G-;ZK_I55D0d&>9 zdns!W2(<_Zx4_?xkKUiRnZ57amuFuNtnZcBpZ1r(Vz(ps&p%y1axVw`FE76}ug6cR z?5QXG^Iw0z`{rMlKi^Nb;SWDYLjF9z{Cs{am!XAmnOKev%}QVYa`@R`^IV1aEa2W; zhwzP^K7vJk1GYM=>2BXEzVoEu$0bW4K@?mMu$U0EX0cPxBnQOtb8e)}Y%Uu>#4+Y; z0lE>n^Ne%59di`utd{hP7_DqNY)0uc+={B}kv#(MXuSTyojc^VpDa*a(@wtAmt$pr>#_ zNp1xdc{z#O5}~*thjBqtZXn1b36MSdh%woZGZ_)XLMk~6KFvD8vJqAn^jSN4CAx*8 zmf9tqdD0T_sgLF=5VIGSh^E{~oOR46&a)onh+B~BJg^Ii-6%8%Ff+ast7oIeZUcy{ z9$SF-!Z#k&h0ZEAUb!afkPDd%TcWV%H=2ui*04Z^bHMEt?X<&V25ZOO}>6|3CoWzGcDB_yZ)Y72bQ`DiR!P>D~Q4#NO zh9zv9CjDihG{;GdGZZNR{f7+tGK4}S=ua@~kh*RgqJe?vPnIT1+chYaLM9?CjhPl8 zEe)2I^H@u;`%gzqB-y!EQvp(EJHR?#i~cAMl_kdAo?2lXC0hD~qgUh?Tmtc|c2Lq` zr}T3&TRWRSEQrT9uG=3t{I2RHk=;cuaB|6Waw8EZMF`s3-d|#K;kk_cN~nm?$}yNl zpV=`oE!{|WQaJ=9k_1@ZP@08kk`PkVCLayCWQjph1cU@hyEzuUT-Me?_yTtVb#;Yz zeNDgC!(SSLzPGY zT*)Rj`*8HhtHP$QmRLxv4jb~1s4BRdlQRnur#u}}#V8B*FIm6S1q3M>=$r!x%KE~ElERm9zR}T@#5>!G7Gywm+!Z^v!t1zEm zs(7C=G^@I;p!mptz#N6Q>A^n{7+tm5$!J)JaHY(urcHPQw z%0n0|+8Lk%-2vR1O^R)YHU->;M^L12%X% zN~O!i8Mt_Cwll|Iqj!*)Lp9z2q#JRiTY+&xn8!!-yoUuzSG&bPvaG{ovrw1U2B?l-{9**I^rJ) z%Qrq3f2qW4JnTFD!B!o8^%8{R`c{SQrs-r3H2MENJd<%VfYrO6CO4k>m{gZ&miCfL zaMv6lIY&9zdxeTXph;Gprim_YzU|R{nQaDDWJZ;ECrG7iGnvUwH^HkaQ2WR*ME8y6 zFo_r$7D5CLW(GgVCdvr{Z~I()u7OUq1j^V{lWjip$jmsXB}H@A95o%=8_zhj4m$9w ziq3UN5{)+Rk9B_>N;9+KwKJyM%dA`Jm>Eb;iqJ=6^K^IJ4om9V$ELU0r-Lz@MVJbY z3)%M+hu8Z80E>fKT)#?z5Hdzh2)I%xxP>x2#Fh2EqB+ul+{bV1nY;D=VUzdoa}*^A zM)#1r!i_maf@^O_T-0`?vi~D52y&FsSRx(#8I#YLu1K~8(n`ehiO|&fm;8dM&OB`xWq$1=cz+tR>>bgZFWNJ z6W`|A$0iB^ofD&(8M-xpPk&jI=4`8@Tgy%7SD+TVT|C=vDOPV+Z*)D{ZvBc*7i!6y z<*Tg@n_t2DThCUp-sz&1v_0C@^Q%$y`~1f$h5G5g>LsE#%hfc!oH4(KKEEEZeXe=( zQUhXduDmZu-Am2&w<_Nvvw4AFXDZOP{EqLbyh;+*ZFY6qUOc{=n|CI&y;4IV*?%Uw zOgY^&jJRdAN*0FYmRH4=$8VN`Wn6FFYy`FWk@$bV1`pmbKDFTYHazWnRl&8K#0(0% zhe}z!8tR$YnFS7`#G+d*S8U!hn6OIgw?P$eM7dt>xaO^}L%=Zx+P~vMgyRr;780Q- z0ZiR%+$y94{o;mG2?`VNK8z0;@6r2k*+EU_7Xl&P4;?BYEs2|CMdqXL|9ZH1q!fOp zasHEA%MyEFlS0JS*HrD0bDdN5pwOgj{?ukMlraFA)DgJ~8-F%Ap^F4{(PS81*Rbf+ z{>o(7w(@c+H|g?d9@ep};E*KB(qV&gdO(%mX~cxIt&PI2S84Q0K%noIDbFZAQ0O}l z>Nc7D8Aim%A6BO#YWib_+0QUbtH_2swD)b!V7_!Ja)= zYp7^Fe0A|>vID%%J_grlvef~)H;bTDqqNPXV5)e~wE_hGc|usV2%dM60yuUWAGauW zRTRtWXyUiu%WG2%@+lJWEF)i@l=YvDHouQBNOOGnS&Q`zDzs`|q^)kmY+l4n`F8Nz zx1G=z1FM|SY7gA?k5_iZ#_OTh-f+F2#1%P;!ifD-((v2;43Mng=-{Lp=C@%xE(@$C zwCeq_Ld+KSZ1bTxoLk2pH0nVAjji3C^XD1(%eO!9rku>B6?o>Vz58xqawrDou}tiZ zADlzXjn*w}DwY%@VsNJ;b`2nfRY~}ZW!4Vrb}B9Svh!u;8f?qQwx&l1mkl9C<~w#e zlY+)_mA;=3t6Y8M6ek}L#WtAvzkfhCTVUPsu%%=LBlTyl8GWt=9-ba+Dba^VAF-=% zw4)QhfuX6~Az#IPfbHJm4*iHwC?!Bz0jEa-txK4M`D-8FaXeY*xkU<13}8iq!-2<2 zp3KBjVl(|d3jQ)=*<=A)IaG?nEQymfN1ztUNXuEHd;bL7B}zRxSpEhv-)n@K{O z#Z-Z2c$`rT{$*c&-mpeFI3F;VMw#AE$E8gS`vuBA>iS`HWsXA%|A)yNBExXWFjaLl z)Ra$^9+|3o%r`)hOv1>4l3bbZujgMu(r8GzC2-Z28&j6Fqa`3L@I*V8U$~ht4tG-FQ=J-DD*qpKVM5{deeHWnIld(llSFu82|o=`IAlG zW)VawivGl}GlcWP_Y$g{qui`Znl1}B&JAxKVi}nah5$QC>{j$9d`4}*zD5L-)vbze zG81J$X8nG4>J7}L38!@_AQ(b0f$VXAezep3ZdJ70xY96!HwIVNn0LwOYKCN0IJ=X1zn&x$ zY5Y~Mbar5Rj$7$Mb~XbG?~2vv^NO}xnQm#Q>_FhNNFw7};3jw9T)G-a#5B(BW0m1;PjLcZ&cg78DdQgU;YDrX zmv^mpQeUXsQ0UKQPTD~bY%ug-gaC#tx>Pv<9CI7C>24jQcC+CJU1K2-qEYq701Jf> zjf};p%iet}XyN7$C{;h|jJu$ZF13okngRR?e*Z#y#g)G~d1_DNQZMQiDDI{G0lP5Ero~{yb(AUr{6c+2-bZ-1JFI z<(Uu{zO|3|iBL8C*`*LyE~sq@{F!&r6JfTGxY@$5PV#c7^D|*Kd^2B>(@`T|(S!f8 z(Bj7bw0(Yke*A8J6WTYypK1R``@g=utA5S9ySnE8Tj2EnwfKq_TL0JdqsZ_3$bSTy zA4_CuB1rtmh<4?z5n+CNijdTblwhJc2U4AmR0c^jtS`^$sr4%cP}G_4ja3~{rp$}5 zIv(g*=tBDV<=8bh|vwz(tdcNLbXUFV+s?qJaJrEu_YJ4FY0$UO7rQoXb?tj zZ1!fk4l1U%2OciJDkQ9+0%W~+8`BoM>{mwNX2 zkFt)_<6RjKeIavDq~&v4QV!6AN27jQQF>=ZsYpL_VRg&V+hBRd*%@c5N%d_T!N}=9 zkOK!*nn#%wVa}hNZq<5WCPa}YRqcRAmU`cyGxBi_s0e=sQndGgD0koL8}Z5=ke*Fg zjwCp&bvTAa^)=}zn=rqlD3%R{-!P=9Oabo%jsiS`L8qw(P)Ms%%_;aArEoie_K}Lc zBlj4Ke0uGDzsfO+d6@WY>6SB&Y~d)`llv%2j?60}WQFsJmT*?#xcs6bhc|8Kf%ZsZ zEEo5RaNWQfzQ7o~K&ao{7O&{l+d@o5NjnJO7 zUlQ1GcZp;oPVr2Rs8F5xl`ErA3L6-g!$6K{(W%%RFt=^!x<3rU6BPuc22glcv*noj zF`TxhS(qlVn`S|Wu8O@{TnUyGGR!0{?bT{~1ghvs)574Ur1-CcVHEY(L3492IBK%!4iA)ZD3ak}-y+|%D`z@GNoGTk1eL?~=~x_`QoRF5 zkr^NbaUhk0apnq6ET(y%l(CG)$rMfxdfPhzT;EdkS|t<|w-6c`k=^`dUb8{NdiTne zBT`)LTQPKTAee9^?hK|eSO`17Z9Ol7ceg%F$?$8-_x>Iz_f)x$)UDs8-Rt?FBWY9 zd^orey(=zbzzR`if(q;i7;K%g1g0UG41@8CV7@P+2}Q>sKX$D@6owYxNq2RUd8i;A zJh~MQsD7`P(eWh{Po+S@zZCX{z!J1DEk@td{(#_0vYNBp)C$&>nndA_>%5ZK-CmuD zUlr$O{;HCgz}c*{aHr;P&-c~iRA=Ob`yhnc;3^Uv=`);yEj}SnK*Y7cVI)eq!=B$L* zZh4Ct#Vu9m}bDd5W8pllz@de9_#P)h)P)(L8=U<<@op8L6 zXA>=DodVOBI6X+hFCebmrDPfZmE7fr$&e$Dr)i;-8p~zb&mEX($sF>y=J*lORxijW zK7qJzF{hA1 zNS6J~#+N+;ZFZ5sWDJ{`eq)Mf(>8}@`V213BopVcCJoV~?*9(HKm&GhChbvGnUUXB z4LzhB9|DCDT0$NDL?&gvL~l}sjQrZHfIb0k;tkPuE`p^6>-Ii*snOK3D($>GMs@V2 zbF1zbz>fTsqYWg5IMfMn1&}6`$Me~5Uj#XXr(};>16Jnt``P}zwW8bkxvsFu2LB#w z33pVIS|+G;;admEz1}AVLLzvEqC=o3bQ;zB<&j#2Fejht#kOZuuZkN+r*u?5^F#d8 z!m_6}p&p>{n@|ogCLyOG)!WUnJ@hSL-bK@MEE$`sxw#9D{jBdq-_`_B)<6aTqlZDr z)GX1Dr6bc%WJulp@RWw~!Dyn81_i5%I*Lwlmqbwgo~Mq1NNlb7;MfIO01AljOKmhJNawh4ok!Z!A)RBUH>lywvGSPZqD&ThY?s}TTyi_TNt_{?WjvTJ!yGRT(Ul;k8zbh zNY2iNb~KAbIZ>ly&hBZ&v*cRyk6T%vQGz1>gvg&X^=8@{S2br=`i>LY&V5iug*jVf zXSdufygo6V7XTXgYF>bisgo9PmjIB!l$Sq|{8zjHfcp>YfyUJJBpSmLmL#u1!~6v{ zs|C3A{S+99yOxVd2H02p!xGb$nSeml18&+_VL#|~QUvZ3Jc}`Cyo%88d17_ApL`rJ zGxmT>&r5CH9-9R1V0{?7W&$AiUhBI#k6*y<__jdT4s8}4VLi5u0FX9@ z5d6ufLt3pr^wvOa6EEz9ny8JzfPCcotTG$?f2F!SP2oRXnDK(O#vL=g3Y#ycaST8| znx=jbBh0`SuUrg4!T(B{x22jnm@Gn@J>cR8o;UKRBW5QgTS(?nWRA<14vEZ-Rkq5OyUhGU|I$_YUbiSx6y3;+^VN+o z%|BYwfdX7m+-J^DEu^5UseA?UHJ8%-yz0DIcpfEqSv5BR>J{UlFHh3PAv?f4sb?LP z;r4Fg_>iA3=c%8uDP!M$Tk3CLH*7;AZt3t=`c~bE%6`~f zQj(KOYt$aJ`qGr{=qd7nW>%}&5-L=_>y zb>;G-sd-)qteLwh70GAE+u+CnNLyI6dKTf8Mu|o<8qg^H4V(yyh~JHHRFIG8T%RTF zUSWn3GY<{-8?gDRMNT*&w7-AbUH0F;t5X8URL$TE6`3^96QnLjI}_R3b1ZRpmOouu zJ6|H(mb<-OWn^`7Rvf6|;WLK?b2H1qN4fd(5X@wMS9ZPeNy|(4=85`Q)9{nQFcMbV zdMD1Q4Z>@mhrUZ6T6cNIY^`vXhwWE=ow5PRV~t5aEq*?oBNoILP&gMz^ch-de)d=U z0e7BQX>irp5&M2vEe6`3Qa)jaOh9pK;lw^OI}jTNQBmJjbYcy^bd4QL!gBWQbM-FM z*EXjbom9?GkTpBzC4f0|h!+w^!8w5t2Sz`Ii&S({%9;YO^~W5y0z}nB?SC_*KvmV` zB_!(K-fzjLzumI*@xSTmbJN@Hq`$>|5YXHGXjjuXgZAcMeFxfsZ~ku;_j>6(`m653 zZ^?zG-tI>0Z>jYKwD${W&j-+sLpA+vcm5M7w9RkP-}`{zUyn1o{J%babSJ`|Kzml2 z{;z>A_5WDi-%I|_c;!Ei{@e1E)_+C!S!7S&i_jH(K|1+=T4y zchtpL5Cp*|Lp~})?hN~txOdjmm?17BpGZUY@8 zD$x&f zf|CEOU8>K7v^QD`s$9wyA%UbGPl8Y~vJMbtLDG>@T?o#NyP=t>5+cNr%a8ioRkrS!&p#LGjtuAr%OM|BUX{b z`qPHL=#s2tp>jBi)W1qv%nE*^3L|#&+L-SDrNCgUjyx3ju&_;QoZxa}J`06xC9I;Q z<#MJn5Ug)pb3;28mJ)S~7W+E3V^5&jMXb0_i7E09*~xP{tP2D;bgZ6FCplMfx)UNB z+96~?hQ(Ttn12JJ646)f&od6-pe{?h5MnO&WXDc>splk`f_?jtmRFx=96*LLyW*#X zmlhPYx;j!s@=rOQO*30dck`8h?TJ#M5eB>%kw6YGJC9PousY@;HTCBe8;icl9ni6T z9}3;}k1_(=QYjD#^|elm;nJ6>(3*N9U~NwaF1e0N9z8i{dM=0pp`BH?Mi-Bai&q1QqVgikrX6d>#&^drE9QUN7KMC-p+rmDZ z>kQVG&-jA*!4P{J#V|)__nzIGa*x@Gp#7Y#lK*c|>C)x$;^3o4`0L`njW&R4T}D~| z7M1ih&WNBI^;Nvr`YI^~k!MUjqD&F19423Ot?u{H&2c>u-RzE@pnfC{1`s5UNF)#` zU4;69(d*#jkvp55r}ypMb?_}G{dqzc zp;N}t8?R>P>ifC|C^Qvejl1?O4IR9&EjI)}&;+Wdp=u65xVJqjErW4*CDpbKz+ODi zPI~Z$NPlAp&7bg;Z)dwCOa|3&#~qN5S?ArDhJYWi6SIJ?zoaFbq1W%cfTFpx#e9$i zR(Hqoa51?ozYEZtG`E~2bq&BpkH7m<34Vfc%9eB=#GB)dKnqL^SvR(C7S|~T_F6>z zVWPsWQ2Mb#%o(L{Lwxh)IwUg~cbhT5C{v3%9!NI%$kbPosDG_nDr8We&a7ga z5Xjm=DW&gUfrgr_tdM(BLM*R^39Pha?pKQdq%q|6fVd&J+Tlra5zx9!CFZE~&mL0N-J~Mh z52H9rr6g>1XrL z9{LXL#5vO8(3h^S-h7hd%sW56b9U4)qT-jx*G_+kn0d(Kwgb@AQFhaM*|hwIn+1cW z%6F?sqzS`9u+RrlGRUQ^lJs!C-9148N{BNTMruk^`~vhcoMyL5+u%p5W$@|ih+0*7 zUm8@K%iG*@QJae%bP@)YZTg_KbK{xxA6mQe739h%h`FGzmnB=$POB8GfJW3d)4}J# z6GPkZt*#>*)dU^MfZbd%Yt%?IM-QHPVE)#tv79%E=ry)Mr!aefb-unH&R;LOP&a%{ z9l4}cLqAqU*livvJV+!q!6meJcqt(<+MFLqLlOfWUa+UGV86Sfk3d`*(M0pVO&vAg zIq>kcy3@k%>ky(b2og&FZ7tmnDu2PK;xJ`#W)$R@0d==FvUQ@)Lsv_7yA&{FrIBb$ z(y#Qd7PZZ^usg5F8xBNwT`Nis)SS!oifBPA(l{+FXNr|6?Y^pqBJyCgvy>shFZChY zZMhpcV>0ERQ$Q*KA*~zXpEO z_H#+vPn0=i{nc`_9Tntg3&4*|*Qd(@!lY;KtEDCJZ$7trJq||kE|mT8j#F&gR_Sr;n956P?JA@+(Uo{c&C_nFld%kV z9Hvk6L6GOT+3{`8SYI{&@@KN$KN1p1i0x`0t1uh~gSfgeViZ&fCAR-OMWzpL5%A3Sowg0!o0=D+llkyGz2y=3>jgl{D< z`y4MS;!P9OnSs+AO(e$0xpy`wRnJ{L+2N<(+iM0rI6J#4wK>7&SQuEXG81<+v}43z%t@rYr|3|YBi^w>O4NDt>XNp~gwP_5c) z#5S9&N6JWG7q;nDI6I7ISlOcq1~V!aRkigQ*24tNqR8tZcPmI);oWI7mqriNwBtEd zh^)A<8(;B)B298QdW8~+Ca*;uvI^77SkW*j2`|82FlnjRHMFzfQC$t(qX9SvK5oC0 z$4T&zN!6p;J%$2)zn7Gcfn`b@vnbUpKw6(?P^avz>sPaH;E8RP;7^B@R7$JrUHmI3%V&S z65;VcE>8l7Pj7ca9_;>$%BCAabxowPJimcGToGNk*gi z0|VtaV)6?1QA>ioLrAC*n`8!bTO0#JJUNgkqnr(f%4Sb?*5?~JO{gq!3lFRXRI}ERTs}WCBGhMOxxRM?&cc1Lum!Dbt6srPVlth38 z%1sH(6cJf({~~SON}KO8>jW#X1i|;No7ah(azGlLMcy5 z`)uVFr3@}7b>67!m5k#&YNkQsD-2aX-jmgNA!=fX&qAC21GCeqL~Erok=kg6|akwmK_4~jr|j^hIV{Wk^4j@$TfEOf5IdWUiqA|OOO07a{PW$ zNC3)ow8oxmPT=>$b!T-Smi|@%0TGtAf)ow>OJoMRYd2*(ydD%p4%O7b#e%Qq0mPUa z%iaBPNt>AZV878TT;OTVM`|g+dxyRUx_!bWe66|SBIs#T+_`LAJV{_}NxPtp! ze`gTly2jTH^UCD;lq8ueZ9^6 z?DW_EV1L7<;ZQ8?;giT>c6mpg93q(l|1>3>Tcq4&P<}vA!~|4`TW zIJ>1R&Zg7uv|kOOQ%#r_NkbYs%KZI|=5s?gyHe_97-g6XUcQ&$e!Gc$t0dW5ny%ue z&29s=X&r)DQVh&87`Rttx ztv;*rwTZ&gplvErr@`3}uP)m8#SmU~ZR#5HnfoCV_>XL*&JAzFcLkZjKwH-| zi=-#OZZ*-K8p@t1-v^2Ft|TZGWiIn7cz%4yM(R*wbef|k7L;v-r>J{ypZb78zJET* zBpXk%0IR;8i#WogszyLOV|~r+(d+r*;Q9EtzwRB~;`jP`yiPEFj^zICalfB_-yO}( z?d^r$?D%*wbNwXa`F!@B-!Fe&9PEKRep?xni;3y|jptb+r`9pf*m$k91awLN`A zi}H!7B0oA~TfZzoA7utYDRTyWZNXVtKWBe{>5H8b0|FOK2124o_0rrwnWp^p_h znZ`kHg5F?pnrpncvVp8_Z6$5OUEiqbt%g)EY}~S)AL-sl}&_@%+#m!Fs*yylZHYXT0a{2g$aUM{}FZk$0mZ` z_FNba4ju7n6f(WGnOr=kQ-@zw_QCNHa(b#|_tgaWAB-SM{|Z#7{a80T=`~t$r0e!u z2FZ5KsIza5RKi+}&dAxn1=oNDB?y@r5&iYV^AKqlkx(bx+tR$ z#Y{x>v8lKytWLr@bUx((?r{e<7y~;?91FwD4jm>`#w%dWODUvHBV^~TXdDnYPWsav%3wg{7ChX+HIx6(Ly8GCSa>oI;n}-C^nw!7+X}d zDX&0{pqE{buZh_bl+lDl1{_wO7nS7T*k&>kyadpbi_XF{b`bzYY?8FGsZA310M%96 z9tYexq&UO__vCcuxu!Xf6EDM#j};&>^N{L0YEr%fs4y7IOWF*-(T=-opxS>GhMs>% zWK^Vlm%u;K97@RFBKaazlN3d!9_AQlOAY4kB+^iX)wa&54$3{IQh8^hu+J?iq#)Q~ zx7he_nVG7qwGK`LN#do`z#+t0Nu@W@SJZ!08=JZ8fsH9S7zy?NnMUQ};o#)ZWE^an z;P*REWQ~k#sv=mRAA`FGETAG&8g^W8ULz^+SJ|LA1Wdr8^mnpERedf0CMLDaG&{cC zJ?IBOOvcUUo`yrQo?-0R)9jK1Z*22N?+T$hIu`e)BA1~>td&t1$5f@9n>XO@Egerr zI6!`!UtA+u%}9dgA}41KfM#WWr5awFMM+*Z9{(nDSp~_oSZ%Q{Du$Sv&?BV+$=LRl zD)1oJ^c~yT+KlS?rF;rF(@o?xCRlj`k@z4mVWvw|jmhzg@fj&*!Zednff8lvzGUlK zInwRGz%9)6fMqSeYg5nTo~$||*}{Amg#Qvur1at0LCiuX^ru3|f}q~qcLg`HYko3o zR_+pJ?u5a=%KDb=7Y1Ir!Ki73Rz)cS8c*0P%wEVjog8;!>D*9$Jlka*p@42>r`Zt2 zgqhD@DC#(Xhe|K z|G`W#hLANh9gT)D{Jn8XISY6O1U!dK%rs@Iqy@Evg)@%FntJ)jzLDFOS=#L9V-}V) zU_K7qS~PqV({EiS{T`meDOS;9LPj-AniK4dWXszsF6~j_EG%r$A#X{LoM$6Q!(j? z{MXn1*Oi0rK$)kIl|=)Py1-gSvo>VgV>Vp%`1{?> z8LAuMl~7x6=kkxTs?NiuD>N*_o%c?hWZdL`0D7XP_SLz1J-rqMSpWpft9iYRs!G)h zI|)?L7j0EYMp;|i2JwNxNYq>>Fm{y( zw2!I4%pK<&U|A?)g*?E=S~^%~5DfmBaqh!z*bdf>7oS-S8BN1-AnLoJB4h^2Ve zEk^MNdyvQ$Ff?YMw{kzc$_ufKL4Ro2La?S}LT4f=BMG)0RkA8^b{ml4;cYp=ONQ0xp4V#xUyhI`=4|?lE>>(_iFBnYf6LL~s z_w@{rCk8Nzj}+`*{H&Qp2`q1@j)jm_%0Us~rZf8R+ ze`uap%Vqjfhl^K>t<>3Odoh6EmC6GSgwCQTGPJIiYyh)-3IS&iWB*K*ea?3~tG4mu z_@naxGqm2@e*4FO;+KTx^r_9oUmat6r|%I*JRp!hd$-qy!FOfbK#nut-0&cLPB~p) zocGr>xaG(}a9fFsW!PRwkWHeKJ2In)Ot~YyD|hhCyCu%n)7?|Yy|B&!-d{`5TVO** zGJZYdFXTi@Co|GK5e~V2#L7NPp*o`>CTX{%)tuV}{1bM1MD5%YZ9Qp}9DZ-v&o{|g zfD&X~S$UJbCd16I2Ub^1}`=3v-g@W{JfPD1? zgQte-qli&H6e>hC&&W)fT9%^~z}qRK5lFttAJKzt^Svl?fR zKU&xW$$tkvAwhDvdl!FxPbhj5_xaHAe!@K%i|+Ee3YTY*Tomg@MEfYP0-kwe_z)s)8M|bvfH2kIKM|3E6s0p7l!U^CBriFXpEb? zC!v2YNH7(!nza<)oT#Oh%|jDM**L(#RR#Z&6O!hq*fum^o(2f_!o)avC_4P+m#vgR zBuOB_xEyvgC5m`(F5kZ49w3ikaF$5pUM&!~v8KrwEtc9GuSlt$KmOa^kcH?m{kC+;N5Mm*RQC! zjZPnY0{FVQgmwz_A^(Mlhgkl(3@i<(4)Djp^i`HQ3)0rZvV2n+=F#F9Dv5&lT6dyQ zEy105xqDah56GKcxXwD(T0E0JQL*7ckV*U9vvLDx>Bv4;ly0PD5iGZu-Ci&=C3PCp zY6+InJ4_8hh6-wC`pH?0PIOz{n|{vYAIDEo=s~%t7X@zhbr4eV>m%>nRHHyIQQ1LQ z8Pnm2EG=?qzZ;~kIVS=34i{kWZq9^9Qf~o8DQ5IQkC9DB?vp+#9fvL9?stijR{J!N$V8qXS90 zHaq~$2J5T91Qx54cFwWh=5fXj*FXWD$NYk<2_%}@(7|Kf?w_#uZ^ro9_Ez@C^7H!2 zSjoZy`r}=#>75>{VC#W(ggp{0DTMwglrNBo>11Jks%(5%rG@bVw|2n#IX>HZQ)Mar z7$`+vZY70S6vca-p^DV|Pf9)M)kX>QNA4tao8qmyue$N=^KmjIJ8`cO(tD^l#AVu1 zh*M5KNZwc2zcoirWEezI8~W?!`{jGx$t$>hpl`ddyQ^T3Iu8}KW4iE!<(R4qB6xnH ziW^xT>NwVf>Hn}BV)5eQrtL2+dC|VqDL30UoC7zzI63MS*aj@!f+N(R!dQyZGEACW zOQbMKbbDC>eIq;;@PI4#6hq10{n(QF>Ra%-=y6_}GJ)5lMoSD|U!}ssFLun4K^j%A zmI8qzSRu`D4m*91+fV@HIxzBe3l$DSdp;1BnME%0It`H!Hr}_>{(9_xShRO(t5#6r zYrH8xV{%ArSad@>zt7!C^IS9Fkk{(zxs8mxu+P0C>pR2H^-NP7?B>Hjj!7#wG}aWE zV6Y_Ua^J0Z(Zt+@uFSmdq%1NsbTzTWI&{$E##nk7O?mY3{hfW7+6F*tQAPfAz$<4w`@BSBVCh)pT8v9wu*~0?-yly;LtlFp%#oj(A$r)w z*=N~|0eTK%OaB@O@xsk)C%}Ax=g#Pn`u7ci;L;Fu48nkn0(vPdrvgv@)c7*&Zhks1 zok59!^A-&zoyAf0dKsrpl|{43&Hsg(1&0HuS>qCMxMNpaus>pA43H-EuO5wb3YNY* z=6xEl0D)9w7#~3~p6(^L!bLj}`3vwDNr*RVhzAQAW3m@!ks3#_^oyARgZ~N5Y{8&l z5H+jd{y;NE05t3WH#Fn>C@3(fPiSMsHA)DpIn@Sy195}S1df!>BHK56Na(607CNP1 zTMjoyfdY7W*4e%7#jWkxH9do(F#Vd@Pn?h2!{Oc8<T7w zd3-Vr@>56PewV~)PoO_mKyhSC*g_#{c!sL>J&REkYzeVR5m_Fs}LC80aUGWZvDSsAbWM?@TCemZ3elWx+oeV2E zd`t{@fomblcLgPlcl)RWENfUL87!){FttP~_AnM*n@LD2nmbeOt0oTzqbZn-r(AWG z-?=x?bQIHX>|&R`^952Yl-CQ~RrfGD-$x3$XYe;T!d_~i`UY`zN5HveqC`;&>(#{V zFX}{mD|ue_Yhr+Ydbx7FT)Z5gZOd(UcC<#hsXL0oX26f6kvh6!{4DxN9XF~~6^KI` zf7ZE^`wCq=ow>uInYIfZYaysKuny2tjs~Fn0hvGkrKP^)7Gkfi#jG=!V%VM(@?I`H+fWv-Lnmu{HAM_*tI=Yr( z^UVcnZB5t{A@~mF#9LLZ@Zk4HW3~+w`gDa`Olo(z#t4=M0}GW$w!o4YUOHgY+lfSK z$T`10)Ik8^JLDad{az?XNg~X}*Bj#PJHU}OZW(ZbTcg1~;?oCr{UtAxp}NvDmmC(0 z4{SP)Q3rI^lomd<$KDQvOuC4>egKaNEX4LEVfbBb} z_-(qGBo;A?S%QPW=8z5)q>FGozxdGy3oo22`%=5((&AYYXZm^FfSbG77|h9piw>66 zIop=)z3T%X?T*V2)f3$TUJKHZxD6ZntVy$hnbpp8<2kWv)hX+v*F61YrDhi4nj`9y z3{c&@sRfzhQIg}UE#=uA`FHeN2U9XF92?HOymteRT_5|jU{ZmsKze|TAq4O9FQUQSo4szv@fcG1a+O|Gn@ut3*I(Ucc@z@brTv zewXSXHkamkzikz?X8&WQ5TXCeO1XmQKNarU$*|DhoeIq~o$LS5C$WnzY%Q~jV;SJq z%ayu9G2k>&VjxF|BM5*tef|7Np!X1x8*QK=h@Wjcl>~)LVHI zPPwuZ0zxx|3EB*j&u0HmDTNKlbGw+u)CT&j9eqM3je`7o;9?ADUM*b4td5)Z5I3)1h6 z?@Mf48b27!o2Y@GT2%eoh*`IIn6Vc4VtSr=T%GNy+4cSKE7RGsVZA8ng;pwu%>~}q zBEv^k&?xtGq}89_1ws|!TqP1w5;{T!IKX`o?cr=ozDN+6^Yfm3?eWk=_1v#3j)h%Z@o8`%u*89m-_ z0QVg3m%}wyw|K!(4GZyssw&hh#Bd26PurUn%u_R~P|I-V@9j4lUYMAbgzLC{%4Nme z$nx-2=zKheve`OOTK)NG5GeKHlyTlnKV_k%m)Sr+wTf|k9_cjXJ%e%VeTg;qx|fO2 z+{FP{dhll`icR8ikP`rjIF8$wFplp4XR+2__A-4Orn)%Hw9g`)Y|VY@2>&{j)48Ic zm-)M4SsrlEy^Kr%xQ6xby8ym`ZwYYr&+>ymlkfj);0177z_{&8KK<0+>kq4OFLjS5_b*~``)rw)}|sK!axs$hdX;r z8sLU1)Y!72JWM7-!4eTHqa`r>jzJx?!z-281+@;!u#M1GOBF&qwmW9OW%9&{x-g|Z1r6U^UJ;yIplU8w@>!00v($sK zAZoW^>XB%uJzcCB#!Ij27}b`=^ywDVS9(yZ0{K4CcbeT9CPkp!{Wp;E9BHX20;#_H zo-6n*Azvl59hU{sa>~XoQs<52?hzxWc?~yEpVXS}h-*o>tzW8Xa;6?i^T*h^F84+THm! zyglQd2WI7t5<#uq3j9rQML7qW;fy0@0ovg)0}c#j61?-}musfTK|n+Hfw3<#&U5X~ ze5>x1cd)z8VI5tcjoyUZxOAIy`CmvX$^4!YRInPY<`)QhOxF!3r=?`_mqw+k5MURe z&um=NaJSVsRCZch;g8CWQ8TG%wsoJNNW-Xxb?lF1`9m*PI#7%YRy1{KvxfA|bW3}_ zETkOG!Zga6rM1>SNNNn1oQKOuhZ(u8Bw93vF#i~HI=O&;Nt^X zsQsV^Q6jFW5m9?DKg^_W7iB(Wf0c)_sbLwV>U?YC%{n5FQZiz+XQ0W`YZ-W?4kEd5 zc$nr&_dWA>KHVrbQ;AN*cuSY-!*!rkoahkP^xmBKL30ogSBLfrx#=O4{tkrNY#?w- zYxy3oDdGhEb(Th}jf*;)iyh)W9UCp-IBa`!G(W#pWZ^(!cb zmteYkNg$0#c34+?k7B_REw5p`GIcz=IEc6CLPe)l{9V=b_M7N&bGLDMCl>gib>wG3 z7W7u74KJLSWgeGOq+P z+PZmFd01A~D567(@-&;38v&})gCJ-&v!)l9Pfq!59=&LzokTPK{z>VFuC!4AY9%`% zpF{}v<#8m&$;_RHzG5~>rc7w0<>SL!mz2c$rjOtB6*a8t#IFSFJHH=T*(f8B!Z0+@ zJ@widv;zB@gndWK_Tb50kOVjwpioSNfecj60LJk~&l9k4DESDFSH9wNkanoq3I-Fh1#Jv9|* z*vn`vT7GpDYY7}NW*}o?Y-yK>vynYS{%{%SfDv5%#1bi4HiWxH=38Z`uk)2p_i{hK z2_Wbb;AB#;13c?A;x6mFSR-Mff`^CFR~6SJ$rx%9eq zhD0GGzZx}=f?~sHwVeJcF>m#4A5}i%?pDCS3?BBD)5pKn7U}aqfrSpYCJ%9+FO|xy zI%FSrZk8QEK~Te%dklwKfHxl-JUOR49Yt93D(>Km3scnyQdnukipJoFT#THdGh~hM z|IWh-B|33eVG%HCVrb*ELs0JS+u6zb5czcBVDBcJORH$J6J(Zb4#y#lwIGx`dFF&{JY(Zeyogi4Ua;N$Y}ELT?ma=iiP z#83X0ESCO#g+-u>_W}Gvs~;l5HO@RpVgrGypNRlW*eZizFC*&r-jifVF=*x6PP!-; ztgNgU-;R&xmln6H?YC=Jqui8$y7(h0I7G3ijot}N3HG$fl2c&|R)^N+CmN$P#-UD0 z9T8Lo`m%f_SbTP&dv!$bajTFcm)@`*BTWTb7y>5pi6{6w2v0?WE%SDZT84|3$>DN# z$=G1#3YoPyy(bgWlT37DDQ^)y8L5zF17wUvSOnQso{VWU+ny+9x+w7#W4=1nnFYtt zUhQP-FHaq=0z8r3UiHIWtNCdUOEv49Yv+)11DH0>4^_+8U!jmao$Qu$RimQ%El!Zn z1t&x&@N5#b1^TfUMIB_B1lgXK=bC>RmR*G=ruGDW(HJ|&Zy*C!1}d~x3{-Xj-jz@Y zAGPMM6a&`>rNS*|`<~uBC4$V4rss$yZDG%qc<3zm`zr!Zuu#KKE;m&D0*#5uEA17eeS$jz4fBu zI@Onf6cPp223(BLsojEYXg&Q4%NN*piR~JdErpScr%bt2t{y*B#|A0}jzuOY+qmnP zZWWlL^H#+?Kwe#M$)Ehb6>N9<{r+I(nsho-cIs4gg7t{97xg0%5`qfX8oLE9xA?dx zpBqTt`zfsrR|Vkjk`3fDdlUt-VZ8~+%Pq<7Yn^;|+eh!9LOrRdnX*AqlA5WjB4Ai5 zw1Oa&CvmcP6G7Ssh%bU|<{pao=5a+_kW9VS3A*xH1;A3uY=ITPS8eB{)qCON(Kf-+ zSf-qB%;T*i#MR*9%FpJQU-npQ&38JAYqxJZ1?tgFs7-qc< zCd=m!z#!u2qinUGh-Vm!z|Ww~Iyxq>Som)>H&DRcaaGHTp}!VP*5d_JUTYd3jIHQN ztDRZ6WZda|drD?7a##=tF^|{mnH(`CsfnBvXVJ}tVjUz9?8~3W`Y~p4Ne+~J@6z#p zx5EqWpbGVqv@H!WaZ=Sa9O_LSmsN^yPrJZ^NSDnHN}mkXrrCC~Ol#(!Ad4I^Ej zGm=8D&70BMr?C<}T@)2YBH+hyIvO;I#OQH`EX?T8>jjAWJsI2=q@(b|cqRPq(rHpH zqNt->jLxld#`?CPCXl0E86*)F(cm7#c4nFNvec!cpPJw^%6Ji><@B6E@FZMbk7QAu z2u{HrozM=OpHGc++B=+E^f;_R#m%|J#Dg1UM!rIFFnN{bNlAQx)=jIh4P~ZocJ5Ue zw}TiA7J|22#16Ic1zTyaFCi{FZ6xCYhsJ-Kvx7iN@6Z2GXO?$T_Pi?CQ!o|Or68?) zk+s7{&eg}j9O!sbGsl;?nW<8Xi zV2_-l=-Mm?q~#4!EcYu*6aXSjjX!ovPkZYwxcsl6-ODBtRo_tuk)m9UZYZl(d43$U z^)_|xXXd2efF^J)JYl5eb!5aZB-WG-S0m-*1|8y;mL9^;?+q@YsUR~>ZL*A9uNQlh z0K+!O4v5!rhj^2rc2?4SQE?%d?t%(`7S%$uoLXS#dsEq>Co3|lbm&Jfc@6tC3PLWVfenee|Yu@VQmI!Q=#Yv>a z*r0EDO8eM?)4T)YvyBw$2Ss(2a{BCVh#L`l^O`0{K9!sNOS*d3*GBjT*Y%{=%FSjD z>*Jr>w>@xChO_zmAGY#I;bh+evQ*qZA(3B-dNH*Ws%7 zU4z-52iX(Xa$~)1Z{M1vTSMqN{kaUSTx8tLu zd)F0s(DU(JEX8D+4qV}VPt+Fr|Jj0PiR@nqNwO@HHm}X}A7ga`Ko1L9vsX8gZik1q zX*n3w?6qe)sl_tW;m1n{gxqm(@GlJwHk@$z^Vt?(?(Ho^Usku#t><4AGl`FfE| zQ~2n{9>+#pm2`FkdeTUNXhK%;{gS|v1%E|43i*sl?Jpb_XIlXcDZ;D3)mf_mWZO_d(i07(aJOa)BNwG*KMuVV+sp0?orTwtC@%`F zJ`7Gy;8m!@!dE?pq?utAg0n~{)kocs%3?#>EO{!vZ3vjjTGt7X`9vdGeGA9RPT#YS zc%{kEe&U+@Mod3Q65x6msK1*MhyjL#jCPlt%U($Jl;244j-x|e$->zhQ~5jPZoy|L z1vjNO5a!#WXaE(8DgOPc7dXiWYD72u3~3q)qX0&NbhVfmuN1wPF_*A&psrPt9#x@? z$~a($GmI+1^xzHd1?(JxGnl9&r>=p{h{BG&3Yse#k<~(a^N2~%>FEO=N6I3>tP)r# zBI+p;3-a4X6xO3y9n}?yq$Dajv_hQ~7qIIe*pN(SJNX126(gOLFj4F1gc;Wp%N;CG ztlD%j?pP>JlS~!=+9h@QfpOx+;|!0^{YFO2fGK-_T7uE1})> zW`$k+ie()f{e(k3(Qipgwcz=~mRjaWT^!}>Q5~vn3fsxk$PvlOzm&3@;aY@J&Ukk)ev~+n~{}GbV^Mb(*rUR(iz3PBw~***&F)aKAlPJ>~8O9 z-)K0mTW;cvGLbHX`~h7*op4ToPf%Vabt}W-!s`51FkfT`)gS$LQorMY(`Ik&sj5I&Rd@#ig7@ z#T(?wb0+T{_ZMz3D-1vovvrE@QYj9aLfSFbRn9A)nRcm!U7yA>mQ8$-X{v)5v-XT%0?s0u8Tusj zIe&jVZ147zb=Dh!wdVGp_*+iz{6ziwLUZ6T+3-QA&7cClt?RJO_tSGf{B~elg|8!p z?;0&hu43oTN!CE?nK%OtU;B*e$%KMCek^i-V@k01vV(2dyD5fS=Gwh$5k9pGncYra z`Z}E?P)Ro|!jcy$RF&;PbX3Y3b-L9iTiHhr*x%qzD)z3W`{SPfb1hF#kK98B(e&iM zfZ47v0GLHog}V3s8<-i;IZ{(VjJg^*p4K$aSXbeHX6rg&%<%=kc38d3n=G_lNwgV0N62;DnprY394AU6N8!=uKe=W zG<;H?lsEDH%CwV^-xUTNHwBjFYs@UF(=7%m&Ei`R`~ZIGYFU4JuaKkSPKe-!JjEBI zm^ks_buYaFa?qq19ejjrnj{It%t^(8_&y=kke<1ab}__$NKT8g&&snzl)1IJqR z=OYmy%wz#r>{|{X4HvwGoyPtbK5N{ndX)g29moGOHRDzkK-1Pg>~R2dUjQ>&UYw4B zaiRFOG`!CsJC#@(E>-v}1}oE{M25JUEDm%q16q%E50zT8GBppAQYzGPr5J(AiJu?(pD~5-$=;iMc7(bcmo}LN^ z6p`}4xW*yBr{VpmKXpjM$Ne1kBZ2drrR&2h+@2kGY)c*zL7{+G4JX*G&~+KBI_=?5 zT+Agwqe$x}F(e_nL7FhMs4Wy;0ID#DfK&pCGb;^obbaBawWIKgjFc z%jg_O&Ax}h^ObOx<~M9-c^I2Jszq%QxlgQ%cf13L z4g(184X{ova9OLrjy}lT4Nz7LuS%W7gM{;=nDc{(weaD?&hPDz$K6pL1osh$b5;b!2AX{2vYx9dh@3<<@wUD&xy*r@C&|1vrP1erE4K6 z+s^*W4B>v*7ov7kW!jz@{tC3QXIyS64~n71(AiXqjh%mm-stYMfMB;K*S`D}dZPt| z-jc4RmPbO5c<{Q(lr%^fHasXiZ4HldOlNjgyl24Zpwo9C82R0ZbLdM{L z7!cXaT~0yF#i);pW`=O#Z9fu~U%_s&@oB8HQJ$&miHzR`X>j7CL5e<-56qlTZ_r?5 z_3M7Lnu!cRW!i1!=n0$4kjiXP_+tv;Gpwba=uSR8Gjf^0{FWBRCgQXdEFvO+(Rkh_ z6wvMD`Tpq@V4n?BMc__i+6)^M^L4Zo%UK&VV=xTF-c%Xl%H7rt*%CeeZL*H|L!SY4k3u}?o36)xjEsHn92@>wqzTnNl(g491@wtvEG z8~=pa{t2`F6K4A-%=S;1?Vm8)KVi0i!fgM9+5VFo{u5^VC(QOwnC+i1+dpBpf5L44 zgxUUo7G@iAmt!M;m+nwZX_o)OP!Bw~BR2`~MKFf*kvBLFRW^HM-)ghrpJ;UO#MwZt z?#Lb~IZAD=`be=H`QxPb1CqpJSp?L_+F3x+sj~B+RCf3dn?~4hLwMC>gW2^DiRdG< z=UFLt7I}RM=-No=#Ad0??xJP+ZP+cG_U7KlueBgDzK{gOYVPR2<|t6~MNanGVV-)* zc8lq=Z{tfS1qsu|GTG9F$`0Al_Y@4M1PwT?g2g;(&K&EskoP-MWlLV?C&?H`*Q+bQ21vsjr;_>K-}Wvcj*SrUE>HiZLU50M9~l+@Is;6JOC(HhdTP z;2w)reVvM~%zRUFV&`*nUUJe#+4zb2Q_wN($Js3);vEJ|D>Ai^EaevuC+mfUlx5>f zep4OH(QnqSidnc}HyFBV-E1A9$;oF0*dA5$yqb_NUg zdm*Ntg0tz8aKMlRoT&r7nWt$(6k}G3l{XQ!M^AErM>|%^ya8$cQ)T&y=F^MVz+Zll-n@e--6L;iUz>sjREl&(lKp4yM{SO&==p^{e zo4+Lb=kCQ)GWaw3_i^=058N7&=_7r<3~>F@Uvu+ zO#XLw_zEPLrjbdiqKo&d8v`RETR#o6YH@;=;wXw_$x!}vOZO-41dMHieD#$4b|*JK z9X`f1QMfH2!LbWB4CFVT{bpWfM{c&_cbank-Aw7dwaDWdtUE{_bgW6D$--zmh{B(4 zG&3v!`*+o)A?m8|34_L?k1>NGiLm{d=U5ioBISkkE+tL@eqC;7vZ`;8CQ>HwDyzPc zJbbT^nLl{OQz~{JInsy?$&c-FC3)4UrFqtNN%b1gv zR_YZH%z-Lki5?S?IS~nPi4wX}n1{{O^uU}Uo&BeoL3P3+P2EYQtrpj|_*$w681Tn& zG5QHGP(!u}P!*Q`!N{-(_RIdt(k70N&xXg#O^5ZRt?Os*91!V?4w`%Oq57;spSL>; zy}^1E)~*wEsrsq)JI=wlR4iqZUc}r3i@B>0x^p;xf@5%dy5xDmWy?y!aBjAT`<8b* zYO#f%J$y4!8}+L{OBKENS3f|{&DAN&tlc=7Ng(e-RHmqy442r}Jv`V*j@eEv{O^t$ zJ@5*dHfl!J8(nkq)|=^-!2;ar*rqIsM{%{ioHWleOJxYSaZaH7Uj|>il>Iu_afAP| zc^`UScPZCE`5vqoV}0x>^u3K2dS^(c6#BKS7;EL-t~?$0B9OF~#Wc42sUORpw3-VI)=tr>0Vx;(jh=hTQb&bHg;KCSF>dPsKo!}l~wbBI0kQ$HAg$7BA5T4<9 z*2*pOq^C(+WtmL$CYsM_$fs_>#PZ}cmN zVZfZvjq~jgV+hG66dXf?k%e~_YY`!aUCrn5{j(aqo*nNBlGj&W`Bto-0`Lhvoa)Gf zb8DD{Mv-uv<~mr67D}%#tzB1aD@~I#Qx*(?fo<<5uoGSew4;y{u~SNUa+$o^96xQh zYdaT+UbadW?A#|8*3^Qq)Ab@ulyI^eA?)E~#5JoE5y=DBG^C(iw=X*!8iVNr*S|6{ zA-nt_T4nVSy^nFK3W^fIQc`WTZu+_r5B#OCu&tQSSR05_VLH>mD^Bi2uMv_wA{7*)T-2?YvqctOF~nxD;WZ|-!Mr98Y;5q0;jFu#$_8aLePDSEVZvo21Q zu?z&5$9!+Jt>+6Pyxa3woudcE)DU+gUqds`q2ql~6^ll8~x8N_2!Vf1Gsh5q3 z5Waye*3CzjFeew@iz{WB)wiY$_9E--#GS(tlB=n3N4c8XBoaMnrm*10Kw_>^TWB?i z1N*2pkiw1{h?I_B7;Xhel|UT6C60KKq>U<84-y+ivctoWRybCJ@Qm{sJD(3E^D3(u zobi4{Ym^AKZF$iuhaRU*HCI{qZkKfw5n5m&uP@VceB_fw%20hvNhV`Q5=eik;cjA+ z{`nK`+whw0ijGpQfdQP-4@-F6F)_HvCk^wls$Wgv`Sj7N;bG9bnzh9RQL^St+?J1q zf|(&mqcQ-qyyz@veRzHh%B~DTTNBtmxHGP{|N3axX<8l5FHGlc z@TdF!WGEBLzH5pMbYFOCbaI%RV%z1yySWABtVD~Jr4ccI$zm*}Fd=4N^E=A^8*Pk; zLecYwtq2?p3PC$c>dEQ6TdG5PE_BmwPZ5?IhKK;DEh~l_qHrEP@8s0xJQbY2Oow~F z*rusWcd||=vc)`a$!4qo)}@J<`84ERy#sUL_yHBrln4}4nMG2dPsu8IPU6<+QL{~q z7)R}I>2kZ7hm=w?5Nc)dU=Z&2VI~$FcgO2i%QjNGB(atXGNm6yJtS~UuER{rjbz4X z_={t$jbudA>!sBv>vhRcwmWP-ez>_~!kf6@;|H-IB4A$6X=g%FQ1cla`cB_-G*Qs% zVLs2Djt_Q1Ol+l);$N9oSTG`K)60P z&%}y5MIwZfo_P*>g7(DKcKYx65$3#k1Vw+eLgdWU(9`407gTt-;38+{k1JJ*GqLVc zVi{1BcVWlExW=kWi1i-PT)CmML#{i$vqxuxHoi=hwl$W9#Yhv|)*5a7^fSiQy@FVL z*Jr>4l?_WmmeaC2dCswy((>d(4;84r|I5zYg(N zfFcYHnQZ|d1{>IY9(K2-humEo?A4ixVutMiJu{3Vm$ExFsW75H-BY=&vxwnMEnJp zk_!oh!R{FRHM?LJq->HevR7~Ixi`{aNIPzx4nD3pA-$6uH!7J#nUxxheu1alNQ5in zN(P-^MqB-ZfNXaJo6G44WQiFoZu|LqVccW>7VeBK_k=c~ zuu{Emj)0ufFbYq3kZ{kZ&kgu|rv+r{g6`qE=orgNKs*B%#xY@Q4YiY2gt0Uj2v=*S zQBO0qy3OiSPKgZ03=WY}bEgGcmw7UzlG=2aK`2#oSu^)wNXTJ{a`lZLW=k{-4ajdJSl0P=e&s4u=MyfU z6Z?R=hd!N_AD8!qvdw2#t%DK%&bzBI0LZmzxCXF;!V;hPfJS2fyay*w=C3Nj#d=>9 z_@kfsqExqSA15Ye2H_s*(MVp?6*2+ zfHpY+<$?CYI5%83%J3o&ig8&e6TvvcSViCe9D&72!>z1735Znz1BY{-wKg*`tIU1( zUNNc)!bF$@w2Rc%jKJ`A2xD3MCQIR18!EWR8-+l1qrd-1m$se-k_P=1jsG1U) zgxZ-)(r$UqR!bL$WO4KRc4w+nM4Ow)e(s!u7?g`gzqwxJHkZfQYc*8C))D|K0Vc6@|MD*Q4|t`;g6eiPBtg;)b_<19wq#g`ODvGO5OPEQ-NSM#u| zP9Ha;?Jp?|*b!Jb+l};!xSe_Sm9{8(ruWGhWs<<_>1q&$0oGA@d zwqPUr!`K@fY#RJ+y~wUB<(JlKFRTwbz#VF_1_ID^xy_}NF>6Y@twUk#4U1l8@DVob z57K8fU&y3SBPCNQ>H@XA?@Wn+dD9bCqcYCFg{a(ZWNg z=fd&P+FP&z2Gu%L-YXoeAdaAIEn|s2><){tGHi7|RNzs7wL$AwwP%&6ozULI&tSco=>MIsAVcY)0O-CxZp=+w}$rSbbwed7ul z;f;_wxnzzy>x}UIuV0V3y=!`UM##jVC7hU`c@{rboFR7yO5v(Hsee2{SQqscwPc&G zs~u|kdhs2u5ObCg-t#_x!PYiPU8&(M=MM*co3W_?C2K3BrvevTV(FmMsF%jNJY!!z zzF6{qFmnH$*z1JQ{3|=USSa|Al=Q$IIJN8;o$6VHkIl?1H`GVS9oWNFl3dSGL>*gBC10KfGMK^D1O}iKp-Tue<6>OH6xUge@Xel&KKA z)_D+nd&T3GM9Zn5+~YKuEtefx{k2()grC(dS2_Y*c;E#6w%g?D& zt|Elo4e_8|6dEqWD6ZKg`E<=+FYJ5oL=*<+&Q!6@lcjbkhmdEZlqO{7eVIWO>Mg*c zbhBa6fLY*tyFTI`WSzjGEezco%QdJFcm63V*n19J(9O}@9Q=T-sN#|j zs0DxU7Fs=gK%Qt1l4+NZ37q~qN~imJk?3`pJUPO?-Su|$>G6I!_GYyQ|B5zaMKlJ&y0!DJiA<@wA_`INNhyP(nr^g9Z$jWkyy@ z*_z2vPMH)v?+r>MC?K|^kZfSEmR=Q~N_o;AelSR4BsaK`dl{A5ZU!FjWN=%a`&0@J zG8_!qluI6kHMMiJ>EIemapbKyGw~3PMPSsZz_wjuu{w-QCF=PLS*T@_%!w=keGaIY z!ici1y^}zG3GM-V0zc%L4}&%r<$%>J&|1d%WUHB7lUGVq?m69gCjVpCOsG{vEpg!Pb*Nab^R!}Q?P|4h!aGgC zdQ@eYgP0Uw*i2BqR%X~P9BE>}&~Bqy2ht%9fduV(yUP;9)iZBPlS=jd&MZo2oG?9z zsR^nIv_h~4i*v`p2!v$tTmWNFKd`8hpt_8_SIZvF3(cB$q@9-2+QDVeC=6z`HZlZr zNTbMaqGE*I$`=*ZrVtTnA(=IOFt7ER;Tc&nb_tntjNacZn5Ey8gyS ztd!mcOT3VCe-A~K#9x<2LB@9#oaO`c8Zw(tSI3@ilN!#YPIEsvYi8z(9K?9AoQfPcOpnLGr%F2NG5;ni5ph;h+NyEJq2gPMMy#g953VgXEL(^-k%_WrJ?< zB6jVb$|!zT-~fIWALIOqMoyOLVcT0^)s5nP>vx=U7-;*Akobdrh!6K?t@ z=hs5D#CWa%U0P=9rq-vV!{IhxLcLL*uNaErFo9olr`Por=1P7==(NPEsB9=q2?Q&hPzd8t}&A6aT?bmLeL0(J%h}ZP3_7EvQh0I zlr{QR$F2HfUzxyr30Hn$H15qWT^e3RpWAgE5eDLZ_F#*Pcvzun+A>FdzHn3rYi7yz zy*3b6>czV6iZ*ClhOfRjYx8IaYWaw&-|^H8urtb)1iK~~sM&pkTi|-+Cr}4!*$Su} zclIW2&ONO#2j#a285z@MlR@(rAyh>bfsW?%N-GUwJiHg>4HQdnmO)IXf^bhJQ67$` zxS2v^p!nFus{Ir}LV{3q>?x{noK~DhV5&MVF6NSq827P43{u06b~gH$;uq=Rva9;v zEf{ALrZs6a$QvmNq4&5$V{6RWQN#QQ(2ol}=4QImzswr$(C zZQHh8UFx#^mTlX%ZQDi{x~9K1Gi(09T;nSRPgSz1g1jz}TLja>$>lq`fz8EXGzB};8620!`t^i4W-l%F@b))xzr;!0nFr;qIstDBv4W`m7(Fl#@0P4 z0ALlbr%*F?EApgFdGKoS<@{OcBdJnbn|T@%z#$9fs>pc0+|VLDxYBrSOSFvY=ij|> z@B$fn0qwo!Z(T*nNVs**VBS>*zaqM`m$vhPd>-bAslqZY%BapkYMzDXo1o-#R zlV}*m^y;pEI*=U08Y^e}@^Fs84L%9I49?^`DUu$Ytw^jv#(;BRwrr|eOXu-;#jBvf z%&<~ZdKxG*u@+*EyXWt2CL<3p6?Anb0+t@EfN~t zWndqFV`56|;4M$n$}0%WcTZyl^Cwt_1V#lT9}#+9wx&4us|E83|1EO^KBS@eF^^{A z4(lXSBoy@jBD?-&h?6%TDg!#m)5l}mL*MWv@@$ot@gu(-7D`#xx;tky^j`OdlxcEeO z9z2Pyur1;91#oz|h=?ut@Rv{UG7yEAVqZKY_h(e!KJ)1_@z-PqEzFxh=x@jT)_!z1 zn7+N3MrNM6lYhr2RTan-X;uZJqY^15l0U@A!otl(CKz|ntCU2k_NCI#a#B3ozv@QF z>u2V_0$UXanC0>BbV_r0ve{U!<=Ym7!Eq?obPcnatW_6G<_!P5;&ief%8E8*Z9pw) z=|?VOZ$%um^;0oUC}+VD1SRf5S3z)(GTl@31o7)BTg`@MV_F}bZn$EsE3(fB*>eKt z1y}C*c_9?k^ux+m4L*rw8Xt5dxkDIWT#dCY$oN!@3E4Tl?&}eWc^Pkrn;xS|FvV7SVw_>q zJUt)$%FXqlnEd)XQj1koW*oDy+JXJ$$dtUDoe~Cl9DQW5s?gtKA7>(5?tWy9);2;i!VqD>f%utuNq{D z*%~o70BlC$@@i9Q&f238WEQfe2WsDIGsV)YTh2f6)@9BOli2vgY^IhIMnQ0ydG1(C z9uJ-wjmED8~;M6ti#`4zTM-{ZtA&)BU0FQJ`eVW^*oW#33-gG9C67F zL(*y6*fE#xu{9q+NK!lE4Q8MZ>HtwdQ+wriK}ladq-;<;6M#4~%|+5_}pwe!n$;}$V(Z+6l& z?7r*#ah0DyxaQ^%>R@)6GpRiFVu!jQ6X?6Mx9nMwj-4?sOnu06Wn6eh0T{B>S%lv{ zCsF`%UcstAaqHz_(BWG*o3RVFZ%5y0N`5I+-ENn~NXckp!HPL_gNX(f^)kwXbI8;g z+pc@<8UnJsG}NNEJO2bFw-KhJ7}++=IQ+xUgMx;Pw|NL)iyD^QEDlm?S7RWb@2U2|?W{-vFjr}mSPED+7WKQg}Otdn9 z#HPe)%Hn$VA5Or`jQv~&OFL{Xylza$X3kj`oPlaqS~z?#Jmvn+(nhVMeLpfTXn7Y8YF9;yO;9RRxAR2xHJcyc~aD?HC0shynPtKVnBX79V@# z3o0d%Sf8ZyZntrm_gWEt%b9=j4!6l-Fez_Qw6ufA?33ZO? z?fPM9Ofl|do1cH7={$2O*XNY&t>nU8sG8S0=6g(0;rG5fED+~ENl-o`BaCZ-RCL>O zM(HH2gBzS=zg#w>5*Tg8h~PNtivbh;Ge`4esAF72UlCGcr1zCS9?|ggcALEOG@5>F zk^WI-!kW8X|Ed5}V0vAc;VEn4qB7+n!_23O`B$BMMtsHQaAiI{Hz%`7Q6?fAyNQmN zBxu^unBkHP7J~svRA{Pq^6=K6a}A~h^DJBh znLN-oxJ6a!)gWlz)d0Hn6hjFt%S|Ay`|!K=#4OK#^b>8yvK|SmXsg%!x;(_8CRb@ zjdS24=cB9ElvbmU`4oEy$$k2JdGa})mK&A5qpaK&WDtoU*Li5_?6@TT(pxzhK;Pia zUOfn%Mz}M>-UE$TIQEF*E&eAPuL1G$sYuo3*_iGn5QhD?+`D(?Ln!Uc7lx?@dlbf3 zK4t6e*rv5b>z;nMF9M4x%{V`qS=Z7uZxxL)ces$_$AB;|vbT0*wr{kQIuI=Cd9FK49{iqXGXjpyI9@e@sl(Lh^?O)+41O7MYy zu8oc#w5BK{TLVyxBCJ1Z$Ad|=K5qrK;=l*XZA>$;VY^ASpQ6A6PQr|pchC7zkz4;f zlq=AAbeWqoGJ5m?wc_7v(*3iwNYgQ218B9$JJbL?rS!XDq@u2Vxl8|wa`)HerW#sz ztl(dpYby8noOvT)cBaRuzfH9nr$j}WT5sm*-P(_ zT%i6aL#jM(6#W5qkUy)UUW%fg!8c*%ND`S?$gTpO+?RK|hOY$Ao_CBl883n(SifQ8 zgU7nZ4sLbFy;l-B4mY|e@SQbXHhR}twwwAhDp%6?RQK`mBuJf(=bvcFnB!@@O z+)IJB(ORo^&-PpGIT@IxQK34FtR$n$w?b{Y0GOIzzcJiURO$89$j0UXPttJmaxJpyNxnkh!Wv6|v&%h+LxBCs1 zeg^TbiYQ#w@=%J^x(}K3=$PC?zOZBnN>nhd@(Ue=x1t@m>IUL zofn~8(YGC{c-(_X;?S1hFPbqbdxE1R!GNE~ufv%s=oTmi8?y$K5`^Q6f5x)`0E++qa zlV~W9WV?vv3tGP!7BP_|iB0?AoHUV*?;~I3oktUv_A?tEAq-`K-+Z?5fuKK;m*6@N zb4$xyEUQVeS8zF?CkgXOfpav_L2_-~Qi{?uOM;Tk^I5hLAko`!a*CMp)gJ!E#3L-} zV()S?<`cH!s>BcYJux*yGE00&{SkbABsi4j;`Iy8DyWQ$_2hR=+giT5?JRxRnviF; z5;Y%C^={RwI$M-AZF}0DJ5QNk)VM~95aye7UkJxd;rm9f^*4-&Lo}Pi)2}?QYMj9QBJoYCi1(f)$JN=9q{^% zppd@%MsE`Xw>wKS1Qc-8oCF2(R-lUokW%{s%;7C!Xr=<*qElY*ecz2k;hlLQPx%?e zmL*icVVn7q{l7f>xd2%mZJs*A7Ow!CJ-Uv+=ELf)mQtliB5P)hDB#j?78p)Z1kWmn z4oyTP${48w#J9OQIXT4H$9I80z9cjv(vv8;bA3?%pd>ORW`*=0fxsu6!bll%6Nt4D2mxhwa7@BqJ78=g zQ&pyPl`s-yWEdS}XUP>T5m+DFW_-$6d(r8!O!aITOv_|I94=C!8^q>iWJhf=F(+%O zsfE0Xubz5>AWhNcr7inGUCmL#)sW>Gja zi2ycvQ3&p=xzoI&=ttD01QI{BJZ+uM`U}An%9SU?7)u$9=gEr8FEms}O^ikd+omvZ zPx7*ZvpFS$U0PNm0ahMpHx_`Sf-``v%G#DE2f@W^(6sfIBup1?WP;%)z!RwDz?JFg zoE;-wlr3IOo)$meZ}ex~4lZqq`83iY*-X^Ok78*T--q4=cY{ze*qqT1I!$03I?am! zTsEc-I&B7_^hIf4f^`jS7tFLxD8CM3U>c?B{K<*|pD)RcOk9K3uG~@m?>9JpYe%06 zLybep?hfQOgn`rp`zy&**IYu`8FjYohQCKQ)`-cTe{ZJ9!x1g2XN6SEZm9z5g5|>X z7=y-Vz+?<#)|dpOVoZ4i#by7K?!2cM+jgqCab3qV%EXbnZBp_PCW6n1kBK2hl)5RP z9#!!KgH5tJyD?kcXGTsRW6ew^dihroMKy@bv;dU`IvZW)M)Z|zlEzn@dJnn!JGh{m8QX%RT@Q*(o9kmu`soSWgMV zD@0zgE*3qO3Kp(n$6C7XT0cylO7IsURfP-> zt#*b6vMn3{Zq&CG`CgM1>v)TqaLBvP&)~E1?;obhC&ih&XEz<%T{-K#Ti{HheL4ll zxR#y_5H;UF2Ke!QRp$FkCJ4N-eb{Ez7;w#cbC(_s@ zoViX`-{MIVC4>Zu+T6{{&f3NBsJji%pzt8d_5$RRY+ZCqgQUQ#3~ZmAbY0h^08R) zrm#j`ivQE9eRWFCG=shP4W>oJ5ru~XA8ak}?e?^qim?_{x>C1Zt}SP)BW-(s-<=4c=>WIM(auR<7=09)Ej zL`-aDdrcr{q;!4*bz0?Zl^4ZDUgS;lxOYKSi=zgb_a-a7)1uqVmy$o^8gGusTvL!2 zC~(??rVATL`4u>xL;)8Od*mDZuu=bER%xb#__Qx96d@k6)AA>WbiwZZ1lF7=Kicp^UF zYj;zdm6v)-^lXpw&Cc~|A_flFmbXEivPiLuGk1l?pX$}u{OGLC<|$Ik%8Rl4yWi;I zq#bE}ne3|l@DAr|-qNl7!PWd;%6Zk#Vxl2-eIjSkqgj0wRqltFGLA#YkApy1FlJ7Q zy=KGr4r(k;60GXNaRMQsBMpw{R+RqA=VS6#jo)&I2=g6xRO7R2ixKm&a++<&HsScL z4;g7sv0TE=TwU$YAU*1ez!Z?dn>9h@Et+mxZIY4lQc>ZM(WIx=q^emGux>Nd?Hmlv zdR1u>HfcdX+D$32E-weyuA{n%R`6g16cTsj!V{(YIgS5pSA^kd*_30B~WE}C+9p- zpWov!H_eVdhqwg!()r7VEL%s3x3qp6#sM;onuI^g;U~^GD?nVzdiOa&4eK9U#`RGr zCFNG^q!kO*a~dRCx8!e_ZtN$-Z<1_!6tdnqcX)KDIuDi~1T4;(c804R3*8nmo}_^7 zLcY5+l2Ma|$sjj3Grb-c30O;JP)^~*M#;sVX#I2ZW|2C=qo!Rm3Ji2_P`Sh1q&6`- z%thFnxS!;nRXCS=Utzen<#@}>5$cyw{03AbfB94(`B>m_d{Kz=QOh>zT9{ihy`=QC z*I}NtbNd=yNnmg}u}rZ(v0R~G{rSKB0nxitoC#hxpmSH*%PMbrXg8gJIMcr;$higC znD@%Es2Bk^a@ZXntefSoz{X>h)@JZ3Ef=wguftf|JKfLu9Nrd=BFgvG^3-;tLYxQg z#@*Y5m)-&Q*Y_A1`&|qY(W&^&%L!clTlF#&m40-rn>6&f{DV>=Bl*f%!_Zd|!}$*JTe3Wp(!QIhMwGdKEp#yJU@UBc@CD)PQ_L3v;sFvWJrkhh>sl3$wHy7Mbd0Q(9=BM3LM-E-{eH9k zDH7+&&lC{X-0NdfLX@iZ;r85H=dESRCTV5{*Y33U|>=ynGO#K!Sfb?{}25H@f#z4q21;*ZN+PG5$X9Z*AS*2(*R3 zJHMN;tAW(YpO4Q}sXEy-IA@-dJ<>sdyKz{hg{TX8KV(*!SFtf2`e%3x`49`wl8OjA z?Jshg!Q=^~Xj#x1AmSn>$1$T5q3TZ6!cZU2Z^6 zXUsOu_I?|OUVkJwq?Hsipdm(^kxPWSeFs-OVkrrUSEA0qq@v?$wPNl?DH&%DZ+oNx zIt1J;&1IC^)Jo^Usx^(yA)L$n8SWM4;;E8;=Y`1=hac0|mubIO2;CW~)nP~b44_bu z*I1O9snOCCW)N|pMig&++)EdV*YJwbq(z8SRw@{!Qe&$hrlHFp+rAT9L2k1r^6Upt zNwJiSgmOF4CM}`0Znh~5!{y;0U?j!0IE|uLpG!Ucp7kc~K3lDH*~EH!34O9lXZGS& zWh;rgrA4@d&*4^tbE61LeaM!BFEcMuPjj;{J7tHLlZ5WnVbb;ZD zi5G0e=_uHM#-Qx{{+Re33mV<0b%Cn?R06$FZ&HErhlYt7M+%e6K6RW$V;}{GUT^FN z--V~hP_!F2P92W7qr>Pe&b16>DM5>nPswRZDN_7qEbo!9`s2Mj2z*q*p*@xy6-cnYhdMlu&cce>VEedBfO zw)s}HiQ(GWj_~7?R^%AL%VaFDgFBO?96ju{=EE2yQ0sN9LpU}=;2NIE>5BzfkEX8& zoZxka`U8VS61NQm7OS|f|EWs$+PqJo8zhN^wYw4UNQ0l!tirm?n%nAgUN7Ur){;17 zBIgj;*W3ywSHM0~6fa#zt=kFv%1_(SPt)3LF*28Jm*SWASpDq!4LUDDkO;pOfL4Ms zytrlP<{Y47ocP)*mx5ZbB#0ZDG|@$*AGF-_X|UQ%}wTAizAyUnh0B&JiheSd57PY_ns4AoS*OfnUrQ_Kphw1(x4Xy*cOr_Rwdyq(%HrZL6L zGEFv%AeJJD37*<$FjMq)0Jo@-W;-x{I@pd2Ul+dwZeCfFOBOs=F!m#mj+w)?JH)A> z;mN-;yt_mbi%6v)W}q@6sfT!r)}fXcNk{OO zYnZEWK_@bsCij;NAf8{;=Qe4F2a)wS`WG+j)%+6{gT;6oQ{wJ+rn-${GJflr;49u3 z{KsyPrqT%3K?eq>b%E667=qetr+l@}k^swJ#QpB0m8g%u|30y#a^C~BwAiri{`#C& z+`EB<42@^?{I?* z5a}(Kankpt&CH`d)Rfgm=<54UMkr?e=-W4H)hJj~5RG>L`QTmBXwESIF}|AxM}z&p z^=I8#TSvs@EN8BK-Mdop=Q;7L_oO4rE>o9v622Mt-=k%)r8EJ@5bU!B$ zx_stY!O}urp0ZAKE_G{BC|;tRaSHdJq}JP}&#pq!#5F1QqAvE` zT)eS!L$0NA$^;>Qt}%VBcj-Es-#n<3LO$%Iod?c8H9Xm!&*<;RU;1oI4keYqw?SM(zB zrRH}b>~~`?RBDo9mSg%mmLBl^gLMo{ci9^kkg_{7&b({b{IQZ`Lx(_uHmQzA;dfE0 ze0H+=cPynme|p~DLemfPHD|!og7;}_IdfjP9a|QX71xi;O)jQlOgBagMnJy!lx&nP z+LErCOY6`soCZ2>rhZI;=Y$eXVuZ(rf!AGqx=x>0N7*|*qj!~aFW`HGkGd21%ro$J z7Nd7TH^jh*ah>e6d>V|jIO9byVGbRai1Sf)z{^o~2zKHEVN7ox8!V5g8z_;1u~INvE8|cU7+{6K%~E0pt5Mz{ zG06BI3qw*0ovA4&&I+(R#-MAd!b2H+xAM6@DxA@vUR=}RLthVwPrgmKU1J+ogc|r~ z@@Nkdu*RFGNfFt!BX&&1yt!qeRT%4e!~*;N!38nbqW=-^83k2|$VA$H{W-{$RincA zcM7ARf*@h3FD!j1cj{3ja*C`++{X;T|7t6B?hzEH>-VakSrx8N%`n4q8)kV_ovHLv zP}yci1QtHmukiMTx^Bx={%n>Frh9o5)n*1`+|y!Ss;SSD&-LP#bn4ted50MYkUX^5 z)SwMEIQ_a27i?^zj}>t|c=sEDJNWIc_^Y=gf%?ou*kR*(c~};uC%xRi!!n%-3}@mm zz35qKJD%B1V+Y1j8hF`r7GsV3;t}&JW5yf&vCnv+V`9%X32>B-qdZCw)M0!%A&~`+7d zeT7TVBXDDar@00Uh8KsfB3@LHWufVfqaM=1FD09i>*HXxCpN!C9*9Rui*=CE77 zs^I&lQFFShbvr>@7I}b8G_QfRU!(WV?5Mc6dG-k$jtmLZQ`Qv|n{$A-VAa2jDk=sO z#N3ogn8`6Mx!8*6b%5L*pm5Hf)H|zDB-!5>p#^F%`=$5@e^a&RyTFAuhD7SJE&;zj%48rYye(J_T%bG_Qd&|iPpM0MRx;Z5-}6Bxy;c7t2$8PUWsNc&UHbh^G_yyw2co3)|CyG{Z?*1RL{Kox;s+w=QxrON9f-Q zAJrCf8#ltFrrb5a*J=Ifq@SoSA6!r@6)l#d(z!!~slDr}jB zg81YB3JW>@Br}?RZ<5T%U~o}Skbsbxx+S848<1L8I>%=-$XZiFors!sP#%YK6eMAC zs0>P$ARo-Zac$?K4huk#c3`N1=$-Tor3hMDvt9+K3zYW1Qm8?4#!xtR z-C0hGBW&Hs!}Z|6d!(d+=|jo3!Ee|@6s3V$>XtLmq_+GgLcIVw{5AQl%Y@Be(`>+I zuJ>%BbtzX;F!k$SredP$_u>U#=Hp!T+d?B$xZweRcW7tgmPoC2@Ob4u_p`HmXfcJ zuHc+?>U{-#4EyFQ)=QjO*l~jHwxWFz76KXLPMU2|_fJL#*GNe=F3{6^Jx1LA4@Xi4%0%!nu{0DJ$-}cSok`3F*Y_2faqI=($>Xc05%A^YHb+lEIVL5T0#$hH(`{$!^2cVY$Fdl zww4}@t#0P-vO#H&z}9=}6pjo*+4XIM+(okLd23j-b$p_X%kwc+cZqH8Q;Y_-$S#ka zk!GHSfZfo3gNKJ$oH#hYl$9`x#ep;YKvqGw&*Q%0Y=B&%c_(53s_w&jwg${Z^r_8h zSZ`hUF|TVhjt7)yVlLn3sHkC&6-cwEx}l_Xo4Pq(CMQcE2`xsgPz>tu1DIXT*y$xd z?Z_;bZFR5d?<1KXA~MZF0CFXixKH*n_DUl^&idf$=i$l9XFB7oqk#b*rD4`;J0k?b zL~LH{S~NOG2djRd!b}cE`L}5s1nz~Y#fd z8=e3TNb-}_`?$+xCTIh@pU9F|-ty#4jsV$lPApb9A1eN~UV1dilwKb2Y@5FU$@6?Z zeVycAA|^}L%zIu?(mqyG!=)1g-Z8?4g{1Dlo~~XJ@AC~+QC&Gf)WoxlRd<~1#hmGq z_6X9D1=F}LKfuWP2YBd)&zSIX`5L+z?m3nF_8de*p;fUf(T#7QXFa{pIfAGyM$H(E#BIX~vum-BMf!#vrt4{JG??me?2P8qq+&88q&y zCJ3cue3*0h0J|TAtNr z?N`it=(Rk|Ly|i8m{wOj`RBDcx+nQ7mk$aBnKF73CH3X+Ma@C=edXJx1H12=&x-2x ze)3@arx;-r+Ocu(HFYJ@)p;X&Of6N8D;zu=<-v_qCSlpMu#R^Suv@LB&GP6HRJmgv z>?~jH2j1L-zOAjxElQI*17<#Jep|&SIl=vwh}mrSN=S z^mc4$Y`8&>$(gQb&#|9*6mvjM0$~PrGDaOcvOHQx9*mOC>f*F)lj$#k0@+6ItA>Ck zq##_V_F|2kY~jkM(IQ*S!?RrmW!oMDx8Xv!)AHI;+e{ShDOQ8++|J`MQ)3oHrb5E? z5KU%)eSq9q`5N;}qR$AvUZx&J(%ofm=%jAC zxiCYWp`Kwtl*EU5H#VG08HzDW$%%JODW;x?LwJDPiypnfHTM!`K)Y!C1n1n13gE-Q z&ow~Ys)o|QIka>S*>rPyg1ykxj*YZ5j(#S*#y+p<0V$XPK>?R=#Ts;czHVAM1XIts zQmh5B%e{)ZjHtE*rGtAT{T1G+Fy@f$jK;BfEI;hmN*7&oj3Vl4Bs(8Dco(Pt{%g+u z>W@_nYeEzI=hBm)j{#AjODoDUMKJ@qF-cUg@aj>HHvYTf_c+H-#rb-Ulg;0%QfxWv z`{iLe)319S+0Lh(tz99DfNcliHbbJ~mSM13F6+v|uw~t%yveJ?2R0wEICT{W-py-x zZK5jJyq{s_z5QBm{8&09o^Jk*r~aVbj?8|xqt+C`FwOgz?o$=xcamPXc?&F`8t%We zBs7ClKLyr0{E`Y2@ttxjB`R@Ua!wnP5b&|Ws6^*CErb=&rad3;@QFQ%LmnEo}wWu`$` zEk7-rxug<)F_Bi?89kxio}NjTSFIVDtCD>Rd8gPoWgdMrR@KWTrM!-t3Yl440kaF9 zdWy(q*PHO;z7D(Yc7my1u>uEbdUC!B+QaE~O%D2KhA51~}NL z*zj-VgynN>;?Ez29&L<%Yfixf#*9Z_%vWjs2LZL`+5!eToLFs0krMMGxs-nmV$F~Z zO2^6VqJirTBGzq_#axG%9_OnQr)pHnc2JG=m{Rf3lYeg;0?*jegDOge-ZMrlkdE#93MZC0I zVK1a@10U}OcO5bscgD)z`TCnV-rnU??fGSF(N`XqCt70iH6fYq4IOb60r03tC#s2E z?LtHDO$vhP+~th`JG43Cb1G@L)$KUz2K6viE6d9vFSHR-XfsTrxY*3@b6Uc)v$OL=?ysMFKe3?bC9`av>{(}`65R|<@5WfaU=c2j(QW#A6k>KRD#!`@wQBCn;XP_EMwdjv zzx6NwhUdQd!{tP0s6<@r__u%r)|)j&RAiqej>P1L#M~qlbCKbqeer;!6?VFG%?+XB zl~sYvQet@#DqEpsMFl*NL~4B#uDa$A+A)9Ao9)WF*N@B`#Bc21`=FVSPUamC{{=&&@+)ha&<;lk^9FW(H04le|jK-oA3 zGg-?$2jD1KFYAmUxt^BwnhI@p34a6x2ui3Mgu%5q1P!wwv5dU2j3Kl<@a=w?hlm=R z|Axoh);Q`PG#$FmT13g}e=?L#IsBMn#rh&-G#t~F+%$aU>dJ!jFlzAm^Henj-z;W8 zue*Ty=f%GhP$;YRVP(BU!@&p$5*OKHE5X!l$KUX-{jB?FEDsQJ;MKj^~ z!ef%jC%#jF!JB<%{)3>ID=6XwGwZP7#$7;p%X4ceX=yC)FBZdDzF>qxshXxbZC9%K zUP-9AfyOZ5Kay&a(GaTML1wZY=$J4X5hY~c$qX%WIyE{;ViIpn<#61%$U(_IxGSL= zHiqUVj!m{f$5Gp;EOQ0>itx58X%H+g#sG4--@qm5q`JeV$srVGDhIrqbS}qXrtr>9yIT8<{PnIy zQi5vaC62bU))s1)NR3_!;fP_m%KKFE#Lm>u zFMZQvAt@`IRZ(dO)Vke_c^`FL@*KKeYv*KRZE8Ml$e(l|`-bNDRCp!9>i6tC$ zV}!F(6O~}`{){uNWKm~C3uZdY3vCaNr?~+NrG>S}^Wh%wl2ucJF)L{Y09$UTHt;kb z{EK4&kNSwvHJF}jM@3xB43$B7Hq3wuFDcb0ecY+%zUlabU)j3T;V4ss@-)hjrs6OB zA@dRHVA@Z*Nle%$nI^`41FfO%5;xi5aB!Vedl5U582r}<$9R$HV6+?uDlgMU1ndRt z3ZG&!268Ozb^p|x?rFe;zoQ@%pKQBD(ZOYfrEL)uZ%oH{|Fr-0rdb#WooIxODS1t~ z?u6JecPiyTY*A`zFm2_8R<&)JHY;du+hJ{7qzO2Ea1XtYWkiTZM7w804r;(y)a@Up z#uZJr4s-E#k0V~|HKH7JHcsfhNttbD|9`v1S~3?06vaedC&BDE%9DMeW!oPEe`mDS zs#&bdaO4ifA`D3Xr}p%W0V^?^?l=BuguUzU0~iklsspqjj8F>z#T?$Ptz~?iMZQV^ zk~b)Q0hAB7mQIXGSEVwaoAZ8Lt%UU_f|sHy@q}ikl*0r#=mQ%Aw*DQPz%}U1RLsP| z4WZDP!}<7;O^U$(LbwDXbp%ub-;-*XHGVN%J*>*fzA!pL>ugy6D@MraM+27Kyswa6 z+k@xcvT;n0mQ7cvzDUGAr`5KT)e?LqCZl#5L<*8qo7bv1w~l0v0nXI4iLTanr}uua z#hM=9*$N*2b^zz$vzHLpeHqr_P9DbB|B=56JaHKlx*VXMulRE%)}dyrAcGZv}N(~vVCbU6XFA@n`d&vzXQn=rYfwombrRRq-2C0 zbw*vbY{)a`WAuBYHRv<%Hhqe0pG=dFm_cQ4S;7La5q+m-*+~uRf1d&0dw_ihP?y$lgYgRNV=t7 z$}{c6n=?3>UaF&SBoSYcNjX(>w+*}vunHIZ(03Jk)|+$P#T-3ZyQ_LDjqZG>nzU2` zW8;G*5#5!j#RqZ2N$W@0V&q_Arf)4kwVnb{gHVLB9G^Uu-gAcm<wsMo+vmQc#P4uD~XPL$a>1`YhGqBFUucr{uNC~N(z4+utiG98B z2VPqjSapKWH`4P01IBs((vI^Im|x%B`~^j_Nca8Cv_V{Hf7nMf_$B5(I{asoF4SdD$&e6#|H`=E=LUS* zb`QzG7wq;DaczZjlv|+JyD6lD604Rz*zpF;#db?bw`bhNZ{8g*MZ?VNb+)MbNI4m# zKBIsW?F)&fdo`N>cm`(qC5n1Y#`b+&j62bDU_$iRR@mk zp{S^O#>t&Kh?qDLd)HX@mol)C-evHQS`&oBp0lGblY%JkXO@AP46hh7vMckE1;e(Q zZYKuk$h?*;c6BM-pW`ZoyzRvztQDvk7H7gT<2P*H9`omQIIEqA#B9yf@|ccoLV}N^ z#|gCt7fC*C1M)rgG{7sWG}R!1{Q^!Er)TpF#%3N1`ZC0xjmz1KZv#T)_6aCI zSFLO=p78M`2%jq2!$zzm!OCJpKceZ92#w>Fi+e5fM-$hNCaiB9)kC{24GjA4{C}ck z(vmov^HG-x2@DPWUrxmw<>vhj48Ydf#}#ik@2nPkwLe$oQm}wRK^8Wt-}#=Gg75uub(|Nn5@tmIC1N*R@G%|{y}ExP zPi;b^s~9+X%Wy`bHjMb!cS|83DDFMFm`w2(bmj4Ur+J#wL_4tJFKlNOuhj>+VyrIM z)O%>W9l<-f`qF zZi}G_rMGyCue|Cc$~gb*D3Pag*wP{f4f%+RjUFlj;nQ0!UlQbjd3Ij(ZPs|MVsOhyvIH<_3b^a!F$8DuP{m;3FVp4 z#Hpl0_|=u5!&>}m3!wB#Tv2JTnRrT^fDuY}ZSHoCf09@MFjHDL9>!@Fj;9y> z7hTsBTuH!YW81cEPcpG>Pi)&ZCw4LudnUFqv28oKvG3jNzYkmcuwB(pUDf^2-BsT? z-+@B-sh*?H-xM>askPQFKv#w$iuYl~4-eIe*|vrH3%21WhTHJ>oYcv3 zFs~u1bnd&?wdZ9JHfmoTglt41lAc%L!vC#qnQy3ecHxD|=^e_SN6sf~>pW=;9x44@ zbv-%vA({5|o!9M6;SkbDB_}XM=w(@q>|SX_OvIdFFL4RR#wlnyQ`Hvm)*$k!oo72} zym{Btfp-WTzm!8)FKaB^Gk9ThP2rngx8uJ=eGYEQXZp#7eF;%-rA@G4iDhDGT5WhA^~iE>8+! z!?Ee{KQ4?5Kc#0}C)D0n89WaUO62xHFn#l7Bli}3#Xife5ulf(#;=1_1VjY%^YmPP zy*ZgF5Ptm-Dewm#rIr^4-3~95TY+4j4xeX)LHi>AbU`$O^32$^zyte(mX5G@iP&v% ze}%}tqOo5_Aad4{-?~!3$NCw9m6DV2jJyDqn!X1KoGHMV6^$u!Wk8xo5UkEUI(~|=Oedm_-MjsumFrt}28_ECTRPrf z5yCGM11$@;tH}+4T82wyPrlznPVVA}g_btgMN=G|tJ)~KW*Tv2K%|7O4@EXoMm}m5%C*xMD{^+w9S zNBV7JDTC>jF<@pyT$wJv`o-a%sc1iOy;Jjy5VwH8UPwAGy#A1 zu;}g+)jjlzD}B?g)cSQs%$y>b;-sHxYUBqFuq?<}_IEt&(vpg}@B#@}Dz;0jewsYl0I zY}!WJ@3y^v_-3}sCJZ`c8Rj5WNy*HdT4Ne z3d^`Re;yB`1ueMc(i&q;UQ-cbUPBLyS}%RetN;R!&o}u+&5hy>#x2CEu@*k>_7g4r z10;Odij;CyI#}>v4X&x#M_iyZY*L{HqsuAeMZZ})Qj!LbxmtK}!42~-Z}ggD<5s$$ zZ~Evl_5MxFpU;y}bo5EY4B-r)yJK63%=cKpzHSRzvR!j*gqJ7^R+a!y4EUZ8PJ$4K zfo&r4l>m}C};OHr_4H$hgwC!?olZJ~06fos>8;N6E@H+Jc{uB9Y-7{+*? z`H1@?0PZ9u88{49)kI90g*U|ZfJy$+>$-+6Syk+47PBG z*61NGRog796&IDqqB25oF|g#fWK=vyWK=8+u;ebP{BSXd1er8DKWrvCt9PAv)yEjT;>u}T+uy% zXk{EjedBP;_#+d)B37^XGyNY)C#*utjs{iY3-MLc(+iTpRUTAx#5nLx_iP9;G8|!r z@PAwhVm_9+w_|1p`fVdi!yRPP{OhYXes68@^fTwNTMCRc&Hk;`*6-tOc$Z~BO&y{w zbe6A4lEqRQz-876u@oE(meakuRwno(!M&g*U=|XLeR84*^XC`_ED5I96ZR4^sS z3#XLbl7xfR;@*tZt6=_hM~$+sT)8NtoQ@HJ#1SmONj&}`Q8K33%7F`|l#u_8Wh^b@ zC_dOXww}$Ze(gM<*<&F^YDZsCf}dOhihi4SHvan|pw70HXviq3V^kyH^RxA4g$*-V zZRu35$=hm<`(dr?fIhW^Wwueeswy&iocdN8Z&>hB3r^_sU9tvCR~{UV*0kOhx6`~^ zxaZ;vc$T(==;{F8nG55hrSdOR+DTS{!z$q@&XQ0TIyz?`e6VEXfh`Z!Q6VPobe|I( zAGDOa%}ZY2LW;BwM80Yeo|OxlZVL;9eV#7Iz(F>oN5LQo;1!@SBk#(atRjNJ)O(vu zjM?7`g}~M&69ADt7|kK~Hw1*;bFNa1v)t2f6dtqf9_!Q$_>vR6gY{q0afnZa;cve@ z1;yjTo%~$6Np>SqoW)_=ekmh4TJMd)ZvI+sFUH1grh0a#>1;XC+F}fjx~4Y5$@*{r zH&D`d*zpOdJR)oi^E6Icr1T!E!<{%LCrN@&z0+?Qz!qjoflr*TmOHH8iW(gJ4Ilw! zOoh6pjYjBi)e+PiQw*97aQaJY5|O;J&x#{@Gm_~VN_dnXUHPa%Bjx5EoMDla`mdW?QiwZx3-HRf z7-;2Yw@@KFwZU5>GBQYGQxybp47AXiABovRgSKnS5M9zkZ@tdS4Xk6q^eV$@1{TV%;oJGSU;Wo^Heam99oyL z9taqZiy?zV?Wn=x#8_7^vAF&Yy-@rjiQ9}j=fQNh$h*wdTS{)o2#{&eJI_Z998dqZ z>eD=F9EGN}$aq}~?rt?~w$bcR6S*eOnBjSL-CFpx{er+iCWO3tpNadYTzj#-bjy)@ zDg<*My^ZnSf-tKuq$#U>qI+=V3ZaVDVe7tseTtnd)qK0|TGOq!D-Ph^=eW}CGI4gt z==>c)m5Ed)x=^5?zK_~B$>|~?MBWuR*!+&ZASV93OK_TzNB5+t^;8{%UfX#uxSS-} zTn~4g|BwJH2CP&DuA)78Bi+VT+4XtTv}8`xp(DqE)0XhwB&RY%}%gPM_$vZfjX)V!!T3j zr(*|RrQ;0&o(S`sJ<^6qPSTU~>xj0r?P*cvQlO8Ds9e5IemYqcIgEOuG%8r?u?AZa zN$RoQ;<5wnnw;4b&HTz6hMuFW5)0pi5IZ)hqY&*!LcKaL41_q@6`|$0_H`{gDV%8} zhd~V01?iLp$wlX_V`FlTYn%wvE0Z-kOW(h3ZSI5h+m``@m2sUtxfU@@zn^C(U<|Ah z^rpi0z(wQ)##i?dlW-$hcoz96p>zEW(Nnc|Wi=QgSl^y2zf zv9z2XrgybtREtxFuK(*!;Is)vfLR?ypf*hDqG;i6T(sO{)`q$Isc0dm`iGlHwz6_@ zGne*S`H}5HBA4-j-M!+)5w{+=H$VCk1;@hZ+6Ywt^PQ0$B^DH*5zlZ31;f zp=m*QEITKbx-w%qz68Ay-UgC+mSVng&R-?YEkI-i?*q38JMbk^@ zYem)|R4&su*~eHt7&8FC%PgGqH=IvRS2+fYn7gnGSh`xXa|3b}(XD+2BrwZ&(@QCA zaSm3eyOU3o!ZOG{|(VTM8-qz2c*2;-fj|{!&%aMe-6!;6)t4$5Q%?P}W@My<% zc*m9l?-yVrroo9fwug**CuguhsU7#_6`^z+2BG^X2JfBWetGN#J+|xUJO>-0i+jAY zZ_TK->7w?}phHJ|%`oG|<+j22$MgE%YHasTmFZf&vm?27vWQJri%nO_O2iDJB2~R z9B_>uWBNE@S>)zDGZJy=p^|3%=oB4Kmq$9kTbOnTkSh*8F6(qMaCXgyG7-zqF`;L! zcSQ(;chG0ra?W}g1pe9dk1A9ZoX%VT3TLJZ@&e|DgM|H_hQUETq+gL3vXY3X0KDbR z@3kpGpBIh&KLBepBAA+%hpXSIP?i5VJr)-R@mPM%Eso-QJs0JT4Etl0=9s&E5e`D`;XH{Ku@%ro#jmsT&E& zMCTcze0P_FDM&E)AYb#n{k_)KKuPA37qpN25qEIb9xMFf6lCHy-kwrvIHWhZE>C|i zl)`PuNYZJ_j`{&NW7KUDnA@Ij)-M)+063+~pQJ47y2FomR`64&{M#ZfwPyr`f{dC* zgz6-EtQS3D(~g(zNmJyFAMA+^bg7s1 z*CAaa&aJ+gyCDg%Y*8go%Z>XIYG!6JjZDc8Hwop_rS3vN#dBYsOTN}PP~Q>UAer_X z>2IO#l211(Z1x^=RESKxhhp08NVv5G-PCM$Z;OcNyVD_)M%s9?84mmL0Ka0?n+m;f zz=TuXoTd|$>vuN6NI$RH{okyow&|yuP?4H?TXEQaD>OtT%wx3plrN>FXJ;MxCYjvx zt;I6%)Nzh=75aH1oOChYMJlBUpFYvvA--1Pj3*~dvpvM+P_!6_?o7nu+A1UhNjX!B zC7m3(cs3>8W|_7PZ{^ur;XY5{Ytv`Vq&)P>`P(!lepze9F80LWB%xGhS9_Vm>{QMj zdh0%Ot8f`9L@E{(vlvcG3+lcSXVjoP-JnaOwStu-QQ;6avgw%;BCI$UPn4Y zq%k3-39xFs@M|L-bdYjJOPM&N}5q&W?;>{!<8 z2@&?jeEa1bKDVU6B|dZ3~2g>HUsw!nlidb%Nw7erHzdQX&NTmD5T4!Ct40-EGUB@ zNxluCv2x&OE^zsjx;b!TT2tdIy{iQhF$fKJqBg>x4?Gox86gbQweBl31oK-DlZfXm~RIa`oA76?2ulA z0@6G~Z`632t_K`K!c3kH2rL;rM;{Ra21_xPF1cr#OIj=PC7lSMExtTg;}(Ve3%EHI z%tkpKc^X`wpf$he;}M4=(Fb6ya!9r8R=jd{iZN&Ef#0zPeM8F22 zk+01uOhFFzeF|IrTg^|Hx;+@{9{A-oxCGuo-cpkGJ|iX($HS`|^F0Jf(@(a3a)ikniBU9d<3OE0Bg zmRNs(XGF8p@3R0{*pp!{6Vy!`_}*vbcI{}J7tM~cYw<(U!Tbu#sPK%j5E*jSDG^(q zDGTSH*V!3AOK#rOq_3DqWHUxc=OzpLCVa5qjb8^!vU>CMXeWfpsk=HpUIYDX3D7Fx z*^(GnByCjj8u8Z|&>jypo>(Sj*-kE^4zL2{s;8$_oNPBuHLd=wHQG{IFp#C>K~w**Ln^bIeSYku3dKe-Q~j9#<;670;Dp zxt_~~Wd*ybewvEBT-1A3JMJTDTqPp7@1uLg<#l8@8At3r?AauHbOj8*vv5 z`~WN}Spx#?70v)njVlZSDV8?fS!W`|-dZ;rf{@Omw32i)F`D$d03D(>w5|7G8h08e zBz%8~=adf!EM*b#ClCImAlI>rRns7AjJ!zx`mq>X00i7m2)Hl}clxEGzjh~nc#Y@- zXkCjnJ9^?zQInFnF&TdG;du}jD&hCZqkIi+GQShj%;e0}?r+8j8=)r5->Km^voNq! zl=*geB2ynHK0M`UJ=sv zphoE9$p+i4#q#p#Y6~6es=!&5t;GO%k_42lnAzNQdE%Jc9O`sNv^^aWaRC5qhbbq zq6V&x2E$w^Yn=WG-y-8GztPI&}`Hc{th zDGRK2_goa?2^Ckf?;%+bQQo64kd44FP>9ff<^9a`!Nncu2-quEW%eE+T{^4RZzG!M zyniN@#vM!&L9L5CA>HO3l46s5tog=lN=Q_aG^( z|7di3_;n^RhG%lW&jVqiro==hI(4$T-`U+`n>2t3^4qF52Oocr!&iw%dFULsnQKC2O`nEzNt}afx3svW z_U6BO#^`7lxJL=3%i_-LAHE0_STiEn!PfQjl4LB)vw$C(FFFdLLuF_bLCe{jVp6Av zIKFbz+BjBggUK|6ZbU&smj0zbR@HV^Nmuhfw+5}4x=%m;5RAY?Gkil-%iD!h#u*Hk zWeXr$NPD4Ea^THrywX#G#Yv%v)b#?=`L|QFM0rMhP>7&_cJO28CXu6H${tNqj{w(iBjtm%d$kQNgNX}DXE zRPvIe((yFtjs8h<;hV}@oAnSwgW*p%fs?C&p z+xU@o)0pn9Px|~RGRSUf_vh*Z6;`?)1x4AA1% zk?o|5?hAt@JcpHb3>{J^V1oExER%p4nkEn$~+h8;`a>%ZH-x_J_kJ!vt~6^p%sbx z;6N>7L&Zz3HFNzaGFGL^!XkmmnX2`lr`P_p;gUtC+N5kht$5}&eTzs61Idd&!KC&2 z0)zYk>klBG0B`SyNs!kqz3Xv2>_q0zdB%)_i}7jQgz{vikg?EA#d`ePhDzO%T>3oC zDQZc}%71!^BD}GP5;&j z8^-y$HvOYcF~uqbNsr}e*;Yz%N#wO_BW#*CJ?NKTPPHd9Wx`8$g-m3vWq3L#pn!*} zLr}oou`Y09O!_NTFA4Vy%jn{sV#6nL*=amu{GyD`l&9;t<>yrcMOP(9g#E(9-;Bj7Ee&W$}SUE7Qz&WOJ|;YxFL{Q3BswgQHy8VvkCq(1aL5r1Jt zsAasPcuGS(2+g~fv$*c*nCFHIqu@qFBeA#V6GiSpee8A^ySm!V&Pi2JcAr1di26xl zwlx026eu$suR}Ept8$fUI}f0`KjEB~C6_HyHnhVwwhrp~*6LKnuu?kpP-CwrTuI4; zIVxVrCg(kGpJ}^1f$2qWAY;t%`A(ZGh19N$5yp^L8_8tIo5lS@;8m(^0reS;CJ9eG zpKM_byo-q}z3o`~_t`%5rluaG0H4oK*Fbi(g~&Z10fnWBZy*$IvYDA)J7ExkUBkhO zG30w}Qg3z98}SYR9iix)754X%3S6$83rXA#-2mZrxh9;9Gatj;5C3*5{Mln?Z8KO_ zRmu5MgVCA=UtN<;&*gR=1MrN^l3zG zBW9GXh9Rsx%QFWWj$X0eR_z@;RRPuqRT-b`%xv4RPC6hlOeOBicGhk-6W9UIxVs_0 zb8H1baK3+N3ZJE^Mmy1)l)%92!@C8Vcz!KdI|GSR-MDr4uzR zP5&rUuG|@={=I(DZG%sSoH|ts)M@7ie}I#3vvm z5ZLqeNB>;~9lFL1h_*L^eIykR^WELBfjj)wUH2;+RtEM-#uT@VXAk!J8ACPY{hb*H z%l+F6%YjihFrz(wU>33Xv9E@k!U3cE(0H_eRD;zIAHub8t0ok!o<>oj$!S5!8%Z9R zoE@MCR-_X)I7C25wX}DC!YbWt_fWY9GF^vDTvi3Mdja+5x&jLiv}bNa1YiBP&4DZB z1z{>N?f8QfUG|s9#OL{02H9|15N$tEZZ3lS9h4bQy~UjTfld;ZotmrPx883;vO%w> zUju97rxk6XLq4cH5AG+6HG&lhVKwdmoYHE&{tpOGAwq=|IXUta|BY06pKtF8@s)z!SY&0Ira5L6B++=rSz_Go^iD{{} z%rrt}rqVCz-Js*-GGo0jpsC#Ad2}|5s2?o`Z)ZZltLeroBSw71ibgMD!oy9gFsJX+=pzYmv{`-9uyA>d!;2bSx z^XUT1%^m#M-cn-|D*m@+jRxV9Dq?y)!ea{o`y`{ZSoecghXQIfw&PMzJztZy-(=6u zt*h=sK$5srw}YTox-pGg57%owr`!IL8l|VEJlaff(I-wLvu#NzlH}C@C%R4%Qo~W> zXv<;NKnZs7g-p|aWnJBHu61vYXUp;k*_KkXqvV0IP^~-C>5SHFc{0%>JBTThF6R}~ zn?H$SZ$Y!B!2Y8_i(YvPQ(W*YHFjlDF(rWE;Pk^OG`ny_kHDPMh~BC_-4j`7U2 zlP=Ox@xMWID5Coph)!T8$iir;mF_f@N*IB@T(2j(rne3P)-=;~gb1k8W;OW5z$PuV zDu2ql7<^VL&nvOYmS7+N->SE&^z$H^QI+%CNAP=bloZ$Z&~^R~NP{`IvdAeLd!FU{ zuKRBR>rGYQbMWKu@~}EoY_=dTD$A=0R|k=8?=QU4e@W9n4p}4F`doBMg=`_ub>4C+ zFlEqAe#nC_`(~4=qsuijDRk$;yI&StEA3j#k>&5x*&{7qT0@lGlLe=-psrq4K+?>j z&dKS=JsJr0par|M4xcV%~5fNiZFbL=`gd*LTnx8la%JX{qYMjHDT15rtLp0|-B zGrNI(t4Kosbc*+c<39I!MB~O)!vkOUY6zaZpk^imko)lZ>C&9|mUmcQm$i9*3E8g6 z4JCy&ZcDf1ixeRDTztB-zwrqK@xA~SDm?#O?pD^S@Gky;AnTRdGIj95^mo?=bGU5M zEq-^n^%Pegs^5+gk}!}D&mi#9Fb{O8<0;M!UH9I^6eLc;m_cC65R&$pJ}x(xUSfnC zSzLV&JUwup?Inm8etP@tch(WiO>hxhZd`*i@n88)U{T8jzi1aaNsFns`ATv+O@AiE z2PnQqj_qt^d-!H-y{0EPV|MxJpzaqEnf`b@&&dRCnbh+a^VRYp#A$h;v);|-Lr z;?qEv45!7!Qbwwd-R_BJl}K~&W$kMW|K4-zl>ec|bA93<4~SK^6Z)lw*HGrfm{$Ge z@-Gp;2~}d3QRreV+{;c{1s9pZxHx{Xux;;q9-#|$G984i=_#~fsK2Dji6Wq%^ z7GypG994)c_4gNZ2DM=sP<3mC)e3o`0_9?MC{r2U^Rh~W6#s1q$;-g&$AmMHx})n^ zI?-7$J2ENCX~QlLrK!Lxxda!hvz;6BNNwg7g6l^cX?krH=|~?FCmwUYBwlHS=~@Zu z3~rjIGKR|k%sn5J=s|U9;)90q;`V$Er|Lg7U5%nD6`xS7zSdo4VFVTiAyA$+&{!g# z(6A)4J)U7bvdacq`o5i-T9*g&BC^SL2`<+~;uSwKxW{-DTXaH*n2O+PH6x9*ZDoRK zqCub#bv>gXm(Sz`QIX zZmQvM=culrj*qT8=c2TS>ND8o6)#Sij_`ik1DjP43O9VO3_afLRY8HaqAxz!N@EuB zAo_B^9?J~^drbHYs3wTcB^%Llpb8x*}MP!HbYIAq)W!=@rRsm9l1P-Pt%M`ep;q`QNoDv6AD zBQ@FyXz+8b8XaVOk6gq8x~S$Y`vd`Y`9TYg!uo$eBHqNaCtkskH(;o0#7(iG%o=dD zVy*oQzcj5qwdk8-qoZnZ^eXS`cf?VCLqhzB9Y(7bDrN5dw4TZM*m|9>-6` zH!07r(mkskZaog_Z=_3C1+dTB;0s0Jn5ycU@@EAO7_TA+`z(Pmpp^t7jNV6!VFIDb z5&%sb7EI_lztT3k?IpC=x(Y>J%fUgJ?Y(EqhoIu(;*^gd|Np?%H5^dTxJ8twGxB9w ze6m<;jDU75r~L`>ADXmEu#Dyr-w$obm#?dgIegjIzK`7;3LGoDow-;Y!p046?&r=cnje+Fq^qbwU1|P zwuA(`1dGcsfXB0Ezgk8fAc@6VssxMPmSCXR@h2lY%x1_D7@jlB)qBJD^UmfE@>5E2 zop58bT)pNZ5>a1ROq6f4l$-HxtT-l^YTZ?RER5%thmu*XW+`TKjs8`@xGaU$y&=v$ z>20~c^Wr=3YH0?1{2ItXsJWyXPRj9Gz@-kg7|LlpK0IV zoP>C~{%-Debzw5n&!EA8mlO6aSPWiL`C|C-UX79I@u_z+^S~LN9IN6IEOz75wpgw+2_u5Ck;+I+{P> zdiG}z29iZpvEP@@dE^6~Zq}I2x*7cfVD4jR>Sj)j*?s)mK?{o7#=_mof|{R=8zC2; zL7dq;!{sBOi_@2qOVH!_%j;(lZeipNsF0LT(f{YI(DzvH3BrC#56g{YR?%0BQ~poC z)b4hTD39_#5Qz>*$R@QSmFa)%LmG1L?*43FqE4BRK9BlTSCSEsHV ze+GGf5P{lLXI!6qDHY>6O&4vmCVD#e1?`53ZVA##4N*Y_t-Lxsgz;{wo~Z~UF@eKE zY^h@ZR2tjUZ*?LJASV>mpx|4xuxlxmFHu}?K~v^HoI-*x8pqlG5G3Fq;Q#VP#2q$< zg1jtpoa64T!u(8MYt|g6yN0-_8&tKM-AmK7KFq@KOQ(2SPweMWe=7PuYd@7yP!pW= z3-j}9`Hg$uyPF%=1tA+fskRD;wp={etQBMiK-SItbU4$pL8!QO(Gy^NN-^*B)3jci zsF+0!;Qkim38?%DTAuu17WQ}pO{6fP&l}3_xzQgJjBBNtJ6BONP*;1#sA_xB9s@^U_P|GuLn%-998Fgf73+b%!^oY+HtQtUp)y;mGh zsl@sJ21^ zTi<1g4T=&yhwkB}@jf0q#h{(J==d%3A3h zD}a6!LS}|ew?fm}G3pnDx;eT{qj=piK@27nV^fNIuInmWYF^>OmE){G3w399LOpeP zJ6r4&d?+?QC-ogRAFO5aUB)0Oqz$Fx0iP%3MlP$G*%fhfKau{EJaShTUFzmX>1v%p z4G+i`#hi*~Ej3G)aW(iSS!1Pkd?pyj$$D%QpAMqu3A#N2E*0?-{1XZ65K<4q`{{nv zHHj7B%tmrAQLy_h(WIJa+TR;s?j|GV4HQIM zh`T$ltS)1UpoTO=0`{zq7naK(>pfpHgzESSUy{F!$d*Haa4NK?WErevf)yeg?gTX< zacf?fyZ8lj`EOYKZ$?cnpriM~?=b-!NI ziS>j6ZJ%$>eXTF^JNvLyB8PX*8{j*-`D_0SmGvE% zbUi8Ul3C7OOws=%oOV?{hIC+`v{W2{#nBnPI5i|)Tc za=`aU_Xb%ITC6=*?itgT8wARt-`-A8Hi3ijQg9HaJVhBP%EX<2)qa)=cKYPwy8su7 z1$=`xQ|QARMpKARGR4D@zX{G16SM*;xOgc5kUqfSw-36>MllhD__23MQa9k<$*;ir z*l#;5uwJlUhCOeFQZdnv*xE&9=ZDJD?|0B#=VPf{+R-NI-&;||@LY3cb)bkQZDOsm zg=mYM{iLN6zX8m?AG811L@8HKRw9R^5JKh0zGTHy+7%8O&Os{#PvFN)!U_F``*%+_ z)C`XkD1usMpM}(is{50|IcCtFm~1bPR3QMt6ls@sWc3p+oGru!?f~p>+*cBqQFRx# ze((3M?rQ(plc645TzS%&6rXXLLqVY=ai7A6o#);Svuc9rS14JUEt_VZ#^P5?l>Hx@ zzr0d;vc$Nu%bYfxR(U?XQ|$Z6Q4hWCcwK2x7HMwNdoqj>2negJMs|J?Pn=!#SjZt% z10D}k8hj*C3}&SY9rRE3-~(c_5u{fzpC<2cYX)CSR+Y<(AzC0(S-i4vs_0R7B+70P0-gjJNxc#}S-I?V=BjBt0 zyU3OCNBwf)?z*j44@{68CfEz6K@c$RlbP3b&VvKH24a|gnxh09vdVk728`};lH+|xY8-4-J1Vh3NqZ6%A(JSEfKFO zZIYaJRr!Mu>z8|fh2ly0mX@IqN!a$Epg@$>yWcwYHtjCZ2TAN3CPY0?i~THfH%E%R6-w=2-S@>( z%xYS>ffv>+`2{)MI2>i#z(4iwY6svRYt!!?jmX9dBdkEF*$-Sf_QS^obfKZ+m3&R7 zn59WR;kzDFXu}6ZE?gV2^H21U4LirGGgk{OA)VbjJ(4b~!VVJ+CMQICe!WvI+V4%@ zMpje(l1QH!`68i4z|GB4IZ96lY5)0GE?Ux02U-qYR`=q8=TZLaeI2pHF!T)L%??Jg zni3mL*)+glVfGOBw?`WpW3y`QGpE+tu7<2zoNdFF{29nVQ;i?U;{f9ufIRU}H#1>3 zaYCW$kLq}|?)xJeCf?w?(;gls=54i;647S#^DU)gAPjF8Yj7dPVzhJ&=C>3j)|T9Q z+{nB0O9E|<^dfPM$6Zci$HqKlZ4=2q>zv;g@qHB?+GMWN*(2^>0HadQzgkWos1 z034n7m~yS{Xb#d$AXY5Hj4A8ZYkCy81t%gs7SWMqA_a|-9ocg!bLvbGR}|S$@*NZ@ zyE$4w=x=C1DwWlERSx}W(etWi_x_;BTOe+meDsyx+*8%70hD!5&GvUUa#;`9LZHhTqXX>P%&Gd zL(z%dXIC=PBXifJcX2`KeTtpz z+Xo+j(a>KVZwYxv@hzOarP=Hng^DN5&2OcKQ}YR-n&kaW9zC3_7^ zh^SUl;Jf%_r$u}4c1reOEl{2dMV9Sv`q5iXEK#v@dqQsN`zIu$tm$CpL&SMf55~K! z4x@ihog}jQ&9&x4d$6Dj1FNu{?Fd!eMRZ@CNZ3zE3>=E#UJN>4^WB~fy2$|RqxpFP z?Q78*!dUav6#pBFBRMNHGk(9@|L0nRtH0^yM+DUNJPRt0Os5;dn0cbusw8ld5~+@N zWGK}PaENDZl{5YOTX5QvgpZEh?{bf5B+I0%XVt){xD7RcpAVX^_RX5eXBKJ(IGX8i z)ayOPo)7qbFS>B^xC?Q0Uuar`MWTvmelx0Zq%2k~Vo zgt%RX%->53+o+BG$1y3$?R zTMfspQ-iFv?^q72rEMvkyY#4YcwkWJsmp?PCqYssw(HobD>EWC(n*k<_ulELK5QG7jgQ@Q z#$^r$Gap6Zeu{!A*KzOhJPJXCZeei?tFdGkV@{1xcUO}de`V8m10#I@+shYhP#&Tl zuQLn1n}ss1?Xi|jZ&ej&c?~c4Dg7-|Arc%);kQ&}+BVp7De6jHgxvT+$Dd3HocJjm zVfn7hC7_04)77`Ver|-LQ$C9~5d4~f4J(CWqFztj<6tSS~R2YhKWvc!MJh%S_>tj36#W$>f#eU@Uby_h_;VHO2 z45lcCZJL6FHy5YpLi7N#YIf$n@*$&&dm_M4Iz*j<>)$Dp2pNBofUX_Lc`0uLH;Ttt zLoDijH^CdioB8B=A6zpS?El$yN3Qn)cODWhsE|mVaKd>R6FB`C9PH=sPE5d3^jN8; zsUO^q2s=H43YqbIteBqk_F&yW%KK#;l{4~$p!|Kbgsxa-+?Xpe4vvqH|EWzEf45fk z%j>6&^XO}s;9$yTY=)u;QTDIckNF%Tiobb%aLE2C(TSy%fAD64@{Hp3Jim-RKk{!O z1qp!x47vG>zmM?SHpjzDei~GSh_c!5<5@x=Rc{ZaXHC(H-RcRBDR)v-?KwHO-%$2r z+Pgews*F(Gy$SBfu8izrABtv4v;Z^c$5KK_=Om^8kA)E;A($KF@fghfTh^Pq%+Z-2 zMbc^MM+ZvbVea!cWbXSe!zw$*$T^ekXIEh5LuKKnOfmQ5_KUuo%z2!oLkZidnJDZ=v_iDgiR-W0TsZY{*;t9-|SfM3Gu((!u z+3Q8|)g)6R^*bvArdNetW5y3kGk(0(gkLE_9)8AOh`@?M1Mx#?B?wF+6!?9mY)f;= z;dRMFHA636U*@wL$lqcl1Zv}wzf4gCxiYQ-GG>@N!^tjq4DdXkqkZA>faAhB<9-{l z@~^lN*dyqN@{=iw5D8`}e_dqiX@zTuIQbNWFvi@g z=$>n>(%Gzhp*SQQ&hT zy?=uk12wXONsAU-z8Xvk&Ad-ave=buqrAv^;!(VGkN_HUBj0|5NfDb=O(cq)2?q+{ z8_EDy@Z54LLYFwye7DNPDrluLd8&ogE6l-bxHT<@1O%wxG9)4(ppse{65uA(u>0BR zT-yL>y~z^gp5OO{TJ!I?yFhth1MZU}dI?v#0s}Ku4;SznxGsp?@TMY~cxdnL%x^MFZ7=kb zv=j(p8sf63E77{n6sKS(NQ7vuWR`P9dO1-nW32OJf6q^ln0S}@Zb>p48}-U?H)-Az zbV<0Gl}!q%2X^b49zeQJwdjIS5_uqZ^djIQRdROni-v64z{(ArG-o@Z*#QuIaxcdHU zL8@GEN#lBkF54DZ*4m}h^TnCGjN!-B>ToI}oW4VZriC{Z;oW-nekg0bXZ{BQs^rKv zL>sa^ZN>0pVOS4hg3@PfQ>LTxlx@Ir^w3jQXG1cla`T2HZO1pZCTYD2CMDgH#4jpk zK!RVS`N&+ro!O9d#B&ONz%+d?{JE`$66r*)b3p0TGsQH`oWV=>813?2(uE2>-PLA1MKa56~Ltcu-+=a~`3Wufw z+}Di(JEkICB&JP7MX_Ispj$VMDc7hi78i|yZPm1;V|py+Esd&On7A~AE;E->)C*er zhKya>-MEs)tAcx&rZ3Y_uvrsWb|)lAyEB!&s$`~E!!V|c1}+O(6~;!^vI;Z>e>I*y zc)KPuoWMAR5o81{IsuMEAX{fnkj>Kb6G3c$d`MtCQoTT5^%6mcbP6(v>>CT7+_|DY z;*SAjG^p*!7*gz{plmWNRNc{zWCPUtDqUuPGFsrL1gkV1E<6biUFG3w?2>v8s`9oG zf!8^F5ReeO%<0G`Vy`iUO|lSO77@Zc?Gul+&XIp;vsuGxO-wgxeC+wT7eArH= zqf|_)e72SQH2kCtM$$+mQ&LK|YDH^aH>(gLYwR<91pb&Ed{MZJCs3ODNdjZ&7+VMY zD(RJlq}Yx2TjLSORnEHED&$YTJ6Q&@fdyzV@f)RCt29?RnJNH%n^Q@O0_ryh-yA3b zRmi8@h{02}GKN;@`(6H^O%HLaM8-jJ>97CHpNQ zUY7+s3N%_DdKCBdQyCzYtyCrxi;W+G^D#GT<R*5%VrXDO0Z z{ZSjq|DUQoKtAYme#k{`6;kC#{#QnLX;410hbS~pXgJ@3CoeaD$lxkguz8&3`O&Q<@Hbk)i zX?aLzgUhQyzc(73b)M$%MA=YdOHI=>$?r*7Sv0$+sT3Zv_$Pi}@q|3rOX98(Q&a(6 z!3G2`@hP$rMMDMzJKk-E2-% zepzR?Gv_$DL6Wyh2;1iA!p)+RWtme}&($P0XjVJq#r*_*CPt%dCG#@6N5hT`}p*d}$$pg^Vi1U`vuEl;03O2?D)}Ne5ZHsYH zxhp%23;!dv!MMnMvi29(fd1aL7uTpCf!)PT+QZviT(mt+drQq|p0cgQHMDKpS=@O4 zel`}@SRa9XrJA%SZd-8}~H zyOhU&ndp*BzX`TX>CuXmE~E8YC@m=pPWWY#Pnwg=w_z{C^@{|$<((+ff@C9DCGkl% zKb|h~mq0I-@T3gYmGPt@{>GV3Ebum&>Lep*Ot;QwiSRPAEaz@cE;*m3Cu2^K*V3R?}#VxjU{BhM@HUp4X;$yXe z$1awn!hmy8arJ;>%P3t@$2N40qKzBi$PdT*+3m~dme2fEC50PRdM%@S$&Fg7v8^2+e8>na=56#7v*<=Lq&OKQhq_Pi!F`$Cy37kB|sq?s~s zJ?g~uw$1Vo`NL|tu|uONC9|(xdW&7Sz5Igbg?11H|2#Q4?igquclP{;UiP{iXhpqu zC0>zeqoot|4E`aCdug(06|K0-nM^L4gR(kud5RLhrl5%SVw+k1n4F9eM zV@vG1Cdi`Yq!tvLqE@RHrI5saitb>v*atrNuim>0Fh;!0m!BK)X*e%QmviOpIfXV4U)-guJSz zp}n0lGC8@1N_g4=nWgoVFLt0<4ubSlE`LaHqWOztrbfA40^_FAo6t2zZM3nM;dn~;4;y%>j(dYmBs zZ%=7h-BzW}TZuj^0-4ob>=t#DT%YW|Pyk!MT1yBQ@vK`vxaBZLHke5=k3B!(G7Ya; zS(w@IMglGw3D;O51Kb|rP zd6e6P7%~O4+p>8mOok)yNU2kcjlwGdsfVE+w~LFnT0QA;sF@NlMcJd zG3CJT4m%nhtqS{Uvw6^N^X`mWZN1E5oKHCAOJDZAdXPEL32FUb&!6Yd^XK{V{Hgx@ Rp8x;=|NpT}gscFB3;-ztlWYJ0 literal 0 HcmV?d00001 diff --git a/keda/Chart.yaml b/keda/Chart.yaml index 00630d89..0e54884f 100644 --- a/keda/Chart.yaml +++ b/keda/Chart.yaml @@ -8,11 +8,11 @@ kubeVersion: ">=v1.23.0-0" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 2.13.2 +version: 2.14.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. -appVersion: 2.13.1 +appVersion: 2.14.0 home: https://github.com/kedacore/keda icon: https://raw.githubusercontent.com/kedacore/keda/main/images/keda-logo-500x500-white.png diff --git a/keda/templates/crds/crd-cloudeventsources.yaml b/keda/templates/crds/crd-cloudeventsources.yaml index 58b491c1..f3b08758 100644 --- a/keda/templates/crds/crd-cloudeventsources.yaml +++ b/keda/templates/crds/crd-cloudeventsources.yaml @@ -28,25 +28,51 @@ spec: sink properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: CloudEventSourceSpec defines the spec of CloudEventSource properties: + authenticationRef: + description: |- + AuthenticationRef points to the TriggerAuthentication or ClusterTriggerAuthentication object that + is used to authenticate the scaler with the environment + properties: + kind: + description: Kind of the resource being referred to. Defaults + to TriggerAuthentication. + type: string + name: + type: string + required: + - name + type: object clusterName: type: string destination: description: Destination defines the various ways to emit events properties: + azureEventGridTopic: + properties: + endpoint: + type: string + required: + - endpoint + type: object http: properties: uri: @@ -55,6 +81,28 @@ spec: - uri type: object type: object + eventSubscription: + description: EventSubscription defines filters for events + properties: + excludedEventTypes: + items: + description: CloudEventType contains the list of cloudevent + types + enum: + - keda.scaledobject.ready.v1 + - keda.scaledobject.failed.v1 + type: string + type: array + includedEventTypes: + items: + description: CloudEventType contains the list of cloudevent + types + enum: + - keda.scaledobject.ready.v1 + - keda.scaledobject.failed.v1 + type: string + type: array + type: object required: - destination type: object diff --git a/keda/templates/crds/crd-clustertriggerauthentications.yaml b/keda/templates/crds/crd-clustertriggerauthentications.yaml index b1c18beb..2f371249 100644 --- a/keda/templates/crds/crd-clustertriggerauthentications.yaml +++ b/keda/templates/crds/crd-clustertriggerauthentications.yaml @@ -51,14 +51,19 @@ spec: globally properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -135,9 +140,15 @@ spec: - accessSecretKey type: object podIdentity: - description: AuthPodIdentity allows users to select the platform - native identity mechanism + description: |- + AuthPodIdentity allows users to select the platform native identity + mechanism properties: + identityAuthorityHost: + description: Set identityAuthorityHost to override the default + Azure authority host. If this is set, then the IdentityTenantID + must also be set + type: string identityId: type: string identityOwner: @@ -148,6 +159,11 @@ spec: - keda - workload type: string + identityTenantId: + description: Set identityTenantId to override the default + Azure tenant id. If this is set, then the IdentityID must + also be set + type: string provider: description: PodIdentityProvider contains the list of providers enum: @@ -234,9 +250,15 @@ spec: - tenantId type: object podIdentity: - description: AuthPodIdentity allows users to select the platform - native identity mechanism + description: |- + AuthPodIdentity allows users to select the platform native identity + mechanism properties: + identityAuthorityHost: + description: Set identityAuthorityHost to override the default + Azure authority host. If this is set, then the IdentityTenantID + must also be set + type: string identityId: type: string identityOwner: @@ -247,6 +269,11 @@ spec: - keda - workload type: string + identityTenantId: + description: Set identityTenantId to override the default + Azure tenant id. If this is set, then the IdentityID must + also be set + type: string provider: description: PodIdentityProvider contains the list of providers enum: @@ -304,8 +331,9 @@ spec: type: array env: items: - description: AuthEnvironment is used to authenticate using environment - variables in the destination ScaleTarget spec + description: |- + AuthEnvironment is used to authenticate using environment variables + in the destination ScaleTarget spec properties: containerName: type: string @@ -346,9 +374,15 @@ spec: - clientSecret type: object podIdentity: - description: AuthPodIdentity allows users to select the platform - native identity mechanism + description: |- + AuthPodIdentity allows users to select the platform native identity + mechanism properties: + identityAuthorityHost: + description: Set identityAuthorityHost to override the default + Azure authority host. If this is set, then the IdentityTenantID + must also be set + type: string identityId: type: string identityOwner: @@ -359,6 +393,11 @@ spec: - keda - workload type: string + identityTenantId: + description: Set identityTenantId to override the default + Azure tenant id. If this is set, then the IdentityID must + also be set + type: string provider: description: PodIdentityProvider contains the list of providers enum: @@ -462,9 +501,15 @@ spec: - secrets type: object podIdentity: - description: AuthPodIdentity allows users to select the platform native - identity mechanism + description: |- + AuthPodIdentity allows users to select the platform native identity + mechanism properties: + identityAuthorityHost: + description: Set identityAuthorityHost to override the default + Azure authority host. If this is set, then the IdentityTenantID + must also be set + type: string identityId: type: string identityOwner: @@ -475,6 +520,11 @@ spec: - keda - workload type: string + identityTenantId: + description: Set identityTenantId to override the default Azure + tenant id. If this is set, then the IdentityID must also be + set + type: string provider: description: PodIdentityProvider contains the list of providers enum: diff --git a/keda/templates/crds/crd-scaledjobs.yaml b/keda/templates/crds/crd-scaledjobs.yaml index 69b2ffbd..a962cac7 100644 --- a/keda/templates/crds/crd-scaledjobs.yaml +++ b/keda/templates/crds/crd-scaledjobs.yaml @@ -53,14 +53,19 @@ spec: description: ScaledJob is the Schema for the scaledjobs API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -76,169 +81,185 @@ spec: description: JobSpec describes how the job execution will look like. properties: activeDeadlineSeconds: - description: Specifies the duration in seconds relative to the - startTime that the job may be continuously active before the - system tries to terminate it; value must be positive integer. - If a Job is suspended (at creation or through an update), this - timer will effectively be stopped and reset when the Job is + description: |- + Specifies the duration in seconds relative to the startTime that the job + may be continuously active before the system tries to terminate it; value + must be positive integer. If a Job is suspended (at creation or through an + update), this timer will effectively be stopped and reset when the Job is resumed again. format: int64 type: integer backoffLimit: - description: Specifies the number of retries before marking this - job failed. Defaults to 6 + description: |- + Specifies the number of retries before marking this job failed. + Defaults to 6 format: int32 type: integer backoffLimitPerIndex: - description: Specifies the limit for the number of retries within - an index before marking this index as failed. When enabled the - number of failures per index is kept in the pod's batch.kubernetes.io/job-index-failure-count - annotation. It can only be set when Job's completionMode=Indexed, - and the Pod's restart policy is Never. The field is immutable. + description: |- + Specifies the limit for the number of retries within an + index before marking this index as failed. When enabled the number of + failures per index is kept in the pod's + batch.kubernetes.io/job-index-failure-count annotation. It can only + be set when Job's completionMode=Indexed, and the Pod's restart + policy is Never. The field is immutable. This field is alpha-level. It can be used when the `JobBackoffLimitPerIndex` feature gate is enabled (disabled by default). format: int32 type: integer completionMode: - description: "completionMode specifies how Pod completions are - tracked. It can be `NonIndexed` (default) or `Indexed`. \n `NonIndexed` - means that the Job is considered complete when there have been - .spec.completions successfully completed Pods. Each Pod completion - is homologous to each other. \n `Indexed` means that the Pods - of a Job get an associated completion index from 0 to (.spec.completions - - 1), available in the annotation batch.kubernetes.io/job-completion-index. - The Job is considered complete when there is one successfully - completed Pod for each index. When value is `Indexed`, .spec.completions - must be specified and `.spec.parallelism` must be less than - or equal to 10^5. In addition, The Pod name takes the form `$(job-name)-$(index)-$(random-string)`, - the Pod hostname takes the form `$(job-name)-$(index)`. \n More - completion modes can be added in the future. If the Job controller - observes a mode that it doesn't recognize, which is possible - during upgrades due to version skew, the controller skips updates - for the Job." + description: |- + completionMode specifies how Pod completions are tracked. It can be + `NonIndexed` (default) or `Indexed`. + + + `NonIndexed` means that the Job is considered complete when there have + been .spec.completions successfully completed Pods. Each Pod completion is + homologous to each other. + + + `Indexed` means that the Pods of a + Job get an associated completion index from 0 to (.spec.completions - 1), + available in the annotation batch.kubernetes.io/job-completion-index. + The Job is considered complete when there is one successfully completed Pod + for each index. + When value is `Indexed`, .spec.completions must be specified and + `.spec.parallelism` must be less than or equal to 10^5. + In addition, The Pod name takes the form + `$(job-name)-$(index)-$(random-string)`, + the Pod hostname takes the form `$(job-name)-$(index)`. + + + More completion modes can be added in the future. + If the Job controller observes a mode that it doesn't recognize, which + is possible during upgrades due to version skew, the controller + skips updates for the Job. type: string completions: - description: 'Specifies the desired number of successfully finished - pods the job should be run with. Setting to null means that - the success of any pod signals the success of all pods, and - allows parallelism to have any positive value. Setting to 1 - means that parallelism is limited to 1 and the success of that - pod signals the success of the job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/' + description: |- + Specifies the desired number of successfully finished pods the + job should be run with. Setting to null means that the success of any + pod signals the success of all pods, and allows parallelism to have any positive + value. Setting to 1 means that parallelism is limited to 1 and the success of that + pod signals the success of the job. + More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ format: int32 type: integer manualSelector: - description: 'manualSelector controls generation of pod labels - and pod selectors. Leave `manualSelector` unset unless you are - certain what you are doing. When false or unset, the system - pick labels unique to this job and appends those labels to the - pod template. When true, the user is responsible for picking - unique labels and specifying the selector. Failure to pick - a unique label may cause this and other jobs to not function - correctly. However, You may see `manualSelector=true` in jobs - that were created with the old `extensions/v1beta1` API. More - info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector' + description: |- + manualSelector controls generation of pod labels and pod selectors. + Leave `manualSelector` unset unless you are certain what you are doing. + When false or unset, the system pick labels unique to this job + and appends those labels to the pod template. When true, + the user is responsible for picking unique labels and specifying + the selector. Failure to pick a unique label may cause this + and other jobs to not function correctly. However, You may see + `manualSelector=true` in jobs that were created with the old `extensions/v1beta1` + API. + More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector type: boolean maxFailedIndexes: - description: Specifies the maximal number of failed indexes before - marking the Job as failed, when backoffLimitPerIndex is set. - Once the number of failed indexes exceeds this number the entire - Job is marked as Failed and its execution is terminated. When - left as null the job continues execution of all of its indexes - and is marked with the `Complete` Job condition. It can only - be specified when backoffLimitPerIndex is set. It can be null - or up to completions. It is required and must be less than or - equal to 10^4 when is completions greater than 10^5. This field - is alpha-level. It can be used when the `JobBackoffLimitPerIndex` + description: |- + Specifies the maximal number of failed indexes before marking the Job as + failed, when backoffLimitPerIndex is set. Once the number of failed + indexes exceeds this number the entire Job is marked as Failed and its + execution is terminated. When left as null the job continues execution of + all of its indexes and is marked with the `Complete` Job condition. + It can only be specified when backoffLimitPerIndex is set. + It can be null or up to completions. It is required and must be + less than or equal to 10^4 when is completions greater than 10^5. + This field is alpha-level. It can be used when the `JobBackoffLimitPerIndex` feature gate is enabled (disabled by default). format: int32 type: integer parallelism: - description: 'Specifies the maximum desired number of pods the - job should run at any given time. The actual number of pods - running in steady state will be less than this number when ((.spec.completions - - .status.successful) < .spec.parallelism), i.e. when the work - left to do is less than max parallelism. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/' + description: |- + Specifies the maximum desired number of pods the job should + run at any given time. The actual number of pods running in steady state will + be less than this number when ((.spec.completions - .status.successful) < .spec.parallelism), + i.e. when the work left to do is less than max parallelism. + More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ format: int32 type: integer podFailurePolicy: - description: "Specifies the policy of handling failed pods. In - particular, it allows to specify the set of actions and conditions - which need to be satisfied to take the associated action. If - empty, the default behaviour applies - the counter of failed - pods, represented by the jobs's .status.failed field, is incremented - and it is checked against the backoffLimit. This field cannot - be used in combination with restartPolicy=OnFailure. \n This - field is beta-level. It can be used when the `JobPodFailurePolicy` - feature gate is enabled (enabled by default)." + description: |- + Specifies the policy of handling failed pods. In particular, it allows to + specify the set of actions and conditions which need to be + satisfied to take the associated action. + If empty, the default behaviour applies - the counter of failed pods, + represented by the jobs's .status.failed field, is incremented and it is + checked against the backoffLimit. This field cannot be used in combination + with restartPolicy=OnFailure. + + + This field is beta-level. It can be used when the `JobPodFailurePolicy` + feature gate is enabled (enabled by default). properties: rules: - description: A list of pod failure policy rules. The rules - are evaluated in order. Once a rule matches a Pod failure, - the remaining of the rules are ignored. When no rule matches - the Pod failure, the default handling applies - the counter - of pod failures is incremented and it is checked against + description: |- + A list of pod failure policy rules. The rules are evaluated in order. + Once a rule matches a Pod failure, the remaining of the rules are ignored. + When no rule matches the Pod failure, the default handling applies - the + counter of pod failures is incremented and it is checked against the backoffLimit. At most 20 elements are allowed. items: - description: PodFailurePolicyRule describes how a pod failure - is handled when the requirements are met. One of onExitCodes - and onPodConditions, but not both, can be used in each - rule. + description: |- + PodFailurePolicyRule describes how a pod failure is handled when the requirements are met. + One of onExitCodes and onPodConditions, but not both, can be used in each rule. properties: action: - description: "Specifies the action taken on a pod failure - when the requirements are satisfied. Possible values - are: \n - FailJob: indicates that the pod's job is - marked as Failed and all running pods are terminated. - - FailIndex: indicates that the pod's index is marked - as Failed and will not be restarted. This value is - alpha-level. It can be used when the `JobBackoffLimitPerIndex` - feature gate is enabled (disabled by default). - Ignore: - indicates that the counter towards the .backoffLimit - is not incremented and a replacement pod is created. - - Count: indicates that the pod is handled in the - default way - the counter towards the .backoffLimit - is incremented. Additional values are considered to - be added in the future. Clients should react to an - unknown action by skipping the rule." + description: |- + Specifies the action taken on a pod failure when the requirements are satisfied. + Possible values are: + + + - FailJob: indicates that the pod's job is marked as Failed and all + running pods are terminated. + - FailIndex: indicates that the pod's index is marked as Failed and will + not be restarted. + This value is alpha-level. It can be used when the + `JobBackoffLimitPerIndex` feature gate is enabled (disabled by default). + - Ignore: indicates that the counter towards the .backoffLimit is not + incremented and a replacement pod is created. + - Count: indicates that the pod is handled in the default way - the + counter towards the .backoffLimit is incremented. + Additional values are considered to be added in the future. Clients should + react to an unknown action by skipping the rule. type: string onExitCodes: description: Represents the requirement on the container exit codes. properties: containerName: - description: Restricts the check for exit codes - to the container with the specified name. When - null, the rule applies to all containers. When - specified, it should match one the container or - initContainer names in the pod template. + description: |- + Restricts the check for exit codes to the container with the + specified name. When null, the rule applies to all containers. + When specified, it should match one the container or initContainer + names in the pod template. type: string operator: - description: "Represents the relationship between - the container exit code(s) and the specified values. - Containers completed with success (exit code 0) - are excluded from the requirement check. Possible - values are: \n - In: the requirement is satisfied - if at least one container exit code (might be - multiple if there are multiple containers not - restricted by the 'containerName' field) is in - the set of specified values. - NotIn: the requirement - is satisfied if at least one container exit code - (might be multiple if there are multiple containers - not restricted by the 'containerName' field) is - not in the set of specified values. Additional - values are considered to be added in the future. - Clients should react to an unknown operator by - assuming the requirement is not satisfied." + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Containers completed with success (exit code 0) are + excluded from the requirement check. Possible values are: + + + - In: the requirement is satisfied if at least one container exit code + (might be multiple if there are multiple containers not restricted + by the 'containerName' field) is in the set of specified values. + - NotIn: the requirement is satisfied if at least one container exit code + (might be multiple if there are multiple containers not restricted + by the 'containerName' field) is not in the set of specified values. + Additional values are considered to be added in the future. Clients should + react to an unknown operator by assuming the requirement is not satisfied. type: string values: - description: Specifies the set of values. Each returned - container exit code (might be multiple in case - of multiple containers) is checked against this - set of values with respect to the operator. The - list of values must be ordered and must not contain - duplicates. Value '0' cannot be used for the In - operator. At least one element is required. At - most 255 elements are allowed. + description: |- + Specifies the set of values. Each returned container exit code (might be + multiple in case of multiple containers) is checked against this set of + values with respect to the operator. The list of values must be ordered + and must not contain duplicates. Value '0' cannot be used for the In operator. + At least one element is required. At most 255 elements are allowed. items: format: int32 type: integer @@ -249,27 +270,25 @@ spec: - values type: object onPodConditions: - description: Represents the requirement on the pod conditions. - The requirement is represented as a list of pod condition - patterns. The requirement is satisfied if at least - one pattern matches an actual pod condition. At most - 20 elements are allowed. + description: |- + Represents the requirement on the pod conditions. The requirement is represented + as a list of pod condition patterns. The requirement is satisfied if at + least one pattern matches an actual pod condition. At most 20 elements are allowed. items: - description: PodFailurePolicyOnPodConditionsPattern - describes a pattern for matching an actual pod condition - type. + description: |- + PodFailurePolicyOnPodConditionsPattern describes a pattern for matching + an actual pod condition type. properties: status: - description: Specifies the required Pod condition - status. To match a pod condition it is required - that the specified status equals the pod condition - status. Defaults to True. + description: |- + Specifies the required Pod condition status. To match a pod condition + it is required that the specified status equals the pod condition status. + Defaults to True. type: string type: - description: Specifies the required Pod condition - type. To match a pod condition it is required - that specified type equals the pod condition - type. + description: |- + Specifies the required Pod condition type. To match a pod condition + it is required that specified type equals the pod condition type. type: string required: - status @@ -286,45 +305,48 @@ spec: - rules type: object podReplacementPolicy: - description: "podReplacementPolicy specifies when to create replacement - Pods. Possible values are: - TerminatingOrFailed means that - we recreate pods when they are terminating (has a metadata.deletionTimestamp) - or failed. - Failed means to wait until a previously created - Pod is fully terminated (has phase Failed or Succeeded) before - creating a replacement Pod. \n When using podFailurePolicy, - Failed is the the only allowed value. TerminatingOrFailed and - Failed are allowed values when podFailurePolicy is not in use. - This is an alpha field. Enable JobPodReplacementPolicy to be - able to use this field." + description: |- + podReplacementPolicy specifies when to create replacement Pods. + Possible values are: + - TerminatingOrFailed means that we recreate pods + when they are terminating (has a metadata.deletionTimestamp) or failed. + - Failed means to wait until a previously created Pod is fully terminated (has phase + Failed or Succeeded) before creating a replacement Pod. + + + When using podFailurePolicy, Failed is the the only allowed value. + TerminatingOrFailed and Failed are allowed values when podFailurePolicy is not in use. + This is an alpha field. Enable JobPodReplacementPolicy to be able to use this field. type: string selector: - description: 'A label query over pods that should match the pod - count. Normally, the system sets this field for you. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' + description: |- + A label query over pods that should match the pod count. + Normally, the system sets this field for you. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If - the operator is In or NotIn, the values array must - be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced - during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -336,43 +358,44 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A - single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only - "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic suspend: - description: suspend specifies whether the Job controller should - create Pods or not. If a Job is created with suspend set to - true, no Pods are created by the Job controller. If a Job is - suspended after creation (i.e. the flag goes from false to true), - the Job controller will delete all active Pods associated with - this Job. Users must design their workload to gracefully handle - this. Suspending a Job will reset the StartTime field of the - Job, effectively resetting the ActiveDeadlineSeconds timer too. - Defaults to false. + description: |- + suspend specifies whether the Job controller should create Pods or not. If + a Job is created with suspend set to true, no Pods are created by the Job + controller. If a Job is suspended after creation (i.e. the flag goes from + false to true), the Job controller will delete all active Pods associated + with this Job. Users must design their workload to gracefully handle this. + Suspending a Job will reset the StartTime field of the Job, effectively + resetting the ActiveDeadlineSeconds timer too. Defaults to false. type: boolean template: - description: 'Describes the pod that will be created when executing - a job. The only allowed template.spec.restartPolicy values are - "Never" or "OnFailure". More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/' + description: |- + Describes the pod that will be created when executing a job. + The only allowed template.spec.restartPolicy values are "Never" or "OnFailure". + More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata type: object - x-kubernetes-preserve-unknown-fields: true spec: - description: 'Specification of the desired behavior of the - pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + description: |- + Specification of the desired behavior of the pod. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: activeDeadlineSeconds: - description: Optional duration in seconds the pod may - be active on the node relative to StartTime before the - system will actively try to mark it failed and kill - associated containers. Value must be a positive integer. + description: |- + Optional duration in seconds the pod may be active on the node relative to + StartTime before the system will actively try to mark it failed and kill associated containers. + Value must be a positive integer. format: int64 type: integer affinity: @@ -383,24 +406,20 @@ spec: for the pod. properties: preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule - pods to nodes that satisfy the affinity expressions - specified by this field, but it may choose a - node that violates one or more of the expressions. - The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node - that meets all of the scheduling requirements - (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by - iterating through the elements of this field - and adding "weight" to the sum if the node matches - the corresponding matchExpressions; the node(s) - with the highest sum are the most preferred. + description: |- + The scheduler will prefer to schedule pods to nodes that satisfy + the affinity expressions specified by this field, but it may choose + a node that violates one or more of the expressions. The node that is + most preferred is the one with the greatest sum of weights, i.e. + for each node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, etc.), + compute a sum by iterating through the elements of this field and adding + "weight" to the sum if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. items: - description: An empty preferred scheduling term - matches all objects with implicit weight 0 - (i.e. it's a no-op). A null preferred scheduling - term matches no objects (i.e. is also a no-op). + description: |- + An empty preferred scheduling term matches all objects with implicit weight 0 + (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). properties: preference: description: A node selector term, associated @@ -410,35 +429,26 @@ spec: description: A list of node selector requirements by node's labels. items: - description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. properties: key: description: The label key that the selector applies to. type: string operator: - description: Represents a key's - relationship to a set of values. - Valid operators are In, NotIn, - Exists, DoesNotExist. Gt, and - Lt. + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. type: string values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - If the operator is Gt or Lt, - the values array must have a - single element, which will be - interpreted as an integer. This - array is replaced during a strategic - merge patch. + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. items: type: string type: array @@ -451,35 +461,26 @@ spec: description: A list of node selector requirements by node's fields. items: - description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. properties: key: description: The label key that the selector applies to. type: string operator: - description: Represents a key's - relationship to a set of values. - Valid operators are In, NotIn, - Exists, DoesNotExist. Gt, and - Lt. + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. type: string values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - If the operator is Gt or Lt, - the values array must have a - single element, which will be - interpreted as an integer. This - array is replaced during a strategic - merge patch. + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. items: type: string type: array @@ -502,57 +503,46 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified - by this field are not met at scheduling time, - the pod will not be scheduled onto the node. - If the affinity requirements specified by this - field cease to be met at some point during pod - execution (e.g. due to an update), the system - may or may not try to eventually evict the pod - from its node. + description: |- + If the affinity requirements specified by this field are not met at + scheduling time, the pod will not be scheduled onto the node. + If the affinity requirements specified by this field cease to be met + at some point during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from its node. properties: nodeSelectorTerms: description: Required. A list of node selector terms. The terms are ORed. items: - description: A null or empty node selector - term matches no objects. The requirements - of them are ANDed. The TopologySelectorTerm - type implements a subset of the NodeSelectorTerm. + description: |- + A null or empty node selector term matches no objects. The requirements of + them are ANDed. + The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. properties: matchExpressions: description: A list of node selector requirements by node's labels. items: - description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. properties: key: description: The label key that the selector applies to. type: string operator: - description: Represents a key's - relationship to a set of values. - Valid operators are In, NotIn, - Exists, DoesNotExist. Gt, and - Lt. + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. type: string values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - If the operator is Gt or Lt, - the values array must have a - single element, which will be - interpreted as an integer. This - array is replaced during a strategic - merge patch. + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. items: type: string type: array @@ -565,35 +555,26 @@ spec: description: A list of node selector requirements by node's fields. items: - description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. properties: key: description: The label key that the selector applies to. type: string operator: - description: Represents a key's - relationship to a set of values. - Valid operators are In, NotIn, - Exists, DoesNotExist. Gt, and - Lt. + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. type: string values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - If the operator is Gt or Lt, - the values array must have a - single element, which will be - interpreted as an integer. This - array is replaced during a strategic - merge patch. + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. items: type: string type: array @@ -616,20 +597,16 @@ spec: etc. as some other pod(s)). properties: preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule - pods to nodes that satisfy the affinity expressions - specified by this field, but it may choose a - node that violates one or more of the expressions. - The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node - that meets all of the scheduling requirements - (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by - iterating through the elements of this field - and adding "weight" to the sum if the node has - pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most - preferred. + description: |- + The scheduler will prefer to schedule pods to nodes that satisfy + the affinity expressions specified by this field, but it may choose + a node that violates one or more of the expressions. The node that is + most preferred is the one with the greatest sum of weights, i.e. + for each node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, etc.), + compute a sum by iterating through the elements of this field and adding + "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node @@ -648,11 +625,9 @@ spec: a list of label selector requirements. The requirements are ANDed. items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates the - key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label @@ -660,23 +635,16 @@ spec: to. type: string operator: - description: operator represents - a key's relationship to - a set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an - array of string values. - If the operator is In or - NotIn, the values array - must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be - empty. This array is replaced - during a strategic merge - patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -688,39 +656,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single - {key,value} in the matchLabels - map is equivalent to an element - of matchExpressions, whose key - field is "key", the operator is - "In", and the values array contains - only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaceSelector: - description: A label query over the - set of namespaces that the term applies - to. The term is applied to the union - of the namespaces selected by this - field and the ones listed in the namespaces - field. null selector and null or empty - namespaces list means "this pod's - namespace". An empty selector ({}) - matches all namespaces. + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates the - key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label @@ -728,23 +686,16 @@ spec: to. type: string operator: - description: operator represents - a key's relationship to - a set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an - array of string values. - If the operator is In or - NotIn, the values array - must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be - empty. This array is replaced - during a strategic merge - patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -756,49 +707,37 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single - {key,value} in the matchLabels - map is equivalent to an element - of matchExpressions, whose key - field is "key", the operator is - "In", and the values array contains - only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a - static list of namespace names that - the term applies to. The term is applied - to the union of the namespaces listed - in this field and the ones selected - by namespaceSelector. null or empty - namespaces list and null namespaceSelector - means "this pod's namespace". + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". items: type: string type: array topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where - co-located is defined as running on - a node whose value of the label with - key topologyKey matches that of any - node on which any of the selected - pods is running. Empty topologyKey - is not allowed. + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. type: string required: - topologyKey type: object weight: - description: weight associated with matching - the corresponding podAffinityTerm, in - the range 1-100. + description: |- + weight associated with matching the corresponding podAffinityTerm, + in the range 1-100. format: int32 type: integer required: @@ -807,26 +746,22 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified - by this field are not met at scheduling time, - the pod will not be scheduled onto the node. - If the affinity requirements specified by this - field cease to be met at some point during pod - execution (e.g. due to a pod label update), - the system may or may not try to eventually - evict the pod from its node. When there are - multiple elements, the lists of nodes corresponding - to each podAffinityTerm are intersected, i.e. - all terms must be satisfied. + description: |- + If the affinity requirements specified by this field are not met at + scheduling time, the pod will not be scheduled onto the node. + If the affinity requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod label update), the + system may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding to each + podAffinityTerm are intersected, i.e. all terms must be satisfied. items: - description: Defines a set of pods (namely those - matching the labelSelector relative to the - given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) - with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on - which a pod of the set of pods is running + description: |- + Defines a set of pods (namely those matching the labelSelector + relative to the given namespace(s)) that this pod should be + co-located (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node whose value of + the label with key matches that of any node on which + a pod of the set of pods is running properties: labelSelector: description: A label query over a set of @@ -837,10 +772,9 @@ spec: of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label @@ -848,20 +782,16 @@ spec: to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - This array is replaced during - a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -873,36 +803,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of - {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaceSelector: - description: A label query over the set - of namespaces that the term applies to. - The term is applied to the union of the - namespaces selected by this field and - the ones listed in the namespaces field. - null selector and null or empty namespaces - list means "this pod's namespace". An - empty selector ({}) matches all namespaces. + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label @@ -910,20 +833,16 @@ spec: to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - This array is replaced during - a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -935,38 +854,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of - {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static - list of namespace names that the term - applies to. The term is applied to the - union of the namespaces listed in this - field and the ones selected by namespaceSelector. - null or empty namespaces list and null - namespaceSelector means "this pod's namespace". + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". items: type: string type: array topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where co-located - is defined as running on a node whose - value of the label with key topologyKey - matches that of any node on which any - of the selected pods is running. Empty - topologyKey is not allowed. + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. type: string required: - topologyKey @@ -979,20 +889,16 @@ spec: zone, etc. as some other pod(s)). properties: preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule - pods to nodes that satisfy the anti-affinity - expressions specified by this field, but it - may choose a node that violates one or more - of the expressions. The node that is most preferred - is the one with the greatest sum of weights, - i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - anti-affinity expressions, etc.), compute a - sum by iterating through the elements of this - field and adding "weight" to the sum if the - node has pods which matches the corresponding - podAffinityTerm; the node(s) with the highest - sum are the most preferred. + description: |- + The scheduler will prefer to schedule pods to nodes that satisfy + the anti-affinity expressions specified by this field, but it may choose + a node that violates one or more of the expressions. The node that is + most preferred is the one with the greatest sum of weights, i.e. + for each node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field and adding + "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node @@ -1011,11 +917,9 @@ spec: a list of label selector requirements. The requirements are ANDed. items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates the - key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label @@ -1023,23 +927,16 @@ spec: to. type: string operator: - description: operator represents - a key's relationship to - a set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an - array of string values. - If the operator is In or - NotIn, the values array - must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be - empty. This array is replaced - during a strategic merge - patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -1051,39 +948,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single - {key,value} in the matchLabels - map is equivalent to an element - of matchExpressions, whose key - field is "key", the operator is - "In", and the values array contains - only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaceSelector: - description: A label query over the - set of namespaces that the term applies - to. The term is applied to the union - of the namespaces selected by this - field and the ones listed in the namespaces - field. null selector and null or empty - namespaces list means "this pod's - namespace". An empty selector ({}) - matches all namespaces. + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates the - key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label @@ -1091,23 +978,16 @@ spec: to. type: string operator: - description: operator represents - a key's relationship to - a set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an - array of string values. - If the operator is In or - NotIn, the values array - must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be - empty. This array is replaced - during a strategic merge - patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -1119,49 +999,37 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single - {key,value} in the matchLabels - map is equivalent to an element - of matchExpressions, whose key - field is "key", the operator is - "In", and the values array contains - only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a - static list of namespace names that - the term applies to. The term is applied - to the union of the namespaces listed - in this field and the ones selected - by namespaceSelector. null or empty - namespaces list and null namespaceSelector - means "this pod's namespace". + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". items: type: string type: array topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where - co-located is defined as running on - a node whose value of the label with - key topologyKey matches that of any - node on which any of the selected - pods is running. Empty topologyKey - is not allowed. + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. type: string required: - topologyKey type: object weight: - description: weight associated with matching - the corresponding podAffinityTerm, in - the range 1-100. + description: |- + weight associated with matching the corresponding podAffinityTerm, + in the range 1-100. format: int32 type: integer required: @@ -1170,26 +1038,22 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements - specified by this field are not met at scheduling - time, the pod will not be scheduled onto the - node. If the anti-affinity requirements specified - by this field cease to be met at some point - during pod execution (e.g. due to a pod label - update), the system may or may not try to eventually - evict the pod from its node. When there are - multiple elements, the lists of nodes corresponding - to each podAffinityTerm are intersected, i.e. - all terms must be satisfied. + description: |- + If the anti-affinity requirements specified by this field are not met at + scheduling time, the pod will not be scheduled onto the node. + If the anti-affinity requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod label update), the + system may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding to each + podAffinityTerm are intersected, i.e. all terms must be satisfied. items: - description: Defines a set of pods (namely those - matching the labelSelector relative to the - given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) - with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on - which a pod of the set of pods is running + description: |- + Defines a set of pods (namely those matching the labelSelector + relative to the given namespace(s)) that this pod should be + co-located (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node whose value of + the label with key matches that of any node on which + a pod of the set of pods is running properties: labelSelector: description: A label query over a set of @@ -1200,10 +1064,9 @@ spec: of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label @@ -1211,20 +1074,16 @@ spec: to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - This array is replaced during - a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -1236,36 +1095,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of - {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaceSelector: - description: A label query over the set - of namespaces that the term applies to. - The term is applied to the union of the - namespaces selected by this field and - the ones listed in the namespaces field. - null selector and null or empty namespaces - list means "this pod's namespace". An - empty selector ({}) matches all namespaces. + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label @@ -1273,20 +1125,16 @@ spec: to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - This array is replaced during - a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -1298,38 +1146,29 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of - {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static - list of namespace names that the term - applies to. The term is applied to the - union of the namespaces listed in this - field and the ones selected by namespaceSelector. - null or empty namespaces list and null - namespaceSelector means "this pod's namespace". + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". items: type: string type: array topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where co-located - is defined as running on a node whose - value of the label with key topologyKey - matches that of any node on which any - of the selected pods is running. Empty - topologyKey is not allowed. + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. type: string required: - topologyKey @@ -1342,47 +1181,45 @@ spec: a service account token should be automatically mounted. type: boolean containers: - description: List of containers belonging to the pod. - Containers cannot currently be added or removed. There - must be at least one container in a Pod. Cannot be updated. + description: |- + List of containers belonging to the pod. + Containers cannot currently be added or removed. + There must be at least one container in a Pod. + Cannot be updated. items: description: A single application container that you want to run within a pod. properties: args: - description: 'Arguments to the entrypoint. The container - image''s CMD is used if this is not provided. - Variable references $(VAR_NAME) are expanded using - the container''s environment. If a variable cannot - be resolved, the reference in the input string - will be unchanged. Double $$ are reduced to a - single $, which allows for escaping the $(VAR_NAME) - syntax: i.e. "$$(VAR_NAME)" will produce the string - literal "$(VAR_NAME)". Escaped references will - never be expanded, regardless of whether the variable - exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: |- + Arguments to the entrypoint. + The container image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell items: type: string type: array command: - description: 'Entrypoint array. Not executed within - a shell. The container image''s ENTRYPOINT is - used if this is not provided. Variable references - $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, - the reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless - of whether the variable exists or not. Cannot - be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: |- + Entrypoint array. Not executed within a shell. + The container image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell items: type: string type: array env: - description: List of environment variables to set - in the container. Cannot be updated. + description: |- + List of environment variables to set in the container. + Cannot be updated. items: description: EnvVar represents an environment variable present in a Container. @@ -1392,18 +1229,16 @@ spec: Must be a C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in the container and - any service environment variables. If a - variable cannot be resolved, the reference - in the input string will be unchanged. Double - $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal - "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable - exists or not. Defaults to "".' + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: description: Source for the environment variable's @@ -1416,10 +1251,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. + description: |- + Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -1430,11 +1265,9 @@ spec: type: object x-kubernetes-map-type: atomic fieldRef: - description: 'Selects a field of the pod: - supports metadata.name, metadata.namespace, - `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, - status.hostIP, status.podIP, status.podIPs.' + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: description: Version of the schema @@ -1450,12 +1283,9 @@ spec: type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and - requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: description: 'Container name: required @@ -1488,10 +1318,10 @@ spec: secret key. type: string name: - description: 'Name of the referent. + description: |- + Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -1507,15 +1337,13 @@ spec: type: object type: array envFrom: - description: List of sources to populate environment - variables in the container. The keys defined within - a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container - is starting. When a key exists in multiple sources, - the value associated with the last source will - take precedence. Values defined by an Env with - a duplicate key will take precedence. Cannot be - updated. + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. items: description: EnvFromSource represents the source of a set of ConfigMaps @@ -1524,10 +1352,10 @@ spec: description: The ConfigMap to select from properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -1544,10 +1372,10 @@ spec: description: The Secret to select from properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -1558,46 +1386,43 @@ spec: type: object type: array image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config - management to default or override container images - in workload controllers like Deployments and StatefulSets.' + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. type: string imagePullPolicy: - description: 'Image pull policy. One of Always, - Never, IfNotPresent. Defaults to Always if :latest - tag is specified, or IfNotPresent otherwise. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images type: string lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. Cannot be updated. + description: |- + Actions that the management system should take in response to container lifecycle events. + Cannot be updated. properties: postStart: - description: 'PostStart is called immediately - after a container is created. If the handler - fails, the container is terminated and restarted - according to its restart policy. Other management - of the container blocks until the hook completes. - More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command - line to execute inside the container, - the working directory for the command is - root ('/') in the container's filesystem. - The command is simply exec'd, it is - not run inside a shell, so traditional - shell instructions ('|', etc) won't - work. To use a shell, you need to - explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array @@ -1607,10 +1432,9 @@ spec: request to perform. properties: host: - description: Host name to connect to, - defaults to the pod IP. You probably - want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in @@ -1622,11 +1446,9 @@ spec: probes properties: name: - description: The header field - name. This will be canonicalized - upon output, so case-variant - names will be understood as - the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field @@ -1645,25 +1467,24 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object tcpSocket: - description: Deprecated. TCPSocket is NOT - supported as a LifecycleHandler and kept - for the backward compatibility. There - are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler - is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to @@ -1673,47 +1494,38 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object type: object preStop: - description: 'PreStop is called immediately - before a container is terminated due to an - API request or management event such as liveness/startup - probe failure, preemption, resource contention, - etc. The handler is not called if the container - crashes or exits. The Pod''s termination grace - period countdown begins before the PreStop - hook is executed. Regardless of the outcome - of the handler, the container will eventually - terminate within the Pod''s termination grace - period (unless delayed by finalizers). Other - management of the container blocks until the - hook completes or until the termination grace - period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command - line to execute inside the container, - the working directory for the command is - root ('/') in the container's filesystem. - The command is simply exec'd, it is - not run inside a shell, so traditional - shell instructions ('|', etc) won't - work. To use a shell, you need to - explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array @@ -1723,10 +1535,9 @@ spec: request to perform. properties: host: - description: Host name to connect to, - defaults to the pod IP. You probably - want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in @@ -1738,11 +1549,9 @@ spec: probes properties: name: - description: The header field - name. This will be canonicalized - upon output, so case-variant - names will be understood as - the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field @@ -1761,25 +1570,24 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object tcpSocket: - description: Deprecated. TCPSocket is NOT - supported as a LifecycleHandler and kept - for the backward compatibility. There - are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler - is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to @@ -1789,10 +1597,10 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port @@ -1800,33 +1608,30 @@ spec: type: object type: object livenessProbe: - description: 'Periodic probe of container liveness. + description: |- + Periodic probe of container liveness. Container will be restarted if the probe fails. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line - to execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside - a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, - you need to explicitly call out to that - shell. Exit status of 0 is treated as - live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. Defaults to 3. Minimum value is - 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -1839,11 +1644,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the - service to place in the gRPC HealthCheckRequest + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -1853,8 +1659,8 @@ spec: to perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. type: string httpHeaders: @@ -1865,10 +1671,9 @@ spec: header to be used in HTTP probes properties: name: - description: The header field name. - This will be canonicalized upon - output, so case-variant names will - be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -1886,35 +1691,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. Defaults to 1. Must be 1 for - liveness and startup. Minimum value is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -1929,63 +1734,59 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. The grace period is the duration - in seconds after the processes running in - the pod are sent a termination signal and - the time when the processes are forcibly halted - with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value zero - indicates stop immediately via the kill signal - (no opportunity to shut down). This is a beta - field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object name: - description: Name of the container specified as - a DNS_LABEL. Each container in a pod must have - a unique name (DNS_LABEL). Cannot be updated. + description: |- + Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. type: string ports: - description: List of ports to expose from the container. - Not specifying a port here DOES NOT prevent that - port from being exposed. Any port which is listening - on the default "0.0.0.0" address inside a container - will be accessible from the network. Modifying - this array with strategic merge patch may corrupt - the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + description: |- + List of ports to expose from the container. Not specifying a port here + DOES NOT prevent that port from being exposed. Any port which is + listening on the default "0.0.0.0" address inside a container will be + accessible from the network. + Modifying this array with strategic merge patch may corrupt the data. + For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. items: description: ContainerPort represents a network port in a single container. properties: containerPort: - description: Number of port to expose on the - pod's IP address. This must be a valid port - number, 0 < x < 65536. + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. format: int32 type: integer hostIP: @@ -1993,28 +1794,27 @@ spec: port to. type: string hostPort: - description: Number of port to expose on the - host. If specified, this must be a valid - port number, 0 < x < 65536. If HostNetwork - is specified, this must match ContainerPort. + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. format: int32 type: integer name: - description: If specified, this must be an - IANA_SVC_NAME and unique within the pod. - Each named port in a pod must have a unique - name. Name for the port that can be referred - to by services. + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. type: string protocol: default: TCP - description: Protocol for port. Must be UDP, - TCP, or SCTP. Defaults to "TCP". + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". type: string required: - containerPort - - protocol type: object type: array x-kubernetes-list-map-keys: @@ -2022,34 +1822,30 @@ spec: - protocol x-kubernetes-list-type: map readinessProbe: - description: 'Periodic probe of container service - readiness. Container will be removed from service - endpoints if the probe fails. Cannot be updated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line - to execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside - a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, - you need to explicitly call out to that - shell. Exit status of 0 is treated as - live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. Defaults to 3. Minimum value is - 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -2062,11 +1858,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the - service to place in the gRPC HealthCheckRequest + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -2076,8 +1873,8 @@ spec: to perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. type: string httpHeaders: @@ -2088,10 +1885,9 @@ spec: header to be used in HTTP probes properties: name: - description: The header field name. - This will be canonicalized upon - output, so case-variant names will - be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -2109,35 +1905,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. Defaults to 1. Must be 1 for - liveness and startup. Minimum value is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -2152,38 +1948,33 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. The grace period is the duration - in seconds after the processes running in - the pod are sent a termination signal and - the time when the processes are forcibly halted - with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value zero - indicates stop immediately via the kill signal - (no opportunity to shut down). This is a beta - field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object @@ -2194,14 +1985,14 @@ spec: resource resize policy for the container. properties: resourceName: - description: 'Name of the resource to which - this resource resize policy applies. Supported - values: cpu, memory.' + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. type: string restartPolicy: - description: Restart policy to apply when - specified resource is resized. If not specified, - it defaults to NotRequired. + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. type: string required: - resourceName @@ -2210,26 +2001,31 @@ spec: type: array x-kubernetes-list-type: atomic resources: - description: 'Compute Resources required by this - container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Compute Resources required by this container. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used - by this container. \n This is an alpha field - and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. - It can only be set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name - of one entry in pod.spec.resourceClaims - of the Pod where this field is used. - It makes that resource available inside - a container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -2245,8 +2041,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -2255,61 +2052,52 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. If Requests - is omitted for a container, it defaults to - Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests - cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object restartPolicy: - description: 'RestartPolicy defines the restart - behavior of individual containers in a pod. This - field may only be set for init containers, and - the only allowed value is "Always". For non-init - containers or when this field is not specified, - the restart behavior is defined by the Pod''s - restart policy and the container type. Setting - the RestartPolicy as "Always" for the init container - will have the following effect: this init container - will be continually restarted on exit until all - regular containers have terminated. Once all regular - containers have completed, all init containers - with restartPolicy "Always" will be shut down. - This lifecycle differs from normal init containers - and is often referred to as a "sidecar" container. - Although this init container still starts in the - init container sequence, it does not wait for - the container to complete before proceeding to - the next init container. Instead, the next init - container starts immediately after this init container - is started, or after any startupProbe has successfully - completed.' + description: |- + RestartPolicy defines the restart behavior of individual containers in a pod. + This field may only be set for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod's restart policy and the container type. + Setting the RestartPolicy as "Always" for the init container will have the following effect: + this init container will be continually restarted on + exit until all regular containers have terminated. Once all regular + containers have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init containers and + is often referred to as a "sidecar" container. Although this init + container still starts in the init container sequence, it does not wait + for the container to complete before proceeding to the next init + container. Instead, the next init container starts immediately after this + init container is started, or after any startupProbe has successfully + completed. type: string securityContext: - description: 'SecurityContext defines the security - options the container should be run with. If set, - the fields of SecurityContext override the equivalent - fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + description: |- + SecurityContext defines the security options the container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ properties: allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process. This bool directly - controls if the no_new_privs flag will be - set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run - as Privileged 2) has CAP_SYS_ADMIN Note that - this field cannot be set when spec.os.name - is windows.' + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. type: boolean capabilities: - description: The capabilities to add/drop when - running containers. Defaults to the default - set of capabilities granted by the container - runtime. Note that this field cannot be set - when spec.os.name is windows. + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. properties: add: description: Added capabilities @@ -2327,69 +2115,60 @@ spec: type: array type: object privileged: - description: Run container in privileged mode. - Processes in privileged containers are essentially - equivalent to root on the host. Defaults to - false. Note that this field cannot be set - when spec.os.name is windows. + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. type: boolean procMount: - description: procMount denotes the type of proc - mount to use for the containers. The default - is DefaultProcMount which uses the container - runtime defaults for readonly paths and masked - paths. This requires the ProcMountType feature - flag to be enabled. Note that this field cannot - be set when spec.os.name is windows. + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. type: string readOnlyRootFilesystem: - description: Whether this container has a read-only - root filesystem. Default is false. Note that - this field cannot be set when spec.os.name - is windows. + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. type: boolean runAsGroup: - description: The GID to run the entrypoint of - the container process. Uses runtime default - if unset. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. Note that this field cannot be - set when spec.os.name is windows. + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer runAsNonRoot: - description: Indicates that the container must - run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure - that it does not run as UID 0 (root) and fail - to start the container if it does. If unset - or false, no such validation will be performed. - May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: boolean runAsUser: - description: The UID to run the entrypoint of - the container process. Defaults to user specified - in image metadata if unspecified. May also - be set in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name - is windows. + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer seLinuxOptions: - description: The SELinux context to be applied - to the container. If unspecified, the container - runtime will allocate a random SELinux context - for each container. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. Note that this field cannot be - set when spec.os.name is windows. + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. properties: level: description: Level is SELinux level label @@ -2409,112 +2188,93 @@ spec: type: string type: object seccompProfile: - description: The seccomp options to use by this - container. If seccomp options are provided - at both the pod & container level, the container - options override the pod options. Note that - this field cannot be set when spec.os.name - is windows. + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. properties: localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the node - should be used. The profile must be preconfigured - on the node to work. Must be a descending - path, relative to the kubelet's configured - seccomp profile location. Must be set - if type is "Localhost". Must NOT be set - for any other type. + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: - description: "type indicates which kind - of seccomp profile will be applied. Valid - options are: \n Localhost - a profile - defined in a file on the node should be - used. RuntimeDefault - the container runtime - default profile should be used. Unconfined - - no profile should be applied." + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. type: string required: - type type: object windowsOptions: - description: The Windows specific settings applied - to all containers. If unspecified, the options - from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. Note that this field cannot be - set when spec.os.name is linux. + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. properties: gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential - spec named by the GMSACredentialSpecName - field. + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name of the GMSA credential spec to use. type: string hostProcess: - description: HostProcess determines if a - container should be run as a 'Host Process' - container. All of a Pod's containers must - have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess - containers and non-HostProcess containers). - In addition, if HostProcess is true then - HostNetwork must also be set to true. + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. type: boolean runAsUserName: - description: The UserName in Windows to - run the entrypoint of the container process. - Defaults to the user specified in image - metadata if unspecified. May also be set - in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, - the value specified in SecurityContext - takes precedence. + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: string type: object type: object startupProbe: - description: 'StartupProbe indicates that the Pod - has successfully initialized. If specified, no - other probes are executed until this completes - successfully. If this probe fails, the Pod will - be restarted, just as if the livenessProbe failed. - This can be used to provide different probe parameters - at the beginning of a Pod''s lifecycle, when it - might take a long time to load data or warm a - cache, than during steady-state operation. This - cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + StartupProbe indicates that the Pod has successfully initialized. + If specified, no other probes are executed until this completes successfully. + If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + when it might take a long time to load data or warm a cache, than during steady-state operation. + This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line - to execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside - a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, - you need to explicitly call out to that - shell. Exit status of 0 is treated as - live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. Defaults to 3. Minimum value is - 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -2527,11 +2287,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the - service to place in the gRPC HealthCheckRequest + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -2541,8 +2302,8 @@ spec: to perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. type: string httpHeaders: @@ -2553,10 +2314,9 @@ spec: header to be used in HTTP probes properties: name: - description: The header field name. - This will be canonicalized upon - output, so case-variant names will - be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -2574,35 +2334,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. Defaults to 1. Must be 1 for - liveness and startup. Minimum value is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -2617,87 +2377,76 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. The grace period is the duration - in seconds after the processes running in - the pod are sent a termination signal and - the time when the processes are forcibly halted - with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value zero - indicates stop immediately via the kill signal - (no opportunity to shut down). This is a beta - field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. If - this is not set, reads from stdin in the container - will always result in EOF. Default is false. + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. type: boolean stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been opened - by a single attach. When stdin is true the stdin - stream will remain open across multiple attach - sessions. If stdinOnce is set to true, stdin is - opened on container start, is empty until the - first client attaches to stdin, and then remains - open and accepts data until the client disconnects, - at which time stdin is closed and remains closed - until the container is restarted. If this flag - is false, a container processes that reads from - stdin will never receive an EOF. Default is false + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false type: boolean terminationMessagePath: - description: 'Optional: Path at which the file to - which the container''s termination message will - be written is mounted into the container''s filesystem. - Message written is intended to be brief final - status, such as an assertion failure message. - Will be truncated by the node if greater than - 4096 bytes. The total message length across all - containers will be limited to 12kb. Defaults to - /dev/termination-log. Cannot be updated.' + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. type: string terminationMessagePolicy: - description: Indicate how the termination message - should be populated. File will use the contents - of terminationMessagePath to populate the container - status message on both success and failure. FallbackToLogsOnError - will use the last chunk of container log output - if the termination message file is empty and the - container exited with an error. The log output - is limited to 2048 bytes or 80 lines, whichever - is smaller. Defaults to File. Cannot be updated. + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. type: string tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to be - true. Default is false. + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. type: boolean volumeDevices: description: volumeDevices is the list of block @@ -2721,46 +2470,45 @@ spec: type: object type: array volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Cannot be updated. + description: |- + Pod volumes to mount into the container's filesystem. + Cannot be updated. items: description: VolumeMount describes a mounting of a Volume within a container. properties: mountPath: - description: Path within the container at - which the volume should be mounted. Must + description: |- + Path within the container at which the volume should be mounted. Must not contain ':'. type: string mountPropagation: - description: mountPropagation determines how - mounts are propagated from the host to container - and the other way around. When not set, - MountPropagationNone is used. This field - is beta in 1.10. + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults - to false. + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. type: boolean subPath: - description: Path within the volume from which - the container's volume should be mounted. + description: |- + Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). type: string subPathExpr: - description: Expanded path within the volume - from which the container's volume should - be mounted. Behaves similarly to SubPath - but environment variable references $(VAR_NAME) - are expanded using the container's environment. - Defaults to "" (volume's root). SubPathExpr - and SubPath are mutually exclusive. + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. type: string required: - mountPath @@ -2768,33 +2516,36 @@ spec: type: object type: array workingDir: - description: Container's working directory. If not - specified, the container runtime's default will - be used, which might be configured in the container - image. Cannot be updated. + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. type: string required: - name type: object type: array dnsConfig: - description: Specifies the DNS parameters of a pod. Parameters - specified here will be merged to the generated DNS configuration - based on DNSPolicy. + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. properties: nameservers: - description: A list of DNS name server IP addresses. - This will be appended to the base nameservers generated - from DNSPolicy. Duplicated nameservers will be removed. + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. items: type: string type: array options: - description: A list of DNS resolver options. This - will be merged with the base options generated from - DNSPolicy. Duplicated entries will be removed. Resolution - options given in Options will override those that - appear in the base DNSPolicy. + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. items: description: PodDNSConfigOption defines DNS resolver options of a pod. @@ -2807,82 +2558,77 @@ spec: type: object type: array searches: - description: A list of DNS search domains for host-name - lookup. This will be appended to the base search - paths generated from DNSPolicy. Duplicated search - paths will be removed. + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. items: type: string type: array type: object dnsPolicy: - description: Set DNS policy for the pod. Defaults to "ClusterFirst". - Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', - 'Default' or 'None'. DNS parameters given in DNSConfig - will be merged with the policy selected with DNSPolicy. - To have DNS options set along with hostNetwork, you - have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. + description: |- + Set DNS policy for the pod. + Defaults to "ClusterFirst". + Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. + DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. + To have DNS options set along with hostNetwork, you have to specify DNS policy + explicitly to 'ClusterFirstWithHostNet'. type: string enableServiceLinks: - description: 'EnableServiceLinks indicates whether information - about services should be injected into pod''s environment - variables, matching the syntax of Docker links. Optional: - Defaults to true.' + description: |- + EnableServiceLinks indicates whether information about services should be injected into pod's + environment variables, matching the syntax of Docker links. + Optional: Defaults to true. type: boolean ephemeralContainers: - description: List of ephemeral containers run in this - pod. Ephemeral containers may be run in an existing - pod to perform user-initiated actions such as debugging. - This list cannot be specified when creating a pod, and - it cannot be modified by updating the pod spec. In order - to add an ephemeral container to an existing pod, use - the pod's ephemeralcontainers subresource. + description: |- + List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing + pod to perform user-initiated actions such as debugging. This list cannot be specified when + creating a pod, and it cannot be modified by updating the pod spec. In order to add an + ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource. items: - description: "An EphemeralContainer is a temporary container - that you may add to an existing Pod for user-initiated - activities such as debugging. Ephemeral containers - have no resource or scheduling guarantees, and they - will not be restarted when they exit or when a Pod - is removed or restarted. The kubelet may evict a Pod - if an ephemeral container causes the Pod to exceed - its resource allocation. \n To add an ephemeral container, - use the ephemeralcontainers subresource of an existing - Pod. Ephemeral containers may not be removed or restarted." + description: |- + An EphemeralContainer is a temporary container that you may add to an existing Pod for + user-initiated activities such as debugging. Ephemeral containers have no resource or + scheduling guarantees, and they will not be restarted when they exit or when a Pod is + removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the + Pod to exceed its resource allocation. + + + To add an ephemeral container, use the ephemeralcontainers subresource of an existing + Pod. Ephemeral containers may not be removed or restarted. properties: args: - description: 'Arguments to the entrypoint. The image''s - CMD is used if this is not provided. Variable - references $(VAR_NAME) are expanded using the - container''s environment. If a variable cannot - be resolved, the reference in the input string - will be unchanged. Double $$ are reduced to a - single $, which allows for escaping the $(VAR_NAME) - syntax: i.e. "$$(VAR_NAME)" will produce the string - literal "$(VAR_NAME)". Escaped references will - never be expanded, regardless of whether the variable - exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: |- + Arguments to the entrypoint. + The image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell items: type: string type: array command: - description: 'Entrypoint array. Not executed within - a shell. The image''s ENTRYPOINT is used if this - is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. - If a variable cannot be resolved, the reference - in the input string will be unchanged. Double - $$ are reduced to a single $, which allows for - escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless - of whether the variable exists or not. Cannot - be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: |- + Entrypoint array. Not executed within a shell. + The image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell items: type: string type: array env: - description: List of environment variables to set - in the container. Cannot be updated. + description: |- + List of environment variables to set in the container. + Cannot be updated. items: description: EnvVar represents an environment variable present in a Container. @@ -2892,18 +2638,16 @@ spec: Must be a C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in the container and - any service environment variables. If a - variable cannot be resolved, the reference - in the input string will be unchanged. Double - $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal - "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable - exists or not. Defaults to "".' + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: description: Source for the environment variable's @@ -2916,10 +2660,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. + description: |- + Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -2930,11 +2674,9 @@ spec: type: object x-kubernetes-map-type: atomic fieldRef: - description: 'Selects a field of the pod: - supports metadata.name, metadata.namespace, - `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, - status.hostIP, status.podIP, status.podIPs.' + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: description: Version of the schema @@ -2950,12 +2692,9 @@ spec: type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and - requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: description: 'Container name: required @@ -2988,10 +2727,10 @@ spec: secret key. type: string name: - description: 'Name of the referent. + description: |- + Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -3007,15 +2746,13 @@ spec: type: object type: array envFrom: - description: List of sources to populate environment - variables in the container. The keys defined within - a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container - is starting. When a key exists in multiple sources, - the value associated with the last source will - take precedence. Values defined by an Env with - a duplicate key will take precedence. Cannot be - updated. + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. items: description: EnvFromSource represents the source of a set of ConfigMaps @@ -3024,10 +2761,10 @@ spec: description: The ConfigMap to select from properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -3044,10 +2781,10 @@ spec: description: The Secret to select from properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -3058,42 +2795,40 @@ spec: type: object type: array image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images' + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images type: string imagePullPolicy: - description: 'Image pull policy. One of Always, - Never, IfNotPresent. Defaults to Always if :latest - tag is specified, or IfNotPresent otherwise. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images type: string lifecycle: description: Lifecycle is not allowed for ephemeral containers. properties: postStart: - description: 'PostStart is called immediately - after a container is created. If the handler - fails, the container is terminated and restarted - according to its restart policy. Other management - of the container blocks until the hook completes. - More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command - line to execute inside the container, - the working directory for the command is - root ('/') in the container's filesystem. - The command is simply exec'd, it is - not run inside a shell, so traditional - shell instructions ('|', etc) won't - work. To use a shell, you need to - explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array @@ -3103,10 +2838,9 @@ spec: request to perform. properties: host: - description: Host name to connect to, - defaults to the pod IP. You probably - want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in @@ -3118,11 +2852,9 @@ spec: probes properties: name: - description: The header field - name. This will be canonicalized - upon output, so case-variant - names will be understood as - the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field @@ -3141,25 +2873,24 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object tcpSocket: - description: Deprecated. TCPSocket is NOT - supported as a LifecycleHandler and kept - for the backward compatibility. There - are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler - is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to @@ -3169,47 +2900,38 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object type: object preStop: - description: 'PreStop is called immediately - before a container is terminated due to an - API request or management event such as liveness/startup - probe failure, preemption, resource contention, - etc. The handler is not called if the container - crashes or exits. The Pod''s termination grace - period countdown begins before the PreStop - hook is executed. Regardless of the outcome - of the handler, the container will eventually - terminate within the Pod''s termination grace - period (unless delayed by finalizers). Other - management of the container blocks until the - hook completes or until the termination grace - period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command - line to execute inside the container, - the working directory for the command is - root ('/') in the container's filesystem. - The command is simply exec'd, it is - not run inside a shell, so traditional - shell instructions ('|', etc) won't - work. To use a shell, you need to - explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array @@ -3219,10 +2941,9 @@ spec: request to perform. properties: host: - description: Host name to connect to, - defaults to the pod IP. You probably - want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in @@ -3234,11 +2955,9 @@ spec: probes properties: name: - description: The header field - name. This will be canonicalized - upon output, so case-variant - names will be understood as - the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field @@ -3257,25 +2976,24 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object tcpSocket: - description: Deprecated. TCPSocket is NOT - supported as a LifecycleHandler and kept - for the backward compatibility. There - are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler - is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to @@ -3285,10 +3003,10 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port @@ -3303,25 +3021,20 @@ spec: description: Exec specifies the action to take. properties: command: - description: Command is the command line - to execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside - a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, - you need to explicitly call out to that - shell. Exit status of 0 is treated as - live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. Defaults to 3. Minimum value is - 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -3334,11 +3047,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the - service to place in the gRPC HealthCheckRequest + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -3348,8 +3062,8 @@ spec: to perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. type: string httpHeaders: @@ -3360,10 +3074,9 @@ spec: header to be used in HTTP probes properties: name: - description: The header field name. - This will be canonicalized upon - output, so case-variant names will - be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3381,35 +3094,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. Defaults to 1. Must be 1 for - liveness and startup. Minimum value is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -3424,46 +3137,40 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. The grace period is the duration - in seconds after the processes running in - the pod are sent a termination signal and - the time when the processes are forcibly halted - with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value zero - indicates stop immediately via the kill signal - (no opportunity to shut down). This is a beta - field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object name: - description: Name of the ephemeral container specified - as a DNS_LABEL. This name must be unique among - all containers, init containers and ephemeral - containers. + description: |- + Name of the ephemeral container specified as a DNS_LABEL. + This name must be unique among all containers, init containers and ephemeral containers. type: string ports: description: Ports are not allowed for ephemeral @@ -3473,9 +3180,9 @@ spec: port in a single container. properties: containerPort: - description: Number of port to expose on the - pod's IP address. This must be a valid port - number, 0 < x < 65536. + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. format: int32 type: integer hostIP: @@ -3483,28 +3190,27 @@ spec: port to. type: string hostPort: - description: Number of port to expose on the - host. If specified, this must be a valid - port number, 0 < x < 65536. If HostNetwork - is specified, this must match ContainerPort. + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. format: int32 type: integer name: - description: If specified, this must be an - IANA_SVC_NAME and unique within the pod. - Each named port in a pod must have a unique - name. Name for the port that can be referred - to by services. + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. type: string protocol: default: TCP - description: Protocol for port. Must be UDP, - TCP, or SCTP. Defaults to "TCP". + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". type: string required: - containerPort - - protocol type: object type: array x-kubernetes-list-map-keys: @@ -3519,25 +3225,20 @@ spec: description: Exec specifies the action to take. properties: command: - description: Command is the command line - to execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside - a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, - you need to explicitly call out to that - shell. Exit status of 0 is treated as - live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. Defaults to 3. Minimum value is - 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -3550,11 +3251,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the - service to place in the gRPC HealthCheckRequest + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -3564,8 +3266,8 @@ spec: to perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. type: string httpHeaders: @@ -3576,10 +3278,9 @@ spec: header to be used in HTTP probes properties: name: - description: The header field name. - This will be canonicalized upon - output, so case-variant names will - be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3597,35 +3298,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. Defaults to 1. Must be 1 for - liveness and startup. Minimum value is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -3640,38 +3341,33 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. The grace period is the duration - in seconds after the processes running in - the pod are sent a termination signal and - the time when the processes are forcibly halted - with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value zero - indicates stop immediately via the kill signal - (no opportunity to shut down). This is a beta - field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object @@ -3682,14 +3378,14 @@ spec: resource resize policy for the container. properties: resourceName: - description: 'Name of the resource to which - this resource resize policy applies. Supported - values: cpu, memory.' + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. type: string restartPolicy: - description: Restart policy to apply when - specified resource is resized. If not specified, - it defaults to NotRequired. + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. type: string required: - resourceName @@ -3698,27 +3394,30 @@ spec: type: array x-kubernetes-list-type: atomic resources: - description: Resources are not allowed for ephemeral - containers. Ephemeral containers use spare resources + description: |- + Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod. properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used - by this container. \n This is an alpha field - and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. - It can only be set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name - of one entry in pod.spec.resourceClaims - of the Pod where this field is used. - It makes that resource available inside - a container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -3734,8 +3433,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -3744,43 +3444,40 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. If Requests - is omitted for a container, it defaults to - Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests - cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object restartPolicy: - description: Restart policy for the container to - manage the restart behavior of each container - within a pod. This may only be set for init containers. - You cannot set this field on ephemeral containers. + description: |- + Restart policy for the container to manage the restart behavior of each + container within a pod. + This may only be set for init containers. You cannot set this field on + ephemeral containers. type: string securityContext: - description: 'Optional: SecurityContext defines - the security options the ephemeral container should - be run with. If set, the fields of SecurityContext - override the equivalent fields of PodSecurityContext.' + description: |- + Optional: SecurityContext defines the security options the ephemeral container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. properties: allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process. This bool directly - controls if the no_new_privs flag will be - set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run - as Privileged 2) has CAP_SYS_ADMIN Note that - this field cannot be set when spec.os.name - is windows.' + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. type: boolean capabilities: - description: The capabilities to add/drop when - running containers. Defaults to the default - set of capabilities granted by the container - runtime. Note that this field cannot be set - when spec.os.name is windows. + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. properties: add: description: Added capabilities @@ -3798,69 +3495,60 @@ spec: type: array type: object privileged: - description: Run container in privileged mode. - Processes in privileged containers are essentially - equivalent to root on the host. Defaults to - false. Note that this field cannot be set - when spec.os.name is windows. + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. type: boolean procMount: - description: procMount denotes the type of proc - mount to use for the containers. The default - is DefaultProcMount which uses the container - runtime defaults for readonly paths and masked - paths. This requires the ProcMountType feature - flag to be enabled. Note that this field cannot - be set when spec.os.name is windows. + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. type: string readOnlyRootFilesystem: - description: Whether this container has a read-only - root filesystem. Default is false. Note that - this field cannot be set when spec.os.name - is windows. + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. type: boolean runAsGroup: - description: The GID to run the entrypoint of - the container process. Uses runtime default - if unset. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. Note that this field cannot be - set when spec.os.name is windows. + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer runAsNonRoot: - description: Indicates that the container must - run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure - that it does not run as UID 0 (root) and fail - to start the container if it does. If unset - or false, no such validation will be performed. - May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: boolean runAsUser: - description: The UID to run the entrypoint of - the container process. Defaults to user specified - in image metadata if unspecified. May also - be set in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name - is windows. + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer seLinuxOptions: - description: The SELinux context to be applied - to the container. If unspecified, the container - runtime will allocate a random SELinux context - for each container. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. Note that this field cannot be - set when spec.os.name is windows. + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. properties: level: description: Level is SELinux level label @@ -3880,74 +3568,62 @@ spec: type: string type: object seccompProfile: - description: The seccomp options to use by this - container. If seccomp options are provided - at both the pod & container level, the container - options override the pod options. Note that - this field cannot be set when spec.os.name - is windows. + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. properties: localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the node - should be used. The profile must be preconfigured - on the node to work. Must be a descending - path, relative to the kubelet's configured - seccomp profile location. Must be set - if type is "Localhost". Must NOT be set - for any other type. + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: - description: "type indicates which kind - of seccomp profile will be applied. Valid - options are: \n Localhost - a profile - defined in a file on the node should be - used. RuntimeDefault - the container runtime - default profile should be used. Unconfined - - no profile should be applied." + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. type: string required: - type type: object windowsOptions: - description: The Windows specific settings applied - to all containers. If unspecified, the options - from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. Note that this field cannot be - set when spec.os.name is linux. + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. properties: gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential - spec named by the GMSACredentialSpecName - field. + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name of the GMSA credential spec to use. type: string hostProcess: - description: HostProcess determines if a - container should be run as a 'Host Process' - container. All of a Pod's containers must - have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess - containers and non-HostProcess containers). - In addition, if HostProcess is true then - HostNetwork must also be set to true. + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. type: boolean runAsUserName: - description: The UserName in Windows to - run the entrypoint of the container process. - Defaults to the user specified in image - metadata if unspecified. May also be set - in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, - the value specified in SecurityContext - takes precedence. + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: string type: object type: object @@ -3959,25 +3635,20 @@ spec: description: Exec specifies the action to take. properties: command: - description: Command is the command line - to execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside - a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, - you need to explicitly call out to that - shell. Exit status of 0 is treated as - live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. Defaults to 3. Minimum value is - 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -3990,11 +3661,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the - service to place in the gRPC HealthCheckRequest + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -4004,8 +3676,8 @@ spec: to perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. type: string httpHeaders: @@ -4016,10 +3688,9 @@ spec: header to be used in HTTP probes properties: name: - description: The header field name. - This will be canonicalized upon - output, so case-variant names will - be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -4037,35 +3708,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. Defaults to 1. Must be 1 for - liveness and startup. Minimum value is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -4080,98 +3751,86 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. The grace period is the duration - in seconds after the processes running in - the pod are sent a termination signal and - the time when the processes are forcibly halted - with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value zero - indicates stop immediately via the kill signal - (no opportunity to shut down). This is a beta - field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. If - this is not set, reads from stdin in the container - will always result in EOF. Default is false. + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. type: boolean stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been opened - by a single attach. When stdin is true the stdin - stream will remain open across multiple attach - sessions. If stdinOnce is set to true, stdin is - opened on container start, is empty until the - first client attaches to stdin, and then remains - open and accepts data until the client disconnects, - at which time stdin is closed and remains closed - until the container is restarted. If this flag - is false, a container processes that reads from - stdin will never receive an EOF. Default is false + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false type: boolean targetContainerName: - description: "If set, the name of the container - from PodSpec that this ephemeral container targets. - The ephemeral container will be run in the namespaces - (IPC, PID, etc) of this container. If not set - then the ephemeral container uses the namespaces - configured in the Pod spec. \n The container runtime - must implement support for this feature. If the - runtime does not support namespace targeting then - the result of setting this field is undefined." + description: |- + If set, the name of the container from PodSpec that this ephemeral container targets. + The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. + If not set then the ephemeral container uses the namespaces configured in the Pod spec. + + + The container runtime must implement support for this feature. If the runtime does not + support namespace targeting then the result of setting this field is undefined. type: string terminationMessagePath: - description: 'Optional: Path at which the file to - which the container''s termination message will - be written is mounted into the container''s filesystem. - Message written is intended to be brief final - status, such as an assertion failure message. - Will be truncated by the node if greater than - 4096 bytes. The total message length across all - containers will be limited to 12kb. Defaults to - /dev/termination-log. Cannot be updated.' + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. type: string terminationMessagePolicy: - description: Indicate how the termination message - should be populated. File will use the contents - of terminationMessagePath to populate the container - status message on both success and failure. FallbackToLogsOnError - will use the last chunk of container log output - if the termination message file is empty and the - container exited with an error. The log output - is limited to 2048 bytes or 80 lines, whichever - is smaller. Defaults to File. Cannot be updated. + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. type: string tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to be - true. Default is false. + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. type: boolean volumeDevices: description: volumeDevices is the list of block @@ -4195,47 +3854,45 @@ spec: type: object type: array volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Subpath mounts are not allowed for - ephemeral containers. Cannot be updated. + description: |- + Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. + Cannot be updated. items: description: VolumeMount describes a mounting of a Volume within a container. properties: mountPath: - description: Path within the container at - which the volume should be mounted. Must + description: |- + Path within the container at which the volume should be mounted. Must not contain ':'. type: string mountPropagation: - description: mountPropagation determines how - mounts are propagated from the host to container - and the other way around. When not set, - MountPropagationNone is used. This field - is beta in 1.10. + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults - to false. + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. type: boolean subPath: - description: Path within the volume from which - the container's volume should be mounted. + description: |- + Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). type: string subPathExpr: - description: Expanded path within the volume - from which the container's volume should - be mounted. Behaves similarly to SubPath - but environment variable references $(VAR_NAME) - are expanded using the container's environment. - Defaults to "" (volume's root). SubPathExpr - and SubPath are mutually exclusive. + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. type: string required: - mountPath @@ -4243,24 +3900,24 @@ spec: type: object type: array workingDir: - description: Container's working directory. If not - specified, the container runtime's default will - be used, which might be configured in the container - image. Cannot be updated. + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. type: string required: - name type: object type: array hostAliases: - description: HostAliases is an optional list of hosts - and IPs that will be injected into the pod's hosts file - if specified. This is only valid for non-hostNetwork - pods. + description: |- + HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts + file if specified. This is only valid for non-hostNetwork pods. items: - description: HostAlias holds the mapping between IP - and hostnames that will be injected as an entry in - the pod's hosts file. + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. properties: hostnames: description: Hostnames for the above IP address. @@ -4273,111 +3930,106 @@ spec: type: object type: array hostIPC: - description: 'Use the host''s ipc namespace. Optional: - Default to false.' + description: |- + Use the host's ipc namespace. + Optional: Default to false. type: boolean hostNetwork: - description: Host networking requested for this pod. Use - the host's network namespace. If this option is set, - the ports that will be used must be specified. Default - to false. + description: |- + Host networking requested for this pod. Use the host's network namespace. + If this option is set, the ports that will be used must be specified. + Default to false. type: boolean hostPID: - description: 'Use the host''s pid namespace. Optional: - Default to false.' + description: |- + Use the host's pid namespace. + Optional: Default to false. type: boolean hostUsers: - description: 'Use the host''s user namespace. Optional: - Default to true. If set to true or not present, the - pod will be run in the host user namespace, useful for - when the pod needs a feature only available to the host - user namespace, such as loading a kernel module with - CAP_SYS_MODULE. When set to false, a new userns is created - for the pod. Setting false is useful for mitigating - container breakout vulnerabilities even allowing users - to run their containers as root without actually having - root privileges on the host. This field is alpha-level - and is only honored by servers that enable the UserNamespacesSupport - feature.' + description: |- + Use the host's user namespace. + Optional: Default to true. + If set to true or not present, the pod will be run in the host user namespace, useful + for when the pod needs a feature only available to the host user namespace, such as + loading a kernel module with CAP_SYS_MODULE. + When set to false, a new userns is created for the pod. Setting false is useful for + mitigating container breakout vulnerabilities even allowing users to run their + containers as root without actually having root privileges on the host. + This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature. type: boolean hostname: - description: Specifies the hostname of the Pod If not - specified, the pod's hostname will be set to a system-defined - value. + description: |- + Specifies the hostname of the Pod + If not specified, the pod's hostname will be set to a system-defined value. type: string imagePullSecrets: - description: 'ImagePullSecrets is an optional list of - references to secrets in the same namespace to use for - pulling any of the images used by this PodSpec. If specified, - these secrets will be passed to individual puller implementations - for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' + description: |- + ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. + If specified, these secrets will be passed to individual puller implementations for them to use. + More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the - same namespace. + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic type: array initContainers: - description: 'List of initialization containers belonging - to the pod. Init containers are executed in order prior - to containers being started. If any init container fails, - the pod is considered to have failed and is handled - according to its restartPolicy. The name for an init - container or normal container must be unique among all - containers. Init containers may not have Lifecycle actions, - Readiness probes, Liveness probes, or Startup probes. - The resourceRequirements of an init container are taken - into account during scheduling by finding the highest - request/limit for each resource type, and then using - the max of of that value or the sum of the normal containers. - Limits are applied to init containers in a similar fashion. + description: |- + List of initialization containers belonging to the pod. + Init containers are executed in order prior to containers being started. If any + init container fails, the pod is considered to have failed and is handled according + to its restartPolicy. The name for an init container or normal container must be + unique among all containers. + Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. + The resourceRequirements of an init container are taken into account during scheduling + by finding the highest request/limit for each resource type, and then using the max of + of that value or the sum of the normal containers. Limits are applied to init containers + in a similar fashion. Init containers cannot currently be added or removed. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ items: description: A single application container that you want to run within a pod. properties: args: - description: 'Arguments to the entrypoint. The container - image''s CMD is used if this is not provided. - Variable references $(VAR_NAME) are expanded using - the container''s environment. If a variable cannot - be resolved, the reference in the input string - will be unchanged. Double $$ are reduced to a - single $, which allows for escaping the $(VAR_NAME) - syntax: i.e. "$$(VAR_NAME)" will produce the string - literal "$(VAR_NAME)". Escaped references will - never be expanded, regardless of whether the variable - exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: |- + Arguments to the entrypoint. + The container image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell items: type: string type: array command: - description: 'Entrypoint array. Not executed within - a shell. The container image''s ENTRYPOINT is - used if this is not provided. Variable references - $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, - the reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless - of whether the variable exists or not. Cannot - be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: |- + Entrypoint array. Not executed within a shell. + The container image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell items: type: string type: array env: - description: List of environment variables to set - in the container. Cannot be updated. + description: |- + List of environment variables to set in the container. + Cannot be updated. items: description: EnvVar represents an environment variable present in a Container. @@ -4387,18 +4039,16 @@ spec: Must be a C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) - are expanded using the previously defined - environment variables in the container and - any service environment variables. If a - variable cannot be resolved, the reference - in the input string will be unchanged. Double - $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal - "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable - exists or not. Defaults to "".' + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: description: Source for the environment variable's @@ -4411,10 +4061,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. + description: |- + Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -4425,11 +4075,9 @@ spec: type: object x-kubernetes-map-type: atomic fieldRef: - description: 'Selects a field of the pod: - supports metadata.name, metadata.namespace, - `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, - status.hostIP, status.podIP, status.podIPs.' + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: description: Version of the schema @@ -4445,12 +4093,9 @@ spec: type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and - requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: description: 'Container name: required @@ -4483,10 +4128,10 @@ spec: secret key. type: string name: - description: 'Name of the referent. + description: |- + Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -4502,15 +4147,13 @@ spec: type: object type: array envFrom: - description: List of sources to populate environment - variables in the container. The keys defined within - a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container - is starting. When a key exists in multiple sources, - the value associated with the last source will - take precedence. Values defined by an Env with - a duplicate key will take precedence. Cannot be - updated. + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. items: description: EnvFromSource represents the source of a set of ConfigMaps @@ -4519,10 +4162,10 @@ spec: description: The ConfigMap to select from properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -4539,10 +4182,10 @@ spec: description: The Secret to select from properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -4553,46 +4196,43 @@ spec: type: object type: array image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config - management to default or override container images - in workload controllers like Deployments and StatefulSets.' + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. type: string imagePullPolicy: - description: 'Image pull policy. One of Always, - Never, IfNotPresent. Defaults to Always if :latest - tag is specified, or IfNotPresent otherwise. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images type: string lifecycle: - description: Actions that the management system - should take in response to container lifecycle - events. Cannot be updated. + description: |- + Actions that the management system should take in response to container lifecycle events. + Cannot be updated. properties: postStart: - description: 'PostStart is called immediately - after a container is created. If the handler - fails, the container is terminated and restarted - according to its restart policy. Other management - of the container blocks until the hook completes. - More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command - line to execute inside the container, - the working directory for the command is - root ('/') in the container's filesystem. - The command is simply exec'd, it is - not run inside a shell, so traditional - shell instructions ('|', etc) won't - work. To use a shell, you need to - explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array @@ -4602,10 +4242,9 @@ spec: request to perform. properties: host: - description: Host name to connect to, - defaults to the pod IP. You probably - want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in @@ -4617,11 +4256,9 @@ spec: probes properties: name: - description: The header field - name. This will be canonicalized - upon output, so case-variant - names will be understood as - the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field @@ -4640,25 +4277,24 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object tcpSocket: - description: Deprecated. TCPSocket is NOT - supported as a LifecycleHandler and kept - for the backward compatibility. There - are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler - is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to @@ -4668,47 +4304,38 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object type: object preStop: - description: 'PreStop is called immediately - before a container is terminated due to an - API request or management event such as liveness/startup - probe failure, preemption, resource contention, - etc. The handler is not called if the container - crashes or exits. The Pod''s termination grace - period countdown begins before the PreStop - hook is executed. Regardless of the outcome - of the handler, the container will eventually - terminate within the Pod''s termination grace - period (unless delayed by finalizers). Other - management of the container blocks until the - hook completes or until the termination grace - period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command - line to execute inside the container, - the working directory for the command is - root ('/') in the container's filesystem. - The command is simply exec'd, it is - not run inside a shell, so traditional - shell instructions ('|', etc) won't - work. To use a shell, you need to - explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array @@ -4718,10 +4345,9 @@ spec: request to perform. properties: host: - description: Host name to connect to, - defaults to the pod IP. You probably - want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in @@ -4733,11 +4359,9 @@ spec: probes properties: name: - description: The header field - name. This will be canonicalized - upon output, so case-variant - names will be understood as - the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field @@ -4756,25 +4380,24 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object tcpSocket: - description: Deprecated. TCPSocket is NOT - supported as a LifecycleHandler and kept - for the backward compatibility. There - are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler - is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to @@ -4784,10 +4407,10 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port - to access on the container. Number - must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port @@ -4795,33 +4418,30 @@ spec: type: object type: object livenessProbe: - description: 'Periodic probe of container liveness. + description: |- + Periodic probe of container liveness. Container will be restarted if the probe fails. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line - to execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside - a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, - you need to explicitly call out to that - shell. Exit status of 0 is treated as - live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. Defaults to 3. Minimum value is - 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -4834,11 +4454,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the - service to place in the gRPC HealthCheckRequest + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -4848,8 +4469,8 @@ spec: to perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. type: string httpHeaders: @@ -4860,10 +4481,9 @@ spec: header to be used in HTTP probes properties: name: - description: The header field name. - This will be canonicalized upon - output, so case-variant names will - be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -4881,35 +4501,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. Defaults to 1. Must be 1 for - liveness and startup. Minimum value is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -4924,63 +4544,59 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. The grace period is the duration - in seconds after the processes running in - the pod are sent a termination signal and - the time when the processes are forcibly halted - with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value zero - indicates stop immediately via the kill signal - (no opportunity to shut down). This is a beta - field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object name: - description: Name of the container specified as - a DNS_LABEL. Each container in a pod must have - a unique name (DNS_LABEL). Cannot be updated. + description: |- + Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. type: string ports: - description: List of ports to expose from the container. - Not specifying a port here DOES NOT prevent that - port from being exposed. Any port which is listening - on the default "0.0.0.0" address inside a container - will be accessible from the network. Modifying - this array with strategic merge patch may corrupt - the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + description: |- + List of ports to expose from the container. Not specifying a port here + DOES NOT prevent that port from being exposed. Any port which is + listening on the default "0.0.0.0" address inside a container will be + accessible from the network. + Modifying this array with strategic merge patch may corrupt the data. + For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. items: description: ContainerPort represents a network port in a single container. properties: containerPort: - description: Number of port to expose on the - pod's IP address. This must be a valid port - number, 0 < x < 65536. + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. format: int32 type: integer hostIP: @@ -4988,28 +4604,27 @@ spec: port to. type: string hostPort: - description: Number of port to expose on the - host. If specified, this must be a valid - port number, 0 < x < 65536. If HostNetwork - is specified, this must match ContainerPort. + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. format: int32 type: integer name: - description: If specified, this must be an - IANA_SVC_NAME and unique within the pod. - Each named port in a pod must have a unique - name. Name for the port that can be referred - to by services. + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. type: string protocol: default: TCP - description: Protocol for port. Must be UDP, - TCP, or SCTP. Defaults to "TCP". + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". type: string required: - containerPort - - protocol type: object type: array x-kubernetes-list-map-keys: @@ -5017,34 +4632,30 @@ spec: - protocol x-kubernetes-list-type: map readinessProbe: - description: 'Periodic probe of container service - readiness. Container will be removed from service - endpoints if the probe fails. Cannot be updated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line - to execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside - a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, - you need to explicitly call out to that - shell. Exit status of 0 is treated as - live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. Defaults to 3. Minimum value is - 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -5057,11 +4668,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the - service to place in the gRPC HealthCheckRequest + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -5071,8 +4683,8 @@ spec: to perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. type: string httpHeaders: @@ -5083,10 +4695,9 @@ spec: header to be used in HTTP probes properties: name: - description: The header field name. - This will be canonicalized upon - output, so case-variant names will - be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -5104,35 +4715,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. Defaults to 1. Must be 1 for - liveness and startup. Minimum value is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -5147,38 +4758,33 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. The grace period is the duration - in seconds after the processes running in - the pod are sent a termination signal and - the time when the processes are forcibly halted - with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value zero - indicates stop immediately via the kill signal - (no opportunity to shut down). This is a beta - field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object @@ -5189,14 +4795,14 @@ spec: resource resize policy for the container. properties: resourceName: - description: 'Name of the resource to which - this resource resize policy applies. Supported - values: cpu, memory.' + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. type: string restartPolicy: - description: Restart policy to apply when - specified resource is resized. If not specified, - it defaults to NotRequired. + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. type: string required: - resourceName @@ -5205,26 +4811,31 @@ spec: type: array x-kubernetes-list-type: atomic resources: - description: 'Compute Resources required by this - container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Compute Resources required by this container. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used - by this container. \n This is an alpha field - and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. - It can only be set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name - of one entry in pod.spec.resourceClaims - of the Pod where this field is used. - It makes that resource available inside - a container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -5240,8 +4851,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -5250,61 +4862,52 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. If Requests - is omitted for a container, it defaults to - Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests - cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object restartPolicy: - description: 'RestartPolicy defines the restart - behavior of individual containers in a pod. This - field may only be set for init containers, and - the only allowed value is "Always". For non-init - containers or when this field is not specified, - the restart behavior is defined by the Pod''s - restart policy and the container type. Setting - the RestartPolicy as "Always" for the init container - will have the following effect: this init container - will be continually restarted on exit until all - regular containers have terminated. Once all regular - containers have completed, all init containers - with restartPolicy "Always" will be shut down. - This lifecycle differs from normal init containers - and is often referred to as a "sidecar" container. - Although this init container still starts in the - init container sequence, it does not wait for - the container to complete before proceeding to - the next init container. Instead, the next init - container starts immediately after this init container - is started, or after any startupProbe has successfully - completed.' + description: |- + RestartPolicy defines the restart behavior of individual containers in a pod. + This field may only be set for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod's restart policy and the container type. + Setting the RestartPolicy as "Always" for the init container will have the following effect: + this init container will be continually restarted on + exit until all regular containers have terminated. Once all regular + containers have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init containers and + is often referred to as a "sidecar" container. Although this init + container still starts in the init container sequence, it does not wait + for the container to complete before proceeding to the next init + container. Instead, the next init container starts immediately after this + init container is started, or after any startupProbe has successfully + completed. type: string securityContext: - description: 'SecurityContext defines the security - options the container should be run with. If set, - the fields of SecurityContext override the equivalent - fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + description: |- + SecurityContext defines the security options the container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ properties: allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls - whether a process can gain more privileges - than its parent process. This bool directly - controls if the no_new_privs flag will be - set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run - as Privileged 2) has CAP_SYS_ADMIN Note that - this field cannot be set when spec.os.name - is windows.' + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. type: boolean capabilities: - description: The capabilities to add/drop when - running containers. Defaults to the default - set of capabilities granted by the container - runtime. Note that this field cannot be set - when spec.os.name is windows. + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. properties: add: description: Added capabilities @@ -5322,69 +4925,60 @@ spec: type: array type: object privileged: - description: Run container in privileged mode. - Processes in privileged containers are essentially - equivalent to root on the host. Defaults to - false. Note that this field cannot be set - when spec.os.name is windows. + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. type: boolean procMount: - description: procMount denotes the type of proc - mount to use for the containers. The default - is DefaultProcMount which uses the container - runtime defaults for readonly paths and masked - paths. This requires the ProcMountType feature - flag to be enabled. Note that this field cannot - be set when spec.os.name is windows. + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. type: string readOnlyRootFilesystem: - description: Whether this container has a read-only - root filesystem. Default is false. Note that - this field cannot be set when spec.os.name - is windows. + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. type: boolean runAsGroup: - description: The GID to run the entrypoint of - the container process. Uses runtime default - if unset. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. Note that this field cannot be - set when spec.os.name is windows. + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer runAsNonRoot: - description: Indicates that the container must - run as a non-root user. If true, the Kubelet - will validate the image at runtime to ensure - that it does not run as UID 0 (root) and fail - to start the container if it does. If unset - or false, no such validation will be performed. - May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: boolean runAsUser: - description: The UID to run the entrypoint of - the container process. Defaults to user specified - in image metadata if unspecified. May also - be set in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name - is windows. + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer seLinuxOptions: - description: The SELinux context to be applied - to the container. If unspecified, the container - runtime will allocate a random SELinux context - for each container. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. Note that this field cannot be - set when spec.os.name is windows. + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. properties: level: description: Level is SELinux level label @@ -5404,112 +4998,93 @@ spec: type: string type: object seccompProfile: - description: The seccomp options to use by this - container. If seccomp options are provided - at both the pod & container level, the container - options override the pod options. Note that - this field cannot be set when spec.os.name - is windows. + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. properties: localhostProfile: - description: localhostProfile indicates - a profile defined in a file on the node - should be used. The profile must be preconfigured - on the node to work. Must be a descending - path, relative to the kubelet's configured - seccomp profile location. Must be set - if type is "Localhost". Must NOT be set - for any other type. + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: - description: "type indicates which kind - of seccomp profile will be applied. Valid - options are: \n Localhost - a profile - defined in a file on the node should be - used. RuntimeDefault - the container runtime - default profile should be used. Unconfined - - no profile should be applied." + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. type: string required: - type type: object windowsOptions: - description: The Windows specific settings applied - to all containers. If unspecified, the options - from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. Note that this field cannot be - set when spec.os.name is linux. + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. properties: gmsaCredentialSpec: - description: GMSACredentialSpec is where - the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential - spec named by the GMSACredentialSpecName - field. + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name of the GMSA credential spec to use. type: string hostProcess: - description: HostProcess determines if a - container should be run as a 'Host Process' - container. All of a Pod's containers must - have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess - containers and non-HostProcess containers). - In addition, if HostProcess is true then - HostNetwork must also be set to true. + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. type: boolean runAsUserName: - description: The UserName in Windows to - run the entrypoint of the container process. - Defaults to the user specified in image - metadata if unspecified. May also be set - in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, - the value specified in SecurityContext - takes precedence. + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: string type: object type: object startupProbe: - description: 'StartupProbe indicates that the Pod - has successfully initialized. If specified, no - other probes are executed until this completes - successfully. If this probe fails, the Pod will - be restarted, just as if the livenessProbe failed. - This can be used to provide different probe parameters - at the beginning of a Pod''s lifecycle, when it - might take a long time to load data or warm a - cache, than during steady-state operation. This - cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + StartupProbe indicates that the Pod has successfully initialized. + If specified, no other probes are executed until this completes successfully. + If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + when it might take a long time to load data or warm a cache, than during steady-state operation. + This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line - to execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside - a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, - you need to explicitly call out to that - shell. Exit status of 0 is treated as - live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for - the probe to be considered failed after having - succeeded. Defaults to 3. Minimum value is - 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -5522,11 +5097,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the - service to place in the gRPC HealthCheckRequest + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default - behavior is defined by gRPC." + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -5536,8 +5112,8 @@ spec: to perform. properties: host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. type: string httpHeaders: @@ -5548,10 +5124,9 @@ spec: header to be used in HTTP probes properties: name: - description: The header field name. - This will be canonicalized upon - output, so case-variant names will - be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -5569,35 +5144,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform - the probe. Default to 10 seconds. Minimum - value is 1. + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for - the probe to be considered successful after - having failed. Defaults to 1. Must be 1 for - liveness and startup. Minimum value is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -5612,87 +5187,76 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the - pod needs to terminate gracefully upon probe - failure. The grace period is the duration - in seconds after the processes running in - the pod are sent a termination signal and - the time when the processes are forcibly halted - with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides - the value provided by the pod spec. Value - must be non-negative integer. The value zero - indicates stop immediately via the kill signal - (no opportunity to shut down). This is a beta - field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which - the probe times out. Defaults to 1 second. - Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object stdin: - description: Whether this container should allocate - a buffer for stdin in the container runtime. If - this is not set, reads from stdin in the container - will always result in EOF. Default is false. + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. type: boolean stdinOnce: - description: Whether the container runtime should - close the stdin channel after it has been opened - by a single attach. When stdin is true the stdin - stream will remain open across multiple attach - sessions. If stdinOnce is set to true, stdin is - opened on container start, is empty until the - first client attaches to stdin, and then remains - open and accepts data until the client disconnects, - at which time stdin is closed and remains closed - until the container is restarted. If this flag - is false, a container processes that reads from - stdin will never receive an EOF. Default is false + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false type: boolean terminationMessagePath: - description: 'Optional: Path at which the file to - which the container''s termination message will - be written is mounted into the container''s filesystem. - Message written is intended to be brief final - status, such as an assertion failure message. - Will be truncated by the node if greater than - 4096 bytes. The total message length across all - containers will be limited to 12kb. Defaults to - /dev/termination-log. Cannot be updated.' + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. type: string terminationMessagePolicy: - description: Indicate how the termination message - should be populated. File will use the contents - of terminationMessagePath to populate the container - status message on both success and failure. FallbackToLogsOnError - will use the last chunk of container log output - if the termination message file is empty and the - container exited with an error. The log output - is limited to 2048 bytes or 80 lines, whichever - is smaller. Defaults to File. Cannot be updated. + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. type: string tty: - description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to be - true. Default is false. + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. type: boolean volumeDevices: description: volumeDevices is the list of block @@ -5716,46 +5280,45 @@ spec: type: object type: array volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Cannot be updated. + description: |- + Pod volumes to mount into the container's filesystem. + Cannot be updated. items: description: VolumeMount describes a mounting of a Volume within a container. properties: mountPath: - description: Path within the container at - which the volume should be mounted. Must + description: |- + Path within the container at which the volume should be mounted. Must not contain ':'. type: string mountPropagation: - description: mountPropagation determines how - mounts are propagated from the host to container - and the other way around. When not set, - MountPropagationNone is used. This field - is beta in 1.10. + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults - to false. + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. type: boolean subPath: - description: Path within the volume from which - the container's volume should be mounted. + description: |- + Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). type: string subPathExpr: - description: Expanded path within the volume - from which the container's volume should - be mounted. Behaves similarly to SubPath - but environment variable references $(VAR_NAME) - are expanded using the container's environment. - Defaults to "" (volume's root). SubPathExpr - and SubPath are mutually exclusive. + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. type: string required: - mountPath @@ -5763,57 +5326,70 @@ spec: type: object type: array workingDir: - description: Container's working directory. If not - specified, the container runtime's default will - be used, which might be configured in the container - image. Cannot be updated. + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. type: string required: - name type: object type: array nodeName: - description: NodeName is a request to schedule this pod - onto a specific node. If it is non-empty, the scheduler - simply schedules this pod onto that node, assuming that - it fits resource requirements. + description: |- + NodeName is a request to schedule this pod onto a specific node. If it is non-empty, + the scheduler simply schedules this pod onto that node, assuming that it fits resource + requirements. type: string nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be - true for the pod to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on - that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + description: |- + NodeSelector is a selector which must be true for the pod to fit on a node. + Selector which must match a node's labels for the pod to be scheduled on that node. + More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ type: object x-kubernetes-map-type: atomic os: - description: "Specifies the OS of the containers in the - pod. Some pod and container fields are restricted if - this is set. \n If the OS field is set to linux, the - following fields must be unset: -securityContext.windowsOptions - \n If the OS field is set to windows, following fields - must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - - spec.securityContext.sysctls - spec.shareProcessNamespace - - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions + description: |- + Specifies the OS of the containers in the pod. + Some pod and container fields are restricted if this is set. + + + If the OS field is set to linux, the following fields must be unset: + -securityContext.windowsOptions + + + If the OS field is set to windows, following fields must be unset: + - spec.hostPID + - spec.hostIPC + - spec.hostUsers + - spec.securityContext.seLinuxOptions + - spec.securityContext.seccompProfile + - spec.securityContext.fsGroup + - spec.securityContext.fsGroupChangePolicy + - spec.securityContext.sysctls + - spec.shareProcessNamespace + - spec.securityContext.runAsUser + - spec.securityContext.runAsGroup + - spec.securityContext.supplementalGroups + - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - - spec.containers[*].securityContext.capabilities - - spec.containers[*].securityContext.readOnlyRootFilesystem - - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - - spec.containers[*].securityContext.runAsGroup" + - spec.containers[*].securityContext.capabilities + - spec.containers[*].securityContext.readOnlyRootFilesystem + - spec.containers[*].securityContext.privileged + - spec.containers[*].securityContext.allowPrivilegeEscalation + - spec.containers[*].securityContext.procMount + - spec.containers[*].securityContext.runAsUser + - spec.containers[*].securityContext.runAsGroup properties: name: - description: 'Name is the name of the operating system. - The currently supported values are linux and windows. - Additional value may be defined in future and can - be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration - Clients should expect to handle additional values - and treat unrecognized values in this field as os: - null' + description: |- + Name is the name of the operating system. The currently supported values are linux and windows. + Additional value may be defined in future and can be one of: + https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration + Clients should expect to handle additional values and treat unrecognized values in this field as os: null type: string required: - name @@ -5825,48 +5401,45 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Overhead represents the resource overhead - associated with running a pod for a given RuntimeClass. - This field will be autopopulated at admission time by - the RuntimeClass admission controller. If the RuntimeClass - admission controller is enabled, overhead must not be - set in Pod create requests. The RuntimeClass admission - controller will reject Pod create requests which have - the overhead already set. If RuntimeClass is configured - and selected in the PodSpec, Overhead will be set to - the value defined in the corresponding RuntimeClass, - otherwise it will remain unset and treated as zero. - More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md' + description: |- + Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. + This field will be autopopulated at admission time by the RuntimeClass admission controller. If + the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. + The RuntimeClass admission controller will reject Pod create requests which have the overhead already + set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value + defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. + More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md type: object preemptionPolicy: - description: PreemptionPolicy is the Policy for preempting - pods with lower priority. One of Never, PreemptLowerPriority. + description: |- + PreemptionPolicy is the Policy for preempting pods with lower priority. + One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset. type: string priority: - description: The priority value. Various system components - use this field to find the priority of the pod. When - Priority Admission Controller is enabled, it prevents - users from setting this field. The admission controller - populates this field from PriorityClassName. The higher - the value, the higher the priority. + description: |- + The priority value. Various system components use this field to find the + priority of the pod. When Priority Admission Controller is enabled, it + prevents users from setting this field. The admission controller populates + this field from PriorityClassName. + The higher the value, the higher the priority. format: int32 type: integer priorityClassName: - description: If specified, indicates the pod's priority. - "system-node-critical" and "system-cluster-critical" - are two special keywords which indicate the highest - priorities with the former being the highest priority. - Any other name must be defined by creating a PriorityClass - object with that name. If not specified, the pod priority - will be default or zero if there is no default. + description: |- + If specified, indicates the pod's priority. "system-node-critical" and + "system-cluster-critical" are two special keywords which indicate the + highest priorities with the former being the highest priority. Any other + name must be defined by creating a PriorityClass object with that name. + If not specified, the pod priority will be default or zero if there is no + default. type: string readinessGates: - description: 'If specified, all readiness gates will be - evaluated for pod readiness. A pod is ready when all - its containers are ready AND all conditions specified - in the readiness gates have status equal to "True" More - info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates' + description: |- + If specified, all readiness gates will be evaluated for pod readiness. + A pod is ready when all its containers are ready AND + all conditions specified in the readiness gates have status equal to "True" + More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates items: description: PodReadinessGate contains the reference to a pod condition @@ -5880,46 +5453,54 @@ spec: type: object type: array resourceClaims: - description: "ResourceClaims defines which ResourceClaims - must be allocated and reserved before the Pod is allowed - to start. The resources will be made available to those - containers which consume them by name. \n This is an - alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." + description: |- + ResourceClaims defines which ResourceClaims must be allocated + and reserved before the Pod is allowed to start. The resources + will be made available to those containers which consume them + by name. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. items: - description: PodResourceClaim references exactly one - ResourceClaim through a ClaimSource. It adds a name - to it that uniquely identifies the ResourceClaim inside - the Pod. Containers that need access to the ResourceClaim - reference it with this name. + description: |- + PodResourceClaim references exactly one ResourceClaim through a ClaimSource. + It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. + Containers that need access to the ResourceClaim reference it with this name. properties: name: - description: Name uniquely identifies this resource - claim inside the pod. This must be a DNS_LABEL. + description: |- + Name uniquely identifies this resource claim inside the pod. + This must be a DNS_LABEL. type: string source: description: Source describes where to find the ResourceClaim. properties: resourceClaimName: - description: ResourceClaimName is the name of - a ResourceClaim object in the same namespace - as this pod. + description: |- + ResourceClaimName is the name of a ResourceClaim object in the same + namespace as this pod. type: string resourceClaimTemplateName: - description: "ResourceClaimTemplateName is the - name of a ResourceClaimTemplate object in - the same namespace as this pod. \n The template - will be used to create a new ResourceClaim, - which will be bound to this pod. When this - pod is deleted, the ResourceClaim will also - be deleted. The pod name and resource name, - along with a generated component, will be - used to form a unique name for the ResourceClaim, - which will be recorded in pod.status.resourceClaimStatuses. - \n This field is immutable and no changes - will be made to the corresponding ResourceClaim - by the control plane after creating the ResourceClaim." + description: |- + ResourceClaimTemplateName is the name of a ResourceClaimTemplate + object in the same namespace as this pod. + + + The template will be used to create a new ResourceClaim, which will + be bound to this pod. When this pod is deleted, the ResourceClaim + will also be deleted. The pod name and resource name, along with a + generated component, will be used to form a unique name for the + ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. + + + This field is immutable and no changes will be made to the + corresponding ResourceClaim by the control plane after creating the + ResourceClaim. type: string type: object required: @@ -5930,41 +5511,44 @@ spec: - name x-kubernetes-list-type: map restartPolicy: - description: 'Restart policy for all containers within - the pod. One of Always, OnFailure, Never. In some contexts, - only a subset of those values may be permitted. Default - to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy' + description: |- + Restart policy for all containers within the pod. + One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. + Default to Always. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy type: string runtimeClassName: - description: 'RuntimeClassName refers to a RuntimeClass - object in the node.k8s.io group, which should be used - to run this pod. If no RuntimeClass resource matches - the named class, the pod will not be run. If unset or - empty, the "legacy" RuntimeClass will be used, which - is an implicit class with an empty definition that uses - the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class' + description: |- + RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used + to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. + If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an + empty definition that uses the default runtime handler. + More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class type: string schedulerName: - description: If specified, the pod will be dispatched - by specified scheduler. If not specified, the pod will - be dispatched by default scheduler. + description: |- + If specified, the pod will be dispatched by specified scheduler. + If not specified, the pod will be dispatched by default scheduler. type: string schedulingGates: - description: "SchedulingGates is an opaque list of values - that if specified will block scheduling the pod. If - schedulingGates is not empty, the pod will stay in the - SchedulingGated state and the scheduler will not attempt - to schedule the pod. \n SchedulingGates can only be - set at pod creation time, and be removed only afterwards. - \n This is a beta feature enabled by the PodSchedulingReadiness - feature gate." + description: |- + SchedulingGates is an opaque list of values that if specified will block scheduling the pod. + If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the + scheduler will not attempt to schedule the pod. + + + SchedulingGates can only be set at pod creation time, and be removed only afterwards. + + + This is a beta feature enabled by the PodSchedulingReadiness feature gate. items: description: PodSchedulingGate is associated to a Pod to guard its scheduling. properties: name: - description: Name of the scheduling gate. Each scheduling - gate must have a unique name field. + description: |- + Name of the scheduling gate. + Each scheduling gate must have a unique name field. type: string required: - name @@ -5974,75 +5558,73 @@ spec: - name x-kubernetes-list-type: map securityContext: - description: 'SecurityContext holds pod-level security - attributes and common container settings. Optional: - Defaults to empty. See type description for default - values of each field.' + description: |- + SecurityContext holds pod-level security attributes and common container settings. + Optional: Defaults to empty. See type description for default values of each field. properties: fsGroup: - description: "A special supplemental group that applies - to all containers in a pod. Some volume types allow - the Kubelet to change the ownership of that volume - to be owned by the pod: \n 1. The owning GID will - be the FSGroup 2. The setgid bit is set (new files - created in the volume will be owned by FSGroup) - 3. The permission bits are OR'd with rw-rw---- \n - If unset, the Kubelet will not modify the ownership - and permissions of any volume. Note that this field - cannot be set when spec.os.name is windows." + description: |- + A special supplemental group that applies to all containers in a pod. + Some volume types allow the Kubelet to change the ownership of that volume + to be owned by the pod: + + + 1. The owning GID will be the FSGroup + 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + 3. The permission bits are OR'd with rw-rw---- + + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer fsGroupChangePolicy: - description: 'fsGroupChangePolicy defines behavior - of changing ownership and permission of the volume - before being exposed inside Pod. This field will - only apply to volume types which support fsGroup - based ownership(and permissions). It will have no - effect on ephemeral volume types such as: secret, - configmaps and emptydir. Valid values are "OnRootMismatch" - and "Always". If not specified, "Always" is used. - Note that this field cannot be set when spec.os.name - is windows.' + description: |- + fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + before being exposed inside Pod. This field will only apply to + volume types which support fsGroup based ownership(and permissions). + It will have no effect on ephemeral volume types such as: secret, configmaps + and emptydir. + Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + Note that this field cannot be set when spec.os.name is windows. type: string runAsGroup: - description: The GID to run the entrypoint of the - container process. Uses runtime default if unset. - May also be set in SecurityContext. If set in both - SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence for - that container. Note that this field cannot be set - when spec.os.name is windows. + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence + for that container. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer runAsNonRoot: - description: Indicates that the container must run - as a non-root user. If true, the Kubelet will validate - the image at runtime to ensure that it does not - run as UID 0 (root) and fail to start the container - if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: boolean runAsUser: - description: The UID to run the entrypoint of the - container process. Defaults to user specified in - image metadata if unspecified. May also be set in - SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. Note that this - field cannot be set when spec.os.name is windows. + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence + for that container. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer seLinuxOptions: - description: The SELinux context to be applied to - all containers. If unspecified, the container runtime - will allocate a random SELinux context for each - container. May also be set in SecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence - for that container. Note that this field cannot - be set when spec.os.name is windows. + description: |- + The SELinux context to be applied to all containers. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in SecurityContext. If set in + both SecurityContext and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + Note that this field cannot be set when spec.os.name is windows. properties: level: description: Level is SELinux level label that @@ -6062,52 +5644,48 @@ spec: type: string type: object seccompProfile: - description: The seccomp options to use by the containers - in this pod. Note that this field cannot be set - when spec.os.name is windows. + description: |- + The seccomp options to use by the containers in this pod. + Note that this field cannot be set when spec.os.name is windows. properties: localhostProfile: - description: localhostProfile indicates a profile - defined in a file on the node should be used. - The profile must be preconfigured on the node - to work. Must be a descending path, relative - to the kubelet's configured seccomp profile - location. Must be set if type is "Localhost". - Must NOT be set for any other type. + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: - description: "type indicates which kind of seccomp - profile will be applied. Valid options are: - \n Localhost - a profile defined in a file on - the node should be used. RuntimeDefault - the - container runtime default profile should be - used. Unconfined - no profile should be applied." + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. type: string required: - type type: object supplementalGroups: - description: A list of groups applied to the first - process run in each container, in addition to the - container's primary GID, the fsGroup (if specified), - and group memberships defined in the container image - for the uid of the container process. If unspecified, - no additional groups are added to any container. - Note that group memberships defined in the container - image for the uid of the container process are still - effective, even if they are not included in this - list. Note that this field cannot be set when spec.os.name - is windows. + description: |- + A list of groups applied to the first process run in each container, in addition + to the container's primary GID, the fsGroup (if specified), and group memberships + defined in the container image for the uid of the container process. If unspecified, + no additional groups are added to any container. Note that group memberships + defined in the container image for the uid of the container process are still effective, + even if they are not included in this list. + Note that this field cannot be set when spec.os.name is windows. items: format: int64 type: integer type: array sysctls: - description: Sysctls hold a list of namespaced sysctls - used for the pod. Pods with unsupported sysctls - (by the container runtime) might fail to launch. - Note that this field cannot be set when spec.os.name - is windows. + description: |- + Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + sysctls (by the container runtime) might fail to launch. + Note that this field cannot be set when spec.os.name is windows. items: description: Sysctl defines a kernel parameter to be set @@ -6124,180 +5702,158 @@ spec: type: object type: array windowsOptions: - description: The Windows specific settings applied - to all containers. If unspecified, the options within - a container's SecurityContext will be used. If set - in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name - is linux. + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options within a container's SecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. properties: gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA - admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential - spec named by the GMSACredentialSpecName field. + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name of the GMSA credential spec to use. type: string hostProcess: - description: HostProcess determines if a container - should be run as a 'Host Process' container. - All of a Pod's containers must have the same - effective HostProcess value (it is not allowed - to have a mix of HostProcess containers and - non-HostProcess containers). In addition, if - HostProcess is true then HostNetwork must also - be set to true. + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. type: boolean runAsUserName: - description: The UserName in Windows to run the - entrypoint of the container process. Defaults - to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set - in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: string type: object type: object serviceAccount: - description: 'DeprecatedServiceAccount is a depreciated - alias for ServiceAccountName. Deprecated: Use serviceAccountName - instead.' + description: |- + DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. + Deprecated: Use serviceAccountName instead. type: string serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' + description: |- + ServiceAccountName is the name of the ServiceAccount to use to run this pod. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ type: string setHostnameAsFQDN: - description: If true the pod's hostname will be configured - as the pod's FQDN, rather than the leaf name (the default). - In Linux containers, this means setting the FQDN in - the hostname field of the kernel (the nodename field - of struct utsname). In Windows containers, this means - setting the registry value of hostname for the registry - key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters - to FQDN. If a pod does not have FQDN, this has no effect. + description: |- + If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). + In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). + In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. + If a pod does not have FQDN, this has no effect. Default to false. type: boolean shareProcessNamespace: - description: 'Share a single process namespace between - all of the containers in a pod. When this is set containers - will be able to view and signal processes from other - containers in the same pod, and the first process in - each container will not be assigned PID 1. HostPID and - ShareProcessNamespace cannot both be set. Optional: - Default to false.' + description: |- + Share a single process namespace between all of the containers in a pod. + When this is set containers will be able to view and signal processes from other containers + in the same pod, and the first process in each container will not be assigned PID 1. + HostPID and ShareProcessNamespace cannot both be set. + Optional: Default to false. type: boolean subdomain: - description: If specified, the fully qualified Pod hostname - will be "...svc.". If not specified, the pod will not have a - domainname at all. + description: |- + If specified, the fully qualified Pod hostname will be "...svc.". + If not specified, the pod will not have a domainname at all. type: string terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully. May be decreased in delete - request. Value must be non-negative integer. The value - zero indicates stop immediately via the kill signal - (no opportunity to shut down). If this value is nil, - the default grace period will be used instead. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and - the time when the processes are forcibly halted with - a kill signal. Set this value longer than the expected - cleanup time for your process. Defaults to 30 seconds. + description: |- + Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + If this value is nil, the default grace period will be used instead. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + Defaults to 30 seconds. format: int64 type: integer tolerations: description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to - tolerates any taint that matches the triple - using the matching operator . + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . properties: effect: - description: Effect indicates the taint effect to - match. Empty means match all taint effects. When - specified, allowed values are NoSchedule, PreferNoSchedule - and NoExecute. + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; - this combination means to match all values and - all keys. + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints - of a particular category. + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect - NoExecute, otherwise this field is ignored) tolerates - the taint. By default, it is not set, which means - tolerate the taint forever (do not evict). Zero - and negative values will be treated as 0 (evict - immediately) by the system. + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value - should be empty, otherwise just a regular string. + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object type: array topologySpreadConstraints: - description: TopologySpreadConstraints describes how a - group of pods ought to spread across topology domains. - Scheduler will schedule pods in a way which abides by - the constraints. All topologySpreadConstraints are ANDed. + description: |- + TopologySpreadConstraints describes how a group of pods ought to spread across topology + domains. Scheduler will schedule pods in a way which abides by the constraints. + All topologySpreadConstraints are ANDed. items: description: TopologySpreadConstraint specifies how to spread matching pods among the given topology. properties: labelSelector: - description: LabelSelector is used to find matching - pods. Pods that match this label selector are - counted to determine the number of pods in their - corresponding topology domain. + description: |- + LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine the number of pods + in their corresponding topology domain. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string @@ -6310,147 +5866,134 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: "MatchLabelKeys is a set of pod label - keys to select the pods over which spreading will - be calculated. The keys are used to lookup values - from the incoming pod labels, those key-value - labels are ANDed with labelSelector to select - the group of existing pods over which spreading - will be calculated for the incoming pod. The same - key is forbidden to exist in both MatchLabelKeys - and LabelSelector. MatchLabelKeys cannot be set - when LabelSelector isn't set. Keys that don't - exist in the incoming pod labels will be ignored. - A null or empty list means only match against - labelSelector. \n This is a beta field and requires - the MatchLabelKeysInPodTopologySpread feature - gate to be enabled (enabled by default)." + description: |- + MatchLabelKeys is a set of pod label keys to select the pods over which + spreading will be calculated. The keys are used to lookup values from the + incoming pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't set. + Keys that don't exist in the incoming pod labels will + be ignored. A null or empty list means only match against labelSelector. + + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). items: type: string type: array x-kubernetes-list-type: atomic maxSkew: - description: 'MaxSkew describes the degree to which - pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, - it is the maximum permitted difference between - the number of matching pods in the target topology - and the global minimum. The global minimum is - the minimum number of matching pods in an eligible - domain or zero if the number of eligible domains - is less than MinDomains. For example, in a 3-zone - cluster, MaxSkew is set to 1, and pods with the - same labelSelector spread as 2/2/1: In this case, - the global minimum is 1. | zone1 | zone2 | zone3 - | | P P | P P | P | - if MaxSkew is 1, - incoming pod can only be scheduled to zone3 to - become 2/2/2; scheduling it onto zone1(zone2) - would make the ActualSkew(3-1) on zone1(zone2) - violate MaxSkew(1). - if MaxSkew is 2, incoming - pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, - it is used to give higher precedence to topologies - that satisfy it. It''s a required field. Default - value is 1 and 0 is not allowed.' + description: |- + MaxSkew describes the degree to which pods may be unevenly distributed. + When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + between the number of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods in an eligible domain + or zero if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + to topologies that satisfy it. + It's a required field. Default value is 1 and 0 is not allowed. format: int32 type: integer minDomains: - description: "MinDomains indicates a minimum number - of eligible domains. When the number of eligible - domains with matching topology keys is less than - minDomains, Pod Topology Spread treats \"global - minimum\" as 0, and then the calculation of Skew - is performed. And when the number of eligible - domains with matching topology keys equals or - greater than minDomains, this value has no effect - on scheduling. As a result, when the number of - eligible domains is less than minDomains, scheduler - won't schedule more than maxSkew Pods to those - domains. If value is nil, the constraint behaves - as if MinDomains is equal to 1. Valid values are - integers greater than 0. When value is not nil, - WhenUnsatisfiable must be DoNotSchedule. \n For - example, in a 3-zone cluster, MaxSkew is set to - 2, MinDomains is set to 5 and pods with the same - labelSelector spread as 2/2/2: | zone1 | zone2 - | zone3 | | P P | P P | P P | The number - of domains is less than 5(MinDomains), so \"global - minimum\" is treated as 0. In this situation, - new pod with the same labelSelector cannot be - scheduled, because computed skew will be 3(3 - - 0) if new Pod is scheduled to any of the three - zones, it will violate MaxSkew. \n This is a beta - field and requires the MinDomainsInPodTopologySpread - feature gate to be enabled (enabled by default)." + description: |- + MinDomains indicates a minimum number of eligible domains. + When the number of eligible domains with matching topology keys is less than minDomains, + Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + And when the number of eligible domains with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. + As a result, when the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains is equal to 1. + Valid values are integers greater than 0. + When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | + The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + In this situation, new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + it will violate MaxSkew. + + + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). format: int32 type: integer nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we - will treat Pod's nodeAffinity/nodeSelector when - calculating pod topology spread skew. Options - are: - Honor: only nodes matching nodeAffinity/nodeSelector - are included in the calculations. - Ignore: nodeAffinity/nodeSelector - are ignored. All nodes are included in the calculations. - \n If this value is nil, the behavior is equivalent - to the Honor policy. This is a beta-level feature - default enabled by the NodeInclusionPolicyInPodTopologySpread - feature flag." + description: |- + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + + If this value is nil, the behavior is equivalent to the Honor policy. + This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we - will treat node taints when calculating pod topology - spread skew. Options are: - Honor: nodes without - taints, along with tainted nodes for which the - incoming pod has a toleration, are included. - - Ignore: node taints are ignored. All nodes are - included. \n If this value is nil, the behavior - is equivalent to the Ignore policy. This is a - beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread - feature flag." + description: |- + NodeTaintsPolicy indicates how we will treat node taints when calculating + pod topology spread skew. Options are: + - Honor: nodes without taints, along with tainted nodes for which the incoming pod + has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + + + If this value is nil, the behavior is equivalent to the Ignore policy. + This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string topologyKey: - description: TopologyKey is the key of node labels. - Nodes that have a label with this key and identical - values are considered to be in the same topology. - We consider each as a "bucket", and - try to put balanced number of pods into each bucket. - We define a domain as a particular instance of - a topology. Also, we define an eligible domain - as a domain whose nodes meet the requirements - of nodeAffinityPolicy and nodeTaintsPolicy. e.g. - If TopologyKey is "kubernetes.io/hostname", each - Node is a domain of that topology. And, if TopologyKey - is "topology.kubernetes.io/zone", each zone is - a domain of that topology. It's a required field. + description: |- + TopologyKey is the key of node labels. Nodes that have a label with this key + and identical values are considered to be in the same topology. + We consider each as a "bucket", and try to put balanced number + of pods into each bucket. + We define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + It's a required field. type: string whenUnsatisfiable: - description: 'WhenUnsatisfiable indicates how to - deal with a pod if it doesn''t satisfy the spread - constraint. - DoNotSchedule (default) tells the - scheduler not to schedule it. - ScheduleAnyway - tells the scheduler to schedule the pod in any - location, but giving higher precedence to topologies - that would help reduce the skew. A constraint - is considered "Unsatisfiable" for an incoming - pod if and only if every possible node assignment - for that pod would violate "MaxSkew" on some topology. - For example, in a 3-zone cluster, MaxSkew is set - to 1, and pods with the same labelSelector spread - as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | - If WhenUnsatisfiable is set to DoNotSchedule, - incoming pod can only be scheduled to zone2(zone3) - to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) - satisfies MaxSkew(1). In other words, the cluster - can still be imbalanced, but scheduler won''t - make it *more* imbalanced. It''s a required field.' + description: |- + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + the spread constraint. + - DoNotSchedule (default) tells the scheduler not to schedule it. + - ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. + A constraint is considered "Unsatisfiable" for an incoming pod + if and only if every possible node assignment for that pod would violate + "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | + | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + won't make it *more* imbalanced. + It's a required field. type: string required: - maxSkew @@ -6463,47 +6006,44 @@ spec: - whenUnsatisfiable x-kubernetes-list-type: map volumes: - description: 'List of volumes that can be mounted by containers - belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' + description: |- + List of volumes that can be mounted by containers belonging to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes items: description: Volume represents a named volume in a pod that may be accessed by any container in the pod. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an - AWS Disk resource that is attached to a kubelet''s - host machine and then exposed to the pod. More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: |- + awsElasticBlockStore represents an AWS Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore properties: fsType: - description: 'fsType is the filesystem type - of the volume that you want to mount. Tip: - Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: - description: 'partition is the partition in - the volume that you want to mount. If omitted, - the default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty).' + description: |- + partition is the partition in the volume that you want to mount. + If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition as "1". + Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). format: int32 type: integer readOnly: - description: 'readOnly value true will force - the readOnly setting in VolumeMounts. More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: |- + readOnly value true will force the readOnly setting in VolumeMounts. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). - More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: |- + volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore type: string required: - volumeID @@ -6525,11 +6065,10 @@ spec: in the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the - host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. + description: |- + fsType is Filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string kind: description: 'kind expected values are Shared: @@ -6539,9 +6078,9 @@ spec: set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: |- + readOnly Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean required: - diskName @@ -6553,9 +6092,9 @@ spec: pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretName: description: secretName is the name of secret @@ -6574,9 +6113,9 @@ spec: the host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors - is a collection of Ceph monitors More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + monitors is Required: Monitors is a collection of Ceph monitors + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it items: type: string type: array @@ -6586,70 +6125,72 @@ spec: default is /' type: string readOnly: - description: 'readOnly is Optional: Defaults - to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default - is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it type: string secretRef: - description: 'secretRef is Optional: SecretRef - is reference to the authentication secret - for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the - rados user name, default is admin More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + user is optional: User is the rados user name, default is admin + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume - attached and mounted on kubelets host machine. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + cinder represents a cinder volume attached and mounted on kubelets host machine. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md properties: fsType: - description: 'fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md type: boolean secretRef: - description: 'secretRef is optional: points - to a secret object containing parameters used - to connect to OpenStack.' + description: |- + secretRef is optional: points to a secret object containing parameters used to connect + to OpenStack. properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the - volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + volumeID used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md type: string required: - volumeID @@ -6659,31 +6200,25 @@ spec: should populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode - bits used to set permissions on created files - by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. - This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + description: |- + defaultMode is optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, the - volume setup will error unless it is marked - optional. Paths must be relative and may not - contain the '..' path or start with '..'. + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. @@ -6692,26 +6227,21 @@ spec: description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 - and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. If not specified, - the volume defaultMode will be used. - This might be in conflict with other - options that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative path - of the file to map the key to. May not - be an absolute path. May not contain - the path element '..'. May not start - with the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key @@ -6719,10 +6249,10 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -6736,47 +6266,43 @@ spec: CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your - admin for the correct name as registered in - the cluster. + description: |- + driver is the name of the CSI driver that handles this volume. + Consult with your admin for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is - passed to the associated CSI driver which - will determine the default filesystem to apply. + description: |- + fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the associated CSI driver + which will determine the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive - information to pass to the CSI driver to complete - the CSI NodePublishVolume and NodeUnpublishVolume - calls. This field is optional, and may be - empty if no secret is required. If the secret - object contains more than one secret, all - secret references are passed. + description: |- + nodePublishSecretRef is a reference to the secret object containing + sensitive information to pass to the CSI driver to complete the CSI + NodePublishVolume and NodeUnpublishVolume calls. + This field is optional, and may be empty if no secret is required. If the + secret object contains more than one secret, all secret references are passed. properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only - configuration for the volume. Defaults to - false (read/write). + description: |- + readOnly specifies a read-only configuration for the volume. + Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. + description: |- + volumeAttributes stores driver-specific properties that are passed to the CSI + driver. Consult your driver's documentation for supported values. type: object required: - driver @@ -6786,18 +6312,15 @@ spec: about the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on - created files by default. Must be a Optional: - mode bits used to set permissions on created - files by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. - This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + description: |- + Optional: mode bits to use on created files by default. Must be a + Optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer items: @@ -6827,18 +6350,13 @@ spec: type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used - to set permissions on this file, must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. - YAML accepts both octal and decimal - values, JSON requires decimal values - for mode bits. If not specified, the - volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits - set.' + description: |- + Optional: mode bits used to set permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: @@ -6850,11 +6368,9 @@ spec: must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and - requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) are - currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. properties: containerName: description: 'Container name: required @@ -6883,128 +6399,125 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + emptyDir represents a temporary directory that shares a pod's lifetime. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir properties: medium: - description: 'medium represents what type of - storage medium should back this directory. - The default is "" which means to use the node''s - default medium. Must be an empty string (default) - or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount - of local storage required for this EmptyDir - volume. The size limit is also applicable - for memory medium. The maximum usage on memory - medium EmptyDir would be the minimum value - between the SizeLimit specified here and the - sum of memory limits of all containers in - a pod. The default is nil which means that - the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that - is handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - - it will be created before the pod starts, and - deleted when the pod is removed. \n Use this if: + description: |- + ephemeral represents a volume that is handled by a cluster storage driver. + The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + and deleted when the pod is removed. + + + Use this if: a) the volume is only needed while the pod runs, - b) features of normal volumes like restoring from - snapshot or capacity tracking are needed, c) the - storage driver is specified through a storage - class, and d) the storage driver supports dynamic - volume provisioning through a PersistentVolumeClaim - (see EphemeralVolumeSource for more information - on the connection between this volume type and - PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes - that persist for longer than the lifecycle of - an individual pod. \n Use CSI for light-weight - local ephemeral volumes if the CSI driver is meant - to be used that way - see the documentation of - the driver for more information. \n A pod can - use both types of ephemeral volumes and persistent - volumes at the same time." + b) features of normal volumes like restoring from snapshot or capacity + tracking are needed, + c) the storage driver is specified through a storage class, and + d) the storage driver supports dynamic volume provisioning through + a PersistentVolumeClaim (see EphemeralVolumeSource for more + information on the connection between this volume type + and PersistentVolumeClaim). + + + Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the lifecycle + of an individual pod. + + + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + be used that way - see the documentation of the driver for + more information. + + + A pod can use both types of ephemeral volumes and + persistent volumes at the same time. properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will - be the owner of the PVC, i.e. the PVC will - be deleted together with the pod. The name - of the PVC will be `-` - where `` is the name from the - `PodSpec.Volumes` array entry. Pod validation - will reject the pod if the concatenated name + description: |- + Will be used to create a stand-alone PVC to provision the volume. + The pod in which this EphemeralVolumeSource is embedded will be the + owner of the PVC, i.e. the PVC will be deleted together with the + pod. The name of the PVC will be `-` where + `` is the name from the `PodSpec.Volumes` array + entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - \n An existing PVC with that name that is - not owned by the pod will *not* be used for - the pod to avoid using an unrelated volume - by mistake. Starting the pod is then blocked - until the unrelated PVC is removed. If such - a pre-created PVC is meant to be used by the - pod, the PVC has to updated with an owner - reference to the pod once the pod exists. - Normally this should not be necessary, but - it may be useful when manually reconstructing - a broken cluster. \n This field is read-only - and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." + + + An existing PVC with that name that is not owned by the pod + will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created PVC is + meant to be used by the pod, the PVC has to updated with an + owner reference to the pod once the pod exists. Normally + this should not be necessary, but it may be useful when + manually reconstructing a broken cluster. + + + This field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. + + + Required, must not be nil. properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when - creating it. No other fields are allowed - and will be rejected during validation. + description: |- + May contain labels and annotations that will be copied into the PVC + when creating it. No other fields are allowed and will be rejected during + validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged - into the PVC that gets created from this + description: |- + The specification for the PersistentVolumeClaim. The entire content is + copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. properties: accessModes: - description: 'accessModes contains the - desired access modes the volume should - have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 items: type: string type: array dataSource: - description: 'dataSource field can be - used to specify either: * An existing - VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external - controller can support the specified - data source, it will create a new - volume based on the contents of the - specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource - contents will be copied to dataSourceRef, - and dataSourceRef contents will be - copied to dataSource when dataSourceRef.namespace - is not specified. If the namespace - is specified, then dataSourceRef will - not be copied to dataSource.' + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, - the specified Kind must be in - the core API group. For any other - third-party types, APIGroup is - required. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of @@ -7020,57 +6533,36 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate - the volume with data, if a non-empty - volume is desired. This may be any - object from a non-empty API group - (non core object) or a PersistentVolumeClaim - object. When this field is specified, - volume binding will only succeed if - the type of the specified object matches - some installed volume populator or - dynamic provisioner. This field will - replace the functionality of the dataSource - field and as such if both fields are - non-empty, they must have the same - value. For backwards compatibility, - when namespace isn''t specified in - dataSourceRef, both fields (dataSource - and dataSourceRef) will be set to - the same value automatically if one - of them is empty and the other is - non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t - set to the same value and must be - empty. There are three important differences - between dataSource and dataSourceRef: - * While dataSource only allows two - specific types of objects, dataSourceRef - allows any non-core object, as well - as PersistentVolumeClaim objects. - * While dataSource ignores disallowed - values (dropping them), dataSourceRef - preserves all values, and generates - an error if a disallowed value is - specified. * While dataSource only - allows local objects, dataSourceRef - allows objects in any namespaces. - (Beta) Using this field requires the - AnyVolumeDataSource feature gate to - be enabled. (Alpha) Using the namespace - field of dataSourceRef requires the - CrossNamespaceVolumeDataSource feature - gate to be enabled.' + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, - the specified Kind must be in - the core API group. For any other - third-party types, APIGroup is - required. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of @@ -7081,53 +6573,43 @@ spec: resource being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. - See the ReferenceGrant documentation - for details. (Alpha) This field - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the - minimum resources the volume should - have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements that - are lower than previous value but - must still be higher than capacity - recorded in the status field of the - claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - \n This is an alpha field and - requires enabling the DynamicResourceAllocation - feature gate. \n This field is - immutable. It can only be set - for containers." + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match - the name of one entry in - pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -7143,9 +6625,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the - maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -7154,15 +6636,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes - the minimum amount of compute - resources required. If Requests - is omitted for a container, it - defaults to Limits if that is - explicitly specified, otherwise - to an implementation-defined value. - Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: @@ -7174,11 +6652,9 @@ spec: a list of label selector requirements. The requirements are ANDed. items: - description: A label selector - requirement is a selector that - contains values, a key, and - an operator that relates the - key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label @@ -7186,23 +6662,16 @@ spec: to. type: string operator: - description: operator represents - a key's relationship to - a set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an - array of string values. - If the operator is In or - NotIn, the values array - must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be - empty. This array is replaced - during a strategic merge - patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -7214,28 +6683,22 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single - {key,value} in the matchLabels - map is equivalent to an element - of matchExpressions, whose key - field is "key", the operator is - "In", and the values array contains - only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the - name of the StorageClass required - by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 type: string volumeMode: - description: volumeMode defines what - type of volume is required by the - claim. Value of Filesystem is implied - when not included in claim spec. + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. type: string volumeName: description: volumeName is the binding @@ -7253,12 +6716,11 @@ spec: then exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. TODO: how do we prevent errors - in the filesystem from compromising the machine' + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun @@ -7266,9 +6728,9 @@ spec: format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults - to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' + description: |- + readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean targetWWNs: description: 'targetWWNs is Optional: FC target @@ -7277,29 +6739,27 @@ spec: type: string type: array wwids: - description: 'wwids Optional: FC volume world - wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not - both simultaneously.' + description: |- + wwids Optional: FC volume world wide identifiers (wwids) + Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an - exec based plugin. + description: |- + flexVolume represents a generic volume resource that is + provisioned/attached using an exec based plugin. properties: driver: description: driver is the name of the driver to use for this volume. type: string fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". The default filesystem depends - on FlexVolume script. + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. type: string options: additionalProperties: @@ -7308,24 +6768,23 @@ spec: holds extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults - to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' + description: |- + readOnly is Optional: defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretRef: - description: 'secretRef is Optional: secretRef - is reference to the secret object containing - sensitive information to pass to the plugin - scripts. This may be empty if no secret object - is specified. If the secret object contains - more than one secret, all secrets are passed - to the plugin scripts.' + description: |- + secretRef is Optional: secretRef is reference to the secret object containing + sensitive information to pass to the plugin scripts. This may be + empty if no secret object is specified. If the secret object + contains more than one secret, all secrets are passed to the plugin + scripts. properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7338,9 +6797,9 @@ spec: on the Flocker control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset - for Flocker should be considered as deprecated + description: |- + datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + should be considered as deprecated type: string datasetUUID: description: datasetUUID is the UUID of the @@ -7349,59 +6808,55 @@ spec: type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE - Disk resource that is attached to a kubelet''s - host machine and then exposed to the pod. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + gcePersistentDisk represents a GCE Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk properties: fsType: - description: 'fsType is filesystem type of the - volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' + description: |- + fsType is filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: - description: 'partition is the partition in - the volume that you want to mount. If omitted, - the default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + partition is the partition in the volume that you want to mount. + If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition as "1". + Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk format: int32 type: integer pdName: - description: 'pdName is unique name of the PD - resource in GCE. Used to identify the disk - in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo - is deprecated. To provision a container with a - git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount the - EmptyDir into the Pod''s container.' + description: |- + gitRepo represents a git repository at a particular revision. + DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + into the Pod's container. properties: directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory will - be the git repository. Otherwise, if specified, - the volume will contain the git repository - in the subdirectory with the given name. + description: |- + directory is the target directory name. + Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + git repository. Otherwise, if specified, the volume will contain the git repository in + the subdirectory with the given name. type: string repository: description: repository is the URL @@ -7414,55 +6869,61 @@ spec: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More - info: https://examples.k8s.io/volumes/glusterfs/README.md' + description: |- + glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: - description: 'endpoints is the endpoint name - that details Glusterfs topology. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + endpoints is the endpoint name that details Glusterfs topology. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + Defaults to false. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing - file or directory on the host machine that is - directly exposed to the container. This is generally - used for system agents or other privileged things - that are allowed to see the host machine. Most - containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can - use host directory mounts and who can/can not - mount host directories as read/write.' + description: |- + hostPath represents a pre-existing file or directory on the host + machine that is directly exposed to the container. This is generally + used for system agents or other privileged things that are allowed + to see the host machine. Most containers will NOT need this. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the - link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: |- + path of the directory on the host. + If the path is a symlink, it will follow the link to the real path. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: |- + type for HostPath Volume + Defaults to "" + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + description: |- + iscsi represents an ISCSI Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://examples.k8s.io/volumes/iscsi/README.md properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether @@ -7473,30 +6934,27 @@ spec: support iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type - of the volume that you want to mount. Tip: - Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: - description: initiatorName is the custom iSCSI - Initiator Name. If initiatorName is specified - with iscsiInterface simultaneously, new iSCSI - interface : will - be created for the connection. + description: |- + initiatorName is the custom iSCSI Initiator Name. + If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + : will be created for the connection. type: string iqn: description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface - Name that uses an iSCSI transport. Defaults - to 'default' (tcp). + description: |- + iscsiInterface is the interface Name that uses an iSCSI transport. + Defaults to 'default' (tcp). type: string lun: description: lun represents iSCSI Target Lun @@ -7504,34 +6962,33 @@ spec: format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). + description: |- + portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. type: boolean secretRef: description: secretRef is the CHAP Secret for iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). + description: |- + targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and 3260). type: string required: - iqn @@ -7539,44 +6996,51 @@ spec: - targetPortal type: object name: - description: 'name of the volume. Must be a DNS_LABEL - and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + name of the volume. + Must be a DNS_LABEL and unique within the pod. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string nfs: - description: 'nfs represents an NFS mount on the - host that shares a pod''s lifetime More info: - https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + nfs represents an NFS mount on the host that shares a pod's lifetime + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs properties: path: - description: 'path that is exported by the NFS - server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs type: string readOnly: - description: 'readOnly here will force the NFS - export to be mounted with read-only permissions. - Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + readOnly here will force the NFS export to be mounted with read-only permissions. + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + server is the hostname or IP address of the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource - represents a reference to a PersistentVolumeClaim - in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + description: |- + persistentVolumeClaimVolumeSource represents a reference to a + PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this - volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + description: |- + claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims type: string readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. + description: |- + readOnly Will force the ReadOnly setting in VolumeMounts. + Default false. type: boolean required: - claimName @@ -7587,11 +7051,10 @@ spec: host machine properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string pdID: description: pdID is the ID that identifies @@ -7605,16 +7068,15 @@ spec: volume attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs". Implicitly inferred to be "ext4" if - unspecified. + description: |- + fSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean volumeID: description: volumeID uniquely identifies a @@ -7628,16 +7090,13 @@ spec: secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. Directories - within the path are not affected by this setting. - This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set. + description: |- + defaultMode are the mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer sources: @@ -7651,21 +7110,14 @@ spec: the configMap data to project properties: items: - description: items if unspecified, - each key-value pair in the Data - field of the referenced ConfigMap - will be projected into the volume - as a file whose name is the key - and content is the value. If specified, - the listed keys will be projected - into the specified paths, and unlisted - keys will not be present. If a key - is specified which is not present - in the ConfigMap, the volume setup - will error unless it is marked optional. - Paths must be relative and may not - contain the '..' path or start with - '..'. + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. @@ -7675,30 +7127,21 @@ spec: to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts both - octal and decimal values, - JSON requires decimal values - for mode bits. If not specified, - the volume defaultMode will - be used. This might be in - conflict with other options - that affect the file mode, - like fsGroup, and the result - can be other mode bits set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the - path element '..'. May not - start with the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key @@ -7706,10 +7149,10 @@ spec: type: object type: array name: - description: 'Name of the referent. + description: |- + Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether @@ -7752,21 +7195,13 @@ spec: type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode - bits used to set permissions - on this file, must be an octal - value between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts both - octal and decimal values, - JSON requires decimal values - for mode bits. If not specified, - the volume defaultMode will - be used. This might be in - conflict with other options - that affect the file mode, - like fsGroup, and the result - can be other mode bits set.' + description: |- + Optional: mode bits used to set permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: @@ -7780,12 +7215,9 @@ spec: start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are currently - supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. properties: containerName: description: 'Container @@ -7820,21 +7252,14 @@ spec: the secret data to project properties: items: - description: items if unspecified, - each key-value pair in the Data - field of the referenced Secret will - be projected into the volume as - a file whose name is the key and - content is the value. If specified, - the listed keys will be projected - into the specified paths, and unlisted - keys will not be present. If a key - is specified which is not present - in the Secret, the volume setup - will error unless it is marked optional. - Paths must be relative and may not - contain the '..' path or start with - '..'. + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + Secret will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. @@ -7844,30 +7269,21 @@ spec: to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts both - octal and decimal values, - JSON requires decimal values - for mode bits. If not specified, - the volume defaultMode will - be used. This might be in - conflict with other options - that affect the file mode, - like fsGroup, and the result - can be other mode bits set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the - path element '..'. May not - start with the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key @@ -7875,10 +7291,10 @@ spec: type: object type: array name: - description: 'Name of the referent. + description: |- + Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify @@ -7893,34 +7309,26 @@ spec: project properties: audience: - description: audience is the intended - audience of the token. A recipient - of a token must identify itself - with an identifier specified in - the audience of the token, and otherwise - should reject the token. The audience - defaults to the identifier of the - apiserver. + description: |- + audience is the intended audience of the token. A recipient of a token + must identify itself with an identifier specified in the audience of the + token, and otherwise should reject the token. The audience defaults to the + identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is - the requested duration of validity - of the service account token. As - the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. - The kubelet will start trying to - rotate the token if the token is - older than 80 percent of its time - to live or if the token is older - than 24 hours.Defaults to 1 hour + description: |- + expirationSeconds is the requested duration of validity of the service + account token. As the token approaches expiration, the kubelet volume + plugin will proactively rotate the service account token. The kubelet will + start trying to rotate the token if the token is older than 80 percent of + its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to - project the token into. + description: |- + path is the path relative to the mount point of the file to project the + token into. type: string required: - path @@ -7933,30 +7341,30 @@ spec: on the host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group + description: |- + group to map volume access to + Default is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. + description: |- + readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false. type: boolean registry: - description: registry represents a single or - multiple Quobyte Registry services specified - as a string as host:port pair (multiple entries - are separated with commas) which acts as the - central registry for volumes + description: |- + registry represents a single or multiple Quobyte Registry services + specified as a string as host:port pair (multiple entries are separated with commas) + which acts as the central registry for volumes type: string tenant: - description: tenant owning the given Quobyte - volume in the Backend Used with dynamically - provisioned Quobyte volumes, value is set - by the plugin + description: |- + tenant owning the given Quobyte volume in the Backend + Used with dynamically provisioned Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user + description: |- + user to map volume access to + Defaults to serivceaccount user type: string volume: description: volume is a string that references @@ -7967,60 +7375,68 @@ spec: - volume type: object rbd: - description: 'rbd represents a Rados Block Device - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md' + description: |- + rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: - description: 'fsType is the filesystem type - of the volume that you want to mount. Tip: - Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: - description: 'image is the rados image name. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string keyring: - description: 'keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string monitors: - description: 'monitors is a collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + pool is the rados pool name. + Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides - keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + secretRef is name of the authentication secret for RBDUser. If provided + overrides keyring. + Default is nil. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + user is the rados user name. + Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string required: - image @@ -8031,10 +7447,11 @@ spec: volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Default is "xfs". + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". + Default is "xfs". type: string gateway: description: gateway is the host address of @@ -8046,21 +7463,20 @@ spec: storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: |- + readOnly Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. + description: |- + secretRef references to the secret for ScaleIO user and other + sensitive information. If this is not provided, Login operation will fail. properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -8069,9 +7485,9 @@ spec: SSL communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. + description: |- + storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. type: string storagePool: description: storagePool is the ScaleIO Storage @@ -8082,9 +7498,9 @@ spec: system as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that - is associated with this volume source. + description: |- + volumeName is the name of a volume already created in the ScaleIO system + that is associated with this volume source. type: string required: - gateway @@ -8092,35 +7508,30 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + description: |- + secret represents a secret that should populate this volume. + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret properties: defaultMode: - description: 'defaultMode is Optional: mode - bits used to set permissions on created files - by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within - the path are not affected by this setting. - This might be in conflict with other options - that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + description: |- + defaultMode is Optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values + for mode bits. Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. + description: |- + items If unspecified, each key-value pair in the Data field of the referenced + Secret will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. @@ -8129,26 +7540,21 @@ spec: description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 - and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. If not specified, - the volume defaultMode will be used. - This might be in conflict with other - options that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative path - of the file to map the key to. May not - be an absolute path. May not contain - the path element '..'. May not start - with the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key @@ -8160,9 +7566,9 @@ spec: the Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the - secret in the pod''s namespace to use. More - info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + description: |- + secretName is the name of the secret in the pod's namespace to use. + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret type: string type: object storageos: @@ -8170,46 +7576,42 @@ spec: attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret - to use for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. + description: |- + secretRef specifies the secret to use for obtaining the StorageOS API + credentials. If not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume names - are only unique within a namespace. + description: |- + volumeName is the human-readable name of the StorageOS volume. Volume + names are only unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will - be used. This allows the Kubernetes name - scoping to be mirrored within StorageOS for - tighter integration. Set VolumeName to any - name to override the default behaviour. Set - to "default" if you are not using namespaces - within StorageOS. Namespaces that do not pre-exist - within StorageOS will be created. + description: |- + volumeNamespace specifies the scope of the volume within StorageOS. If no + namespace is specified then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + Set VolumeName to any name to override the default behaviour. + Set to "default" if you are not using namespaces within StorageOS. + Namespaces that do not pre-exist within StorageOS will be created. type: string type: object vsphereVolume: @@ -8217,11 +7619,10 @@ spec: volume attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the - host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. + description: |- + fsType is filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string storagePolicyID: description: storagePolicyID is the storage @@ -8248,14 +7649,14 @@ spec: type: object type: object ttlSecondsAfterFinished: - description: ttlSecondsAfterFinished limits the lifetime of a - Job that has finished execution (either Complete or Failed). - If this field is set, ttlSecondsAfterFinished after the Job - finishes, it is eligible to be automatically deleted. When the - Job is being deleted, its lifecycle guarantees (e.g. finalizers) - will be honored. If this field is unset, the Job won't be automatically - deleted. If this field is set to zero, the Job becomes eligible - to be deleted immediately after it finishes. + description: |- + ttlSecondsAfterFinished limits the lifetime of a Job that has finished + execution (either Complete or Failed). If this field is set, + ttlSecondsAfterFinished after the Job finishes, it is eligible to be + automatically deleted. When the Job is being deleted, its lifecycle + guarantees (e.g. finalizers) will be honored. If this field is unset, + the Job won't be automatically deleted. If this field is set to zero, + the Job becomes eligible to be deleted immediately after it finishes. format: int32 type: integer required: @@ -8305,9 +7706,9 @@ spec: description: ScaleTriggers reference the scaler that will be used properties: authenticationRef: - description: AuthenticationRef points to the TriggerAuthentication - or ClusterTriggerAuthentication object that is used to authenticate - the scaler with the environment + description: |- + AuthenticationRef points to the TriggerAuthentication or ClusterTriggerAuthentication object that + is used to authenticate the scaler with the environment properties: kind: description: Kind of the resource being referred to. Defaults @@ -8322,6 +7723,11 @@ spec: additionalProperties: type: string type: object + metricType: + description: |- + MetricTargetType specifies the type of metric being targeted, and should be either + "Value", "AverageValue", or "Utilization" + type: string name: type: string type: diff --git a/keda/templates/crds/crd-scaledobjects.yaml b/keda/templates/crds/crd-scaledobjects.yaml index e4dc4b8b..1b1a1a4d 100644 --- a/keda/templates/crds/crd-scaledobjects.yaml +++ b/keda/templates/crds/crd-scaledobjects.yaml @@ -62,14 +62,19 @@ spec: description: ScaledObject is a specification for a ScaledObject resource properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -84,31 +89,29 @@ spec: scale config properties: behavior: - description: HorizontalPodAutoscalerBehavior configures the - scaling behavior of the target in both Up and Down directions - (scaleUp and scaleDown fields respectively). + description: |- + HorizontalPodAutoscalerBehavior configures the scaling behavior of the target + in both Up and Down directions (scaleUp and scaleDown fields respectively). properties: scaleDown: - description: scaleDown is scaling policy for scaling Down. - If not set, the default value is to allow to scale down - to minReplicas pods, with a 300 second stabilization - window (i.e., the highest recommendation for the last - 300sec is used). + description: |- + scaleDown is scaling policy for scaling Down. + If not set, the default value is to allow to scale down to minReplicas pods, with a + 300 second stabilization window (i.e., the highest recommendation for + the last 300sec is used). properties: policies: - description: policies is a list of potential scaling - polices which can be used during scaling. At least - one policy must be specified, otherwise the HPAScalingRules - will be discarded as invalid + description: |- + policies is a list of potential scaling polices which can be used during scaling. + At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid items: description: HPAScalingPolicy is a single policy which must hold true for a specified past interval. properties: periodSeconds: - description: periodSeconds specifies the window - of time for which the policy should hold true. - PeriodSeconds must be greater than zero and - less than or equal to 1800 (30 min). + description: |- + periodSeconds specifies the window of time for which the policy should hold true. + PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). format: int32 type: integer type: @@ -116,9 +119,9 @@ spec: policy. type: string value: - description: value contains the amount of change - which is permitted by the policy. It must - be greater than zero + description: |- + value contains the amount of change which is permitted by the policy. + It must be greater than zero format: int32 type: integer required: @@ -129,45 +132,41 @@ spec: type: array x-kubernetes-list-type: atomic selectPolicy: - description: selectPolicy is used to specify which - policy should be used. If not set, the default value - Max is used. + description: |- + selectPolicy is used to specify which policy should be used. + If not set, the default value Max is used. type: string stabilizationWindowSeconds: - description: 'stabilizationWindowSeconds is the number - of seconds for which past recommendations should - be considered while scaling up or scaling down. - StabilizationWindowSeconds must be greater than - or equal to zero and less than or equal to 3600 - (one hour). If not set, use the default values: + description: |- + stabilizationWindowSeconds is the number of seconds for which past recommendations should be + considered while scaling up or scaling down. + StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). + If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - - For scale down: 300 (i.e. the stabilization window - is 300 seconds long).' + - For scale down: 300 (i.e. the stabilization window is 300 seconds long). format: int32 - maximum: 3600 - minimum: 0 type: integer type: object scaleUp: - description: 'scaleUp is scaling policy for scaling Up. - If not set, the default value is the higher of: * increase - no more than 4 pods per 60 seconds * double the number - of pods per 60 seconds No stabilization is used.' + description: |- + scaleUp is scaling policy for scaling Up. + If not set, the default value is the higher of: + * increase no more than 4 pods per 60 seconds + * double the number of pods per 60 seconds + No stabilization is used. properties: policies: - description: policies is a list of potential scaling - polices which can be used during scaling. At least - one policy must be specified, otherwise the HPAScalingRules - will be discarded as invalid + description: |- + policies is a list of potential scaling polices which can be used during scaling. + At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid items: description: HPAScalingPolicy is a single policy which must hold true for a specified past interval. properties: periodSeconds: - description: periodSeconds specifies the window - of time for which the policy should hold true. - PeriodSeconds must be greater than zero and - less than or equal to 1800 (30 min). + description: |- + periodSeconds specifies the window of time for which the policy should hold true. + PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). format: int32 type: integer type: @@ -175,9 +174,9 @@ spec: policy. type: string value: - description: value contains the amount of change - which is permitted by the policy. It must - be greater than zero + description: |- + value contains the amount of change which is permitted by the policy. + It must be greater than zero format: int32 type: integer required: @@ -188,23 +187,19 @@ spec: type: array x-kubernetes-list-type: atomic selectPolicy: - description: selectPolicy is used to specify which - policy should be used. If not set, the default value - Max is used. + description: |- + selectPolicy is used to specify which policy should be used. + If not set, the default value Max is used. type: string stabilizationWindowSeconds: - description: 'stabilizationWindowSeconds is the number - of seconds for which past recommendations should - be considered while scaling up or scaling down. - StabilizationWindowSeconds must be greater than - or equal to zero and less than or equal to 3600 - (one hour). If not set, use the default values: + description: |- + stabilizationWindowSeconds is the number of seconds for which past recommendations should be + considered while scaling up or scaling down. + StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). + If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - - For scale down: 300 (i.e. the stabilization window - is 300 seconds long).' + - For scale down: 300 (i.e. the stabilization window is 300 seconds long). format: int32 - maximum: 3600 - minimum: 0 type: integer type: object type: object @@ -222,9 +217,9 @@ spec: formula: type: string metricType: - description: MetricTargetType specifies the type of metric - being targeted, and should be either "Value", "AverageValue", - or "Utilization" + description: |- + MetricTargetType specifies the type of metric being targeted, and should be either + "Value", "AverageValue", or "Utilization" type: string target: type: string @@ -249,6 +244,9 @@ spec: idleReplicaCount: format: int32 type: integer + initialCooldownPeriod: + format: int32 + type: integer maxReplicaCount: format: int32 type: integer @@ -277,9 +275,9 @@ spec: description: ScaleTriggers reference the scaler that will be used properties: authenticationRef: - description: AuthenticationRef points to the TriggerAuthentication - or ClusterTriggerAuthentication object that is used to authenticate - the scaler with the environment + description: |- + AuthenticationRef points to the TriggerAuthentication or ClusterTriggerAuthentication object that + is used to authenticate the scaler with the environment properties: kind: description: Kind of the resource being referred to. Defaults @@ -295,9 +293,9 @@ spec: type: string type: object metricType: - description: MetricTargetType specifies the type of metric being - targeted, and should be either "Value", "AverageValue", or - "Utilization" + description: |- + MetricTargetType specifies the type of metric being targeted, and should be either + "Value", "AverageValue", or "Utilization" type: string name: type: string diff --git a/keda/templates/crds/crd-triggerauthentications.yaml b/keda/templates/crds/crd-triggerauthentications.yaml index eb563268..a22b2849 100644 --- a/keda/templates/crds/crd-triggerauthentications.yaml +++ b/keda/templates/crds/crd-triggerauthentications.yaml @@ -50,14 +50,19 @@ spec: description: TriggerAuthentication defines how a trigger can authenticate properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -134,9 +139,15 @@ spec: - accessSecretKey type: object podIdentity: - description: AuthPodIdentity allows users to select the platform - native identity mechanism + description: |- + AuthPodIdentity allows users to select the platform native identity + mechanism properties: + identityAuthorityHost: + description: Set identityAuthorityHost to override the default + Azure authority host. If this is set, then the IdentityTenantID + must also be set + type: string identityId: type: string identityOwner: @@ -147,6 +158,11 @@ spec: - keda - workload type: string + identityTenantId: + description: Set identityTenantId to override the default + Azure tenant id. If this is set, then the IdentityID must + also be set + type: string provider: description: PodIdentityProvider contains the list of providers enum: @@ -233,9 +249,15 @@ spec: - tenantId type: object podIdentity: - description: AuthPodIdentity allows users to select the platform - native identity mechanism + description: |- + AuthPodIdentity allows users to select the platform native identity + mechanism properties: + identityAuthorityHost: + description: Set identityAuthorityHost to override the default + Azure authority host. If this is set, then the IdentityTenantID + must also be set + type: string identityId: type: string identityOwner: @@ -246,6 +268,11 @@ spec: - keda - workload type: string + identityTenantId: + description: Set identityTenantId to override the default + Azure tenant id. If this is set, then the IdentityID must + also be set + type: string provider: description: PodIdentityProvider contains the list of providers enum: @@ -303,8 +330,9 @@ spec: type: array env: items: - description: AuthEnvironment is used to authenticate using environment - variables in the destination ScaleTarget spec + description: |- + AuthEnvironment is used to authenticate using environment variables + in the destination ScaleTarget spec properties: containerName: type: string @@ -345,9 +373,15 @@ spec: - clientSecret type: object podIdentity: - description: AuthPodIdentity allows users to select the platform - native identity mechanism + description: |- + AuthPodIdentity allows users to select the platform native identity + mechanism properties: + identityAuthorityHost: + description: Set identityAuthorityHost to override the default + Azure authority host. If this is set, then the IdentityTenantID + must also be set + type: string identityId: type: string identityOwner: @@ -358,6 +392,11 @@ spec: - keda - workload type: string + identityTenantId: + description: Set identityTenantId to override the default + Azure tenant id. If this is set, then the IdentityID must + also be set + type: string provider: description: PodIdentityProvider contains the list of providers enum: @@ -461,9 +500,15 @@ spec: - secrets type: object podIdentity: - description: AuthPodIdentity allows users to select the platform native - identity mechanism + description: |- + AuthPodIdentity allows users to select the platform native identity + mechanism properties: + identityAuthorityHost: + description: Set identityAuthorityHost to override the default + Azure authority host. If this is set, then the IdentityTenantID + must also be set + type: string identityId: type: string identityOwner: @@ -474,6 +519,11 @@ spec: - keda - workload type: string + identityTenantId: + description: Set identityTenantId to override the default Azure + tenant id. If this is set, then the IdentityID must also be + set + type: string provider: description: PodIdentityProvider contains the list of providers enum: