diff --git a/README.rst b/README.rst index fe799f2..7238321 100644 --- a/README.rst +++ b/README.rst @@ -1,3 +1,6 @@ +Kubedantic +====================================================== + .. image:: https://img.shields.io/pypi/v/kubedantic.svg :target: https://pypi.org/project/kubedantic @@ -16,3 +19,12 @@ .. image:: https://img.shields.io/badge/skeleton-2024-informational :target: https://blog.jaraco.com/skeleton + +Kubedantic - Pydantic models for Kubernetes + +Overview +-------- + +Kubedantic is a Python library that provides Pydantic models for Kubernetes resources. + +Models are generated using the `Kubernetes OpenAPI specification `_ and `datamodel-code-generator `_. diff --git a/src/kubedantic/models/io/k8s/api/admissionregistration/__init__.py b/src/kubedantic/models/io/k8s/api/admissionregistration/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/admissionregistration/v1.py b/src/kubedantic/models/io/k8s/api/admissionregistration/v1.py new file mode 100644 index 0000000..e00a232 --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/admissionregistration/v1.py @@ -0,0 +1,1367 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from enum import Enum +from typing import List, Optional + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 + + +class AuditAnnotation(BaseModel): + key: str = Field( + ..., + description=( + "key specifies the audit annotation key. The audit annotation keys of a" + " ValidatingAdmissionPolicy must be unique. The key must be a qualified" + " name ([A-Za-z0-9][-A-Za-z0-9_.]*) no more than 63 bytes in length.\n\nThe" + " key is combined with the resource name of the ValidatingAdmissionPolicy" + ' to construct an audit annotation key: "{ValidatingAdmissionPolicy' + ' name}/{key}".\n\nIf an admission webhook uses the same resource name as' + " this ValidatingAdmissionPolicy and the same audit annotation key, the" + " annotation key will be identical. In this case, the first annotation" + " written with the key will be included in the audit event and all" + " subsequent annotations with the same key will be discarded.\n\nRequired." + ), + ) + valueExpression: str = Field( + ..., + description=( + "valueExpression represents the expression which is evaluated by CEL to" + " produce an audit annotation value. The expression must evaluate to either" + " a string or null value. If the expression evaluates to a string, the" + " audit annotation is included with the string value. If the expression" + " evaluates to null or empty string the audit annotation will be omitted." + " The valueExpression may be no longer than 5kb in length. If the result of" + " the valueExpression is more than 10kb in length, it will be truncated to" + " 10kb.\n\nIf multiple ValidatingAdmissionPolicyBinding resources match an" + " API request, then the valueExpression will be evaluated for each binding." + " All unique values produced by the valueExpressions will be joined" + " together in a comma-separated list.\n\nRequired." + ), + ) + + +class ExpressionWarning(BaseModel): + fieldRef: str = Field( + ..., + description=( + "The path to the field that refers the expression. For example, the" + " reference to the expression of the first item of validations is" + ' "spec.validations[0].expression"' + ), + ) + warning: str = Field( + ..., + description=( + "The content of type checking information in a human-readable form. Each" + " line of the warning contains the type that the expression is checked" + " against, followed by the type check error from the compiler." + ), + ) + + +class MatchCondition(BaseModel): + expression: str = Field( + ..., + description=( + "Expression represents the expression which will be evaluated by CEL. Must" + " evaluate to bool. CEL expressions have access to the contents of the" + " AdmissionRequest and Authorizer, organized into CEL" + " variables:\n\n'object' - The object from the incoming request. The value" + " is null for DELETE requests. 'oldObject' - The existing object. The value" + " is null for CREATE requests. 'request' - Attributes of the admission" + " request(/pkg/apis/admission/types.go#AdmissionRequest). 'authorizer' - A" + " CEL Authorizer. May be used to perform authorization checks for the" + " principal (user or service account) of the request.\n See" + " https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz\n'authorizer.requestResource'" + " - A CEL ResourceCheck constructed from the 'authorizer' and configured" + " with the\n request resource.\nDocumentation on CEL:" + " https://kubernetes.io/docs/reference/using-api/cel/\n\nRequired." + ), + ) + name: str = Field( + ..., + description=( + "Name is an identifier for this match condition, used for strategic merging" + " of MatchConditions, as well as providing an identifier for logging" + " purposes. A good name should be descriptive of the associated expression." + " Name must be a qualified name consisting of alphanumeric characters, '-'," + " '_' or '.', and must start and end with an alphanumeric character (e.g." + " 'MyName', or 'my.name', or '123-abc', regex used for validation is" + " '([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9]') with an optional DNS" + " subdomain prefix and '/' (e.g. 'example.com/MyName')\n\nRequired." + ), + ) + + +class MatchPolicy(Enum): + Equivalent = "Equivalent" + Exact = "Exact" + + +class FailurePolicy(Enum): + Fail = "Fail" + Ignore = "Ignore" + + +class ReinvocationPolicy(Enum): + IfNeeded = "IfNeeded" + Never = "Never" + + +class SideEffects(Enum): + None_ = "None" + NoneOnDryRun = "NoneOnDryRun" + Some = "Some" + Unknown = "Unknown" + + +class Operation(Enum): + field_ = "*" + CONNECT = "CONNECT" + CREATE = "CREATE" + DELETE = "DELETE" + UPDATE = "UPDATE" + + +class NamedRuleWithOperations(BaseModel): + apiGroups: Optional[List[str]] = Field( + default=None, + description=( + "APIGroups is the API groups the resources belong to. '*' is all groups. If" + " '*' is present, the length of the slice must be one. Required." + ), + ) + apiVersions: Optional[List[str]] = Field( + default=None, + description=( + "APIVersions is the API versions the resources belong to. '*' is all" + " versions. If '*' is present, the length of the slice must be one." + " Required." + ), + ) + operations: Optional[List[Operation]] = Field( + default=None, + description=( + "Operations is the operations the admission hook cares about - CREATE," + " UPDATE, DELETE, CONNECT or * for all of those operations and any future" + " admission operations that are added. If '*' is present, the length of the" + " slice must be one. Required." + ), + ) + resourceNames: Optional[List[str]] = Field( + default=None, + description=( + "ResourceNames is an optional white list of names that the rule applies to." + " An empty set means that everything is allowed." + ), + ) + resources: Optional[List[str]] = Field( + default=None, + description=( + "Resources is a list of resources this rule applies to.\n\nFor example:" + " 'pods' means pods. 'pods/log' means the log subresource of pods. '*'" + " means all resources, but not subresources. 'pods/*' means all" + " subresources of pods. '*/scale' means all scale subresources. '*/*' means" + " all resources and their subresources.\n\nIf wildcard is present, the" + " validation rule will ensure resources do not overlap with each" + " other.\n\nDepending on the enclosing object, subresources might not be" + " allowed. Required." + ), + ) + scope: Optional[str] = Field( + default=None, + description=( + 'scope specifies the scope of this rule. Valid values are "Cluster",' + ' "Namespaced", and "*" "Cluster" means that only cluster-scoped resources' + " will match this rule. Namespace API objects are cluster-scoped." + ' "Namespaced" means that only namespaced resources will match this rule.' + ' "*" means that there are no scope restrictions. Subresources match the' + ' scope of their parent resource. Default is "*".' + ), + ) + + +class ParamKind(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion is the API group version the resources belong to. In format of" + ' "group/version". Required.' + ), + ) + kind: Optional[str] = Field( + default=None, + description="Kind is the API kind the resources belong to. Required.", + ) + + +class RuleWithOperations(BaseModel): + apiGroups: Optional[List[str]] = Field( + default=None, + description=( + "APIGroups is the API groups the resources belong to. '*' is all groups. If" + " '*' is present, the length of the slice must be one. Required." + ), + ) + apiVersions: Optional[List[str]] = Field( + default=None, + description=( + "APIVersions is the API versions the resources belong to. '*' is all" + " versions. If '*' is present, the length of the slice must be one." + " Required." + ), + ) + operations: Optional[List[Operation]] = Field( + default=None, + description=( + "Operations is the operations the admission hook cares about - CREATE," + " UPDATE, DELETE, CONNECT or * for all of those operations and any future" + " admission operations that are added. If '*' is present, the length of the" + " slice must be one. Required." + ), + ) + resources: Optional[List[str]] = Field( + default=None, + description=( + "Resources is a list of resources this rule applies to.\n\nFor example:" + " 'pods' means pods. 'pods/log' means the log subresource of pods. '*'" + " means all resources, but not subresources. 'pods/*' means all" + " subresources of pods. '*/scale' means all scale subresources. '*/*' means" + " all resources and their subresources.\n\nIf wildcard is present, the" + " validation rule will ensure resources do not overlap with each" + " other.\n\nDepending on the enclosing object, subresources might not be" + " allowed. Required." + ), + ) + scope: Optional[str] = Field( + default=None, + description=( + 'scope specifies the scope of this rule. Valid values are "Cluster",' + ' "Namespaced", and "*" "Cluster" means that only cluster-scoped resources' + " will match this rule. Namespace API objects are cluster-scoped." + ' "Namespaced" means that only namespaced resources will match this rule.' + ' "*" means that there are no scope restrictions. Subresources match the' + ' scope of their parent resource. Default is "*".' + ), + ) + + +class ServiceReference(BaseModel): + name: str = Field(..., description="`name` is the name of the service. Required") + namespace: str = Field( + ..., description="`namespace` is the namespace of the service. Required" + ) + path: Optional[str] = Field( + default=None, + description=( + "`path` is an optional URL path which will be sent in any request to this" + " service." + ), + ) + port: Optional[int] = Field( + default=None, + description=( + "If specified, the port on the service that hosting webhook. Default to 443" + " for backward compatibility. `port` should be a valid port number" + " (1-65535, inclusive)." + ), + ) + + +class TypeChecking(BaseModel): + expressionWarnings: Optional[List[ExpressionWarning]] = Field( + default=None, description="The type checking warnings for each expression." + ) + + +class ValidationAction(Enum): + Audit = "Audit" + Deny = "Deny" + Warn = "Warn" + + +class Validation(BaseModel): + expression: str = Field( + ..., + description=( + "Expression represents the expression which will be evaluated by CEL. ref:" + " https://github.com/google/cel-spec CEL expressions have access to the" + " contents of the API request/response, organized into CEL variables as" + " well as some other useful variables:\n\n- 'object' - The object from" + " the incoming request. The value is null for DELETE requests. -" + " 'oldObject' - The existing object. The value is null for CREATE" + " requests. - 'request' - Attributes of the API" + " request([ref](/pkg/apis/admission/types.go#AdmissionRequest)). -" + " 'params' - Parameter resource referred to by the policy binding being" + " evaluated. Only populated if the policy has a ParamKind. -" + " 'namespaceObject' - The namespace object that the incoming object" + " belongs to. The value is null for cluster-scoped resources. -" + " 'variables' - Map of composited variables, from its name to its lazily" + " evaluated value.\n For example, a variable named 'foo' can be accessed" + " as 'variables.foo'.\n- 'authorizer' - A CEL Authorizer. May be used" + " to perform authorization checks for the principal (user or service" + " account) of the request.\n See" + " https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz\n-" + " 'authorizer.requestResource' - A CEL ResourceCheck constructed from the" + " 'authorizer' and configured with the\n request resource.\n\nThe" + " `apiVersion`, `kind`, `metadata.name` and `metadata.generateName` are" + " always accessible from the root of the object. No other metadata" + " properties are accessible.\n\nOnly property names of the form" + " `[a-zA-Z_.-/][a-zA-Z0-9_.-/]*` are accessible. Accessible property names" + " are escaped according to the following rules when accessed in the" + " expression: - '__' escapes to '__underscores__' - '.' escapes to" + " '__dot__' - '-' escapes to '__dash__' - '/' escapes to" + " '__slash__' - Property names that exactly match a CEL RESERVED keyword" + ' escape to \'__{keyword}__\'. The keywords are:\n\t "true", "false",' + ' "null", "in", "as", "break", "const", "continue", "else", "for",' + ' "function", "if",\n\t "import", "let", "loop", "package", "namespace",' + ' "return".\nExamples:\n - Expression accessing a property named' + ' "namespace": {"Expression": "object.__namespace__ > 0"}\n - Expression' + ' accessing a property named "x-prop": {"Expression": "object.x__dash__prop' + ' > 0"}\n - Expression accessing a property named "redact__d":' + ' {"Expression": "object.redact__underscores__d > 0"}\n\nEquality on arrays' + " with list type of 'set' or 'map' ignores element order, i.e. [1, 2]" + " == [2, 1]. Concatenation on arrays with x-kubernetes-list-type use the" + " semantics of the list type:\n - 'set': `X + Y` performs a union where" + " the array positions of all elements in `X` are preserved and\n " + " non-intersecting elements in `Y` are appended, retaining their partial" + " order.\n - 'map': `X + Y` performs a merge where the array positions" + " of all keys in `X` are preserved but the values\n are overwritten by" + " values in `Y` when the key sets of `X` and `Y` intersect. Elements in `Y`" + " with\n non-intersecting keys are appended, retaining their partial" + " order.\nRequired." + ), + ) + message: Optional[str] = Field( + default=None, + description=( + "Message represents the message displayed when validation fails. The" + " message is required if the Expression contains line breaks. The message" + ' must not contain line breaks. If unset, the message is "failed rule:' + ' {Rule}". e.g. "must be a URL with the host matching spec.host" If the' + " Expression contains line breaks. Message is required. The message must" + ' not contain line breaks. If unset, the message is "failed Expression:' + ' {Expression}".' + ), + ) + messageExpression: Optional[str] = Field( + default=None, + description=( + "messageExpression declares a CEL expression that evaluates to the" + " validation failure message that is returned when this rule fails. Since" + " messageExpression is used as a failure message, it must evaluate to a" + " string. If both message and messageExpression are present on a" + " validation, then messageExpression will be used if validation fails. If" + " messageExpression results in a runtime error, the runtime error is" + " logged, and the validation failure message is produced as if the" + " messageExpression field were unset. If messageExpression evaluates to an" + " empty string, a string with only spaces, or a string that contains line" + " breaks, then the validation failure message will also be produced as if" + " the messageExpression field were unset, and the fact that" + " messageExpression produced an empty string/string with only spaces/string" + " with line breaks will be logged. messageExpression has access to all the" + " same variables as the `expression` except for 'authorizer' and" + " 'authorizer.requestResource'. Example: \"object.x must be less than max" + ' ("+string(params.max)+")"' + ), + ) + reason: Optional[str] = Field( + default=None, + description=( + "Reason represents a machine-readable description of why this validation" + " failed. If this is the first validation in the list to fail, this reason," + " as well as the corresponding HTTP response code, are used in the HTTP" + " response to the client. The currently supported reasons are:" + ' "Unauthorized", "Forbidden", "Invalid", "RequestEntityTooLarge". If not' + " set, StatusReasonInvalid is used in the response to the client." + ), + ) + + +class Variable(BaseModel): + expression: str = Field( + ..., + description=( + "Expression is the expression that will be evaluated as the value of the" + " variable. The CEL expression has access to the same identifiers as the" + " CEL expressions in Validation." + ), + ) + name: str = Field( + ..., + description=( + "Name is the name of the variable. The name must be a valid CEL identifier" + " and unique among all variables. The variable can be accessed in other" + ' expressions through `variables` For example, if name is "foo", the' + " variable will be available as `variables.foo`" + ), + ) + + +class WebhookClientConfig(BaseModel): + caBundle: Optional[str] = Field( + default=None, + description=( + "`caBundle` is a PEM encoded CA bundle which will be used to validate the" + " webhook's server certificate. If unspecified, system trust roots on the" + " apiserver are used." + ), + ) + service: Optional[ServiceReference] = Field( + default=None, + description=( + "`service` is a reference to the service for this webhook. Either `service`" + " or `url` must be specified.\n\nIf the webhook is running within the" + " cluster, then you should use `service`." + ), + ) + url: Optional[str] = Field( + default=None, + description=( + "`url` gives the location of the webhook, in standard URL form" + " (`scheme://host:port/path`). Exactly one of `url` or `service` must be" + " specified.\n\nThe `host` should not refer to a service running in the" + " cluster; use the `service` field instead. The host might be resolved via" + " external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve" + " in-cluster DNS as that would be a layering violation). `host` may also be" + " an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a" + " `host` is risky unless you take great care to run this webhook on all" + " hosts which run an apiserver which might need to make calls to this" + " webhook. Such installs are likely to be non-portable, i.e., not easy to" + ' turn up in a new cluster.\n\nThe scheme must be "https"; the URL must' + ' begin with "https://".\n\nA path is optional, and if present may be any' + " string permissible in a URL. You may use the path to pass an arbitrary" + " string to the webhook, for example, a cluster identifier.\n\nAttempting" + ' to use a user or basic auth e.g. "user:password@" is not allowed.' + ' Fragments ("#...") and query parameters ("?...") are not allowed, either.' + ), + ) + + +class MatchResources(BaseModel): + excludeResourceRules: Optional[List[NamedRuleWithOperations]] = Field( + default=None, + description=( + "ExcludeResourceRules describes what operations on what" + " resources/subresources the ValidatingAdmissionPolicy should not care" + " about. The exclude rules take precedence over include rules (if a" + " resource matches both, it is excluded)" + ), + ) + matchPolicy: Optional[MatchPolicy] = Field( + default=None, + description=( + 'matchPolicy defines how the "MatchResources" list is used to match' + ' incoming requests. Allowed values are "Exact" or "Equivalent".\n\n-' + " Exact: match a request only if it exactly matches a specified rule. For" + " example, if deployments can be modified via apps/v1, apps/v1beta1, and" + ' extensions/v1beta1, but "rules" only included `apiGroups:["apps"],' + ' apiVersions:["v1"], resources: ["deployments"]`, a request to' + " apps/v1beta1 or extensions/v1beta1 would not be sent to the" + " ValidatingAdmissionPolicy.\n\n- Equivalent: match a request if modifies a" + " resource listed in rules, even via another API group or version. For" + " example, if deployments can be modified via apps/v1, apps/v1beta1, and" + ' extensions/v1beta1, and "rules" only included `apiGroups:["apps"],' + ' apiVersions:["v1"], resources: ["deployments"]`, a request to' + " apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent" + ' to the ValidatingAdmissionPolicy.\n\nDefaults to "Equivalent"\n\nPossible' + ' enum values:\n - `"Equivalent"` means requests should be sent to the' + " webhook if they modify a resource listed in rules via another API group" + ' or version.\n - `"Exact"` means requests should only be sent to the' + " webhook if they exactly match a given rule." + ), + ) + namespaceSelector: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "NamespaceSelector decides whether to run the admission control policy on" + " an object based on whether the namespace for that object matches the" + " selector. If the object itself is a namespace, the matching is performed" + " on object.metadata.labels. If the object is another cluster scoped" + " resource, it never skips the policy.\n\nFor example, to run the webhook" + ' on any objects whose namespace is not associated with "runlevel" of "0"' + ' or "1"; you will set the selector as follows: "namespaceSelector": {\n ' + ' "matchExpressions": [\n {\n "key": "runlevel",\n "operator":' + ' "NotIn",\n "values": [\n "0",\n "1"\n ]\n }\n ' + " ]\n}\n\nIf instead you want to only run the policy on any objects whose" + ' namespace is associated with the "environment" of "prod" or "staging";' + ' you will set the selector as follows: "namespaceSelector": {\n ' + ' "matchExpressions": [\n {\n "key": "environment",\n ' + ' "operator": "In",\n "values": [\n "prod",\n ' + ' "staging"\n ]\n }\n ]\n}\n\nSee' + " https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/" + " for more examples of label selectors.\n\nDefault to the empty" + " LabelSelector, which matches everything." + ), + ) + objectSelector: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "ObjectSelector decides whether to run the validation based on if the" + " object has matching labels. objectSelector is evaluated against both the" + " oldObject and newObject that would be sent to the cel validation, and is" + " considered to match if either object matches the selector. A null object" + " (oldObject in the case of create, or newObject in the case of delete) or" + " an object that cannot have labels (like a DeploymentRollback or a" + " PodProxyOptions object) is not considered to match. Use the object" + " selector only if the webhook is opt-in, because end users may skip the" + " admission webhook by setting the labels. Default to the empty" + " LabelSelector, which matches everything." + ), + ) + resourceRules: Optional[List[NamedRuleWithOperations]] = Field( + default=None, + description=( + "ResourceRules describes what operations on what resources/subresources the" + " ValidatingAdmissionPolicy matches. The policy cares about an operation if" + " it matches _any_ Rule." + ), + ) + + +class MutatingWebhook(BaseModel): + admissionReviewVersions: List[str] = Field( + ..., + description=( + "AdmissionReviewVersions is an ordered list of preferred `AdmissionReview`" + " versions the Webhook expects. API server will try to use first version in" + " the list which it supports. If none of the versions specified in this" + " list supported by API server, validation will fail for this object. If a" + " persisted webhook configuration specifies allowed versions and does not" + " include any versions known to the API Server, calls to the webhook will" + " fail and be subject to the failure policy." + ), + ) + clientConfig: WebhookClientConfig = Field( + ..., + description="ClientConfig defines how to communicate with the hook. Required", + ) + failurePolicy: Optional[FailurePolicy] = Field( + default=None, + description=( + "FailurePolicy defines how unrecognized errors from the admission endpoint" + " are handled - allowed values are Ignore or Fail. Defaults to" + ' Fail.\n\nPossible enum values:\n - `"Fail"` means that an error calling' + ' the webhook causes the admission to fail.\n - `"Ignore"` means that an' + " error calling the webhook is ignored." + ), + ) + matchConditions: Optional[List[MatchCondition]] = Field( + default=None, + description=( + "MatchConditions is a list of conditions that must be met for a request to" + " be sent to this webhook. Match conditions filter requests that have" + " already been matched by the rules, namespaceSelector, and objectSelector." + " An empty list of matchConditions matches all requests. There are a" + " maximum of 64 match conditions allowed.\n\nThe exact matching logic is" + " (in order):\n 1. If ANY matchCondition evaluates to FALSE, the webhook" + " is skipped.\n 2. If ALL matchConditions evaluate to TRUE, the webhook is" + " called.\n 3. If any matchCondition evaluates to an error (but none are" + " FALSE):\n - If failurePolicy=Fail, reject the request\n - If" + " failurePolicy=Ignore, the error is ignored and the webhook is skipped" + ), + ) + matchPolicy: Optional[MatchPolicy] = Field( + default=None, + description=( + 'matchPolicy defines how the "rules" list is used to match incoming' + ' requests. Allowed values are "Exact" or "Equivalent".\n\n- Exact: match a' + " request only if it exactly matches a specified rule. For example, if" + " deployments can be modified via apps/v1, apps/v1beta1, and" + ' extensions/v1beta1, but "rules" only included `apiGroups:["apps"],' + ' apiVersions:["v1"], resources: ["deployments"]`, a request to' + " apps/v1beta1 or extensions/v1beta1 would not be sent to the webhook.\n\n-" + " Equivalent: match a request if modifies a resource listed in rules, even" + " via another API group or version. For example, if deployments can be" + ' modified via apps/v1, apps/v1beta1, and extensions/v1beta1, and "rules"' + ' only included `apiGroups:["apps"], apiVersions:["v1"], resources:' + ' ["deployments"]`, a request to apps/v1beta1 or extensions/v1beta1 would' + " be converted to apps/v1 and sent to the webhook.\n\nDefaults to" + ' "Equivalent"\n\nPossible enum values:\n - `"Equivalent"` means requests' + " should be sent to the webhook if they modify a resource listed in rules" + ' via another API group or version.\n - `"Exact"` means requests should' + " only be sent to the webhook if they exactly match a given rule." + ), + ) + name: str = Field( + ..., + description=( + "The name of the admission webhook. Name should be fully qualified, e.g.," + ' imagepolicy.kubernetes.io, where "imagepolicy" is the name of the' + " webhook, and kubernetes.io is the name of the organization. Required." + ), + ) + namespaceSelector: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "NamespaceSelector decides whether to run the webhook on an object based on" + " whether the namespace for that object matches the selector. If the object" + " itself is a namespace, the matching is performed on" + " object.metadata.labels. If the object is another cluster scoped resource," + " it never skips the webhook.\n\nFor example, to run the webhook on any" + ' objects whose namespace is not associated with "runlevel" of "0" or "1"; ' + ' you will set the selector as follows: "namespaceSelector": {\n ' + ' "matchExpressions": [\n {\n "key": "runlevel",\n "operator":' + ' "NotIn",\n "values": [\n "0",\n "1"\n ]\n }\n ' + " ]\n}\n\nIf instead you want to only run the webhook on any objects whose" + ' namespace is associated with the "environment" of "prod" or "staging";' + ' you will set the selector as follows: "namespaceSelector": {\n ' + ' "matchExpressions": [\n {\n "key": "environment",\n ' + ' "operator": "In",\n "values": [\n "prod",\n ' + ' "staging"\n ]\n }\n ]\n}\n\nSee' + " https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/" + " for more examples of label selectors.\n\nDefault to the empty" + " LabelSelector, which matches everything." + ), + ) + objectSelector: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "ObjectSelector decides whether to run the webhook based on if the object" + " has matching labels. objectSelector is evaluated against both the" + " oldObject and newObject that would be sent to the webhook, and is" + " considered to match if either object matches the selector. A null object" + " (oldObject in the case of create, or newObject in the case of delete) or" + " an object that cannot have labels (like a DeploymentRollback or a" + " PodProxyOptions object) is not considered to match. Use the object" + " selector only if the webhook is opt-in, because end users may skip the" + " admission webhook by setting the labels. Default to the empty" + " LabelSelector, which matches everything." + ), + ) + reinvocationPolicy: Optional[ReinvocationPolicy] = Field( + default=None, + description=( + "reinvocationPolicy indicates whether this webhook should be called" + " multiple times as part of a single admission evaluation. Allowed values" + ' are "Never" and "IfNeeded".\n\nNever: the webhook will not be called more' + " than once in a single admission evaluation.\n\nIfNeeded: the webhook will" + " be called at least one additional time as part of the admission" + " evaluation if the object being admitted is modified by other admission" + " plugins after the initial webhook call. Webhooks that specify this option" + " *must* be idempotent, able to process objects they previously admitted." + " Note: * the number of additional invocations is not guaranteed to be" + " exactly one. * if additional invocations result in further modifications" + " to the object, webhooks are not guaranteed to be invoked again. *" + " webhooks that use this option may be reordered to minimize the number of" + " additional invocations. * to validate an object after all mutations are" + " guaranteed complete, use a validating admission webhook" + ' instead.\n\nDefaults to "Never".\n\nPossible enum values:\n -' + ' `"IfNeeded"` indicates that the webhook may be called at least one' + " additional time as part of the admission evaluation if the object being" + " admitted is modified by other admission plugins after the initial webhook" + ' call.\n - `"Never"` indicates that the webhook must not be called more' + " than once in a single admission evaluation." + ), + ) + rules: Optional[List[RuleWithOperations]] = Field( + default=None, + description=( + "Rules describes what operations on what resources/subresources the webhook" + " cares about. The webhook cares about an operation if it matches _any_" + " Rule. However, in order to prevent ValidatingAdmissionWebhooks and" + " MutatingAdmissionWebhooks from putting the cluster in a state which" + " cannot be recovered from without completely disabling the plugin," + " ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never" + " called on admission requests for ValidatingWebhookConfiguration and" + " MutatingWebhookConfiguration objects." + ), + ) + sideEffects: SideEffects = Field( + ..., + description=( + "SideEffects states whether this webhook has side effects. Acceptable" + " values are: None, NoneOnDryRun (webhooks created via v1beta1 may also" + " specify Some or Unknown). Webhooks with side effects MUST implement a" + " reconciliation system, since a request may be rejected by a future step" + " in the admission chain and the side effects therefore need to be undone." + " Requests with the dryRun attribute will be auto-rejected if they match a" + " webhook with sideEffects == Unknown or Some.\n\nPossible enum values:\n -" + ' `"None"` means that calling the webhook will have no side effects.\n -' + ' `"NoneOnDryRun"` means that calling the webhook will possibly have side' + " effects, but if the request being reviewed has the dry-run attribute, the" + ' side effects will be suppressed.\n - `"Some"` means that calling the' + " webhook will possibly have side effects. If a request with the dry-run" + " attribute would trigger a call to this webhook, the request will instead" + ' fail.\n - `"Unknown"` means that no information is known about the side' + " effects of calling the webhook. If a request with the dry-run attribute" + " would trigger a call to this webhook, the request will instead fail." + ), + ) + timeoutSeconds: Optional[int] = Field( + default=None, + description=( + "TimeoutSeconds specifies the timeout for this webhook. After the timeout" + " passes, the webhook call will be ignored or the API call will fail based" + " on the failure policy. The timeout value must be between 1 and 30" + " seconds. Default to 10 seconds." + ), + ) + + +class MutatingWebhookConfiguration(BaseModel): + apiVersion: Optional[str] = Field( + default="admissionregistration.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="MutatingWebhookConfiguration", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object metadata; More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata." + ), + ) + webhooks: Optional[List[MutatingWebhook]] = Field( + default=None, + description=( + "Webhooks is a list of webhooks and the affected resources and operations." + ), + ) + + +class MutatingWebhookConfigurationList(BaseModel): + apiVersion: Optional[str] = Field( + default="admissionregistration.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[MutatingWebhookConfiguration] = Field( + ..., description="List of MutatingWebhookConfiguration." + ) + kind: Optional[str] = Field( + default="MutatingWebhookConfigurationList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class ParamRef(BaseModel): + name: Optional[str] = Field( + default=None, + description=( + "name is the name of the resource being referenced.\n\nOne of `name` or" + " `selector` must be set, but `name` and `selector` are mutually exclusive" + " properties. If one is set, the other must be unset.\n\nA single parameter" + " used for all admission requests can be configured by setting the `name`" + " field, leaving `selector` blank, and setting namespace if `paramKind` is" + " namespace-scoped." + ), + ) + namespace: Optional[str] = Field( + default=None, + description=( + "namespace is the namespace of the referenced resource. Allows limiting the" + " search for params to a specific namespace. Applies to both `name` and" + " `selector` fields.\n\nA per-namespace parameter may be used by specifying" + " a namespace-scoped `paramKind` in the policy and leaving this field" + " empty.\n\n- If `paramKind` is cluster-scoped, this field MUST be unset." + " Setting this field results in a configuration error.\n\n- If `paramKind`" + " is namespace-scoped, the namespace of the object being evaluated for" + " admission will be used when this field is left unset. Take care that if" + " this is left empty the binding must not match any cluster-scoped" + " resources, which will result in an error." + ), + ) + parameterNotFoundAction: Optional[str] = Field( + default=None, + description=( + "`parameterNotFoundAction` controls the behavior of the binding when the" + " resource exists, and name or selector is valid, but there are no" + " parameters matched by the binding. If the value is set to `Allow`, then" + " no matched parameters will be treated as successful validation by the" + " binding. If set to `Deny`, then no matched parameters will be subject to" + " the `failurePolicy` of the policy.\n\nAllowed values are `Allow` or" + " `Deny`\n\nRequired" + ), + ) + selector: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "selector can be used to match multiple param objects based on their" + " labels. Supply selector: {} to match all resources of the" + " ParamKind.\n\nIf multiple params are found, they are all evaluated with" + " the policy expressions and the results are ANDed together.\n\nOne of" + " `name` or `selector` must be set, but `name` and `selector` are mutually" + " exclusive properties. If one is set, the other must be unset." + ), + ) + + +class ValidatingAdmissionPolicyBindingSpec(BaseModel): + matchResources: Optional[MatchResources] = Field( + default=None, + description=( + "MatchResources declares what resources match this binding and will be" + " validated by it. Note that this is intersected with the policy's" + " matchConstraints, so only requests that are matched by the policy can be" + " selected by this. If this is unset, all resources matched by the policy" + " are validated by this binding When resourceRules is unset, it does not" + " constrain resource matching. If a resource is matched by the other fields" + " of this object, it will be validated. Note that this is differs from" + " ValidatingAdmissionPolicy matchConstraints, where resourceRules are" + " required." + ), + ) + paramRef: Optional[ParamRef] = Field( + default=None, + description=( + "paramRef specifies the parameter resource used to configure the admission" + " control policy. It should point to a resource of the type specified in" + " ParamKind of the bound ValidatingAdmissionPolicy. If the policy specifies" + " a ParamKind and the resource referred to by ParamRef does not exist, this" + " binding is considered mis-configured and the FailurePolicy of the" + " ValidatingAdmissionPolicy applied. If the policy does not specify a" + " ParamKind then this field is ignored, and the rules are evaluated without" + " a param." + ), + ) + policyName: Optional[str] = Field( + default=None, + description=( + "PolicyName references a ValidatingAdmissionPolicy name which the" + " ValidatingAdmissionPolicyBinding binds to. If the referenced resource" + " does not exist, this binding is considered invalid and will be ignored" + " Required." + ), + ) + validationActions: Optional[List[ValidationAction]] = Field( + default=None, + description=( + "validationActions declares how Validations of the referenced" + " ValidatingAdmissionPolicy are enforced. If a validation evaluates to" + " false it is always enforced according to these actions.\n\nFailures" + " defined by the ValidatingAdmissionPolicy's FailurePolicy are enforced" + " according to these actions only if the FailurePolicy is set to Fail," + " otherwise the failures are ignored. This includes compilation errors," + " runtime errors and misconfigurations of the policy.\n\nvalidationActions" + " is declared as a set of action values. Order does not matter." + " validationActions may not contain duplicates of the same action.\n\nThe" + ' supported actions values are:\n\n"Deny" specifies that a validation' + ' failure results in a denied request.\n\n"Warn" specifies that a' + " validation failure is reported to the request client in HTTP Warning" + " headers, with a warning code of 299. Warnings can be sent both for" + ' allowed or denied admission responses.\n\n"Audit" specifies that a' + " validation failure is included in the published audit event for the" + " request. The audit event will contain a" + " `validation.policy.admission.k8s.io/validation_failure` audit annotation" + " with a value containing the details of the validation failures, formatted" + " as a JSON list of objects, each with the following fields: - message: The" + " validation failure message string - policy: The resource name of the" + " ValidatingAdmissionPolicy - binding: The resource name of the" + " ValidatingAdmissionPolicyBinding - expressionIndex: The index of the" + " failed validations in the ValidatingAdmissionPolicy - validationActions:" + " The enforcement actions enacted for the validation failure Example audit" + ' annotation: `"validation.policy.admission.k8s.io/validation_failure":' + ' "[{"message": "Invalid value", {"policy": "policy.example.com",' + ' {"binding": "policybinding.example.com", {"expressionIndex": "1",' + ' {"validationActions": ["Audit"]}]"`\n\nClients should expect to handle' + ' additional values by ignoring any values not recognized.\n\n"Deny" and' + ' "Warn" may not be used together since this combination needlessly' + " duplicates the validation failure both in the API response body and the" + " HTTP warning headers.\n\nRequired." + ), + ) + + +class ValidatingAdmissionPolicySpec(BaseModel): + auditAnnotations: Optional[List[AuditAnnotation]] = Field( + default=None, + description=( + "auditAnnotations contains CEL expressions which are used to produce audit" + " annotations for the audit event of the API request. validations and" + " auditAnnotations may not both be empty; a least one of validations or" + " auditAnnotations is required." + ), + ) + failurePolicy: Optional[FailurePolicy] = Field( + default=None, + description=( + "failurePolicy defines how to handle failures for the admission policy." + " Failures can occur from CEL expression parse errors, type check errors," + " runtime errors and invalid or mis-configured policy definitions or" + " bindings.\n\nA policy is invalid if spec.paramKind refers to a" + " non-existent Kind. A binding is invalid if spec.paramRef.name refers to a" + " non-existent resource.\n\nfailurePolicy does not define how validations" + " that evaluate to false are handled.\n\nWhen failurePolicy is set to Fail," + " ValidatingAdmissionPolicyBinding validationActions define how failures" + " are enforced.\n\nAllowed values are Ignore or Fail. Defaults to" + ' Fail.\n\nPossible enum values:\n - `"Fail"` means that an error calling' + ' the webhook causes the admission to fail.\n - `"Ignore"` means that an' + " error calling the webhook is ignored." + ), + ) + matchConditions: Optional[List[MatchCondition]] = Field( + default=None, + description=( + "MatchConditions is a list of conditions that must be met for a request to" + " be validated. Match conditions filter requests that have already been" + " matched by the rules, namespaceSelector, and objectSelector. An empty" + " list of matchConditions matches all requests. There are a maximum of 64" + " match conditions allowed.\n\nIf a parameter object is provided, it can be" + " accessed via the `params` handle in the same manner as validation" + " expressions.\n\nThe exact matching logic is (in order):\n 1. If ANY" + " matchCondition evaluates to FALSE, the policy is skipped.\n 2. If ALL" + " matchConditions evaluate to TRUE, the policy is evaluated.\n 3. If any" + " matchCondition evaluates to an error (but none are FALSE):\n - If" + " failurePolicy=Fail, reject the request\n - If failurePolicy=Ignore," + " the policy is skipped" + ), + ) + matchConstraints: Optional[MatchResources] = Field( + default=None, + description=( + "MatchConstraints specifies what resources this policy is designed to" + " validate. The AdmissionPolicy cares about a request if it matches _all_" + " Constraints. However, in order to prevent clusters from being put into an" + " unstable state that cannot be recovered from via the API" + " ValidatingAdmissionPolicy cannot match ValidatingAdmissionPolicy and" + " ValidatingAdmissionPolicyBinding. Required." + ), + ) + paramKind: Optional[ParamKind] = Field( + default=None, + description=( + "ParamKind specifies the kind of resources used to parameterize this" + " policy. If absent, there are no parameters for this policy and the param" + " CEL variable will not be provided to validation expressions. If ParamKind" + " refers to a non-existent kind, this policy definition is mis-configured" + " and the FailurePolicy is applied. If paramKind is specified but paramRef" + " is unset in ValidatingAdmissionPolicyBinding, the params variable will be" + " null." + ), + ) + validations: Optional[List[Validation]] = Field( + default=None, + description=( + "Validations contain CEL expressions which is used to apply the validation." + " Validations and AuditAnnotations may not both be empty; a minimum of one" + " Validations or AuditAnnotations is required." + ), + ) + variables: Optional[List[Variable]] = Field( + default=None, + description=( + "Variables contain definitions of variables that can be used in composition" + " of other expressions. Each variable is defined as a named CEL expression." + " The variables defined here will be available under `variables` in other" + " expressions of the policy except MatchConditions because MatchConditions" + " are evaluated before the rest of the policy.\n\nThe expression of a" + " variable can refer to other variables defined earlier in the list but not" + " those after. Thus, Variables must be sorted by the order of first" + " appearance and acyclic." + ), + ) + + +class ValidatingAdmissionPolicyStatus(BaseModel): + conditions: Optional[List[v1.Condition]] = Field( + default=None, + description=( + "The conditions represent the latest available observations of a policy's" + " current state." + ), + ) + observedGeneration: Optional[int] = Field( + default=None, description="The generation observed by the controller." + ) + typeChecking: Optional[TypeChecking] = Field( + default=None, + description=( + "The results of type checking for each expression. Presence of this field" + " indicates the completion of the type checking." + ), + ) + + +class ValidatingWebhook(BaseModel): + admissionReviewVersions: List[str] = Field( + ..., + description=( + "AdmissionReviewVersions is an ordered list of preferred `AdmissionReview`" + " versions the Webhook expects. API server will try to use first version in" + " the list which it supports. If none of the versions specified in this" + " list supported by API server, validation will fail for this object. If a" + " persisted webhook configuration specifies allowed versions and does not" + " include any versions known to the API Server, calls to the webhook will" + " fail and be subject to the failure policy." + ), + ) + clientConfig: WebhookClientConfig = Field( + ..., + description="ClientConfig defines how to communicate with the hook. Required", + ) + failurePolicy: Optional[FailurePolicy] = Field( + default=None, + description=( + "FailurePolicy defines how unrecognized errors from the admission endpoint" + " are handled - allowed values are Ignore or Fail. Defaults to" + ' Fail.\n\nPossible enum values:\n - `"Fail"` means that an error calling' + ' the webhook causes the admission to fail.\n - `"Ignore"` means that an' + " error calling the webhook is ignored." + ), + ) + matchConditions: Optional[List[MatchCondition]] = Field( + default=None, + description=( + "MatchConditions is a list of conditions that must be met for a request to" + " be sent to this webhook. Match conditions filter requests that have" + " already been matched by the rules, namespaceSelector, and objectSelector." + " An empty list of matchConditions matches all requests. There are a" + " maximum of 64 match conditions allowed.\n\nThe exact matching logic is" + " (in order):\n 1. If ANY matchCondition evaluates to FALSE, the webhook" + " is skipped.\n 2. If ALL matchConditions evaluate to TRUE, the webhook is" + " called.\n 3. If any matchCondition evaluates to an error (but none are" + " FALSE):\n - If failurePolicy=Fail, reject the request\n - If" + " failurePolicy=Ignore, the error is ignored and the webhook is skipped" + ), + ) + matchPolicy: Optional[MatchPolicy] = Field( + default=None, + description=( + 'matchPolicy defines how the "rules" list is used to match incoming' + ' requests. Allowed values are "Exact" or "Equivalent".\n\n- Exact: match a' + " request only if it exactly matches a specified rule. For example, if" + " deployments can be modified via apps/v1, apps/v1beta1, and" + ' extensions/v1beta1, but "rules" only included `apiGroups:["apps"],' + ' apiVersions:["v1"], resources: ["deployments"]`, a request to' + " apps/v1beta1 or extensions/v1beta1 would not be sent to the webhook.\n\n-" + " Equivalent: match a request if modifies a resource listed in rules, even" + " via another API group or version. For example, if deployments can be" + ' modified via apps/v1, apps/v1beta1, and extensions/v1beta1, and "rules"' + ' only included `apiGroups:["apps"], apiVersions:["v1"], resources:' + ' ["deployments"]`, a request to apps/v1beta1 or extensions/v1beta1 would' + " be converted to apps/v1 and sent to the webhook.\n\nDefaults to" + ' "Equivalent"\n\nPossible enum values:\n - `"Equivalent"` means requests' + " should be sent to the webhook if they modify a resource listed in rules" + ' via another API group or version.\n - `"Exact"` means requests should' + " only be sent to the webhook if they exactly match a given rule." + ), + ) + name: str = Field( + ..., + description=( + "The name of the admission webhook. Name should be fully qualified, e.g.," + ' imagepolicy.kubernetes.io, where "imagepolicy" is the name of the' + " webhook, and kubernetes.io is the name of the organization. Required." + ), + ) + namespaceSelector: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "NamespaceSelector decides whether to run the webhook on an object based on" + " whether the namespace for that object matches the selector. If the object" + " itself is a namespace, the matching is performed on" + " object.metadata.labels. If the object is another cluster scoped resource," + " it never skips the webhook.\n\nFor example, to run the webhook on any" + ' objects whose namespace is not associated with "runlevel" of "0" or "1"; ' + ' you will set the selector as follows: "namespaceSelector": {\n ' + ' "matchExpressions": [\n {\n "key": "runlevel",\n "operator":' + ' "NotIn",\n "values": [\n "0",\n "1"\n ]\n }\n ' + " ]\n}\n\nIf instead you want to only run the webhook on any objects whose" + ' namespace is associated with the "environment" of "prod" or "staging";' + ' you will set the selector as follows: "namespaceSelector": {\n ' + ' "matchExpressions": [\n {\n "key": "environment",\n ' + ' "operator": "In",\n "values": [\n "prod",\n ' + ' "staging"\n ]\n }\n ]\n}\n\nSee' + " https://kubernetes.io/docs/concepts/overview/working-with-objects/labels" + " for more examples of label selectors.\n\nDefault to the empty" + " LabelSelector, which matches everything." + ), + ) + objectSelector: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "ObjectSelector decides whether to run the webhook based on if the object" + " has matching labels. objectSelector is evaluated against both the" + " oldObject and newObject that would be sent to the webhook, and is" + " considered to match if either object matches the selector. A null object" + " (oldObject in the case of create, or newObject in the case of delete) or" + " an object that cannot have labels (like a DeploymentRollback or a" + " PodProxyOptions object) is not considered to match. Use the object" + " selector only if the webhook is opt-in, because end users may skip the" + " admission webhook by setting the labels. Default to the empty" + " LabelSelector, which matches everything." + ), + ) + rules: Optional[List[RuleWithOperations]] = Field( + default=None, + description=( + "Rules describes what operations on what resources/subresources the webhook" + " cares about. The webhook cares about an operation if it matches _any_" + " Rule. However, in order to prevent ValidatingAdmissionWebhooks and" + " MutatingAdmissionWebhooks from putting the cluster in a state which" + " cannot be recovered from without completely disabling the plugin," + " ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never" + " called on admission requests for ValidatingWebhookConfiguration and" + " MutatingWebhookConfiguration objects." + ), + ) + sideEffects: SideEffects = Field( + ..., + description=( + "SideEffects states whether this webhook has side effects. Acceptable" + " values are: None, NoneOnDryRun (webhooks created via v1beta1 may also" + " specify Some or Unknown). Webhooks with side effects MUST implement a" + " reconciliation system, since a request may be rejected by a future step" + " in the admission chain and the side effects therefore need to be undone." + " Requests with the dryRun attribute will be auto-rejected if they match a" + " webhook with sideEffects == Unknown or Some.\n\nPossible enum values:\n -" + ' `"None"` means that calling the webhook will have no side effects.\n -' + ' `"NoneOnDryRun"` means that calling the webhook will possibly have side' + " effects, but if the request being reviewed has the dry-run attribute, the" + ' side effects will be suppressed.\n - `"Some"` means that calling the' + " webhook will possibly have side effects. If a request with the dry-run" + " attribute would trigger a call to this webhook, the request will instead" + ' fail.\n - `"Unknown"` means that no information is known about the side' + " effects of calling the webhook. If a request with the dry-run attribute" + " would trigger a call to this webhook, the request will instead fail." + ), + ) + timeoutSeconds: Optional[int] = Field( + default=None, + description=( + "TimeoutSeconds specifies the timeout for this webhook. After the timeout" + " passes, the webhook call will be ignored or the API call will fail based" + " on the failure policy. The timeout value must be between 1 and 30" + " seconds. Default to 10 seconds." + ), + ) + + +class ValidatingWebhookConfiguration(BaseModel): + apiVersion: Optional[str] = Field( + default="admissionregistration.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="ValidatingWebhookConfiguration", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object metadata; More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata." + ), + ) + webhooks: Optional[List[ValidatingWebhook]] = Field( + default=None, + description=( + "Webhooks is a list of webhooks and the affected resources and operations." + ), + ) + + +class ValidatingWebhookConfigurationList(BaseModel): + apiVersion: Optional[str] = Field( + default="admissionregistration.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[ValidatingWebhookConfiguration] = Field( + ..., description="List of ValidatingWebhookConfiguration." + ) + kind: Optional[str] = Field( + default="ValidatingWebhookConfigurationList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class ValidatingAdmissionPolicy(BaseModel): + apiVersion: Optional[str] = Field( + default="admissionregistration.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="ValidatingAdmissionPolicy", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object metadata; More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata." + ), + ) + spec: Optional[ValidatingAdmissionPolicySpec] = Field( + default=None, + description=( + "Specification of the desired behavior of the ValidatingAdmissionPolicy." + ), + ) + status: Optional[ValidatingAdmissionPolicyStatus] = Field( + default=None, + description=( + "The status of the ValidatingAdmissionPolicy, including warnings that are" + " useful to determine if the policy behaves in the expected way. Populated" + " by the system. Read-only." + ), + ) + + +class ValidatingAdmissionPolicyBinding(BaseModel): + apiVersion: Optional[str] = Field( + default="admissionregistration.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="ValidatingAdmissionPolicyBinding", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object metadata; More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata." + ), + ) + spec: Optional[ValidatingAdmissionPolicyBindingSpec] = Field( + default=None, + description=( + "Specification of the desired behavior of the" + " ValidatingAdmissionPolicyBinding." + ), + ) + + +class ValidatingAdmissionPolicyBindingList(BaseModel): + apiVersion: Optional[str] = Field( + default="admissionregistration.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: Optional[List[ValidatingAdmissionPolicyBinding]] = Field( + default=None, description="List of PolicyBinding." + ) + kind: Optional[str] = Field( + default="ValidatingAdmissionPolicyBindingList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class ValidatingAdmissionPolicyList(BaseModel): + apiVersion: Optional[str] = Field( + default="admissionregistration.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: Optional[List[ValidatingAdmissionPolicy]] = Field( + default=None, description="List of ValidatingAdmissionPolicy." + ) + kind: Optional[str] = Field( + default="ValidatingAdmissionPolicyList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) diff --git a/src/kubedantic/models/io/k8s/api/apps/__init__.py b/src/kubedantic/models/io/k8s/api/apps/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/apps/v1.py b/src/kubedantic/models/io/k8s/api/apps/v1.py new file mode 100644 index 0000000..7df8f4c --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/apps/v1.py @@ -0,0 +1,1183 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from enum import Enum +from typing import List, Optional, Union + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg import runtime +from ...apimachinery.pkg.apis.meta import v1 +from ..core import v1 as v1_1 + + +class DaemonSetCondition(BaseModel): + lastTransitionTime: Optional[datetime] = Field( + default=None, + description="Last time the condition transitioned from one status to another.", + ) + message: Optional[str] = Field( + default=None, + description="A human readable message indicating details about the transition.", + ) + reason: Optional[str] = Field( + default=None, description="The reason for the condition's last transition." + ) + status: str = Field( + ..., description="Status of the condition, one of True, False, Unknown." + ) + type: str = Field(..., description="Type of DaemonSet condition.") + + +class DaemonSetStatus(BaseModel): + collisionCount: Optional[int] = Field( + default=None, + description=( + "Count of hash collisions for the DaemonSet. The DaemonSet controller uses" + " this field as a collision avoidance mechanism when it needs to create the" + " name for the newest ControllerRevision." + ), + ) + conditions: Optional[List[DaemonSetCondition]] = Field( + default=None, + description=( + "Represents the latest available observations of a DaemonSet's current" + " state." + ), + ) + currentNumberScheduled: int = Field( + ..., + description=( + "The number of nodes that are running at least 1 daemon pod and are" + " supposed to run the daemon pod. More info:" + " https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" + ), + ) + desiredNumberScheduled: int = Field( + ..., + description=( + "The total number of nodes that should be running the daemon pod (including" + " nodes correctly running the daemon pod). More info:" + " https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" + ), + ) + numberAvailable: Optional[int] = Field( + default=None, + description=( + "The number of nodes that should be running the daemon pod and have one or" + " more of the daemon pod running and available (ready for at least" + " spec.minReadySeconds)" + ), + ) + numberMisscheduled: int = Field( + ..., + description=( + "The number of nodes that are running the daemon pod, but are not supposed" + " to run the daemon pod. More info:" + " https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/" + ), + ) + numberReady: int = Field( + ..., + description=( + "numberReady is the number of nodes that should be running the daemon pod" + " and have one or more of the daemon pod running with a Ready Condition." + ), + ) + numberUnavailable: Optional[int] = Field( + default=None, + description=( + "The number of nodes that should be running the daemon pod and have none of" + " the daemon pod running and available (ready for at least" + " spec.minReadySeconds)" + ), + ) + observedGeneration: Optional[int] = Field( + default=None, + description="The most recent generation observed by the daemon set controller.", + ) + updatedNumberScheduled: Optional[int] = Field( + default=None, + description="The total number of nodes that are running updated daemon pod", + ) + + +class Type(Enum): + OnDelete = "OnDelete" + RollingUpdate = "RollingUpdate" + + +class DeploymentCondition(BaseModel): + lastTransitionTime: Optional[datetime] = Field( + default=None, + description="Last time the condition transitioned from one status to another.", + ) + lastUpdateTime: Optional[datetime] = Field( + default=None, description="The last time this condition was updated." + ) + message: Optional[str] = Field( + default=None, + description="A human readable message indicating details about the transition.", + ) + reason: Optional[str] = Field( + default=None, description="The reason for the condition's last transition." + ) + status: str = Field( + ..., description="Status of the condition, one of True, False, Unknown." + ) + type: str = Field(..., description="Type of deployment condition.") + + +class DeploymentStatus(BaseModel): + availableReplicas: Optional[int] = Field( + default=None, + description=( + "Total number of available pods (ready for at least minReadySeconds)" + " targeted by this deployment." + ), + ) + collisionCount: Optional[int] = Field( + default=None, + description=( + "Count of hash collisions for the Deployment. The Deployment controller" + " uses this field as a collision avoidance mechanism when it needs to" + " create the name for the newest ReplicaSet." + ), + ) + conditions: Optional[List[DeploymentCondition]] = Field( + default=None, + description=( + "Represents the latest available observations of a deployment's current" + " state." + ), + ) + observedGeneration: Optional[int] = Field( + default=None, + description="The generation observed by the deployment controller.", + ) + readyReplicas: Optional[int] = Field( + default=None, + description=( + "readyReplicas is the number of pods targeted by this Deployment with a" + " Ready Condition." + ), + ) + replicas: Optional[int] = Field( + default=None, + description=( + "Total number of non-terminated pods targeted by this deployment (their" + " labels match the selector)." + ), + ) + unavailableReplicas: Optional[int] = Field( + default=None, + description=( + "Total number of unavailable pods targeted by this deployment. This is the" + " total number of pods that are still required for the deployment to have" + " 100% available capacity. They may either be pods that are running but not" + " yet available or pods that still have not been created." + ), + ) + updatedReplicas: Optional[int] = Field( + default=None, + description=( + "Total number of non-terminated pods targeted by this deployment that have" + " the desired template spec." + ), + ) + + +class TypeModel(Enum): + Recreate = "Recreate" + RollingUpdate = "RollingUpdate" + + +class ReplicaSetCondition(BaseModel): + lastTransitionTime: Optional[datetime] = Field( + default=None, + description=( + "The last time the condition transitioned from one status to another." + ), + ) + message: Optional[str] = Field( + default=None, + description="A human readable message indicating details about the transition.", + ) + reason: Optional[str] = Field( + default=None, description="The reason for the condition's last transition." + ) + status: str = Field( + ..., description="Status of the condition, one of True, False, Unknown." + ) + type: str = Field(..., description="Type of replica set condition.") + + +class ReplicaSetStatus(BaseModel): + availableReplicas: Optional[int] = Field( + default=None, + description=( + "The number of available replicas (ready for at least minReadySeconds) for" + " this replica set." + ), + ) + conditions: Optional[List[ReplicaSetCondition]] = Field( + default=None, + description=( + "Represents the latest available observations of a replica set's current" + " state." + ), + ) + fullyLabeledReplicas: Optional[int] = Field( + default=None, + description=( + "The number of pods that have labels matching the labels of the pod" + " template of the replicaset." + ), + ) + observedGeneration: Optional[int] = Field( + default=None, + description=( + "ObservedGeneration reflects the generation of the most recently observed" + " ReplicaSet." + ), + ) + readyReplicas: Optional[int] = Field( + default=None, + description=( + "readyReplicas is the number of pods targeted by this ReplicaSet with a" + " Ready Condition." + ), + ) + replicas: int = Field( + ..., + description=( + "Replicas is the most recently observed number of replicas. More info:" + " https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller" + ), + ) + + +class RollingUpdateDaemonSet(BaseModel): + maxSurge: Optional[Union[int, str]] = Field( + default=None, + description=( + "The maximum number of nodes with an existing available DaemonSet pod that" + " can have an updated DaemonSet pod during during an update. Value can be" + " an absolute number (ex: 5) or a percentage of desired pods (ex: 10%)." + " This can not be 0 if MaxUnavailable is 0. Absolute number is calculated" + " from percentage by rounding up to a minimum of 1. Default value is 0." + " Example: when this is set to 30%, at most 30% of the total number of" + " nodes that should be running the daemon pod (i.e." + " status.desiredNumberScheduled) can have their a new pod created before" + " the old pod is marked as deleted. The update starts by launching new pods" + " on 30% of nodes. Once an updated pod is available (Ready for at least" + " minReadySeconds) the old DaemonSet pod on that node is marked deleted. If" + " the old pod becomes unavailable for any reason (Ready transitions to" + " false, is evicted, or is drained) an updated pod is immediatedly created" + " on that node without considering surge limits. Allowing surge implies the" + " possibility that the resources consumed by the daemonset on any given" + " node can double if the readiness check fails, and so resource intensive" + " daemonsets should take into account that they may cause evictions during" + " disruption." + ), + ) + maxUnavailable: Optional[Union[int, str]] = Field( + default=None, + description=( + "The maximum number of DaemonSet pods that can be unavailable during the" + " update. Value can be an absolute number (ex: 5) or a percentage of total" + " number of DaemonSet pods at the start of the update (ex: 10%). Absolute" + " number is calculated from percentage by rounding up. This cannot be 0 if" + " MaxSurge is 0 Default value is 1. Example: when this is set to 30%, at" + " most 30% of the total number of nodes that should be running the daemon" + " pod (i.e. status.desiredNumberScheduled) can have their pods stopped for" + " an update at any given time. The update starts by stopping at most 30% of" + " those DaemonSet pods and then brings up new DaemonSet pods in their" + " place. Once the new pods are available, it then proceeds onto other" + " DaemonSet pods, thus ensuring that at least 70% of original number of" + " DaemonSet pods are available at all times during the update." + ), + ) + + +class RollingUpdateDeployment(BaseModel): + maxSurge: Optional[Union[int, str]] = Field( + default=None, + description=( + "The maximum number of pods that can be scheduled above the desired number" + " of pods. Value can be an absolute number (ex: 5) or a percentage of" + " desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0." + " Absolute number is calculated from percentage by rounding up. Defaults to" + " 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled" + " up immediately when the rolling update starts, such that the total number" + " of old and new pods do not exceed 130% of desired pods. Once old pods" + " have been killed, new ReplicaSet can be scaled up further, ensuring that" + " total number of pods running at any time during the update is at most" + " 130% of desired pods." + ), + ) + maxUnavailable: Optional[Union[int, str]] = Field( + default=None, + description=( + "The maximum number of pods that can be unavailable during the update." + " Value can be an absolute number (ex: 5) or a percentage of desired pods" + " (ex: 10%). Absolute number is calculated from percentage by rounding" + " down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when" + " this is set to 30%, the old ReplicaSet can be scaled down to 70% of" + " desired pods immediately when the rolling update starts. Once new pods" + " are ready, old ReplicaSet can be scaled down further, followed by scaling" + " up the new ReplicaSet, ensuring that the total number of pods available" + " at all times during the update is at least 70% of desired pods." + ), + ) + + +class RollingUpdateStatefulSetStrategy(BaseModel): + maxUnavailable: Optional[Union[int, str]] = Field( + default=None, + description=( + "The maximum number of pods that can be unavailable during the update." + " Value can be an absolute number (ex: 5) or a percentage of desired pods" + " (ex: 10%). Absolute number is calculated from percentage by rounding up." + " This can not be 0. Defaults to 1. This field is alpha-level and is only" + " honored by servers that enable the MaxUnavailableStatefulSet feature. The" + " field applies to all pods in the range 0 to Replicas-1. That means if" + " there is any unavailable pod in the range 0 to Replicas-1, it will be" + " counted towards MaxUnavailable." + ), + ) + partition: Optional[int] = Field( + default=None, + description=( + "Partition indicates the ordinal at which the StatefulSet should be" + " partitioned for updates. During a rolling update, all pods from ordinal" + " Replicas-1 to Partition are updated. All pods from ordinal Partition-1 to" + " 0 remain untouched. This is helpful in being able to do a canary based" + " deployment. The default value is 0." + ), + ) + + +class StatefulSetCondition(BaseModel): + lastTransitionTime: Optional[datetime] = Field( + default=None, + description="Last time the condition transitioned from one status to another.", + ) + message: Optional[str] = Field( + default=None, + description="A human readable message indicating details about the transition.", + ) + reason: Optional[str] = Field( + default=None, description="The reason for the condition's last transition." + ) + status: str = Field( + ..., description="Status of the condition, one of True, False, Unknown." + ) + type: str = Field(..., description="Type of statefulset condition.") + + +class StatefulSetOrdinals(BaseModel): + start: Optional[int] = Field( + default=0, + description=( + "start is the number representing the first replica's index. It may be used" + " to number replicas from an alternate index (eg: 1-indexed) over the" + " default 0-indexed names, or to orchestrate progressive movement of" + " replicas from one StatefulSet to another. If set, replica indices will be" + " in the range:\n [.spec.ordinals.start, .spec.ordinals.start +" + " .spec.replicas).\nIf unset, defaults to 0. Replica indices will be in the" + " range:\n [0, .spec.replicas)." + ), + ) + + +class StatefulSetPersistentVolumeClaimRetentionPolicy(BaseModel): + whenDeleted: Optional[str] = Field( + default=None, + description=( + "WhenDeleted specifies what happens to PVCs created from StatefulSet" + " VolumeClaimTemplates when the StatefulSet is deleted. The default policy" + " of `Retain` causes PVCs to not be affected by StatefulSet deletion. The" + " `Delete` policy causes those PVCs to be deleted." + ), + ) + whenScaled: Optional[str] = Field( + default=None, + description=( + "WhenScaled specifies what happens to PVCs created from StatefulSet" + " VolumeClaimTemplates when the StatefulSet is scaled down. The default" + " policy of `Retain` causes PVCs to not be affected by a scaledown. The" + " `Delete` policy causes the associated PVCs for any excess pods above the" + " replica count to be deleted." + ), + ) + + +class PodManagementPolicy(Enum): + OrderedReady = "OrderedReady" + Parallel = "Parallel" + + +class StatefulSetStatus(BaseModel): + availableReplicas: Optional[int] = Field( + default=0, + description=( + "Total number of available pods (ready for at least minReadySeconds)" + " targeted by this statefulset." + ), + ) + collisionCount: Optional[int] = Field( + default=None, + description=( + "collisionCount is the count of hash collisions for the StatefulSet. The" + " StatefulSet controller uses this field as a collision avoidance mechanism" + " when it needs to create the name for the newest ControllerRevision." + ), + ) + conditions: Optional[List[StatefulSetCondition]] = Field( + default=None, + description=( + "Represents the latest available observations of a statefulset's current" + " state." + ), + ) + currentReplicas: Optional[int] = Field( + default=None, + description=( + "currentReplicas is the number of Pods created by the StatefulSet" + " controller from the StatefulSet version indicated by currentRevision." + ), + ) + currentRevision: Optional[str] = Field( + default=None, + description=( + "currentRevision, if not empty, indicates the version of the StatefulSet" + " used to generate Pods in the sequence [0,currentReplicas)." + ), + ) + observedGeneration: Optional[int] = Field( + default=None, + description=( + "observedGeneration is the most recent generation observed for this" + " StatefulSet. It corresponds to the StatefulSet's generation, which is" + " updated on mutation by the API Server." + ), + ) + readyReplicas: Optional[int] = Field( + default=None, + description=( + "readyReplicas is the number of pods created for this StatefulSet with a" + " Ready Condition." + ), + ) + replicas: int = Field( + ..., + description=( + "replicas is the number of Pods created by the StatefulSet controller." + ), + ) + updateRevision: Optional[str] = Field( + default=None, + description=( + "updateRevision, if not empty, indicates the version of the StatefulSet" + " used to generate Pods in the sequence [replicas-updatedReplicas,replicas)" + ), + ) + updatedReplicas: Optional[int] = Field( + default=None, + description=( + "updatedReplicas is the number of Pods created by the StatefulSet" + " controller from the StatefulSet version indicated by updateRevision." + ), + ) + + +class TypeModel1(Enum): + OnDelete = "OnDelete" + RollingUpdate = "RollingUpdate" + + +class StatefulSetUpdateStrategy(BaseModel): + rollingUpdate: Optional[RollingUpdateStatefulSetStrategy] = Field( + default=None, + description=( + "RollingUpdate is used to communicate parameters when Type is" + " RollingUpdateStatefulSetStrategyType." + ), + ) + type: Optional[TypeModel1] = Field( + default=None, + description=( + "Type indicates the type of the StatefulSetUpdateStrategy. Default is" + ' RollingUpdate.\n\nPossible enum values:\n - `"OnDelete"` triggers the' + " legacy behavior. Version tracking and ordered rolling restarts are" + " disabled. Pods are recreated from the StatefulSetSpec when they are" + " manually deleted. When a scale operation is performed with this" + " strategy,specification version indicated by the StatefulSet's" + ' currentRevision.\n - `"RollingUpdate"` indicates that update will be' + " applied to all Pods in the StatefulSet with respect to the StatefulSet" + " ordering constraints. When a scale operation is performed with this" + " strategy, new Pods will be created from the specification version" + " indicated by the StatefulSet's updateRevision." + ), + ) + + +class ControllerRevision(BaseModel): + apiVersion: Optional[str] = Field( + default="apps/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + data: Optional[runtime.RawExtension] = Field( + default=None, description="Data is the serialized representation of the state." + ) + kind: Optional[str] = Field( + default="ControllerRevision", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + revision: int = Field( + ..., + description="Revision indicates the revision of the state represented by Data.", + ) + + +class ControllerRevisionList(BaseModel): + apiVersion: Optional[str] = Field( + default="apps/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[ControllerRevision] = Field( + ..., description="Items is the list of ControllerRevisions" + ) + kind: Optional[str] = Field( + default="ControllerRevisionList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + + +class DaemonSetUpdateStrategy(BaseModel): + rollingUpdate: Optional[RollingUpdateDaemonSet] = Field( + default=None, + description=( + 'Rolling update config params. Present only if type = "RollingUpdate".' + ), + ) + type: Optional[Type] = Field( + default=None, + description=( + 'Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default' + ' is RollingUpdate.\n\nPossible enum values:\n - `"OnDelete"` Replace the' + ' old daemons only when it\'s killed\n - `"RollingUpdate"` Replace the old' + " daemons by new ones using rolling update i.e replace them on each node" + " one after the other." + ), + ) + + +class DeploymentStrategy(BaseModel): + rollingUpdate: Optional[RollingUpdateDeployment] = Field( + default=None, + description=( + "Rolling update config params. Present only if DeploymentStrategyType =" + " RollingUpdate." + ), + ) + type: Optional[TypeModel] = Field( + default=None, + description=( + 'Type of deployment. Can be "Recreate" or "RollingUpdate". Default is' + ' RollingUpdate.\n\nPossible enum values:\n - `"Recreate"` Kill all' + ' existing pods before creating new ones.\n - `"RollingUpdate"` Replace the' + " old ReplicaSets by new one using rolling update i.e gradually scale down" + " the old ReplicaSets and scale up the new one." + ), + ) + + +class DaemonSetSpec(BaseModel): + minReadySeconds: Optional[int] = Field( + default=None, + description=( + "The minimum number of seconds for which a newly created DaemonSet pod" + " should be ready without any of its container crashing, for it to be" + " considered available. Defaults to 0 (pod will be considered available as" + " soon as it is ready)." + ), + ) + revisionHistoryLimit: Optional[int] = Field( + default=None, + description=( + "The number of old history to retain to allow rollback. This is a pointer" + " to distinguish between explicit zero and not specified. Defaults to 10." + ), + ) + selector: v1.LabelSelector = Field( + ..., + description=( + "A label query over pods that are managed by the daemon set. Must match in" + " order to be controlled. It must match the pod template's labels. More" + " info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + ), + ) + template: v1_1.PodTemplateSpec = Field( + ..., + description=( + "An object that describes the pod that will be created. The DaemonSet will" + " create exactly one copy of this pod on every node that matches the" + " template's node selector (or on every node if no node selector is" + " specified). The only allowed template.spec.restartPolicy value is" + ' "Always". More info:' + " https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template" + ), + ) + updateStrategy: Optional[DaemonSetUpdateStrategy] = Field( + default=None, + description=( + "An update strategy to replace existing DaemonSet pods with new pods." + ), + ) + + +class DeploymentSpec(BaseModel): + minReadySeconds: Optional[int] = Field( + default=None, + description=( + "Minimum number of seconds for which a newly created pod should be ready" + " without any of its container crashing, for it to be considered available." + " Defaults to 0 (pod will be considered available as soon as it is ready)" + ), + ) + paused: Optional[bool] = Field( + default=None, description="Indicates that the deployment is paused." + ) + progressDeadlineSeconds: Optional[int] = Field( + default=None, + description=( + "The maximum time in seconds for a deployment to make progress before it is" + " considered to be failed. The deployment controller will continue to" + " process failed deployments and a condition with a" + " ProgressDeadlineExceeded reason will be surfaced in the deployment" + " status. Note that progress will not be estimated during the time a" + " deployment is paused. Defaults to 600s." + ), + ) + replicas: Optional[int] = Field( + default=None, + description=( + "Number of desired pods. This is a pointer to distinguish between explicit" + " zero and not specified. Defaults to 1." + ), + ) + revisionHistoryLimit: Optional[int] = Field( + default=None, + description=( + "The number of old ReplicaSets to retain to allow rollback. This is a" + " pointer to distinguish between explicit zero and not specified. Defaults" + " to 10." + ), + ) + selector: v1.LabelSelector = Field( + ..., + description=( + "Label selector for pods. Existing ReplicaSets whose pods are selected by" + " this will be the ones affected by this deployment. It must match the pod" + " template's labels." + ), + ) + strategy: Optional[DeploymentStrategy] = Field( + default=None, + description=( + "The deployment strategy to use to replace existing pods with new ones." + ), + ) + template: v1_1.PodTemplateSpec = Field( + ..., + description=( + "Template describes the pods that will be created. The only allowed" + ' template.spec.restartPolicy value is "Always".' + ), + ) + + +class ReplicaSetSpec(BaseModel): + minReadySeconds: Optional[int] = Field( + default=None, + description=( + "Minimum number of seconds for which a newly created pod should be ready" + " without any of its container crashing, for it to be considered available." + " Defaults to 0 (pod will be considered available as soon as it is ready)" + ), + ) + replicas: Optional[int] = Field( + default=None, + description=( + "Replicas is the number of desired replicas. This is a pointer to" + " distinguish between explicit zero and unspecified. Defaults to 1. More" + " info:" + " https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller" + ), + ) + selector: v1.LabelSelector = Field( + ..., + description=( + "Selector is a label query over pods that should match the replica count." + " Label keys and values that must match in order to be controlled by this" + " replica set. It must match the pod template's labels. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + ), + ) + template: Optional[v1_1.PodTemplateSpec] = Field( + default=None, + description=( + "Template is the object that describes the pod that will be created if" + " insufficient replicas are detected. More info:" + " https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template" + ), + ) + + +class StatefulSetSpec(BaseModel): + minReadySeconds: Optional[int] = Field( + default=None, + description=( + "Minimum number of seconds for which a newly created pod should be ready" + " without any of its container crashing for it to be considered available." + " Defaults to 0 (pod will be considered available as soon as it is ready)" + ), + ) + ordinals: Optional[StatefulSetOrdinals] = Field( + default=None, + description=( + "ordinals controls the numbering of replica indices in a StatefulSet. The" + ' default ordinals behavior assigns a "0" index to the first replica and' + " increments the index by one for each additional replica requested. Using" + " the ordinals field requires the StatefulSetStartOrdinal feature gate to" + " be enabled, which is beta." + ), + ) + persistentVolumeClaimRetentionPolicy: Optional[ + StatefulSetPersistentVolumeClaimRetentionPolicy + ] = Field( + default=None, + description=( + "persistentVolumeClaimRetentionPolicy describes the lifecycle of persistent" + " volume claims created from volumeClaimTemplates. By default, all" + " persistent volume claims are created as needed and retained until" + " manually deleted. This policy allows the lifecycle to be altered, for" + " example by deleting persistent volume claims when their stateful set is" + " deleted, or when their pod is scaled down. This requires the" + " StatefulSetAutoDeletePVC feature gate to be enabled, which is alpha. " + " +optional" + ), + ) + podManagementPolicy: Optional[PodManagementPolicy] = Field( + default=None, + description=( + "podManagementPolicy controls how pods are created during initial scale up," + " when replacing pods on nodes, or when scaling down. The default policy is" + " `OrderedReady`, where pods are created in increasing order (pod-0, then" + " pod-1, etc) and the controller will wait until each pod is ready before" + " continuing. When scaling down, the pods are removed in the opposite" + " order. The alternative policy is `Parallel` which will create pods in" + " parallel to match the desired scale without waiting, and on scale down" + " will delete all pods at once.\n\nPossible enum values:\n -" + ' `"OrderedReady"` will create pods in strictly increasing order on scale' + " up and strictly decreasing order on scale down, progressing only when the" + " previous pod is ready or terminated. At most one pod will be changed at" + ' any time.\n - `"Parallel"` will create and delete pods as soon as the' + " stateful set replica count is changed, and will not wait for pods to be" + " ready or complete termination." + ), + ) + replicas: Optional[int] = Field( + default=None, + description=( + "replicas is the desired number of replicas of the given Template. These" + " are replicas in the sense that they are instantiations of the same" + " Template, but individual replicas also have a consistent identity. If" + " unspecified, defaults to 1." + ), + ) + revisionHistoryLimit: Optional[int] = Field( + default=None, + description=( + "revisionHistoryLimit is the maximum number of revisions that will be" + " maintained in the StatefulSet's revision history. The revision history" + " consists of all revisions not represented by a currently applied" + " StatefulSetSpec version. The default value is 10." + ), + ) + selector: v1.LabelSelector = Field( + ..., + description=( + "selector is a label query over pods that should match the replica count." + " It must match the pod template's labels. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + ), + ) + serviceName: str = Field( + ..., + description=( + "serviceName is the name of the service that governs this StatefulSet. This" + " service must exist before the StatefulSet, and is responsible for the" + " network identity of the set. Pods get DNS/hostnames that follow the" + " pattern: pod-specific-string.serviceName.default.svc.cluster.local where" + ' "pod-specific-string" is managed by the StatefulSet controller.' + ), + ) + template: v1_1.PodTemplateSpec = Field( + ..., + description=( + "template is the object that describes the pod that will be created if" + " insufficient replicas are detected. Each pod stamped out by the" + " StatefulSet will fulfill this Template, but have a unique identity from" + " the rest of the StatefulSet. Each pod will be named with the format" + " -. For example, a pod in a StatefulSet named" + ' "web" with index number "3" would be named "web-3". The only allowed' + ' template.spec.restartPolicy value is "Always".' + ), + ) + updateStrategy: Optional[StatefulSetUpdateStrategy] = Field( + default=None, + description=( + "updateStrategy indicates the StatefulSetUpdateStrategy that will be" + " employed to update Pods in the StatefulSet when a revision is made to" + " Template." + ), + ) + volumeClaimTemplates: Optional[List[v1_1.PersistentVolumeClaim]] = Field( + default=None, + description=( + "volumeClaimTemplates is a list of claims that pods are allowed to" + " reference. The StatefulSet controller is responsible for mapping network" + " identities to claims in a way that maintains the identity of a pod. Every" + " claim in this list must have at least one matching (by name) volumeMount" + " in one container in the template. A claim in this list takes precedence" + " over any volumes in the template, with the same name." + ), + ) + + +class DaemonSet(BaseModel): + apiVersion: Optional[str] = Field( + default="apps/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="DaemonSet", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[DaemonSetSpec] = Field( + default=None, + description=( + "The desired behavior of this daemon set. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + status: Optional[DaemonSetStatus] = Field( + default=None, + description=( + "The current status of this daemon set. This data may be out of date by" + " some window of time. Populated by the system. Read-only. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class DaemonSetList(BaseModel): + apiVersion: Optional[str] = Field( + default="apps/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[DaemonSet] = Field(..., description="A list of daemon sets.") + kind: Optional[str] = Field( + default="DaemonSetList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + + +class Deployment(BaseModel): + apiVersion: Optional[str] = Field( + default="apps/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="Deployment", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[DeploymentSpec] = Field( + default=None, + description="Specification of the desired behavior of the Deployment.", + ) + status: Optional[DeploymentStatus] = Field( + default=None, description="Most recently observed status of the Deployment." + ) + + +class DeploymentList(BaseModel): + apiVersion: Optional[str] = Field( + default="apps/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[Deployment] = Field( + ..., description="Items is the list of Deployments." + ) + kind: Optional[str] = Field( + default="DeploymentList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, description="Standard list metadata." + ) + + +class ReplicaSet(BaseModel): + apiVersion: Optional[str] = Field( + default="apps/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="ReplicaSet", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "If the Labels of a ReplicaSet are empty, they are defaulted to be the same" + " as the Pod(s) that the ReplicaSet manages. Standard object's metadata." + " More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[ReplicaSetSpec] = Field( + default=None, + description=( + "Spec defines the specification of the desired behavior of the ReplicaSet." + " More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + status: Optional[ReplicaSetStatus] = Field( + default=None, + description=( + "Status is the most recently observed status of the ReplicaSet. This data" + " may be out of date by some window of time. Populated by the system." + " Read-only. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class ReplicaSetList(BaseModel): + apiVersion: Optional[str] = Field( + default="apps/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[ReplicaSet] = Field( + ..., + description=( + "List of ReplicaSets. More info:" + " https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller" + ), + ) + kind: Optional[str] = Field( + default="ReplicaSetList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class StatefulSet(BaseModel): + apiVersion: Optional[str] = Field( + default="apps/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="StatefulSet", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[StatefulSetSpec] = Field( + default=None, + description="Spec defines the desired identities of pods in this set.", + ) + status: Optional[StatefulSetStatus] = Field( + default=None, + description=( + "Status is the current status of Pods in this StatefulSet. This data may be" + " out of date by some window of time." + ), + ) + + +class StatefulSetList(BaseModel): + apiVersion: Optional[str] = Field( + default="apps/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[StatefulSet] = Field( + ..., description="Items is the list of stateful sets." + ) + kind: Optional[str] = Field( + default="StatefulSetList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) diff --git a/src/kubedantic/models/io/k8s/api/authentication/__init__.py b/src/kubedantic/models/io/k8s/api/authentication/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/authentication/v1.py b/src/kubedantic/models/io/k8s/api/authentication/v1.py new file mode 100644 index 0000000..f8b9b99 --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/authentication/v1.py @@ -0,0 +1,249 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from typing import Dict, List, Optional + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 + + +class BoundObjectReference(BaseModel): + apiVersion: Optional[str] = Field( + default=None, description="API version of the referent." + ) + kind: Optional[str] = Field( + default=None, + description="Kind of the referent. Valid kinds are 'Pod' and 'Secret'.", + ) + name: Optional[str] = Field(default=None, description="Name of the referent.") + uid: Optional[str] = Field(default=None, description="UID of the referent.") + + +class TokenRequestSpec(BaseModel): + audiences: List[str] = Field( + ..., + description=( + "Audiences are the intendend audiences of the token. A recipient of a token" + " must identify themself with an identifier in the list of audiences of the" + " token, and otherwise should reject the token. A token issued for multiple" + " audiences may be used to authenticate against any of the audiences listed" + " but implies a high degree of trust between the target audiences." + ), + ) + boundObjectRef: Optional[BoundObjectReference] = Field( + default=None, + description=( + "BoundObjectRef is a reference to an object that the token will be bound" + " to. The token will only be valid for as long as the bound object exists." + " NOTE: The API server's TokenReview endpoint will validate the" + " BoundObjectRef, but other audiences may not. Keep ExpirationSeconds small" + " if you want prompt revocation." + ), + ) + expirationSeconds: Optional[int] = Field( + default=None, + description=( + "ExpirationSeconds is the requested duration of validity of the request." + " The token issuer may return a token with a different validity duration so" + " a client needs to check the 'expiration' field in a response." + ), + ) + + +class TokenReviewSpec(BaseModel): + audiences: Optional[List[str]] = Field( + default=None, + description=( + "Audiences is a list of the identifiers that the resource server presented" + " with the token identifies as. Audience-aware token authenticators will" + " verify that the token was intended for at least one of the audiences in" + " this list. If no audiences are provided, the audience will default to the" + " audience of the Kubernetes apiserver." + ), + ) + token: Optional[str] = Field( + default=None, description="Token is the opaque bearer token." + ) + + +class UserInfo(BaseModel): + extra: Optional[Dict[str, List[str]]] = Field( + default=None, + description="Any additional information provided by the authenticator.", + ) + groups: Optional[List[str]] = Field( + default=None, description="The names of groups this user is a part of." + ) + uid: Optional[str] = Field( + default=None, + description=( + "A unique value that identifies this user across time. If this user is" + " deleted and another user by the same name is added, they will have" + " different UIDs." + ), + ) + username: Optional[str] = Field( + default=None, + description=( + "The name that uniquely identifies this user among all active users." + ), + ) + + +class TokenRequestStatus(BaseModel): + expirationTimestamp: datetime = Field( + ..., + description=( + "ExpirationTimestamp is the time of expiration of the returned token." + ), + ) + token: str = Field(..., description="Token is the opaque bearer token.") + + +class SelfSubjectReviewStatus(BaseModel): + userInfo: Optional[UserInfo] = Field( + default=None, description="User attributes of the user making this request." + ) + + +class TokenReviewStatus(BaseModel): + audiences: Optional[List[str]] = Field( + default=None, + description=( + "Audiences are audience identifiers chosen by the authenticator that are" + " compatible with both the TokenReview and token. An identifier is any" + " identifier in the intersection of the TokenReviewSpec audiences and the" + " token's audiences. A client of the TokenReview API that sets the" + " spec.audiences field should validate that a compatible audience" + " identifier is returned in the status.audiences field to ensure that the" + " TokenReview server is audience aware. If a TokenReview returns an empty" + ' status.audience field where status.authenticated is "true", the token is' + " valid against the audience of the Kubernetes API server." + ), + ) + authenticated: Optional[bool] = Field( + default=None, + description=( + "Authenticated indicates that the token was associated with a known user." + ), + ) + error: Optional[str] = Field( + default=None, description="Error indicates that the token couldn't be checked" + ) + user: Optional[UserInfo] = Field( + default=None, + description="User is the UserInfo associated with the provided token.", + ) + + +class TokenRequest(BaseModel): + apiVersion: Optional[str] = Field( + default="authentication.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="TokenRequest", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: TokenRequestSpec = Field( + ..., description="Spec holds information about the request being evaluated" + ) + status: Optional[TokenRequestStatus] = Field( + default=None, + description=( + "Status is filled in by the server and indicates whether the token can be" + " authenticated." + ), + ) + + +class SelfSubjectReview(BaseModel): + apiVersion: Optional[str] = Field( + default="authentication.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="SelfSubjectReview", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + status: Optional[SelfSubjectReviewStatus] = Field( + default=None, + description="Status is filled in by the server with the user attributes.", + ) + + +class TokenReview(BaseModel): + apiVersion: Optional[str] = Field( + default="authentication.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="TokenReview", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: TokenReviewSpec = Field( + ..., description="Spec holds information about the request being evaluated" + ) + status: Optional[TokenReviewStatus] = Field( + default=None, + description=( + "Status is filled in by the server and indicates whether the request can be" + " authenticated." + ), + ) diff --git a/src/kubedantic/models/io/k8s/api/authorization/__init__.py b/src/kubedantic/models/io/k8s/api/authorization/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/authorization/v1.py b/src/kubedantic/models/io/k8s/api/authorization/v1.py new file mode 100644 index 0000000..fa1812c --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/authorization/v1.py @@ -0,0 +1,410 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from typing import Dict, List, Optional + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 + + +class NonResourceAttributes(BaseModel): + path: Optional[str] = Field( + default=None, description="Path is the URL path of the request" + ) + verb: Optional[str] = Field( + default=None, description="Verb is the standard HTTP verb" + ) + + +class NonResourceRule(BaseModel): + nonResourceURLs: Optional[List[str]] = Field( + default=None, + description=( + "NonResourceURLs is a set of partial urls that a user should have access" + ' to. *s are allowed, but only as the full, final step in the path. "*"' + " means all." + ), + ) + verbs: List[str] = Field( + ..., + description=( + "Verb is a list of kubernetes non-resource API verbs, like: get, post, put," + ' delete, patch, head, options. "*" means all.' + ), + ) + + +class ResourceAttributes(BaseModel): + group: Optional[str] = Field( + default=None, + description='Group is the API Group of the Resource. "*" means all.', + ) + name: Optional[str] = Field( + default=None, + description=( + 'Name is the name of the resource being requested for a "get" or deleted' + ' for a "delete". "" (empty) means all.' + ), + ) + namespace: Optional[str] = Field( + default=None, + description=( + "Namespace is the namespace of the action being requested. Currently," + ' there is no distinction between no namespace and all namespaces ""' + ' (empty) is defaulted for LocalSubjectAccessReviews "" (empty) is empty' + ' for cluster-scoped resources "" (empty) means "all" for namespace scoped' + " resources from a SubjectAccessReview or SelfSubjectAccessReview" + ), + ) + resource: Optional[str] = Field( + default=None, + description='Resource is one of the existing resource types. "*" means all.', + ) + subresource: Optional[str] = Field( + default=None, + description=( + 'Subresource is one of the existing resource types. "" means none.' + ), + ) + verb: Optional[str] = Field( + default=None, + description=( + "Verb is a kubernetes resource API verb, like: get, list, watch, create," + ' update, delete, proxy. "*" means all.' + ), + ) + version: Optional[str] = Field( + default=None, + description='Version is the API Version of the Resource. "*" means all.', + ) + + +class ResourceRule(BaseModel): + apiGroups: Optional[List[str]] = Field( + default=None, + description=( + "APIGroups is the name of the APIGroup that contains the resources. If" + " multiple API groups are specified, any action requested against one of" + ' the enumerated resources in any API group will be allowed. "*" means' + " all." + ), + ) + resourceNames: Optional[List[str]] = Field( + default=None, + description=( + "ResourceNames is an optional white list of names that the rule applies to." + ' An empty set means that everything is allowed. "*" means all.' + ), + ) + resources: Optional[List[str]] = Field( + default=None, + description=( + 'Resources is a list of resources this rule applies to. "*" means all in' + " the specified apiGroups.\n \"*/foo\" represents the subresource 'foo' for" + " all resources in the specified apiGroups." + ), + ) + verbs: List[str] = Field( + ..., + description=( + "Verb is a list of kubernetes resource API verbs, like: get, list, watch," + ' create, update, delete, proxy. "*" means all.' + ), + ) + + +class SelfSubjectAccessReviewSpec(BaseModel): + nonResourceAttributes: Optional[NonResourceAttributes] = Field( + default=None, + description=( + "NonResourceAttributes describes information for a non-resource access" + " request" + ), + ) + resourceAttributes: Optional[ResourceAttributes] = Field( + default=None, + description=( + "ResourceAuthorizationAttributes describes information for a resource" + " access request" + ), + ) + + +class SelfSubjectRulesReviewSpec(BaseModel): + namespace: Optional[str] = Field( + default=None, description="Namespace to evaluate rules for. Required." + ) + + +class SubjectAccessReviewSpec(BaseModel): + extra: Optional[Dict[str, List[str]]] = Field( + default=None, + description=( + "Extra corresponds to the user.Info.GetExtra() method from the" + " authenticator. Since that is input to the authorizer it needs a" + " reflection here." + ), + ) + groups: Optional[List[str]] = Field( + default=None, description="Groups is the groups you're testing for." + ) + nonResourceAttributes: Optional[NonResourceAttributes] = Field( + default=None, + description=( + "NonResourceAttributes describes information for a non-resource access" + " request" + ), + ) + resourceAttributes: Optional[ResourceAttributes] = Field( + default=None, + description=( + "ResourceAuthorizationAttributes describes information for a resource" + " access request" + ), + ) + uid: Optional[str] = Field( + default=None, description="UID information about the requesting user." + ) + user: Optional[str] = Field( + default=None, + description=( + 'User is the user you\'re testing for. If you specify "User" but not' + ' "Groups", then is it interpreted as "What if User were not a member of' + " any groups" + ), + ) + + +class SubjectAccessReviewStatus(BaseModel): + allowed: bool = Field( + ..., + description=( + "Allowed is required. True if the action would be allowed, false otherwise." + ), + ) + denied: Optional[bool] = Field( + default=None, + description=( + "Denied is optional. True if the action would be denied, otherwise false." + " If both allowed is false and denied is false, then the authorizer has no" + " opinion on whether to authorize the action. Denied may not be true if" + " Allowed is true." + ), + ) + evaluationError: Optional[str] = Field( + default=None, + description=( + "EvaluationError is an indication that some error occurred during the" + " authorization check. It is entirely possible to get an error and be able" + " to continue determine authorization status in spite of it. For instance," + " RBAC can be missing a role, but enough roles are still present and bound" + " to reason about the request." + ), + ) + reason: Optional[str] = Field( + default=None, + description=( + "Reason is optional. It indicates why a request was allowed or denied." + ), + ) + + +class SubjectRulesReviewStatus(BaseModel): + evaluationError: Optional[str] = Field( + default=None, + description=( + "EvaluationError can appear in combination with Rules. It indicates an" + " error occurred during rule evaluation, such as an authorizer that doesn't" + " support rule evaluation, and that ResourceRules and/or NonResourceRules" + " may be incomplete." + ), + ) + incomplete: bool = Field( + ..., + description=( + "Incomplete is true when the rules returned by this call are incomplete." + " This is most commonly encountered when an authorizer, such as an external" + " authorizer, doesn't support rules evaluation." + ), + ) + nonResourceRules: List[NonResourceRule] = Field( + ..., + description=( + "NonResourceRules is the list of actions the subject is allowed to perform" + " on non-resources. The list ordering isn't significant, may contain" + " duplicates, and possibly be incomplete." + ), + ) + resourceRules: List[ResourceRule] = Field( + ..., + description=( + "ResourceRules is the list of actions the subject is allowed to perform on" + " resources. The list ordering isn't significant, may contain duplicates," + " and possibly be incomplete." + ), + ) + + +class LocalSubjectAccessReview(BaseModel): + apiVersion: Optional[str] = Field( + default="authorization.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="LocalSubjectAccessReview", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: SubjectAccessReviewSpec = Field( + ..., + description=( + "Spec holds information about the request being evaluated. spec.namespace" + " must be equal to the namespace you made the request against. If empty," + " it is defaulted." + ), + ) + status: Optional[SubjectAccessReviewStatus] = Field( + default=None, + description=( + "Status is filled in by the server and indicates whether the request is" + " allowed or not" + ), + ) + + +class SelfSubjectAccessReview(BaseModel): + apiVersion: Optional[str] = Field( + default="authorization.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="SelfSubjectAccessReview", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: SelfSubjectAccessReviewSpec = Field( + ..., + description=( + "Spec holds information about the request being evaluated. user and groups" + " must be empty" + ), + ) + status: Optional[SubjectAccessReviewStatus] = Field( + default=None, + description=( + "Status is filled in by the server and indicates whether the request is" + " allowed or not" + ), + ) + + +class SelfSubjectRulesReview(BaseModel): + apiVersion: Optional[str] = Field( + default="authorization.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="SelfSubjectRulesReview", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: SelfSubjectRulesReviewSpec = Field( + ..., description="Spec holds information about the request being evaluated." + ) + status: Optional[SubjectRulesReviewStatus] = Field( + default=None, + description=( + "Status is filled in by the server and indicates the set of actions a user" + " can perform." + ), + ) + + +class SubjectAccessReview(BaseModel): + apiVersion: Optional[str] = Field( + default="authorization.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="SubjectAccessReview", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: SubjectAccessReviewSpec = Field( + ..., description="Spec holds information about the request being evaluated" + ) + status: Optional[SubjectAccessReviewStatus] = Field( + default=None, + description=( + "Status is filled in by the server and indicates whether the request is" + " allowed or not" + ), + ) diff --git a/src/kubedantic/models/io/k8s/api/autoscaling/__init__.py b/src/kubedantic/models/io/k8s/api/autoscaling/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/autoscaling/v1.py b/src/kubedantic/models/io/k8s/api/autoscaling/v1.py new file mode 100644 index 0000000..e497edb --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/autoscaling/v1.py @@ -0,0 +1,245 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from typing import List, Optional + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 + + +class ScaleSpec(BaseModel): + replicas: Optional[int] = Field( + default=None, + description=( + "replicas is the desired number of instances for the scaled object." + ), + ) + + +class ScaleStatus(BaseModel): + replicas: int = Field( + ..., + description=( + "replicas is the actual number of observed instances of the scaled object." + ), + ) + selector: Optional[str] = Field( + default=None, + description=( + "selector is the label query over pods that should match the replicas" + " count. This is same as the label selector but in the string format to" + " avoid introspection by clients. The string will be in the same format as" + " the query-param syntax. More info about label selectors:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/" + ), + ) + + +class CrossVersionObjectReference(BaseModel): + apiVersion: Optional[str] = Field( + default=None, description="apiVersion is the API version of the referent" + ) + kind: str = Field( + ..., + description=( + "kind is the kind of the referent; More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + name: str = Field( + ..., + description=( + "name is the name of the referent; More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + ), + ) + + +class HorizontalPodAutoscalerSpec(BaseModel): + maxReplicas: int = Field( + ..., + description=( + "maxReplicas is the upper limit for the number of pods that can be set by" + " the autoscaler; cannot be smaller than MinReplicas." + ), + ) + minReplicas: Optional[int] = Field( + default=None, + description=( + "minReplicas is the lower limit for the number of replicas to which the" + " autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed" + " to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least" + " one Object or External metric is configured. Scaling is active as long" + " as at least one metric value is available." + ), + ) + scaleTargetRef: CrossVersionObjectReference = Field( + ..., + description=( + "reference to scaled resource; horizontal pod autoscaler will learn the" + " current resource consumption and will set the desired number of pods by" + " using its Scale subresource." + ), + ) + targetCPUUtilizationPercentage: Optional[int] = Field( + default=None, + description=( + "targetCPUUtilizationPercentage is the target average CPU utilization" + " (represented as a percentage of requested CPU) over all the pods; if not" + " specified the default autoscaling policy will be used." + ), + ) + + +class HorizontalPodAutoscalerStatus(BaseModel): + currentCPUUtilizationPercentage: Optional[int] = Field( + default=None, + description=( + "currentCPUUtilizationPercentage is the current average CPU utilization" + " over all pods, represented as a percentage of requested CPU, e.g. 70" + " means that an average pod is using now 70% of its requested CPU." + ), + ) + currentReplicas: int = Field( + ..., + description=( + "currentReplicas is the current number of replicas of pods managed by this" + " autoscaler." + ), + ) + desiredReplicas: int = Field( + ..., + description=( + "desiredReplicas is the desired number of replicas of pods managed by this" + " autoscaler." + ), + ) + lastScaleTime: Optional[datetime] = Field( + default=None, + description=( + "lastScaleTime is the last time the HorizontalPodAutoscaler scaled the" + " number of pods; used by the autoscaler to control how often the number of" + " pods is changed." + ), + ) + observedGeneration: Optional[int] = Field( + default=None, + description=( + "observedGeneration is the most recent generation observed by this" + " autoscaler." + ), + ) + + +class HorizontalPodAutoscaler(BaseModel): + apiVersion: Optional[str] = Field( + default="autoscaling/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="HorizontalPodAutoscaler", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[HorizontalPodAutoscalerSpec] = Field( + default=None, + description=( + "spec defines the behaviour of autoscaler. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." + ), + ) + status: Optional[HorizontalPodAutoscalerStatus] = Field( + default=None, + description="status is the current information about the autoscaler.", + ) + + +class HorizontalPodAutoscalerList(BaseModel): + apiVersion: Optional[str] = Field( + default="autoscaling/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[HorizontalPodAutoscaler] = Field( + ..., description="items is the list of horizontal pod autoscaler objects." + ) + kind: Optional[str] = Field( + default="HorizontalPodAutoscalerList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, description="Standard list metadata." + ) + + +class Scale(BaseModel): + apiVersion: Optional[str] = Field( + default="autoscaling/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="Scale", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object metadata; More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata." + ), + ) + spec: Optional[ScaleSpec] = Field( + default=None, + description=( + "spec defines the behavior of the scale. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." + ), + ) + status: Optional[ScaleStatus] = Field( + default=None, + description=( + "status is the current status of the scale. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." + " Read-only." + ), + ) diff --git a/src/kubedantic/models/io/k8s/api/autoscaling/v2.py b/src/kubedantic/models/io/k8s/api/autoscaling/v2.py new file mode 100644 index 0000000..2c11006 --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/autoscaling/v2.py @@ -0,0 +1,575 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from typing import List, Optional, Union + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 + + +class CrossVersionObjectReference(BaseModel): + apiVersion: Optional[str] = Field( + default=None, description="apiVersion is the API version of the referent" + ) + kind: str = Field( + ..., + description=( + "kind is the kind of the referent; More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + name: str = Field( + ..., + description=( + "name is the name of the referent; More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + ), + ) + + +class HPAScalingPolicy(BaseModel): + periodSeconds: int = Field( + ..., + description=( + "periodSeconds specifies the window of time for which the policy should" + " hold true. PeriodSeconds must be greater than zero and less than or equal" + " to 1800 (30 min)." + ), + ) + type: str = Field(..., description="type is used to specify the scaling policy.") + value: int = Field( + ..., + description=( + "value contains the amount of change which is permitted by the policy. It" + " must be greater than zero" + ), + ) + + +class HPAScalingRules(BaseModel): + policies: Optional[List[HPAScalingPolicy]] = Field( + default=None, + description=( + "policies is a list of potential scaling polices which can be used during" + " scaling. At least one policy must be specified, otherwise the" + " HPAScalingRules will be discarded as invalid" + ), + ) + selectPolicy: Optional[str] = Field( + default=None, + description=( + "selectPolicy is used to specify which policy should be used. If not set," + " the default value Max is used." + ), + ) + stabilizationWindowSeconds: Optional[int] = Field( + default=None, + description=( + "stabilizationWindowSeconds is the number of seconds for which past" + " recommendations should be considered while scaling up or scaling down." + " StabilizationWindowSeconds must be greater than or equal to zero and less" + " than or equal to 3600 (one hour). If not set, use the default values: -" + " For scale up: 0 (i.e. no stabilization is done). - For scale down: 300" + " (i.e. the stabilization window is 300 seconds long)." + ), + ) + + +class HorizontalPodAutoscalerBehavior(BaseModel): + scaleDown: Optional[HPAScalingRules] = Field( + default=None, + description=( + "scaleDown is scaling policy for scaling Down. If not set, the default" + " value is to allow to scale down to minReplicas pods, with a 300 second" + " stabilization window (i.e., the highest recommendation for the last" + " 300sec is used)." + ), + ) + scaleUp: Optional[HPAScalingRules] = Field( + default=None, + description=( + "scaleUp is scaling policy for scaling Up. If not set, the default value is" + " the higher of:\n * increase no more than 4 pods per 60 seconds\n *" + " double the number of pods per 60 seconds\nNo stabilization is used." + ), + ) + + +class HorizontalPodAutoscalerCondition(BaseModel): + lastTransitionTime: Optional[datetime] = Field( + default=None, + description=( + "lastTransitionTime is the last time the condition transitioned from one" + " status to another" + ), + ) + message: Optional[str] = Field( + default=None, + description=( + "message is a human-readable explanation containing details about the" + " transition" + ), + ) + reason: Optional[str] = Field( + default=None, + description="reason is the reason for the condition's last transition.", + ) + status: str = Field( + ..., description="status is the status of the condition (True, False, Unknown)" + ) + type: str = Field(..., description="type describes the current condition") + + +class MetricTarget(BaseModel): + averageUtilization: Optional[int] = Field( + default=None, + description=( + "averageUtilization is the target value of the average of the resource" + " metric across all relevant pods, represented as a percentage of the" + " requested value of the resource for the pods. Currently only valid for" + " Resource metric source type" + ), + ) + averageValue: Optional[Union[str, float]] = Field( + default=None, + description=( + "averageValue is the target value of the average of the metric across all" + " relevant pods (as a quantity)" + ), + ) + type: str = Field( + ..., + description=( + "type represents whether the metric type is Utilization, Value, or" + " AverageValue" + ), + ) + value: Optional[Union[str, float]] = Field( + default=None, + description="value is the target value of the metric (as a quantity).", + ) + + +class MetricValueStatus(BaseModel): + averageUtilization: Optional[int] = Field( + default=None, + description=( + "currentAverageUtilization is the current value of the average of the" + " resource metric across all relevant pods, represented as a percentage of" + " the requested value of the resource for the pods." + ), + ) + averageValue: Optional[Union[str, float]] = Field( + default=None, + description=( + "averageValue is the current value of the average of the metric across all" + " relevant pods (as a quantity)" + ), + ) + value: Optional[Union[str, float]] = Field( + default=None, + description="value is the current value of the metric (as a quantity).", + ) + + +class ResourceMetricSource(BaseModel): + name: str = Field(..., description="name is the name of the resource in question.") + target: MetricTarget = Field( + ..., description="target specifies the target value for the given metric" + ) + + +class ResourceMetricStatus(BaseModel): + current: MetricValueStatus = Field( + ..., description="current contains the current value for the given metric" + ) + name: str = Field(..., description="name is the name of the resource in question.") + + +class ContainerResourceMetricSource(BaseModel): + container: str = Field( + ..., + description=( + "container is the name of the container in the pods of the scaling target" + ), + ) + name: str = Field(..., description="name is the name of the resource in question.") + target: MetricTarget = Field( + ..., description="target specifies the target value for the given metric" + ) + + +class ContainerResourceMetricStatus(BaseModel): + container: str = Field( + ..., + description=( + "container is the name of the container in the pods of the scaling target" + ), + ) + current: MetricValueStatus = Field( + ..., description="current contains the current value for the given metric" + ) + name: str = Field(..., description="name is the name of the resource in question.") + + +class MetricIdentifier(BaseModel): + name: str = Field(..., description="name is the name of the given metric") + selector: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "selector is the string-encoded form of a standard kubernetes label" + " selector for the given metric When set, it is passed as an additional" + " parameter to the metrics server for more specific metrics scoping. When" + " unset, just the metricName will be used to gather metrics." + ), + ) + + +class ObjectMetricSource(BaseModel): + describedObject: CrossVersionObjectReference = Field( + ..., + description=( + "describedObject specifies the descriptions of a object,such as kind,name" + " apiVersion" + ), + ) + metric: MetricIdentifier = Field( + ..., description="metric identifies the target metric by name and selector" + ) + target: MetricTarget = Field( + ..., description="target specifies the target value for the given metric" + ) + + +class ObjectMetricStatus(BaseModel): + current: MetricValueStatus = Field( + ..., description="current contains the current value for the given metric" + ) + describedObject: CrossVersionObjectReference = Field( + ..., + description=( + "DescribedObject specifies the descriptions of a object,such as kind,name" + " apiVersion" + ), + ) + metric: MetricIdentifier = Field( + ..., description="metric identifies the target metric by name and selector" + ) + + +class PodsMetricSource(BaseModel): + metric: MetricIdentifier = Field( + ..., description="metric identifies the target metric by name and selector" + ) + target: MetricTarget = Field( + ..., description="target specifies the target value for the given metric" + ) + + +class PodsMetricStatus(BaseModel): + current: MetricValueStatus = Field( + ..., description="current contains the current value for the given metric" + ) + metric: MetricIdentifier = Field( + ..., description="metric identifies the target metric by name and selector" + ) + + +class ExternalMetricSource(BaseModel): + metric: MetricIdentifier = Field( + ..., description="metric identifies the target metric by name and selector" + ) + target: MetricTarget = Field( + ..., description="target specifies the target value for the given metric" + ) + + +class ExternalMetricStatus(BaseModel): + current: MetricValueStatus = Field( + ..., description="current contains the current value for the given metric" + ) + metric: MetricIdentifier = Field( + ..., description="metric identifies the target metric by name and selector" + ) + + +class MetricSpec(BaseModel): + containerResource: Optional[ContainerResourceMetricSource] = Field( + default=None, + description=( + "containerResource refers to a resource metric (such as those specified in" + " requests and limits) known to Kubernetes describing a single container in" + " each pod of the current scale target (e.g. CPU or memory). Such metrics" + " are built in to Kubernetes, and have special scaling options on top of" + ' those available to normal per-pod metrics using the "pods" source. This' + " is an alpha feature and can be enabled by the HPAContainerMetrics feature" + " flag." + ), + ) + external: Optional[ExternalMetricSource] = Field( + default=None, + description=( + "external refers to a global metric that is not associated with any" + " Kubernetes object. It allows autoscaling based on information coming from" + " components running outside of cluster (for example length of queue in" + " cloud messaging service, or QPS from loadbalancer running outside of" + " cluster)." + ), + ) + object: Optional[ObjectMetricSource] = Field( + default=None, + description=( + "object refers to a metric describing a single kubernetes object (for" + " example, hits-per-second on an Ingress object)." + ), + ) + pods: Optional[PodsMetricSource] = Field( + default=None, + description=( + "pods refers to a metric describing each pod in the current scale target" + " (for example, transactions-processed-per-second). The values will be" + " averaged together before being compared to the target value." + ), + ) + resource: Optional[ResourceMetricSource] = Field( + default=None, + description=( + "resource refers to a resource metric (such as those specified in requests" + " and limits) known to Kubernetes describing each pod in the current scale" + " target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and" + " have special scaling options on top of those available to normal per-pod" + ' metrics using the "pods" source.' + ), + ) + type: str = Field( + ..., + description=( + "type is the type of metric source. It should be one of" + ' "ContainerResource", "External", "Object", "Pods" or "Resource", each' + ' mapping to a matching field in the object. Note: "ContainerResource" type' + " is available on when the feature-gate HPAContainerMetrics is enabled" + ), + ) + + +class MetricStatus(BaseModel): + containerResource: Optional[ContainerResourceMetricStatus] = Field( + default=None, + description=( + "container resource refers to a resource metric (such as those specified in" + " requests and limits) known to Kubernetes describing a single container in" + " each pod in the current scale target (e.g. CPU or memory). Such metrics" + " are built in to Kubernetes, and have special scaling options on top of" + ' those available to normal per-pod metrics using the "pods" source.' + ), + ) + external: Optional[ExternalMetricStatus] = Field( + default=None, + description=( + "external refers to a global metric that is not associated with any" + " Kubernetes object. It allows autoscaling based on information coming from" + " components running outside of cluster (for example length of queue in" + " cloud messaging service, or QPS from loadbalancer running outside of" + " cluster)." + ), + ) + object: Optional[ObjectMetricStatus] = Field( + default=None, + description=( + "object refers to a metric describing a single kubernetes object (for" + " example, hits-per-second on an Ingress object)." + ), + ) + pods: Optional[PodsMetricStatus] = Field( + default=None, + description=( + "pods refers to a metric describing each pod in the current scale target" + " (for example, transactions-processed-per-second). The values will be" + " averaged together before being compared to the target value." + ), + ) + resource: Optional[ResourceMetricStatus] = Field( + default=None, + description=( + "resource refers to a resource metric (such as those specified in requests" + " and limits) known to Kubernetes describing each pod in the current scale" + " target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and" + " have special scaling options on top of those available to normal per-pod" + ' metrics using the "pods" source.' + ), + ) + type: str = Field( + ..., + description=( + 'type is the type of metric source. It will be one of "ContainerResource",' + ' "External", "Object", "Pods" or "Resource", each corresponds to a' + ' matching field in the object. Note: "ContainerResource" type is available' + " on when the feature-gate HPAContainerMetrics is enabled" + ), + ) + + +class HorizontalPodAutoscalerSpec(BaseModel): + behavior: Optional[HorizontalPodAutoscalerBehavior] = Field( + default=None, + description=( + "behavior configures the scaling behavior of the target in both Up and Down" + " directions (scaleUp and scaleDown fields respectively). If not set, the" + " default HPAScalingRules for scale up and scale down are used." + ), + ) + maxReplicas: int = Field( + ..., + description=( + "maxReplicas is the upper limit for the number of replicas to which the" + " autoscaler can scale up. It cannot be less that minReplicas." + ), + ) + metrics: Optional[List[MetricSpec]] = Field( + default=None, + description=( + "metrics contains the specifications for which to use to calculate the" + " desired replica count (the maximum replica count across all metrics will" + " be used). The desired replica count is calculated multiplying the ratio" + " between the target value and the current value by the current number of" + " pods. Ergo, metrics used must decrease as the pod count is increased," + " and vice-versa. See the individual metric source types for more" + " information about how each type of metric must respond. If not set, the" + " default metric will be set to 80% average CPU utilization." + ), + ) + minReplicas: Optional[int] = Field( + default=None, + description=( + "minReplicas is the lower limit for the number of replicas to which the" + " autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed" + " to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least" + " one Object or External metric is configured. Scaling is active as long" + " as at least one metric value is available." + ), + ) + scaleTargetRef: CrossVersionObjectReference = Field( + ..., + description=( + "scaleTargetRef points to the target resource to scale, and is used to the" + " pods for which metrics should be collected, as well as to actually change" + " the replica count." + ), + ) + + +class HorizontalPodAutoscalerStatus(BaseModel): + conditions: Optional[List[HorizontalPodAutoscalerCondition]] = Field( + default=None, + description=( + "conditions is the set of conditions required for this autoscaler to scale" + " its target, and indicates whether or not those conditions are met." + ), + ) + currentMetrics: Optional[List[MetricStatus]] = Field( + default=None, + description=( + "currentMetrics is the last read state of the metrics used by this" + " autoscaler." + ), + ) + currentReplicas: Optional[int] = Field( + default=None, + description=( + "currentReplicas is current number of replicas of pods managed by this" + " autoscaler, as last seen by the autoscaler." + ), + ) + desiredReplicas: int = Field( + ..., + description=( + "desiredReplicas is the desired number of replicas of pods managed by this" + " autoscaler, as last calculated by the autoscaler." + ), + ) + lastScaleTime: Optional[datetime] = Field( + default=None, + description=( + "lastScaleTime is the last time the HorizontalPodAutoscaler scaled the" + " number of pods, used by the autoscaler to control how often the number of" + " pods is changed." + ), + ) + observedGeneration: Optional[int] = Field( + default=None, + description=( + "observedGeneration is the most recent generation observed by this" + " autoscaler." + ), + ) + + +class HorizontalPodAutoscaler(BaseModel): + apiVersion: Optional[str] = Field( + default="autoscaling/v2", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="HorizontalPodAutoscaler", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "metadata is the standard object metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[HorizontalPodAutoscalerSpec] = Field( + default=None, + description=( + "spec is the specification for the behaviour of the autoscaler. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status." + ), + ) + status: Optional[HorizontalPodAutoscalerStatus] = Field( + default=None, + description="status is the current information about the autoscaler.", + ) + + +class HorizontalPodAutoscalerList(BaseModel): + apiVersion: Optional[str] = Field( + default="autoscaling/v2", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[HorizontalPodAutoscaler] = Field( + ..., description="items is the list of horizontal pod autoscaler objects." + ) + kind: Optional[str] = Field( + default="HorizontalPodAutoscalerList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, description="metadata is the standard list metadata." + ) diff --git a/src/kubedantic/models/io/k8s/api/batch/__init__.py b/src/kubedantic/models/io/k8s/api/batch/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/batch/v1.py b/src/kubedantic/models/io/k8s/api/batch/v1.py new file mode 100644 index 0000000..aa34e7b --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/batch/v1.py @@ -0,0 +1,816 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from enum import Enum +from typing import List, Optional + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 as v1_1 +from ..core import v1 + + +class ConcurrencyPolicy(Enum): + Allow = "Allow" + Forbid = "Forbid" + Replace = "Replace" + + +class CronJobStatus(BaseModel): + active: Optional[List[v1.ObjectReference]] = Field( + default=None, description="A list of pointers to currently running jobs." + ) + lastScheduleTime: Optional[datetime] = Field( + default=None, + description=( + "Information when was the last time the job was successfully scheduled." + ), + ) + lastSuccessfulTime: Optional[datetime] = Field( + default=None, + description=( + "Information when was the last time the job successfully completed." + ), + ) + + +class JobCondition(BaseModel): + lastProbeTime: Optional[datetime] = Field( + default=None, description="Last time the condition was checked." + ) + lastTransitionTime: Optional[datetime] = Field( + default=None, + description="Last time the condition transit from one status to another.", + ) + message: Optional[str] = Field( + default=None, + description="Human readable message indicating details about last transition.", + ) + reason: Optional[str] = Field( + default=None, description="(brief) reason for the condition's last transition." + ) + status: str = Field( + ..., description="Status of the condition, one of True, False, Unknown." + ) + type: str = Field(..., description="Type of job condition, Complete or Failed.") + + +class CompletionMode(Enum): + Indexed = "Indexed" + NonIndexed = "NonIndexed" + + +class PodReplacementPolicy(Enum): + Failed = "Failed" + TerminatingOrFailed = "TerminatingOrFailed" + + +class Operator(Enum): + In = "In" + NotIn = "NotIn" + + +class PodFailurePolicyOnExitCodesRequirement(BaseModel): + containerName: Optional[str] = Field( + default=None, + description=( + "Restricts the check for exit codes to the container with the specified" + " name. When null, the rule applies to all containers. When specified, it" + " should match one the container or initContainer names in the pod" + " template." + ), + ) + operator: Operator = Field( + ..., + description=( + "Represents the relationship between the container exit code(s) and the" + " specified values. Containers completed with success (exit code 0) are" + " excluded from the requirement check. Possible values are:\n\n- In: the" + " requirement is satisfied if at least one container exit code\n (might be" + " multiple if there are multiple containers not restricted\n by the" + " 'containerName' field) is in the set of specified values.\n- NotIn: the" + " requirement is satisfied if at least one container exit code\n (might be" + " multiple if there are multiple containers not restricted\n by the" + " 'containerName' field) is not in the set of specified values.\nAdditional" + " values are considered to be added in the future. Clients should react to" + " an unknown operator by assuming the requirement is not" + ' satisfied.\n\nPossible enum values:\n - `"In"`\n - `"NotIn"`' + ), + ) + values: List[int] = Field( + ..., + description=( + "Specifies the set of values. Each returned container exit code (might be" + " multiple in case of multiple containers) is checked against this set of" + " values with respect to the operator. The list of values must be ordered" + " and must not contain duplicates. Value '0' cannot be used for the In" + " operator. At least one element is required. At most 255 elements are" + " allowed." + ), + ) + + +class PodFailurePolicyOnPodConditionsPattern(BaseModel): + status: str = Field( + ..., + description=( + "Specifies the required Pod condition status. To match a pod condition it" + " is required that the specified status equals the pod condition status." + " Defaults to True." + ), + ) + type: str = Field( + ..., + description=( + "Specifies the required Pod condition type. To match a pod condition it is" + " required that specified type equals the pod condition type." + ), + ) + + +class Action(Enum): + Count = "Count" + FailIndex = "FailIndex" + FailJob = "FailJob" + Ignore = "Ignore" + + +class PodFailurePolicyRule(BaseModel): + action: Action = Field( + ..., + description=( + "Specifies the action taken on a pod failure when the requirements are" + " satisfied. Possible values are:\n\n- FailJob: indicates that the pod's" + " job is marked as Failed and all\n running pods are terminated.\n-" + " FailIndex: indicates that the pod's index is marked as Failed and will\n" + " not be restarted.\n This value is beta-level. It can be used when the\n" + " `JobBackoffLimitPerIndex` feature gate is enabled (enabled by" + " default).\n- Ignore: indicates that the counter towards the .backoffLimit" + " is not\n incremented and a replacement pod is created.\n- Count:" + " indicates that the pod is handled in the default way - the\n counter" + " towards the .backoffLimit is incremented.\nAdditional values are" + " considered to be added in the future. Clients should react to an unknown" + ' action by skipping the rule.\n\nPossible enum values:\n - `"Count"` This' + " is an action which might be taken on a pod failure - the pod failure is" + " handled in the default way - the counter towards .backoffLimit," + " represented by the job's .status.failed field, is incremented.\n -" + ' `"FailIndex"` This is an action which might be taken on a pod failure -' + " mark the Job's index as failed to avoid restarts within this index. This" + " action can only be used when backoffLimitPerIndex is set. This value is" + ' beta-level.\n - `"FailJob"` This is an action which might be taken on a' + " pod failure - mark the pod's job as Failed and terminate all running" + ' pods.\n - `"Ignore"` This is an action which might be taken on a pod' + " failure - the counter towards .backoffLimit, represented by the job's" + " .status.failed field, is not incremented and a replacement pod is" + " created." + ), + ) + onExitCodes: Optional[PodFailurePolicyOnExitCodesRequirement] = Field( + default=None, + description="Represents the requirement on the container exit codes.", + ) + onPodConditions: Optional[List[PodFailurePolicyOnPodConditionsPattern]] = Field( + default=None, + description=( + "Represents the requirement on the pod conditions. The requirement is" + " represented as a list of pod condition patterns. The requirement is" + " satisfied if at least one pattern matches an actual pod condition. At" + " most 20 elements are allowed." + ), + ) + + +class SuccessPolicyRule(BaseModel): + succeededCount: Optional[int] = Field( + default=None, + description=( + "succeededCount specifies the minimal required size of the actual set of" + " the succeeded indexes for the Job. When succeededCount is used along with" + " succeededIndexes, the check is constrained only to the set of indexes" + " specified by succeededIndexes. For example, given that succeededIndexes" + ' is "1-4", succeededCount is "3", and completed indexes are "1", "3", and' + ' "5", the Job isn\'t declared as succeeded because only "1" and "3"' + " indexes are considered in that rules. When this field is null, this" + " doesn't default to any value and is never evaluated at any time. When" + " specified it needs to be a positive integer." + ), + ) + succeededIndexes: Optional[str] = Field( + default=None, + description=( + "succeededIndexes specifies the set of indexes which need to be contained" + " in the actual set of the succeeded indexes for the Job. The list of" + ' indexes must be within 0 to ".spec.completions-1" and must not contain' + " duplicates. At least one element is required. The indexes are represented" + " as intervals separated by commas. The intervals can be a decimal integer" + " or a pair of decimal integers separated by a hyphen. The number are" + " listed in represented by the first and last element of the series," + " separated by a hyphen. For example, if the completed indexes are 1, 3, 4," + ' 5 and 7, they are represented as "1,3-5,7". When this field is null, this' + " field doesn't default to any value and is never evaluated at any time." + ), + ) + + +class UncountedTerminatedPods(BaseModel): + failed: Optional[List[str]] = Field( + default=None, description="failed holds UIDs of failed Pods." + ) + succeeded: Optional[List[str]] = Field( + default=None, description="succeeded holds UIDs of succeeded Pods." + ) + + +class JobStatus(BaseModel): + active: Optional[int] = Field( + default=None, + description=( + "The number of pending and running pods which are not terminating (without" + " a deletionTimestamp). The value is zero for finished jobs." + ), + ) + completedIndexes: Optional[str] = Field( + default=None, + description=( + "completedIndexes holds the completed indexes when .spec.completionMode =" + ' "Indexed" in a text format. The indexes are represented as decimal' + " integers separated by commas. The numbers are listed in increasing order." + " Three or more consecutive numbers are compressed and represented by the" + " first and last element of the series, separated by a hyphen. For example," + " if the completed indexes are 1, 3, 4, 5 and 7, they are represented as" + ' "1,3-5,7".' + ), + ) + completionTime: Optional[datetime] = Field( + default=None, + description=( + "Represents time when the job was completed. It is not guaranteed to be set" + " in happens-before order across separate operations. It is represented in" + " RFC3339 form and is in UTC. The completion time is set when the job" + " finishes successfully, and only then. The value cannot be updated or" + " removed. The value indicates the same or later point in time as the" + " startTime field." + ), + ) + conditions: Optional[List[JobCondition]] = Field( + default=None, + description=( + "The latest available observations of an object's current state. When a" + ' Job fails, one of the conditions will have type "Failed" and status true.' + ' When a Job is suspended, one of the conditions will have type "Suspended"' + " and status true; when the Job is resumed, the status of this condition" + " will become false. When a Job is completed, one of the conditions will" + ' have type "Complete" and status true.\n\nA job is considered finished' + ' when it is in a terminal condition, either "Complete" or "Failed". A Job' + ' cannot have both the "Complete" and "Failed" conditions. Additionally, it' + ' cannot be in the "Complete" and "FailureTarget" conditions. The' + ' "Complete", "Failed" and "FailureTarget" conditions cannot be' + " disabled.\n\nMore info:" + " https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/" + ), + ) + failed: Optional[int] = Field( + default=None, + description=( + "The number of pods which reached phase Failed. The value increases" + " monotonically." + ), + ) + failedIndexes: Optional[str] = Field( + default=None, + description=( + "FailedIndexes holds the failed indexes when spec.backoffLimitPerIndex is" + " set. The indexes are represented in the text format analogous as for the" + " `completedIndexes` field, ie. they are kept as decimal integers separated" + " by commas. The numbers are listed in increasing order. Three or more" + " consecutive numbers are compressed and represented by the first and last" + " element of the series, separated by a hyphen. For example, if the failed" + ' indexes are 1, 3, 4, 5 and 7, they are represented as "1,3-5,7". The set' + " of failed indexes cannot overlap with the set of completed" + " indexes.\n\nThis field is beta-level. It can be used when the" + " `JobBackoffLimitPerIndex` feature gate is enabled (enabled by default)." + ), + ) + ready: Optional[int] = Field( + default=None, description="The number of pods which have a Ready condition." + ) + startTime: Optional[datetime] = Field( + default=None, + description=( + "Represents time when the job controller started processing a job. When a" + " Job is created in the suspended state, this field is not set until the" + " first time it is resumed. This field is reset every time a Job is resumed" + " from suspension. It is represented in RFC3339 form and is in UTC.\n\nOnce" + " set, the field can only be removed when the job is suspended. The field" + " cannot be modified while the job is unsuspended or finished." + ), + ) + succeeded: Optional[int] = Field( + default=None, + description=( + "The number of pods which reached phase Succeeded. The value increases" + " monotonically for a given spec. However, it may decrease in reaction to" + " scale down of elastic indexed jobs." + ), + ) + terminating: Optional[int] = Field( + default=None, + description=( + "The number of pods which are terminating (in phase Pending or Running and" + " have a deletionTimestamp).\n\nThis field is beta-level. The job" + " controller populates the field when the feature gate" + " JobPodReplacementPolicy is enabled (enabled by default)." + ), + ) + uncountedTerminatedPods: Optional[UncountedTerminatedPods] = Field( + default=None, + description=( + "uncountedTerminatedPods holds the UIDs of Pods that have terminated but" + " the job controller hasn't yet accounted for in the status" + " counters.\n\nThe job controller creates pods with a finalizer. When a pod" + " terminates (succeeded or failed), the controller does three steps to" + " account for it in the job status:\n\n1. Add the pod UID to the arrays in" + " this field. 2. Remove the pod finalizer. 3. Remove the pod UID from the" + " arrays while increasing the corresponding\n counter.\n\nOld jobs might" + " not be tracked using this field, in which case the field remains null." + " The structure is empty for finished jobs." + ), + ) + + +class PodFailurePolicy(BaseModel): + rules: List[PodFailurePolicyRule] = Field( + ..., + description=( + "A list of pod failure policy rules. The rules are evaluated in order. Once" + " a rule matches a Pod failure, the remaining of the rules are ignored." + " When no rule matches the Pod failure, the default handling applies - the" + " counter of pod failures is incremented and it is checked against the" + " backoffLimit. At most 20 elements are allowed." + ), + ) + + +class SuccessPolicy(BaseModel): + rules: List[SuccessPolicyRule] = Field( + ..., + description=( + "rules represents the list of alternative rules for the declaring the Jobs" + " as successful before `.status.succeeded >= .spec.completions`. Once any" + ' of the rules are met, the "SucceededCriteriaMet" condition is added, and' + " the lingering pods are removed. The terminal state for such a Job has the" + ' "Complete" condition. Additionally, these rules are evaluated in order;' + " Once the Job meets one of the rules, other rules are ignored. At most 20" + " elements are allowed." + ), + ) + + +class JobSpec(BaseModel): + activeDeadlineSeconds: Optional[int] = Field( + default=None, + description=( + "Specifies the duration in seconds relative to the startTime that the job" + " may be continuously active before the system tries to terminate it; value" + " must be positive integer. If a Job is suspended (at creation or through" + " an update), this timer will effectively be stopped and reset when the Job" + " is resumed again." + ), + ) + backoffLimit: Optional[int] = Field( + default=None, + description=( + "Specifies the number of retries before marking this job failed. Defaults" + " to 6" + ), + ) + backoffLimitPerIndex: Optional[int] = Field( + default=None, + description=( + "Specifies the limit for the number of retries within an index before" + " marking this index as failed. When enabled the number of failures per" + " index is kept in the pod's batch.kubernetes.io/job-index-failure-count" + " annotation. It can only be set when Job's completionMode=Indexed, and the" + " Pod's restart policy is Never. The field is immutable. This field is" + " beta-level. It can be used when the `JobBackoffLimitPerIndex` feature" + " gate is enabled (enabled by default)." + ), + ) + completionMode: Optional[CompletionMode] = Field( + default=None, + description=( + "completionMode specifies how Pod completions are tracked. It can be" + " `NonIndexed` (default) or `Indexed`.\n\n`NonIndexed` means that the Job" + " is considered complete when there have been .spec.completions" + " successfully completed Pods. Each Pod completion is homologous to each" + " other.\n\n`Indexed` means that the Pods of a Job get an associated" + " completion index from 0 to (.spec.completions - 1), available in the" + " annotation batch.kubernetes.io/job-completion-index. The Job is" + " considered complete when there is one successfully completed Pod for each" + " index. When value is `Indexed`, .spec.completions must be specified and" + " `.spec.parallelism` must be less than or equal to 10^5. In addition, The" + " Pod name takes the form `$(job-name)-$(index)-$(random-string)`, the Pod" + " hostname takes the form `$(job-name)-$(index)`.\n\nMore completion modes" + " can be added in the future. If the Job controller observes a mode that it" + " doesn't recognize, which is possible during upgrades due to version" + " skew, the controller skips updates for the Job.\n\nPossible enum" + ' values:\n - `"Indexed"` is a Job completion mode. In this mode, the Pods' + " of a Job get an associated completion index from 0 to (.spec.completions" + " - 1). The Job is considered complete when a Pod completes for each" + ' completion index.\n - `"NonIndexed"` is a Job completion mode. In this' + " mode, the Job is considered complete when there have been" + " .spec.completions successfully completed Pods. Pod completions are" + " homologous to each other." + ), + ) + completions: Optional[int] = Field( + default=None, + description=( + "Specifies the desired number of successfully finished pods the job should" + " be run with. Setting to null means that the success of any pod signals" + " the success of all pods, and allows parallelism to have any positive" + " value. Setting to 1 means that parallelism is limited to 1 and the" + " success of that pod signals the success of the job. More info:" + " https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/" + ), + ) + managedBy: Optional[str] = Field( + default=None, + description=( + "ManagedBy field indicates the controller that manages a Job. The k8s Job" + " controller reconciles jobs which don't have this field at all or the" + " field value is the reserved string `kubernetes.io/job-controller`, but" + " skips reconciling Jobs with a custom value for this field. The value must" + " be a valid domain-prefixed path (e.g. acme.io/foo) - all characters" + ' before the first "/" must be a valid subdomain as defined by RFC 1123.' + ' All characters trailing the first "/" must be valid HTTP Path characters' + " as defined by RFC 3986. The value cannot exceed 64 characters.\n\nThis" + " field is alpha-level. The job controller accepts setting the field when" + " the feature gate JobManagedBy is enabled (disabled by default)." + ), + ) + manualSelector: Optional[bool] = Field( + default=None, + description=( + "manualSelector controls generation of pod labels and pod selectors. Leave" + " `manualSelector` unset unless you are certain what you are doing. When" + " false or unset, the system pick labels unique to this job and appends" + " those labels to the pod template. When true, the user is responsible for" + " picking unique labels and specifying the selector. Failure to pick a" + " unique label may cause this and other jobs to not function correctly. " + " However, You may see `manualSelector=true` in jobs that were created with" + " the old `extensions/v1beta1` API. More info:" + " https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector" + ), + ) + maxFailedIndexes: Optional[int] = Field( + default=None, + description=( + "Specifies the maximal number of failed indexes before marking the Job as" + " failed, when backoffLimitPerIndex is set. Once the number of failed" + " indexes exceeds this number the entire Job is marked as Failed and its" + " execution is terminated. When left as null the job continues execution of" + " all of its indexes and is marked with the `Complete` Job condition. It" + " can only be specified when backoffLimitPerIndex is set. It can be null or" + " up to completions. It is required and must be less than or equal to 10^4" + " when is completions greater than 10^5. This field is beta-level. It can" + " be used when the `JobBackoffLimitPerIndex` feature gate is enabled" + " (enabled by default)." + ), + ) + parallelism: Optional[int] = Field( + default=None, + description=( + "Specifies the maximum desired number of pods the job should run at any" + " given time. The actual number of pods running in steady state will be" + " less than this number when ((.spec.completions - .status.successful) <" + " .spec.parallelism), i.e. when the work left to do is less than max" + " parallelism. More info:" + " https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/" + ), + ) + podFailurePolicy: Optional[PodFailurePolicy] = Field( + default=None, + description=( + "Specifies the policy of handling failed pods. In particular, it allows to" + " specify the set of actions and conditions which need to be satisfied to" + " take the associated action. If empty, the default behaviour applies - the" + " counter of failed pods, represented by the jobs's .status.failed field," + " is incremented and it is checked against the backoffLimit. This field" + " cannot be used in combination with restartPolicy=OnFailure.\n\nThis field" + " is beta-level. It can be used when the `JobPodFailurePolicy` feature gate" + " is enabled (enabled by default)." + ), + ) + podReplacementPolicy: Optional[PodReplacementPolicy] = Field( + default=None, + description=( + "podReplacementPolicy specifies when to create replacement Pods. Possible" + " values are: - TerminatingOrFailed means that we recreate pods\n when" + " they are terminating (has a metadata.deletionTimestamp) or failed.\n-" + " Failed means to wait until a previously created Pod is fully terminated" + " (has phase\n Failed or Succeeded) before creating a replacement" + " Pod.\n\nWhen using podFailurePolicy, Failed is the the only allowed" + " value. TerminatingOrFailed and Failed are allowed values when" + " podFailurePolicy is not in use. This is an beta field. To use this," + " enable the JobPodReplacementPolicy feature toggle. This is on by" + ' default.\n\nPossible enum values:\n - `"Failed"` means to wait until a' + " previously created Pod is fully terminated (has phase Failed or" + ' Succeeded) before creating a replacement Pod.\n - `"TerminatingOrFailed"`' + " means that we recreate pods when they are terminating (has a" + " metadata.deletionTimestamp) or failed." + ), + ) + selector: Optional[v1_1.LabelSelector] = Field( + default=None, + description=( + "A label query over pods that should match the pod count. Normally, the" + " system sets this field for you. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + ), + ) + successPolicy: Optional[SuccessPolicy] = Field( + default=None, + description=( + "successPolicy specifies the policy when the Job can be declared as" + " succeeded. If empty, the default behavior applies - the Job is declared" + " as succeeded only when the number of succeeded pods equals to the" + " completions. When the field is specified, it must be immutable and works" + " only for the Indexed Jobs. Once the Job meets the SuccessPolicy, the" + " lingering pods are terminated.\n\nThis field is alpha-level. To use this" + " field, you must enable the `JobSuccessPolicy` feature gate (disabled by" + " default)." + ), + ) + suspend: Optional[bool] = Field( + default=None, + description=( + "suspend specifies whether the Job controller should create Pods or not. If" + " a Job is created with suspend set to true, no Pods are created by the Job" + " controller. If a Job is suspended after creation (i.e. the flag goes from" + " false to true), the Job controller will delete all active Pods associated" + " with this Job. Users must design their workload to gracefully handle" + " this. Suspending a Job will reset the StartTime field of the Job," + " effectively resetting the ActiveDeadlineSeconds timer too. Defaults to" + " false." + ), + ) + template: v1.PodTemplateSpec = Field( + ..., + description=( + "Describes the pod that will be created when executing a job. The only" + ' allowed template.spec.restartPolicy values are "Never" or "OnFailure".' + " More info:" + " https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/" + ), + ) + ttlSecondsAfterFinished: Optional[int] = Field( + default=None, + description=( + "ttlSecondsAfterFinished limits the lifetime of a Job that has finished" + " execution (either Complete or Failed). If this field is set," + " ttlSecondsAfterFinished after the Job finishes, it is eligible to be" + " automatically deleted. When the Job is being deleted, its lifecycle" + " guarantees (e.g. finalizers) will be honored. If this field is unset, the" + " Job won't be automatically deleted. If this field is set to zero, the Job" + " becomes eligible to be deleted immediately after it finishes." + ), + ) + + +class JobTemplateSpec(BaseModel): + metadata: Optional[v1_1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata of the jobs created from this template. More" + " info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[JobSpec] = Field( + default=None, + description=( + "Specification of the desired behavior of the job. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class CronJobSpec(BaseModel): + concurrencyPolicy: Optional[ConcurrencyPolicy] = Field( + default=None, + description=( + "Specifies how to treat concurrent executions of a Job. Valid values" + ' are:\n\n- "Allow" (default): allows CronJobs to run concurrently; -' + ' "Forbid": forbids concurrent runs, skipping next run if previous run' + ' hasn\'t finished yet; - "Replace": cancels currently running job and' + ' replaces it with a new one\n\nPossible enum values:\n - `"Allow"` allows' + ' CronJobs to run concurrently.\n - `"Forbid"` forbids concurrent runs,' + ' skipping next run if previous hasn\'t finished yet.\n - `"Replace"`' + " cancels currently running job and replaces it with a new one." + ), + ) + failedJobsHistoryLimit: Optional[int] = Field( + default=None, + description=( + "The number of failed finished jobs to retain. Value must be non-negative" + " integer. Defaults to 1." + ), + ) + jobTemplate: JobTemplateSpec = Field( + ..., + description="Specifies the job that will be created when executing a CronJob.", + ) + schedule: str = Field( + ..., + description=( + "The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron." + ), + ) + startingDeadlineSeconds: Optional[int] = Field( + default=None, + description=( + "Optional deadline in seconds for starting the job if it misses scheduled" + " time for any reason. Missed jobs executions will be counted as failed" + " ones." + ), + ) + successfulJobsHistoryLimit: Optional[int] = Field( + default=None, + description=( + "The number of successful finished jobs to retain. Value must be" + " non-negative integer. Defaults to 3." + ), + ) + suspend: Optional[bool] = Field( + default=None, + description=( + "This flag tells the controller to suspend subsequent executions, it does" + " not apply to already started executions. Defaults to false." + ), + ) + timeZone: Optional[str] = Field( + default=None, + description=( + "The time zone name for the given schedule, see" + " https://en.wikipedia.org/wiki/List_of_tz_database_time_zones. If not" + " specified, this will default to the time zone of the" + " kube-controller-manager process. The set of valid time zone names and the" + " time zone offset is loaded from the system-wide time zone database by the" + " API server during CronJob validation and the controller manager during" + " execution. If no system-wide time zone database can be found a bundled" + " version of the database is used instead. If the time zone name becomes" + " invalid during the lifetime of a CronJob or due to a change in host" + " configuration, the controller will stop creating new new Jobs and will" + " create a system event with the reason UnknownTimeZone. More information" + " can be found in" + " https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#time-zones" + ), + ) + + +class Job(BaseModel): + apiVersion: Optional[str] = Field( + default="batch/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="Job", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1_1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[JobSpec] = Field( + default=None, + description=( + "Specification of the desired behavior of a job. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + status: Optional[JobStatus] = Field( + default=None, + description=( + "Current status of a job. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class JobList(BaseModel): + apiVersion: Optional[str] = Field( + default="batch/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[Job] = Field(..., description="items is the list of Jobs.") + kind: Optional[str] = Field( + default="JobList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1_1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + + +class CronJob(BaseModel): + apiVersion: Optional[str] = Field( + default="batch/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="CronJob", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1_1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[CronJobSpec] = Field( + default=None, + description=( + "Specification of the desired behavior of a cron job, including the" + " schedule. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + status: Optional[CronJobStatus] = Field( + default=None, + description=( + "Current status of a cron job. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class CronJobList(BaseModel): + apiVersion: Optional[str] = Field( + default="batch/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[CronJob] = Field(..., description="items is the list of CronJobs.") + kind: Optional[str] = Field( + default="CronJobList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1_1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) diff --git a/src/kubedantic/models/io/k8s/api/certificates/__init__.py b/src/kubedantic/models/io/k8s/api/certificates/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/certificates/v1.py b/src/kubedantic/models/io/k8s/api/certificates/v1.py new file mode 100644 index 0000000..9e2fa4a --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/certificates/v1.py @@ -0,0 +1,299 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from enum import Enum +from typing import Dict, List, Optional + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 + + +class CertificateSigningRequestCondition(BaseModel): + lastTransitionTime: Optional[datetime] = Field( + default=None, + description=( + "lastTransitionTime is the time the condition last transitioned from one" + " status to another. If unset, when a new condition type is added or an" + " existing condition's status is changed, the server defaults this to the" + " current time." + ), + ) + lastUpdateTime: Optional[datetime] = Field( + default=None, + description="lastUpdateTime is the time of the last update to this condition", + ) + message: Optional[str] = Field( + default=None, + description=( + "message contains a human readable message with details about the request" + " state" + ), + ) + reason: Optional[str] = Field( + default=None, + description="reason indicates a brief reason for the request state", + ) + status: str = Field( + ..., + description=( + "status of the condition, one of True, False, Unknown. Approved, Denied," + ' and Failed conditions may not be "False" or "Unknown".' + ), + ) + type: str = Field( + ..., + description=( + 'type of the condition. Known conditions are "Approved", "Denied", and' + ' "Failed".\n\nAn "Approved" condition is added via the /approval' + " subresource, indicating the request was approved and should be issued by" + ' the signer.\n\nA "Denied" condition is added via the /approval' + " subresource, indicating the request was denied and should not be issued" + ' by the signer.\n\nA "Failed" condition is added via the /status' + " subresource, indicating the signer failed to issue the" + " certificate.\n\nApproved and Denied conditions are mutually exclusive." + " Approved, Denied, and Failed conditions cannot be removed once" + " added.\n\nOnly one condition of a given type is allowed." + ), + ) + + +class Usage(Enum): + any = "any" + cert_sign = "cert sign" + client_auth = "client auth" + code_signing = "code signing" + content_commitment = "content commitment" + crl_sign = "crl sign" + data_encipherment = "data encipherment" + decipher_only = "decipher only" + digital_signature = "digital signature" + email_protection = "email protection" + encipher_only = "encipher only" + ipsec_end_system = "ipsec end system" + ipsec_tunnel = "ipsec tunnel" + ipsec_user = "ipsec user" + key_agreement = "key agreement" + key_encipherment = "key encipherment" + microsoft_sgc = "microsoft sgc" + netscape_sgc = "netscape sgc" + ocsp_signing = "ocsp signing" + s_mime = "s/mime" + server_auth = "server auth" + signing = "signing" + timestamping = "timestamping" + + +class CertificateSigningRequestSpec(BaseModel): + expirationSeconds: Optional[int] = Field( + default=None, + description=( + "expirationSeconds is the requested duration of validity of the issued" + " certificate. The certificate signer may issue a certificate with a" + " different validity duration so a client must check the delta between the" + " notBefore and and notAfter fields in the issued certificate to determine" + " the actual duration.\n\nThe v1.22+ in-tree implementations of the" + " well-known Kubernetes signers will honor this field as long as the" + " requested duration is not greater than the maximum duration they will" + " honor per the --cluster-signing-duration CLI flag to the Kubernetes" + " controller manager.\n\nCertificate signers may not honor this field for" + " various reasons:\n\n 1. Old signer that is unaware of the field (such as" + " the in-tree\n implementations prior to v1.22)\n 2. Signer whose" + " configured maximum is shorter than the requested duration\n 3. Signer" + " whose configured minimum is longer than the requested duration\n\nThe" + " minimum valid value for expirationSeconds is 600, i.e. 10 minutes." + ), + ) + extra: Optional[Dict[str, List[str]]] = Field( + default=None, + description=( + "extra contains extra attributes of the user that created the" + " CertificateSigningRequest. Populated by the API server on creation and" + " immutable." + ), + ) + groups: Optional[List[str]] = Field( + default=None, + description=( + "groups contains group membership of the user that created the" + " CertificateSigningRequest. Populated by the API server on creation and" + " immutable." + ), + ) + request: str = Field( + ..., + description=( + "request contains an x509 certificate signing request encoded in a" + ' "CERTIFICATE REQUEST" PEM block. When serialized as JSON or YAML, the' + " data is additionally base64-encoded." + ), + ) + signerName: str = Field( + ..., + description=( + "signerName indicates the requested signer, and is a qualified" + " name.\n\nList/watch requests for CertificateSigningRequests can filter on" + ' this field using a "spec.signerName=NAME" fieldSelector.\n\nWell-known' + ' Kubernetes signers are:\n 1. "kubernetes.io/kube-apiserver-client":' + " issues client certificates that can be used to authenticate to" + " kube-apiserver.\n Requests for this signer are never auto-approved by" + ' kube-controller-manager, can be issued by the "csrsigning" controller in' + " kube-controller-manager.\n 2." + ' "kubernetes.io/kube-apiserver-client-kubelet": issues client certificates' + " that kubelets use to authenticate to kube-apiserver.\n Requests for this" + ' signer can be auto-approved by the "csrapproving" controller in' + ' kube-controller-manager, and can be issued by the "csrsigning" controller' + ' in kube-controller-manager.\n 3. "kubernetes.io/kubelet-serving" issues' + " serving certificates that kubelets use to serve TLS endpoints, which" + " kube-apiserver can connect to securely.\n Requests for this signer are" + " never auto-approved by kube-controller-manager, and can be issued by the" + ' "csrsigning" controller in kube-controller-manager.\n\nMore details are' + " available at" + " https://k8s.io/docs/reference/access-authn-authz/certificate-signing-requests/#kubernetes-signers\n\nCustom" + " signerNames can also be specified. The signer defines:\n 1. Trust" + " distribution: how trust (CA bundles) are distributed.\n 2. Permitted" + " subjects: and behavior when a disallowed subject is requested.\n 3." + " Required, permitted, or forbidden x509 extensions in the request" + " (including whether subjectAltNames are allowed, which types, restrictions" + " on allowed values) and behavior when a disallowed extension is" + " requested.\n 4. Required, permitted, or forbidden key usages / extended" + " key usages.\n 5. Expiration/certificate lifetime: whether it is fixed by" + " the signer, configurable by the admin.\n 6. Whether or not requests for" + " CA certificates are allowed." + ), + ) + uid: Optional[str] = Field( + default=None, + description=( + "uid contains the uid of the user that created the" + " CertificateSigningRequest. Populated by the API server on creation and" + " immutable." + ), + ) + usages: Optional[List[Usage]] = Field( + default=None, + description=( + "usages specifies a set of key usages requested in the issued" + " certificate.\n\nRequests for TLS client certificates typically request:" + ' "digital signature", "key encipherment", "client auth".\n\nRequests for' + ' TLS serving certificates typically request: "key encipherment", "digital' + ' signature", "server auth".\n\nValid values are:\n "signing", "digital' + ' signature", "content commitment",\n "key encipherment", "key agreement",' + ' "data encipherment",\n "cert sign", "crl sign", "encipher only",' + ' "decipher only", "any",\n "server auth", "client auth",\n "code signing",' + ' "email protection", "s/mime",\n "ipsec end system", "ipsec tunnel",' + ' "ipsec user",\n "timestamping", "ocsp signing", "microsoft sgc",' + ' "netscape sgc"' + ), + ) + username: Optional[str] = Field( + default=None, + description=( + "username contains the name of the user that created the" + " CertificateSigningRequest. Populated by the API server on creation and" + " immutable." + ), + ) + + +class CertificateSigningRequestStatus(BaseModel): + certificate: Optional[str] = Field( + default=None, + description=( + "certificate is populated with an issued certificate by the signer after an" + " Approved condition is present. This field is set via the /status" + " subresource. Once populated, this field is immutable.\n\nIf the" + ' certificate signing request is denied, a condition of type "Denied" is' + " added and this field remains empty. If the signer cannot issue the" + ' certificate, a condition of type "Failed" is added and this field remains' + " empty.\n\nValidation requirements:\n 1. certificate must contain one or" + ' more PEM blocks.\n 2. All PEM blocks must have the "CERTIFICATE" label,' + " contain no headers, and the encoded data\n must be a BER-encoded ASN.1" + " Certificate structure as described in section 4 of RFC5280.\n 3. Non-PEM" + ' content may appear before or after the "CERTIFICATE" PEM blocks and is' + " unvalidated,\n to allow for explanatory text as described in section 5.2" + " of RFC7468.\n\nIf more than one PEM block is present, and the definition" + " of the requested spec.signerName does not indicate otherwise, the first" + " block is the issued certificate, and subsequent blocks should be treated" + " as intermediate certificates and presented in TLS handshakes.\n\nThe" + " certificate is encoded in PEM format.\n\nWhen serialized as JSON or YAML," + " the data is additionally base64-encoded, so it consists of:\n\n " + " base64(\n -----BEGIN CERTIFICATE-----\n ...\n -----END" + " CERTIFICATE-----\n )" + ), + ) + conditions: Optional[List[CertificateSigningRequestCondition]] = Field( + default=None, + description=( + 'conditions applied to the request. Known conditions are "Approved",' + ' "Denied", and "Failed".' + ), + ) + + +class CertificateSigningRequest(BaseModel): + apiVersion: Optional[str] = Field( + default="certificates.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="CertificateSigningRequest", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = None + spec: CertificateSigningRequestSpec = Field( + ..., + description=( + "spec contains the certificate request, and is immutable after creation." + " Only the request, signerName, expirationSeconds, and usages fields can be" + " set on creation. Other fields are derived by Kubernetes and cannot be" + " modified by users." + ), + ) + status: Optional[CertificateSigningRequestStatus] = Field( + default=None, + description=( + "status contains information about whether the request is approved or" + " denied, and the certificate issued by the signer, or the failure" + " condition indicating signer failure." + ), + ) + + +class CertificateSigningRequestList(BaseModel): + apiVersion: Optional[str] = Field( + default="certificates.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[CertificateSigningRequest] = Field( + ..., description="items is a collection of CertificateSigningRequest objects" + ) + kind: Optional[str] = Field( + default="CertificateSigningRequestList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = None diff --git a/src/kubedantic/models/io/k8s/api/coordination/__init__.py b/src/kubedantic/models/io/k8s/api/coordination/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/coordination/v1.py b/src/kubedantic/models/io/k8s/api/coordination/v1.py new file mode 100644 index 0000000..2be4edd --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/coordination/v1.py @@ -0,0 +1,110 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from typing import List, Optional + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 + + +class LeaseSpec(BaseModel): + acquireTime: Optional[datetime] = Field( + default=None, + description="acquireTime is a time when the current lease was acquired.", + ) + holderIdentity: Optional[str] = Field( + default=None, + description=( + "holderIdentity contains the identity of the holder of a current lease." + ), + ) + leaseDurationSeconds: Optional[int] = Field( + default=None, + description=( + "leaseDurationSeconds is a duration that candidates for a lease need to" + " wait to force acquire it. This is measure against time of last observed" + " renewTime." + ), + ) + leaseTransitions: Optional[int] = Field( + default=None, + description=( + "leaseTransitions is the number of transitions of a lease between holders." + ), + ) + renewTime: Optional[datetime] = Field( + default=None, + description=( + "renewTime is a time when the current holder of a lease has last updated" + " the lease." + ), + ) + + +class Lease(BaseModel): + apiVersion: Optional[str] = Field( + default="coordination.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="Lease", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[LeaseSpec] = Field( + default=None, + description=( + "spec contains the specification of the Lease. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class LeaseList(BaseModel): + apiVersion: Optional[str] = Field( + default="coordination.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[Lease] = Field(..., description="items is a list of schema objects.") + kind: Optional[str] = Field( + default="LeaseList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) diff --git a/src/kubedantic/models/io/k8s/api/core/__init__.py b/src/kubedantic/models/io/k8s/api/core/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/core/v1.py b/src/kubedantic/models/io/k8s/api/core/v1.py new file mode 100644 index 0000000..9564db3 --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/core/v1.py @@ -0,0 +1,8360 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from enum import Enum +from typing import Dict, List, Optional, Union + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 + + +class AWSElasticBlockStoreVolumeSource(BaseModel): + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is the filesystem type of the volume that you want to mount. Tip:" + " Ensure that the filesystem type is supported by the host operating" + ' system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"' + " if unspecified. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + ), + ) + partition: Optional[int] = Field( + default=None, + description=( + "partition is the partition in the volume that you want to mount. If" + " omitted, the default is to mount by volume name. Examples: For volume" + ' /dev/sda1, you specify the partition as "1". Similarly, the volume' + ' partition for /dev/sda is "0" (or you can leave the property empty).' + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly value true will force the readOnly setting in VolumeMounts. More" + " info:" + " https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + ), + ) + volumeID: str = Field( + ..., + description=( + "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS" + " volume). More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + ), + ) + + +class Type(Enum): + Localhost = "Localhost" + RuntimeDefault = "RuntimeDefault" + Unconfined = "Unconfined" + + +class AppArmorProfile(BaseModel): + localhostProfile: Optional[str] = Field( + default=None, + description=( + "localhostProfile indicates a profile loaded on the node that should be" + " used. The profile must be preconfigured on the node to work. Must match" + " the loaded name of the profile. Must be set if and only if type is" + ' "Localhost".' + ), + ) + type: Type = Field( + ..., + description=( + "type indicates which kind of AppArmor profile will be applied. Valid" + " options are:\n Localhost - a profile pre-loaded on the node.\n " + " RuntimeDefault - the container runtime's default profile.\n Unconfined" + ' - no AppArmor enforcement.\n\nPossible enum values:\n - `"Localhost"`' + " indicates that a profile pre-loaded on the node should be used.\n -" + ' `"RuntimeDefault"` indicates that the container runtime\'s default' + ' AppArmor profile should be used.\n - `"Unconfined"` indicates that no' + " AppArmor profile should be enforced." + ), + ) + + +class AttachedVolume(BaseModel): + devicePath: str = Field( + ..., + description=( + "DevicePath represents the device path where the volume should be available" + ), + ) + name: str = Field(..., description="Name of the attached volume") + + +class CachingMode(Enum): + None_ = "None" + ReadOnly = "ReadOnly" + ReadWrite = "ReadWrite" + + +class Kind(Enum): + Dedicated = "Dedicated" + Managed = "Managed" + Shared = "Shared" + + +class AzureDiskVolumeSource(BaseModel): + cachingMode: Optional[CachingMode] = Field( + default=None, + description=( + "cachingMode is the Host Caching mode: None, Read Only, Read" + ' Write.\n\nPossible enum values:\n - `"None"`\n - `"ReadOnly"`\n -' + ' `"ReadWrite"`' + ), + ) + diskName: str = Field( + ..., description="diskName is the Name of the data disk in the blob storage" + ) + diskURI: str = Field( + ..., description="diskURI is the URI of data disk in the blob storage" + ) + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is Filesystem type to mount. Must be a filesystem type supported by" + ' the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred' + ' to be "ext4" if unspecified.' + ), + ) + kind: Optional[Kind] = Field( + default=None, + description=( + "kind expected values are Shared: multiple blob disks per storage account " + " Dedicated: single blob disk per storage account Managed: azure managed" + " data disk (only in managed availability set). defaults to" + ' shared\n\nPossible enum values:\n - `"Dedicated"`\n - `"Managed"`\n -' + ' `"Shared"`' + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly Defaults to false (read/write). ReadOnly here will force the" + " ReadOnly setting in VolumeMounts." + ), + ) + + +class AzureFilePersistentVolumeSource(BaseModel): + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly defaults to false (read/write). ReadOnly here will force the" + " ReadOnly setting in VolumeMounts." + ), + ) + secretName: str = Field( + ..., + description=( + "secretName is the name of secret that contains Azure Storage Account Name" + " and Key" + ), + ) + secretNamespace: Optional[str] = Field( + default=None, + description=( + "secretNamespace is the namespace of the secret that contains Azure Storage" + " Account Name and Key default is the same as the Pod" + ), + ) + shareName: str = Field(..., description="shareName is the azure Share Name") + + +class AzureFileVolumeSource(BaseModel): + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly defaults to false (read/write). ReadOnly here will force the" + " ReadOnly setting in VolumeMounts." + ), + ) + secretName: str = Field( + ..., + description=( + "secretName is the name of secret that contains Azure Storage Account Name" + " and Key" + ), + ) + shareName: str = Field(..., description="shareName is the azure share Name") + + +class Capabilities(BaseModel): + add: Optional[List[str]] = Field(default=None, description="Added capabilities") + drop: Optional[List[str]] = Field(default=None, description="Removed capabilities") + + +class ClaimSource(BaseModel): + resourceClaimName: Optional[str] = Field( + default=None, + description=( + "ResourceClaimName is the name of a ResourceClaim object in the same" + " namespace as this pod." + ), + ) + resourceClaimTemplateName: Optional[str] = Field( + default=None, + description=( + "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in" + " the same namespace as this pod.\n\nThe template will be used to create a" + " new ResourceClaim, which will be bound to this pod. When this pod is" + " deleted, the ResourceClaim will also be deleted. The pod name and" + " resource name, along with a generated component, will be used to form a" + " unique name for the ResourceClaim, which will be recorded in" + " pod.status.resourceClaimStatuses.\n\nThis field is immutable and no" + " changes will be made to the corresponding ResourceClaim by the control" + " plane after creating the ResourceClaim." + ), + ) + + +class ClientIPConfig(BaseModel): + timeoutSeconds: Optional[int] = Field( + default=None, + description=( + "timeoutSeconds specifies the seconds of ClientIP type session sticky time." + " The value must be >0 && <=86400(for 1 day) if ServiceAffinity ==" + ' "ClientIP". Default value is 10800(for 3 hours).' + ), + ) + + +class ComponentCondition(BaseModel): + error: Optional[str] = Field( + default=None, + description=( + "Condition error code for a component. For example, a health check error" + " code." + ), + ) + message: Optional[str] = Field( + default=None, + description=( + "Message about the condition for a component. For example, information" + " about a health check." + ), + ) + status: str = Field( + ..., + description=( + 'Status of the condition for a component. Valid values for "Healthy":' + ' "True", "False", or "Unknown".' + ), + ) + type: str = Field( + ..., description='Type of condition for a component. Valid value: "Healthy"' + ) + + +class ConfigMapEnvSource(BaseModel): + name: Optional[str] = Field( + default=None, + description=( + "Name of the referent. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + ), + ) + optional: Optional[bool] = Field( + default=None, description="Specify whether the ConfigMap must be defined" + ) + + +class ConfigMapKeySelector(BaseModel): + key: str = Field(..., description="The key to select.") + name: Optional[str] = Field( + default=None, + description=( + "Name of the referent. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + ), + ) + optional: Optional[bool] = Field( + default=None, + description="Specify whether the ConfigMap or its key must be defined", + ) + + +class ConfigMapNodeConfigSource(BaseModel): + kubeletConfigKey: str = Field( + ..., + description=( + "KubeletConfigKey declares which key of the referenced ConfigMap" + " corresponds to the KubeletConfiguration structure This field is required" + " in all cases." + ), + ) + name: str = Field( + ..., + description=( + "Name is the metadata.name of the referenced ConfigMap. This field is" + " required in all cases." + ), + ) + namespace: str = Field( + ..., + description=( + "Namespace is the metadata.namespace of the referenced ConfigMap. This" + " field is required in all cases." + ), + ) + resourceVersion: Optional[str] = Field( + default=None, + description=( + "ResourceVersion is the metadata.ResourceVersion of the referenced" + " ConfigMap. This field is forbidden in Node.Spec, and required in" + " Node.Status." + ), + ) + uid: Optional[str] = Field( + default=None, + description=( + "UID is the metadata.UID of the referenced ConfigMap. This field is" + " forbidden in Node.Spec, and required in Node.Status." + ), + ) + + +class ImagePullPolicy(Enum): + Always = "Always" + IfNotPresent = "IfNotPresent" + Never = "Never" + + +class TerminationMessagePolicy(Enum): + FallbackToLogsOnError = "FallbackToLogsOnError" + File = "File" + + +class ContainerImage(BaseModel): + names: Optional[List[str]] = Field( + default=None, + description=( + "Names by which this image is known. e.g." + ' ["kubernetes.example/hyperkube:v1.0.7",' + ' "cloud-vendor.registry.example/cloud-vendor/hyperkube:v1.0.7"]' + ), + ) + sizeBytes: Optional[int] = Field( + default=None, description="The size of the image in bytes." + ) + + +class Protocol(Enum): + SCTP = "SCTP" + TCP = "TCP" + UDP = "UDP" + + +class ContainerPort(BaseModel): + containerPort: int = Field( + ..., + description=( + "Number of port to expose on the pod's IP address. This must be a valid" + " port number, 0 < x < 65536." + ), + ) + hostIP: Optional[str] = Field( + default=None, description="What host IP to bind the external port to." + ) + hostPort: Optional[int] = Field( + default=None, + description=( + "Number of port to expose on the host. If specified, this must be a valid" + " port number, 0 < x < 65536. If HostNetwork is specified, this must match" + " ContainerPort. Most containers do not need this." + ), + ) + name: Optional[str] = Field( + default=None, + description=( + "If specified, this must be an IANA_SVC_NAME and unique within the pod." + " Each named port in a pod must have a unique name. Name for the port that" + " can be referred to by services." + ), + ) + protocol: Optional[Protocol] = Field( + default="TCP", + description=( + "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to" + ' "TCP".\n\nPossible enum values:\n - `"SCTP"` is the SCTP protocol.\n -' + ' `"TCP"` is the TCP protocol.\n - `"UDP"` is the UDP protocol.' + ), + ) + + +class ContainerResizePolicy(BaseModel): + resourceName: str = Field( + ..., + description=( + "Name of the resource to which this resource resize policy applies." + " Supported values: cpu, memory." + ), + ) + restartPolicy: str = Field( + ..., + description=( + "Restart policy to apply when specified resource is resized. If not" + " specified, it defaults to NotRequired." + ), + ) + + +class ContainerStateWaiting(BaseModel): + message: Optional[str] = Field( + default=None, + description="Message regarding why the container is not yet running.", + ) + reason: Optional[str] = Field( + default=None, description="(brief) reason the container is not yet running." + ) + + +class DaemonEndpoint(BaseModel): + Port: int = Field(..., description="Port number of the given endpoint.") + + +class EndpointPort(BaseModel): + appProtocol: Optional[str] = Field( + default=None, + description=( + "The application protocol for this port. This is used as a hint for" + " implementations to offer richer behavior for protocols that they" + " understand. This field follows standard Kubernetes label syntax. Valid" + " values are either:\n\n* Un-prefixed protocol names - reserved for IANA" + " standard service names (as per RFC-6335 and" + " https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined" + " prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over" + " cleartext as described in" + " https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n" + " * 'kubernetes.io/ws' - WebSocket over cleartext as described in" + " https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' -" + " WebSocket over TLS as described in" + " https://www.rfc-editor.org/rfc/rfc6455\n\n* Other protocols should use" + " implementation-defined prefixed names such as" + " mycompany.com/my-custom-protocol." + ), + ) + name: Optional[str] = Field( + default=None, + description=( + "The name of this port. This must match the 'name' field in the" + " corresponding ServicePort. Must be a DNS_LABEL. Optional only if one port" + " is defined." + ), + ) + port: int = Field(..., description="The port number of the endpoint.") + protocol: Optional[Protocol] = Field( + default="TCP", + description=( + "The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is" + ' TCP.\n\nPossible enum values:\n - `"SCTP"` is the SCTP protocol.\n -' + ' `"TCP"` is the TCP protocol.\n - `"UDP"` is the UDP protocol.' + ), + ) + + +class EventSource(BaseModel): + component: Optional[str] = Field( + default=None, description="Component from which the event is generated." + ) + host: Optional[str] = Field( + default=None, description="Node name on which the event is generated." + ) + + +class ExecAction(BaseModel): + command: Optional[List[str]] = Field( + default=None, + description=( + "Command is the command line to execute inside the container, the working" + " directory for the command is root ('/') in the container's filesystem." + " The command is simply exec'd, it is not run inside a shell, so" + " traditional shell instructions ('|', etc) won't work. To use a shell, you" + " need to explicitly call out to that shell. Exit status of 0 is treated as" + " live/healthy and non-zero is unhealthy." + ), + ) + + +class FCVolumeSource(BaseModel): + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is the filesystem type to mount. Must be a filesystem type" + ' supported by the host operating system. Ex. "ext4", "xfs", "ntfs".' + ' Implicitly inferred to be "ext4" if unspecified.' + ), + ) + lun: Optional[int] = Field( + default=None, description="lun is Optional: FC target lun number" + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly is Optional: Defaults to false (read/write). ReadOnly here will" + " force the ReadOnly setting in VolumeMounts." + ), + ) + targetWWNs: Optional[List[str]] = Field( + default=None, + description="targetWWNs is Optional: FC target worldwide names (WWNs)", + ) + wwids: Optional[List[str]] = Field( + default=None, + description=( + "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or" + " combination of targetWWNs and lun must be set, but not both" + " simultaneously." + ), + ) + + +class FlockerVolumeSource(BaseModel): + datasetName: Optional[str] = Field( + default=None, + description=( + "datasetName is Name of the dataset stored as metadata -> name on the" + " dataset for Flocker should be considered as deprecated" + ), + ) + datasetUUID: Optional[str] = Field( + default=None, + description=( + "datasetUUID is the UUID of the dataset. This is unique identifier of a" + " Flocker dataset" + ), + ) + + +class GCEPersistentDiskVolumeSource(BaseModel): + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is filesystem type of the volume that you want to mount. Tip:" + " Ensure that the filesystem type is supported by the host operating" + ' system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"' + " if unspecified. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + ), + ) + partition: Optional[int] = Field( + default=None, + description=( + "partition is the partition in the volume that you want to mount. If" + " omitted, the default is to mount by volume name. Examples: For volume" + ' /dev/sda1, you specify the partition as "1". Similarly, the volume' + ' partition for /dev/sda is "0" (or you can leave the property empty). More' + " info:" + " https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + ), + ) + pdName: str = Field( + ..., + description=( + "pdName is unique name of the PD resource in GCE. Used to identify the disk" + " in GCE. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to" + " false. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + ), + ) + + +class GRPCAction(BaseModel): + port: int = Field( + ..., + description=( + "Port number of the gRPC service. Number must be in the range 1 to 65535." + ), + ) + service: Optional[str] = Field( + default="", + description=( + "Service is the name of the service to place in the gRPC HealthCheckRequest" + " (see" + " https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf" + " this is not specified, the default behavior is defined by gRPC." + ), + ) + + +class GitRepoVolumeSource(BaseModel): + directory: Optional[str] = Field( + default=None, + description=( + "directory is the target directory name. Must not contain or start with" + " '..'. If '.' is supplied, the volume directory will be the git" + " repository. Otherwise, if specified, the volume will contain the git" + " repository in the subdirectory with the given name." + ), + ) + repository: str = Field(..., description="repository is the URL") + revision: Optional[str] = Field( + default=None, + description="revision is the commit hash for the specified revision.", + ) + + +class GlusterfsPersistentVolumeSource(BaseModel): + endpoints: str = Field( + ..., + description=( + "endpoints is the endpoint name that details Glusterfs topology. More info:" + " https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + ), + ) + endpointsNamespace: Optional[str] = Field( + default=None, + description=( + "endpointsNamespace is the namespace that contains Glusterfs endpoint. If" + " this field is empty, the EndpointNamespace defaults to the same namespace" + " as the bound PVC. More info:" + " https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + ), + ) + path: str = Field( + ..., + description=( + "path is the Glusterfs volume path. More info:" + " https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly here will force the Glusterfs volume to be mounted with read-only" + " permissions. Defaults to false. More info:" + " https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + ), + ) + + +class GlusterfsVolumeSource(BaseModel): + endpoints: str = Field( + ..., + description=( + "endpoints is the endpoint name that details Glusterfs topology. More info:" + " https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + ), + ) + path: str = Field( + ..., + description=( + "path is the Glusterfs volume path. More info:" + " https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly here will force the Glusterfs volume to be mounted with read-only" + " permissions. Defaults to false. More info:" + " https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + ), + ) + + +class Scheme(Enum): + HTTP = "HTTP" + HTTPS = "HTTPS" + + +class HTTPHeader(BaseModel): + name: str = Field( + ..., + description=( + "The header field name. This will be canonicalized upon output, so" + " case-variant names will be understood as the same header." + ), + ) + value: str = Field(..., description="The header field value") + + +class HostAlias(BaseModel): + hostnames: Optional[List[str]] = Field( + default=None, description="Hostnames for the above IP address." + ) + ip: Optional[str] = Field( + default=None, description="IP address of the host file entry." + ) + + +class HostIP(BaseModel): + ip: Optional[str] = Field( + default=None, description="IP is the IP address assigned to the host" + ) + + +class TypeModel(Enum): + field_ = "" + BlockDevice = "BlockDevice" + CharDevice = "CharDevice" + Directory = "Directory" + DirectoryOrCreate = "DirectoryOrCreate" + File = "File" + FileOrCreate = "FileOrCreate" + Socket = "Socket" + + +class HostPathVolumeSource(BaseModel): + path: str = Field( + ..., + description=( + "path of the directory on the host. If the path is a symlink, it will" + " follow the link to the real path. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + ), + ) + type: Optional[TypeModel] = Field( + default=None, + description=( + 'type for HostPath Volume Defaults to "" More info:' + " https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n\nPossible" + ' enum values:\n - `""` For backwards compatible, leave it empty if unset\n' + ' - `"BlockDevice"` A block device must exist at the given path\n -' + ' `"CharDevice"` A character device must exist at the given path\n -' + ' `"Directory"` A directory must exist at the given path\n -' + ' `"DirectoryOrCreate"` If nothing exists at the given path, an empty' + " directory will be created there as needed with file mode 0755, having the" + ' same group and ownership with Kubelet.\n - `"File"` A file must exist at' + ' the given path\n - `"FileOrCreate"` If nothing exists at the given path,' + " an empty file will be created there as needed with file mode 0644, having" + ' the same group and ownership with Kubelet.\n - `"Socket"` A UNIX socket' + " must exist at the given path" + ), + ) + + +class KeyToPath(BaseModel): + key: str = Field(..., description="key is the key to project.") + mode: Optional[int] = Field( + default=None, + description=( + "mode is Optional: mode bits used to set permissions on this file. Must be" + " an octal value between 0000 and 0777 or a decimal value between 0 and" + " 511. YAML accepts both octal and decimal values, JSON requires decimal" + " values for mode bits. If not specified, the volume defaultMode will be" + " used. This might be in conflict with other options that affect the file" + " mode, like fsGroup, and the result can be other mode bits set." + ), + ) + path: str = Field( + ..., + description=( + "path is the relative path of the file to map the key to. May not be an" + " absolute path. May not contain the path element '..'. May not start with" + " the string '..'." + ), + ) + + +class LocalObjectReference(BaseModel): + name: Optional[str] = Field( + default=None, + description=( + "Name of the referent. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + ), + ) + + +class LocalVolumeSource(BaseModel): + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is the filesystem type to mount. It applies only when the Path is a" + " block device. Must be a filesystem type supported by the host operating" + ' system. Ex. "ext4", "xfs", "ntfs". The default value is to auto-select a' + " filesystem if unspecified." + ), + ) + path: str = Field( + ..., + description=( + "path of the full path to the volume on the node. It can be either a" + " directory or block device (disk, partition, ...)." + ), + ) + + +class Status(Enum): + InProgress = "InProgress" + Infeasible = "Infeasible" + Pending = "Pending" + + +class ModifyVolumeStatus(BaseModel): + status: Status = Field( + ..., + description=( + "status is the status of the ControllerModifyVolume operation. It can be in" + " any of following states:\n - Pending\n Pending indicates that the" + " PersistentVolumeClaim cannot be modified due to unmet requirements, such" + " as\n the specified VolumeAttributesClass not existing.\n - InProgress\n" + " InProgress indicates that the volume is being modified.\n -" + " Infeasible\n Infeasible indicates that the request has been rejected as" + " invalid by the CSI driver. To\n\t resolve the error, a valid" + " VolumeAttributesClass needs to be specified.\nNote: New statuses can be" + " added in the future. Consumers should check for unknown statuses and fail" + ' appropriately.\n\nPossible enum values:\n - `"InProgress"` InProgress' + ' indicates that the volume is being modified\n - `"Infeasible"` Infeasible' + " indicates that the request has been rejected as invalid by the CSI" + " driver. To resolve the error, a valid VolumeAttributesClass needs to be" + ' specified\n - `"Pending"` Pending indicates that the' + " PersistentVolumeClaim cannot be modified due to unmet requirements, such" + " as the specified VolumeAttributesClass not existing" + ), + ) + targetVolumeAttributesClassName: Optional[str] = Field( + default=None, + description=( + "targetVolumeAttributesClassName is the name of the VolumeAttributesClass" + " the PVC currently being reconciled" + ), + ) + + +class NFSVolumeSource(BaseModel): + path: str = Field( + ..., + description=( + "path that is exported by the NFS server. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#nfs" + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly here will force the NFS export to be mounted with read-only" + " permissions. Defaults to false. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#nfs" + ), + ) + server: str = Field( + ..., + description=( + "server is the hostname or IP address of the NFS server. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#nfs" + ), + ) + + +class NamespaceSpec(BaseModel): + finalizers: Optional[List[str]] = Field( + default=None, + description=( + "Finalizers is an opaque list of values that must be empty to permanently" + " remove object from storage. More info:" + " https://kubernetes.io/docs/tasks/administer-cluster/namespaces/" + ), + ) + + +class Phase(Enum): + Active = "Active" + Terminating = "Terminating" + + +class NodeAddress(BaseModel): + address: str = Field(..., description="The node address.") + type: str = Field( + ..., description="Node address type, one of Hostname, ExternalIP or InternalIP." + ) + + +class NodeConfigSource(BaseModel): + configMap: Optional[ConfigMapNodeConfigSource] = Field( + default=None, description="ConfigMap is a reference to a Node's ConfigMap" + ) + + +class NodeConfigStatus(BaseModel): + active: Optional[NodeConfigSource] = Field( + default=None, + description=( + "Active reports the checkpointed config the node is actively using. Active" + " will represent either the current version of the Assigned config, or the" + " current LastKnownGood config, depending on whether attempting to use the" + " Assigned config results in an error." + ), + ) + assigned: Optional[NodeConfigSource] = Field( + default=None, + description=( + "Assigned reports the checkpointed config the node will try to use. When" + " Node.Spec.ConfigSource is updated, the node checkpoints the associated" + " config payload to local disk, along with a record indicating intended" + " config. The node refers to this record to choose its config checkpoint," + " and reports this record in Assigned. Assigned only updates in the status" + " after the record has been checkpointed to disk. When the Kubelet is" + " restarted, it tries to make the Assigned config the Active config by" + " loading and validating the checkpointed payload identified by Assigned." + ), + ) + error: Optional[str] = Field( + default=None, + description=( + "Error describes any problems reconciling the Spec.ConfigSource to the" + " Active config. Errors may occur, for example, attempting to checkpoint" + " Spec.ConfigSource to the local Assigned record, attempting to checkpoint" + " the payload associated with Spec.ConfigSource, attempting to load or" + " validate the Assigned config, etc. Errors may occur at different points" + " while syncing config. Earlier errors (e.g. download or checkpointing" + " errors) will not result in a rollback to LastKnownGood, and may resolve" + " across Kubelet retries. Later errors (e.g. loading or validating a" + " checkpointed config) will result in a rollback to LastKnownGood. In the" + " latter case, it is usually possible to resolve the error by fixing the" + " config assigned in Spec.ConfigSource. You can find additional information" + " for debugging by searching the error message in the Kubelet log. Error is" + " a human-readable description of the error state; machines can check" + " whether or not Error is empty, but should not rely on the stability of" + " the Error text across Kubelet versions." + ), + ) + lastKnownGood: Optional[NodeConfigSource] = Field( + default=None, + description=( + "LastKnownGood reports the checkpointed config the node will fall back to" + " when it encounters an error attempting to use the Assigned config. The" + " Assigned config becomes the LastKnownGood config when the node determines" + " that the Assigned config is stable and correct. This is currently" + " implemented as a 10-minute soak period starting when the local record of" + " Assigned config is updated. If the Assigned config is Active at the end" + " of this period, it becomes the LastKnownGood. Note that if" + " Spec.ConfigSource is reset to nil (use local defaults), the LastKnownGood" + " is also immediately reset to nil, because the local default config is" + " always assumed good. You should not make assumptions about the node's" + " method of determining config stability and correctness, as this may" + " change or become configurable in the future." + ), + ) + + +class NodeDaemonEndpoints(BaseModel): + kubeletEndpoint: Optional[DaemonEndpoint] = Field( + default=None, description="Endpoint on which Kubelet is listening." + ) + + +class NodeRuntimeHandlerFeatures(BaseModel): + recursiveReadOnlyMounts: Optional[bool] = Field( + default=None, + description=( + "RecursiveReadOnlyMounts is set to true if the runtime handler supports" + " RecursiveReadOnlyMounts." + ), + ) + + +class Operator(Enum): + DoesNotExist = "DoesNotExist" + Exists = "Exists" + Gt = "Gt" + In = "In" + Lt = "Lt" + NotIn = "NotIn" + + +class NodeSelectorRequirement(BaseModel): + key: str = Field(..., description="The label key that the selector applies to.") + operator: Operator = Field( + ..., + description=( + "Represents a key's relationship to a set of values. Valid operators are" + " In, NotIn, Exists, DoesNotExist. Gt, and Lt.\n\nPossible enum values:\n -" + ' `"DoesNotExist"`\n - `"Exists"`\n - `"Gt"`\n - `"In"`\n - `"Lt"`\n -' + ' `"NotIn"`' + ), + ) + values: Optional[List[str]] = Field( + default=None, + description=( + "An array of string values. If the operator is In or NotIn, the values" + " array must be non-empty. If the operator is Exists or DoesNotExist, the" + " values array must be empty. If the operator is Gt or Lt, the values array" + " must have a single element, which will be interpreted as an integer. This" + " array is replaced during a strategic merge patch." + ), + ) + + +class NodeSelectorTerm(BaseModel): + matchExpressions: Optional[List[NodeSelectorRequirement]] = Field( + default=None, + description="A list of node selector requirements by node's labels.", + ) + matchFields: Optional[List[NodeSelectorRequirement]] = Field( + default=None, + description="A list of node selector requirements by node's fields.", + ) + + +class PhaseModel(Enum): + Pending = "Pending" + Running = "Running" + Terminated = "Terminated" + + +class NodeSystemInfo(BaseModel): + architecture: str = Field(..., description="The Architecture reported by the node") + bootID: str = Field(..., description="Boot ID reported by the node.") + containerRuntimeVersion: str = Field( + ..., + description=( + "ContainerRuntime Version reported by the node through runtime remote API" + " (e.g. containerd://1.4.2)." + ), + ) + kernelVersion: str = Field( + ..., + description=( + "Kernel Version reported by the node from 'uname -r' (e.g." + " 3.16.0-0.bpo.4-amd64)." + ), + ) + kubeProxyVersion: str = Field( + ..., description="KubeProxy Version reported by the node." + ) + kubeletVersion: str = Field( + ..., description="Kubelet Version reported by the node." + ) + machineID: str = Field( + ..., + description=( + "MachineID reported by the node. For unique machine identification in the" + " cluster this field is preferred. Learn more from man(5) machine-id:" + " http://man7.org/linux/man-pages/man5/machine-id.5.html" + ), + ) + operatingSystem: str = Field( + ..., description="The Operating System reported by the node" + ) + osImage: str = Field( + ..., + description=( + "OS Image reported by the node from /etc/os-release (e.g. Debian GNU/Linux" + " 7 (wheezy))." + ), + ) + systemUUID: str = Field( + ..., + description=( + "SystemUUID reported by the node. For unique machine identification" + " MachineID is preferred. This field is specific to Red Hat hosts" + " https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid" + ), + ) + + +class ObjectFieldSelector(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "Version of the schema the FieldPath is written in terms of, defaults to" + ' "v1".' + ), + ) + fieldPath: str = Field( + ..., description="Path of the field to select in the specified API version." + ) + + +class ObjectReference(BaseModel): + apiVersion: Optional[str] = Field( + default=None, description="API version of the referent." + ) + fieldPath: Optional[str] = Field( + default=None, + description=( + "If referring to a piece of an object instead of an entire object, this" + " string should contain a valid JSON/Go field access statement, such as" + " desiredState.manifest.containers[2]. For example, if the object reference" + " is to a container within a pod, this would take on a value like:" + ' "spec.containers{name}" (where "name" refers to the name of the container' + " that triggered the event) or if no container name is specified" + ' "spec.containers[2]" (container with index 2 in this pod). This syntax is' + " chosen only to have some well-defined way of referencing a part of an" + " object." + ), + ) + kind: Optional[str] = Field( + default=None, + description=( + "Kind of the referent. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + name: Optional[str] = Field( + default=None, + description=( + "Name of the referent. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + ), + ) + namespace: Optional[str] = Field( + default=None, + description=( + "Namespace of the referent. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + ), + ) + resourceVersion: Optional[str] = Field( + default=None, + description=( + "Specific resourceVersion to which this reference is made, if any. More" + " info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + ), + ) + uid: Optional[str] = Field( + default=None, + description=( + "UID of the referent. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + ), + ) + + +class AccessMode(Enum): + ReadOnlyMany = "ReadOnlyMany" + ReadWriteMany = "ReadWriteMany" + ReadWriteOnce = "ReadWriteOnce" + ReadWriteOncePod = "ReadWriteOncePod" + + +class VolumeMode(Enum): + Block = "Block" + Filesystem = "Filesystem" + + +class AllocatedResourceStatuses(Enum): + ControllerResizeFailed = "ControllerResizeFailed" + ControllerResizeInProgress = "ControllerResizeInProgress" + NodeResizeFailed = "NodeResizeFailed" + NodeResizeInProgress = "NodeResizeInProgress" + NodeResizePending = "NodeResizePending" + + +class PhaseModel1(Enum): + Bound = "Bound" + Lost = "Lost" + Pending = "Pending" + + +class PersistentVolumeClaimVolumeSource(BaseModel): + claimName: str = Field( + ..., + description=( + "claimName is the name of a PersistentVolumeClaim in the same namespace as" + " the pod using this volume. More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + ), + ) + + +class PersistentVolumeReclaimPolicy(Enum): + Delete = "Delete" + Recycle = "Recycle" + Retain = "Retain" + + +class PhaseModel2(Enum): + Available = "Available" + Bound = "Bound" + Failed = "Failed" + Pending = "Pending" + Released = "Released" + + +class PhotonPersistentDiskVolumeSource(BaseModel): + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is the filesystem type to mount. Must be a filesystem type" + ' supported by the host operating system. Ex. "ext4", "xfs", "ntfs".' + ' Implicitly inferred to be "ext4" if unspecified.' + ), + ) + pdID: str = Field( + ..., + description="pdID is the ID that identifies Photon Controller persistent disk", + ) + + +class PodDNSConfigOption(BaseModel): + name: Optional[str] = Field(default=None, description="Required.") + value: Optional[str] = None + + +class PodIP(BaseModel): + ip: Optional[str] = Field( + default=None, description="IP is the IP address assigned to the pod" + ) + + +class PodOS(BaseModel): + name: str = Field( + ..., + description=( + "Name is the name of the operating system. The currently supported values" + " are linux and windows. Additional value may be defined in future and can" + " be one of:" + " https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration" + " Clients should expect to handle additional values and treat unrecognized" + " values in this field as os: null" + ), + ) + + +class PodReadinessGate(BaseModel): + conditionType: str = Field( + ..., + description=( + "ConditionType refers to a condition in the pod's condition list with" + " matching type." + ), + ) + + +class PodResourceClaim(BaseModel): + name: str = Field( + ..., + description=( + "Name uniquely identifies this resource claim inside the pod. This must be" + " a DNS_LABEL." + ), + ) + source: Optional[ClaimSource] = Field( + default=None, description="Source describes where to find the ResourceClaim." + ) + + +class PodResourceClaimStatus(BaseModel): + name: str = Field( + ..., + description=( + "Name uniquely identifies this resource claim inside the pod. This must" + " match the name of an entry in pod.spec.resourceClaims, which implies that" + " the string must be a DNS_LABEL." + ), + ) + resourceClaimName: Optional[str] = Field( + default=None, + description=( + "ResourceClaimName is the name of the ResourceClaim that was generated for" + " the Pod in the namespace of the Pod. It this is unset, then generating a" + " ResourceClaim was not necessary. The pod.spec.resourceClaims entry can be" + " ignored in this case." + ), + ) + + +class PodSchedulingGate(BaseModel): + name: str = Field( + ..., + description=( + "Name of the scheduling gate. Each scheduling gate must have a unique name" + " field." + ), + ) + + +class FsGroupChangePolicy(Enum): + Always = "Always" + OnRootMismatch = "OnRootMismatch" + + +class DnsPolicy(Enum): + ClusterFirst = "ClusterFirst" + ClusterFirstWithHostNet = "ClusterFirstWithHostNet" + Default = "Default" + None_ = "None" + + +class PreemptionPolicy(Enum): + Never = "Never" + PreemptLowerPriority = "PreemptLowerPriority" + + +class RestartPolicy(Enum): + Always = "Always" + Never = "Never" + OnFailure = "OnFailure" + + +class PhaseModel3(Enum): + Failed = "Failed" + Pending = "Pending" + Running = "Running" + Succeeded = "Succeeded" + Unknown = "Unknown" + + +class QosClass(Enum): + BestEffort = "BestEffort" + Burstable = "Burstable" + Guaranteed = "Guaranteed" + + +class PortStatus(BaseModel): + error: Optional[str] = Field( + default=None, + description=( + "Error is to record the problem with the service port The format of the" + " error shall comply with the following rules: - built-in error values" + " shall be specified in this file and those shall use\n CamelCase names\n-" + " cloud provider specific error values must have names that comply with" + " the\n format foo.example.com/CamelCase." + ), + ) + port: int = Field( + ..., + description=( + "Port is the port number of the service port of which status is recorded" + " here" + ), + ) + protocol: Protocol = Field( + ..., + description=( + "Protocol is the protocol of the service port of which status is recorded" + ' here The supported values are: "TCP", "UDP", "SCTP"\n\nPossible enum' + ' values:\n - `"SCTP"` is the SCTP protocol.\n - `"TCP"` is the TCP' + ' protocol.\n - `"UDP"` is the UDP protocol.' + ), + ) + + +class PortworxVolumeSource(BaseModel): + fsType: Optional[str] = Field( + default=None, + description=( + "fSType represents the filesystem type to mount Must be a filesystem type" + ' supported by the host operating system. Ex. "ext4", "xfs". Implicitly' + ' inferred to be "ext4" if unspecified.' + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly defaults to false (read/write). ReadOnly here will force the" + " ReadOnly setting in VolumeMounts." + ), + ) + volumeID: str = Field( + ..., description="volumeID uniquely identifies a Portworx volume" + ) + + +class PreferredSchedulingTerm(BaseModel): + preference: NodeSelectorTerm = Field( + ..., + description="A node selector term, associated with the corresponding weight.", + ) + weight: int = Field( + ..., + description=( + "Weight associated with matching the corresponding nodeSelectorTerm, in the" + " range 1-100." + ), + ) + + +class QuobyteVolumeSource(BaseModel): + group: Optional[str] = Field( + default=None, description="group to map volume access to Default is no group" + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly here will force the Quobyte volume to be mounted with read-only" + " permissions. Defaults to false." + ), + ) + registry: str = Field( + ..., + description=( + "registry represents a single or multiple Quobyte Registry services" + " specified as a string as host:port pair (multiple entries are separated" + " with commas) which acts as the central registry for volumes" + ), + ) + tenant: Optional[str] = Field( + default=None, + description=( + "tenant owning the given Quobyte volume in the Backend Used with" + " dynamically provisioned Quobyte volumes, value is set by the plugin" + ), + ) + user: Optional[str] = Field( + default=None, + description="user to map volume access to Defaults to serivceaccount user", + ) + volume: str = Field( + ..., + description=( + "volume is a string that references an already created Quobyte volume by" + " name." + ), + ) + + +class RBDVolumeSource(BaseModel): + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is the filesystem type of the volume that you want to mount. Tip:" + " Ensure that the filesystem type is supported by the host operating" + ' system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"' + " if unspecified. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#rbd" + ), + ) + image: str = Field( + ..., + description=( + "image is the rados image name. More info:" + " https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + ), + ) + keyring: Optional[str] = Field( + default=None, + description=( + "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring." + " More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + ), + ) + monitors: List[str] = Field( + ..., + description=( + "monitors is a collection of Ceph monitors. More info:" + " https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + ), + ) + pool: Optional[str] = Field( + default=None, + description=( + "pool is the rados pool name. Default is rbd. More info:" + " https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to" + " false. More info:" + " https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + ), + ) + secretRef: Optional[LocalObjectReference] = Field( + default=None, + description=( + "secretRef is name of the authentication secret for RBDUser. If provided" + " overrides keyring. Default is nil. More info:" + " https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + ), + ) + user: Optional[str] = Field( + default=None, + description=( + "user is the rados user name. Default is admin. More info:" + " https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + ), + ) + + +class ResourceClaim(BaseModel): + name: str = Field( + ..., + description=( + "Name must match the name of one entry in pod.spec.resourceClaims of the" + " Pod where this field is used. It makes that resource available inside a" + " container." + ), + ) + + +class Scope(Enum): + BestEffort = "BestEffort" + CrossNamespacePodAffinity = "CrossNamespacePodAffinity" + NotBestEffort = "NotBestEffort" + NotTerminating = "NotTerminating" + PriorityClass = "PriorityClass" + Terminating = "Terminating" + + +class SELinuxOptions(BaseModel): + level: Optional[str] = Field( + default=None, + description="Level is SELinux level label that applies to the container.", + ) + role: Optional[str] = Field( + default=None, + description="Role is a SELinux role label that applies to the container.", + ) + type: Optional[str] = Field( + default=None, + description="Type is a SELinux type label that applies to the container.", + ) + user: Optional[str] = Field( + default=None, + description="User is a SELinux user label that applies to the container.", + ) + + +class ScaleIOVolumeSource(BaseModel): + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is the filesystem type to mount. Must be a filesystem type" + ' supported by the host operating system. Ex. "ext4", "xfs", "ntfs".' + ' Default is "xfs".' + ), + ) + gateway: str = Field( + ..., description="gateway is the host address of the ScaleIO API Gateway." + ) + protectionDomain: Optional[str] = Field( + default=None, + description=( + "protectionDomain is the name of the ScaleIO Protection Domain for the" + " configured storage." + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly Defaults to false (read/write). ReadOnly here will force the" + " ReadOnly setting in VolumeMounts." + ), + ) + secretRef: LocalObjectReference = Field( + ..., + description=( + "secretRef references to the secret for ScaleIO user and other sensitive" + " information. If this is not provided, Login operation will fail." + ), + ) + sslEnabled: Optional[bool] = Field( + default=None, + description=( + "sslEnabled Flag enable/disable SSL communication with Gateway, default" + " false" + ), + ) + storageMode: Optional[str] = Field( + default=None, + description=( + "storageMode indicates whether the storage for a volume should be" + " ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + ), + ) + storagePool: Optional[str] = Field( + default=None, + description=( + "storagePool is the ScaleIO Storage Pool associated with the protection" + " domain." + ), + ) + system: str = Field( + ..., + description=( + "system is the name of the storage system as configured in ScaleIO." + ), + ) + volumeName: Optional[str] = Field( + default=None, + description=( + "volumeName is the name of a volume already created in the ScaleIO system" + " that is associated with this volume source." + ), + ) + + +class OperatorModel(Enum): + DoesNotExist = "DoesNotExist" + Exists = "Exists" + In = "In" + NotIn = "NotIn" + + +class ScopeName(Enum): + BestEffort = "BestEffort" + CrossNamespacePodAffinity = "CrossNamespacePodAffinity" + NotBestEffort = "NotBestEffort" + NotTerminating = "NotTerminating" + PriorityClass = "PriorityClass" + Terminating = "Terminating" + + +class ScopedResourceSelectorRequirement(BaseModel): + operator: OperatorModel = Field( + ..., + description=( + "Represents a scope's relationship to a set of values. Valid operators are" + " In, NotIn, Exists, DoesNotExist.\n\nPossible enum values:\n -" + ' `"DoesNotExist"`\n - `"Exists"`\n - `"In"`\n - `"NotIn"`' + ), + ) + scopeName: ScopeName = Field( + ..., + description=( + "The name of the scope that the selector applies to.\n\nPossible enum" + ' values:\n - `"BestEffort"` Match all pod objects that have best effort' + ' quality of service\n - `"CrossNamespacePodAffinity"` Match all pod' + " objects that have cross-namespace pod (anti)affinity mentioned.\n -" + ' `"NotBestEffort"` Match all pod objects that do not have best effort' + ' quality of service\n - `"NotTerminating"` Match all pod objects where' + ' spec.activeDeadlineSeconds is nil\n - `"PriorityClass"` Match all pod' + ' objects that have priority class mentioned\n - `"Terminating"` Match all' + " pod objects where spec.activeDeadlineSeconds >=0" + ), + ) + values: Optional[List[str]] = Field( + default=None, + description=( + "An array of string values. If the operator is In or NotIn, the values" + " array must be non-empty. If the operator is Exists or DoesNotExist, the" + " values array must be empty. This array is replaced during a strategic" + " merge patch." + ), + ) + + +class TypeModel1(Enum): + Localhost = "Localhost" + RuntimeDefault = "RuntimeDefault" + Unconfined = "Unconfined" + + +class SeccompProfile(BaseModel): + localhostProfile: Optional[str] = Field( + default=None, + description=( + "localhostProfile indicates a profile defined in a file on the node should" + " be used. The profile must be preconfigured on the node to work. Must be a" + " descending path, relative to the kubelet's configured seccomp profile" + ' location. Must be set if type is "Localhost". Must NOT be set for any' + " other type." + ), + ) + type: TypeModel1 = Field( + ..., + description=( + "type indicates which kind of seccomp profile will be applied. Valid" + " options are:\n\nLocalhost - a profile defined in a file on the node" + " should be used. RuntimeDefault - the container runtime default profile" + " should be used. Unconfined - no profile should be applied.\n\nPossible" + ' enum values:\n - `"Localhost"` indicates a profile defined in a file on' + " the node should be used. The file's location relative to" + ' /seccomp.\n - `"RuntimeDefault"` represents the default' + ' container runtime seccomp profile.\n - `"Unconfined"` indicates no' + " seccomp profile is applied (A.K.A. unconfined)." + ), + ) + + +class SecretEnvSource(BaseModel): + name: Optional[str] = Field( + default=None, + description=( + "Name of the referent. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + ), + ) + optional: Optional[bool] = Field( + default=None, description="Specify whether the Secret must be defined" + ) + + +class SecretKeySelector(BaseModel): + key: str = Field( + ..., + description=( + "The key of the secret to select from. Must be a valid secret key." + ), + ) + name: Optional[str] = Field( + default=None, + description=( + "Name of the referent. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + ), + ) + optional: Optional[bool] = Field( + default=None, + description="Specify whether the Secret or its key must be defined", + ) + + +class SecretProjection(BaseModel): + items: Optional[List[KeyToPath]] = Field( + default=None, + description=( + "items if unspecified, each key-value pair in the Data field of the" + " referenced Secret will be projected into the volume as a file whose name" + " is the key and content is the value. If specified, the listed keys will" + " be projected into the specified paths, and unlisted keys will not be" + " present. If a key is specified which is not present in the Secret, the" + " volume setup will error unless it is marked optional. Paths must be" + " relative and may not contain the '..' path or start with '..'." + ), + ) + name: Optional[str] = Field( + default=None, + description=( + "Name of the referent. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + ), + ) + optional: Optional[bool] = Field( + default=None, + description=( + "optional field specify whether the Secret or its key must be defined" + ), + ) + + +class SecretReference(BaseModel): + name: Optional[str] = Field( + default=None, + description="name is unique within a namespace to reference a secret resource.", + ) + namespace: Optional[str] = Field( + default=None, + description=( + "namespace defines the space within which the secret name must be unique." + ), + ) + + +class SecretVolumeSource(BaseModel): + defaultMode: Optional[int] = Field( + default=None, + description=( + "defaultMode is Optional: mode bits used to set permissions on created" + " files by default. Must be an octal value between 0000 and 0777 or a" + " decimal value between 0 and 511. YAML accepts both octal and decimal" + " values, JSON requires decimal values for mode bits. Defaults to 0644." + " Directories within the path are not affected by this setting. This might" + " be in conflict with other options that affect the file mode, like" + " fsGroup, and the result can be other mode bits set." + ), + ) + items: Optional[List[KeyToPath]] = Field( + default=None, + description=( + "items If unspecified, each key-value pair in the Data field of the" + " referenced Secret will be projected into the volume as a file whose name" + " is the key and content is the value. If specified, the listed keys will" + " be projected into the specified paths, and unlisted keys will not be" + " present. If a key is specified which is not present in the Secret, the" + " volume setup will error unless it is marked optional. Paths must be" + " relative and may not contain the '..' path or start with '..'." + ), + ) + optional: Optional[bool] = Field( + default=None, + description=( + "optional field specify whether the Secret or its keys must be defined" + ), + ) + secretName: Optional[str] = Field( + default=None, + description=( + "secretName is the name of the secret in the pod's namespace to use. More" + " info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + ), + ) + + +class ProcMount(Enum): + Default = "Default" + Unmasked = "Unmasked" + + +class ServiceAccountTokenProjection(BaseModel): + audience: Optional[str] = Field( + default=None, + description=( + "audience is the intended audience of the token. A recipient of a token" + " must identify itself with an identifier specified in the audience of the" + " token, and otherwise should reject the token. The audience defaults to" + " the identifier of the apiserver." + ), + ) + expirationSeconds: Optional[int] = Field( + default=None, + description=( + "expirationSeconds is the requested duration of validity of the service" + " account token. As the token approaches expiration, the kubelet volume" + " plugin will proactively rotate the service account token. The kubelet" + " will start trying to rotate the token if the token is older than 80" + " percent of its time to live or if the token is older than 24" + " hours.Defaults to 1 hour and must be at least 10 minutes." + ), + ) + path: str = Field( + ..., + description=( + "path is the path relative to the mount point of the file to project the" + " token into." + ), + ) + + +class ExternalTrafficPolicy(Enum): + Cluster = "Cluster" + Local = "Local" + + +class InternalTrafficPolicy(Enum): + Cluster = "Cluster" + Local = "Local" + + +class IpFamily(Enum): + field_ = "" + IPv4 = "IPv4" + IPv6 = "IPv6" + + +class IpFamilyPolicy(Enum): + PreferDualStack = "PreferDualStack" + RequireDualStack = "RequireDualStack" + SingleStack = "SingleStack" + + +class SessionAffinity(Enum): + ClientIP = "ClientIP" + None_ = "None" + + +class TypeModel2(Enum): + ClusterIP = "ClusterIP" + ExternalName = "ExternalName" + LoadBalancer = "LoadBalancer" + NodePort = "NodePort" + + +class SessionAffinityConfig(BaseModel): + clientIP: Optional[ClientIPConfig] = Field( + default=None, + description=( + "clientIP contains the configurations of Client IP based session affinity." + ), + ) + + +class SleepAction(BaseModel): + seconds: int = Field(..., description="Seconds is the number of seconds to sleep.") + + +class StorageOSPersistentVolumeSource(BaseModel): + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is the filesystem type to mount. Must be a filesystem type" + ' supported by the host operating system. Ex. "ext4", "xfs", "ntfs".' + ' Implicitly inferred to be "ext4" if unspecified.' + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly defaults to false (read/write). ReadOnly here will force the" + " ReadOnly setting in VolumeMounts." + ), + ) + secretRef: Optional[ObjectReference] = Field( + default=None, + description=( + "secretRef specifies the secret to use for obtaining the StorageOS API" + " credentials. If not specified, default values will be attempted." + ), + ) + volumeName: Optional[str] = Field( + default=None, + description=( + "volumeName is the human-readable name of the StorageOS volume. Volume" + " names are only unique within a namespace." + ), + ) + volumeNamespace: Optional[str] = Field( + default=None, + description=( + "volumeNamespace specifies the scope of the volume within StorageOS. If no" + " namespace is specified then the Pod's namespace will be used. This" + " allows the Kubernetes name scoping to be mirrored within StorageOS for" + " tighter integration. Set VolumeName to any name to override the default" + ' behaviour. Set to "default" if you are not using namespaces within' + " StorageOS. Namespaces that do not pre-exist within StorageOS will be" + " created." + ), + ) + + +class StorageOSVolumeSource(BaseModel): + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is the filesystem type to mount. Must be a filesystem type" + ' supported by the host operating system. Ex. "ext4", "xfs", "ntfs".' + ' Implicitly inferred to be "ext4" if unspecified.' + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly defaults to false (read/write). ReadOnly here will force the" + " ReadOnly setting in VolumeMounts." + ), + ) + secretRef: Optional[LocalObjectReference] = Field( + default=None, + description=( + "secretRef specifies the secret to use for obtaining the StorageOS API" + " credentials. If not specified, default values will be attempted." + ), + ) + volumeName: Optional[str] = Field( + default=None, + description=( + "volumeName is the human-readable name of the StorageOS volume. Volume" + " names are only unique within a namespace." + ), + ) + volumeNamespace: Optional[str] = Field( + default=None, + description=( + "volumeNamespace specifies the scope of the volume within StorageOS. If no" + " namespace is specified then the Pod's namespace will be used. This" + " allows the Kubernetes name scoping to be mirrored within StorageOS for" + " tighter integration. Set VolumeName to any name to override the default" + ' behaviour. Set to "default" if you are not using namespaces within' + " StorageOS. Namespaces that do not pre-exist within StorageOS will be" + " created." + ), + ) + + +class Sysctl(BaseModel): + name: str = Field(..., description="Name of a property to set") + value: str = Field(..., description="Value of a property to set") + + +class Effect(Enum): + NoExecute = "NoExecute" + NoSchedule = "NoSchedule" + PreferNoSchedule = "PreferNoSchedule" + + +class OperatorModel1(Enum): + Equal = "Equal" + Exists = "Exists" + + +class Toleration(BaseModel): + effect: Optional[Effect] = Field( + default="", + description=( + "Effect indicates the taint effect to match. Empty means match all taint" + " effects. When specified, allowed values are NoSchedule, PreferNoSchedule" + ' and NoExecute.\n\nPossible enum values:\n - `"NoExecute"` Evict any' + " already-running pods that do not tolerate the taint. Currently enforced" + ' by NodeController.\n - `"NoSchedule"` Do not allow new pods to schedule' + " onto the node unless they tolerate the taint, but allow all pods" + " submitted to Kubelet without going through the scheduler to start, and" + " allow all already-running pods to continue running. Enforced by the" + ' scheduler.\n - `"PreferNoSchedule"` Like TaintEffectNoSchedule, but the' + " scheduler tries not to schedule new pods onto the node, rather than" + " prohibiting new pods from scheduling onto the node entirely. Enforced by" + " the scheduler." + ), + ) + key: Optional[str] = Field( + default=None, + description=( + "Key is the taint key that the toleration applies to. Empty means match all" + " taint keys. If the key is empty, operator must be Exists; this" + " combination means to match all values and all keys." + ), + ) + operator: Optional[OperatorModel1] = Field( + default=None, + description=( + "Operator represents a key's relationship to the value. Valid operators" + " are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard" + " for value, so that a pod can tolerate all taints of a particular" + ' category.\n\nPossible enum values:\n - `"Equal"`\n - `"Exists"`' + ), + ) + tolerationSeconds: Optional[int] = Field( + default=None, + description=( + "TolerationSeconds represents the period of time the toleration (which must" + " be of effect NoExecute, otherwise this field is ignored) tolerates the" + " taint. By default, it is not set, which means tolerate the taint forever" + " (do not evict). Zero and negative values will be treated as 0 (evict" + " immediately) by the system." + ), + ) + value: Optional[str] = Field( + default=None, + description=( + "Value is the taint value the toleration matches to. If the operator is" + " Exists, the value should be empty, otherwise just a regular string." + ), + ) + + +class NodeAffinityPolicy(Enum): + Honor = "Honor" + Ignore = "Ignore" + + +class NodeTaintsPolicy(Enum): + Honor = "Honor" + Ignore = "Ignore" + + +class WhenUnsatisfiable(Enum): + DoNotSchedule = "DoNotSchedule" + ScheduleAnyway = "ScheduleAnyway" + + +class TypedLocalObjectReference(BaseModel): + apiGroup: Optional[str] = Field( + default=None, + description=( + "APIGroup is the group for the resource being referenced. If APIGroup is" + " not specified, the specified Kind must be in the core API group. For any" + " other third-party types, APIGroup is required." + ), + ) + kind: str = Field(..., description="Kind is the type of resource being referenced") + name: str = Field(..., description="Name is the name of resource being referenced") + + +class TypedObjectReference(BaseModel): + apiGroup: Optional[str] = Field( + default=None, + description=( + "APIGroup is the group for the resource being referenced. If APIGroup is" + " not specified, the specified Kind must be in the core API group. For any" + " other third-party types, APIGroup is required." + ), + ) + kind: str = Field(..., description="Kind is the type of resource being referenced") + name: str = Field(..., description="Name is the name of resource being referenced") + namespace: Optional[str] = Field( + default=None, + description=( + "Namespace is the namespace of resource being referenced Note that when a" + " namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object" + " is required in the referent namespace to allow that namespace's owner to" + " accept the reference. See the ReferenceGrant documentation for details." + " (Alpha) This field requires the CrossNamespaceVolumeDataSource feature" + " gate to be enabled." + ), + ) + + +class VolumeDevice(BaseModel): + devicePath: str = Field( + ..., + description=( + "devicePath is the path inside of the container that the device will be" + " mapped to." + ), + ) + name: str = Field( + ..., + description="name must match the name of a persistentVolumeClaim in the pod", + ) + + +class MountPropagation(Enum): + Bidirectional = "Bidirectional" + HostToContainer = "HostToContainer" + None_ = "None" + + +class VolumeMount(BaseModel): + mountPath: str = Field( + ..., + description=( + "Path within the container at which the volume should be mounted. Must not" + " contain ':'." + ), + ) + mountPropagation: Optional[MountPropagation] = Field( + default=None, + description=( + "mountPropagation determines how mounts are propagated from the host to" + " container and the other way around. When not set, MountPropagationNone is" + " used. This field is beta in 1.10. When RecursiveReadOnly is set to" + " IfPossible or to Enabled, MountPropagation must be None or unspecified" + ' (which defaults to None).\n\nPossible enum values:\n - `"Bidirectional"`' + " means that the volume in a container will receive new mounts from the" + " host or other containers, and its own mounts will be propagated from the" + " container to the host or other containers. Note that this mode is" + ' recursively applied to all mounts in the volume ("rshared" in Linux' + ' terminology).\n - `"HostToContainer"` means that the volume in a' + " container will receive new mounts from the host or other containers, but" + " filesystems mounted inside the container won't be propagated to the host" + " or other containers. Note that this mode is recursively applied to all" + ' mounts in the volume ("rslave" in Linux terminology).\n - `"None"` means' + " that the volume in a container will not receive new mounts from the host" + " or other containers, and filesystems mounted inside the container won't" + " be propagated to the host or other containers. Note that this mode" + ' corresponds to "private" in Linux terminology.' + ), + ) + name: str = Field(..., description="This must match the Name of a Volume.") + readOnly: Optional[bool] = Field( + default=None, + description=( + "Mounted read-only if true, read-write otherwise (false or unspecified)." + " Defaults to false." + ), + ) + recursiveReadOnly: Optional[str] = Field( + default=None, + description=( + "RecursiveReadOnly specifies whether read-only mounts should be handled" + " recursively.\n\nIf ReadOnly is false, this field has no meaning and must" + " be unspecified.\n\nIf ReadOnly is true, and this field is set to" + " Disabled, the mount is not made recursively read-only. If this field is" + " set to IfPossible, the mount is made recursively read-only, if it is" + " supported by the container runtime. If this field is set to Enabled, the" + " mount is made recursively read-only if it is supported by the container" + " runtime, otherwise the pod will not be started and an error will be" + " generated to indicate the reason.\n\nIf this field is set to IfPossible" + " or Enabled, MountPropagation must be set to None (or be unspecified," + " which defaults to None).\n\nIf this field is not specified, it is treated" + " as an equivalent of Disabled." + ), + ) + subPath: Optional[str] = Field( + default=None, + description=( + "Path within the volume from which the container's volume should be" + ' mounted. Defaults to "" (volume\'s root).' + ), + ) + subPathExpr: Optional[str] = Field( + default=None, + description=( + "Expanded path within the volume from which the container's volume should" + " be mounted. Behaves similarly to SubPath but environment variable" + " references $(VAR_NAME) are expanded using the container's environment." + ' Defaults to "" (volume\'s root). SubPathExpr and SubPath are mutually' + " exclusive." + ), + ) + + +class VolumeMountStatus(BaseModel): + mountPath: str = Field( + ..., description="MountPath corresponds to the original VolumeMount." + ) + name: str = Field( + ..., description="Name corresponds to the name of the original VolumeMount." + ) + readOnly: Optional[bool] = Field( + default=None, description="ReadOnly corresponds to the original VolumeMount." + ) + recursiveReadOnly: Optional[str] = Field( + default=None, + description=( + "RecursiveReadOnly must be set to Disabled, Enabled, or unspecified (for" + " non-readonly mounts). An IfPossible value in the original VolumeMount" + " must be translated to Disabled or Enabled, depending on the mount result." + ), + ) + + +class VsphereVirtualDiskVolumeSource(BaseModel): + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is filesystem type to mount. Must be a filesystem type supported by" + ' the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred' + ' to be "ext4" if unspecified.' + ), + ) + storagePolicyID: Optional[str] = Field( + default=None, + description=( + "storagePolicyID is the storage Policy Based Management (SPBM) profile ID" + " associated with the StoragePolicyName." + ), + ) + storagePolicyName: Optional[str] = Field( + default=None, + description=( + "storagePolicyName is the storage Policy Based Management (SPBM) profile" + " name." + ), + ) + volumePath: str = Field( + ..., description="volumePath is the path that identifies vSphere volume vmdk" + ) + + +class WindowsSecurityContextOptions(BaseModel): + gmsaCredentialSpec: Optional[str] = Field( + default=None, + description=( + "GMSACredentialSpec is where the GMSA admission webhook" + " (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of" + " the GMSA credential spec named by the GMSACredentialSpecName field." + ), + ) + gmsaCredentialSpecName: Optional[str] = Field( + default=None, + description=( + "GMSACredentialSpecName is the name of the GMSA credential spec to use." + ), + ) + hostProcess: Optional[bool] = Field( + default=None, + description=( + "HostProcess determines if a container should be run as a 'Host Process'" + " container. All of a Pod's containers must have the same effective" + " HostProcess value (it is not allowed to have a mix of HostProcess" + " containers and non-HostProcess containers). In addition, if HostProcess" + " is true then HostNetwork must also be set to true." + ), + ) + runAsUserName: Optional[str] = Field( + default=None, + description=( + "The UserName in Windows to run the entrypoint of the container process." + " Defaults to the user specified in image metadata if unspecified. May also" + " be set in PodSecurityContext. If set in both SecurityContext and" + " PodSecurityContext, the value specified in SecurityContext takes" + " precedence." + ), + ) + + +class TopologySelectorLabelRequirement(BaseModel): + key: str = Field(..., description="The label key that the selector applies to.") + values: List[str] = Field( + ..., + description=( + "An array of string values. One value must match the label to be selected." + " Each entry in Values is ORed." + ), + ) + + +class TopologySelectorTerm(BaseModel): + matchLabelExpressions: Optional[List[TopologySelectorLabelRequirement]] = Field( + default=None, description="A list of topology selector requirements by labels." + ) + + +class CSIPersistentVolumeSource(BaseModel): + controllerExpandSecretRef: Optional[SecretReference] = Field( + default=None, + description=( + "controllerExpandSecretRef is a reference to the secret object containing" + " sensitive information to pass to the CSI driver to complete the CSI" + " ControllerExpandVolume call. This field is optional, and may be empty if" + " no secret is required. If the secret object contains more than one" + " secret, all secrets are passed." + ), + ) + controllerPublishSecretRef: Optional[SecretReference] = Field( + default=None, + description=( + "controllerPublishSecretRef is a reference to the secret object containing" + " sensitive information to pass to the CSI driver to complete the CSI" + " ControllerPublishVolume and ControllerUnpublishVolume calls. This field" + " is optional, and may be empty if no secret is required. If the secret" + " object contains more than one secret, all secrets are passed." + ), + ) + driver: str = Field( + ..., + description=( + "driver is the name of the driver to use for this volume. Required." + ), + ) + fsType: Optional[str] = Field( + default=None, + description=( + "fsType to mount. Must be a filesystem type supported by the host operating" + ' system. Ex. "ext4", "xfs", "ntfs".' + ), + ) + nodeExpandSecretRef: Optional[SecretReference] = Field( + default=None, + description=( + "nodeExpandSecretRef is a reference to the secret object containing" + " sensitive information to pass to the CSI driver to complete the CSI" + " NodeExpandVolume call. This field is optional, may be omitted if no" + " secret is required. If the secret object contains more than one secret," + " all secrets are passed." + ), + ) + nodePublishSecretRef: Optional[SecretReference] = Field( + default=None, + description=( + "nodePublishSecretRef is a reference to the secret object containing" + " sensitive information to pass to the CSI driver to complete the CSI" + " NodePublishVolume and NodeUnpublishVolume calls. This field is optional," + " and may be empty if no secret is required. If the secret object contains" + " more than one secret, all secrets are passed." + ), + ) + nodeStageSecretRef: Optional[SecretReference] = Field( + default=None, + description=( + "nodeStageSecretRef is a reference to the secret object containing" + " sensitive information to pass to the CSI driver to complete the CSI" + " NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This" + " field is optional, and may be empty if no secret is required. If the" + " secret object contains more than one secret, all secrets are passed." + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly value to pass to ControllerPublishVolumeRequest. Defaults to" + " false (read/write)." + ), + ) + volumeAttributes: Optional[Dict[str, str]] = Field( + default=None, description="volumeAttributes of the volume to publish." + ) + volumeHandle: str = Field( + ..., + description=( + "volumeHandle is the unique volume name returned by the CSI volume plugin’s" + " CreateVolume to refer to the volume on all subsequent calls. Required." + ), + ) + + +class CSIVolumeSource(BaseModel): + driver: str = Field( + ..., + description=( + "driver is the name of the CSI driver that handles this volume. Consult" + " with your admin for the correct name as registered in the cluster." + ), + ) + fsType: Optional[str] = Field( + default=None, + description=( + 'fsType to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty' + " value is passed to the associated CSI driver which will determine the" + " default filesystem to apply." + ), + ) + nodePublishSecretRef: Optional[LocalObjectReference] = Field( + default=None, + description=( + "nodePublishSecretRef is a reference to the secret object containing" + " sensitive information to pass to the CSI driver to complete the CSI" + " NodePublishVolume and NodeUnpublishVolume calls. This field is optional," + " and may be empty if no secret is required. If the secret object contains" + " more than one secret, all secret references are passed." + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly specifies a read-only configuration for the volume. Defaults to" + " false (read/write)." + ), + ) + volumeAttributes: Optional[Dict[str, str]] = Field( + default=None, + description=( + "volumeAttributes stores driver-specific properties that are passed to the" + " CSI driver. Consult your driver's documentation for supported values." + ), + ) + + +class CephFSPersistentVolumeSource(BaseModel): + monitors: List[str] = Field( + ..., + description=( + "monitors is Required: Monitors is a collection of Ceph monitors More info:" + " https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + ), + ) + path: Optional[str] = Field( + default=None, + description=( + "path is Optional: Used as the mounted root, rather than the full Ceph" + " tree, default is /" + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly is Optional: Defaults to false (read/write). ReadOnly here will" + " force the ReadOnly setting in VolumeMounts. More info:" + " https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + ), + ) + secretFile: Optional[str] = Field( + default=None, + description=( + "secretFile is Optional: SecretFile is the path to key ring for User," + " default is /etc/ceph/user.secret More info:" + " https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + ), + ) + secretRef: Optional[SecretReference] = Field( + default=None, + description=( + "secretRef is Optional: SecretRef is reference to the authentication secret" + " for User, default is empty. More info:" + " https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + ), + ) + user: Optional[str] = Field( + default=None, + description=( + "user is Optional: User is the rados user name, default is admin More info:" + " https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + ), + ) + + +class CephFSVolumeSource(BaseModel): + monitors: List[str] = Field( + ..., + description=( + "monitors is Required: Monitors is a collection of Ceph monitors More info:" + " https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + ), + ) + path: Optional[str] = Field( + default=None, + description=( + "path is Optional: Used as the mounted root, rather than the full Ceph" + " tree, default is /" + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly is Optional: Defaults to false (read/write). ReadOnly here will" + " force the ReadOnly setting in VolumeMounts. More info:" + " https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + ), + ) + secretFile: Optional[str] = Field( + default=None, + description=( + "secretFile is Optional: SecretFile is the path to key ring for User," + " default is /etc/ceph/user.secret More info:" + " https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + ), + ) + secretRef: Optional[LocalObjectReference] = Field( + default=None, + description=( + "secretRef is Optional: SecretRef is reference to the authentication secret" + " for User, default is empty. More info:" + " https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + ), + ) + user: Optional[str] = Field( + default=None, + description=( + "user is optional: User is the rados user name, default is admin More info:" + " https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + ), + ) + + +class CinderPersistentVolumeSource(BaseModel): + fsType: Optional[str] = Field( + default=None, + description=( + "fsType Filesystem type to mount. Must be a filesystem type supported by" + ' the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly' + ' inferred to be "ext4" if unspecified. More info:' + " https://examples.k8s.io/mysql-cinder-pd/README.md" + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly is Optional: Defaults to false (read/write). ReadOnly here will" + " force the ReadOnly setting in VolumeMounts. More info:" + " https://examples.k8s.io/mysql-cinder-pd/README.md" + ), + ) + secretRef: Optional[SecretReference] = Field( + default=None, + description=( + "secretRef is Optional: points to a secret object containing parameters" + " used to connect to OpenStack." + ), + ) + volumeID: str = Field( + ..., + description=( + "volumeID used to identify the volume in cinder. More info:" + " https://examples.k8s.io/mysql-cinder-pd/README.md" + ), + ) + + +class CinderVolumeSource(BaseModel): + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is the filesystem type to mount. Must be a filesystem type" + ' supported by the host operating system. Examples: "ext4", "xfs", "ntfs".' + ' Implicitly inferred to be "ext4" if unspecified. More info:' + " https://examples.k8s.io/mysql-cinder-pd/README.md" + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly defaults to false (read/write). ReadOnly here will force the" + " ReadOnly setting in VolumeMounts. More info:" + " https://examples.k8s.io/mysql-cinder-pd/README.md" + ), + ) + secretRef: Optional[LocalObjectReference] = Field( + default=None, + description=( + "secretRef is optional: points to a secret object containing parameters" + " used to connect to OpenStack." + ), + ) + volumeID: str = Field( + ..., + description=( + "volumeID used to identify the volume in cinder. More info:" + " https://examples.k8s.io/mysql-cinder-pd/README.md" + ), + ) + + +class ConfigMapProjection(BaseModel): + items: Optional[List[KeyToPath]] = Field( + default=None, + description=( + "items if unspecified, each key-value pair in the Data field of the" + " referenced ConfigMap will be projected into the volume as a file whose" + " name is the key and content is the value. If specified, the listed keys" + " will be projected into the specified paths, and unlisted keys will not be" + " present. If a key is specified which is not present in the ConfigMap, the" + " volume setup will error unless it is marked optional. Paths must be" + " relative and may not contain the '..' path or start with '..'." + ), + ) + name: Optional[str] = Field( + default=None, + description=( + "Name of the referent. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + ), + ) + optional: Optional[bool] = Field( + default=None, + description=( + "optional specify whether the ConfigMap or its keys must be defined" + ), + ) + + +class ConfigMapVolumeSource(BaseModel): + defaultMode: Optional[int] = Field( + default=None, + description=( + "defaultMode is optional: mode bits used to set permissions on created" + " files by default. Must be an octal value between 0000 and 0777 or a" + " decimal value between 0 and 511. YAML accepts both octal and decimal" + " values, JSON requires decimal values for mode bits. Defaults to 0644." + " Directories within the path are not affected by this setting. This might" + " be in conflict with other options that affect the file mode, like" + " fsGroup, and the result can be other mode bits set." + ), + ) + items: Optional[List[KeyToPath]] = Field( + default=None, + description=( + "items if unspecified, each key-value pair in the Data field of the" + " referenced ConfigMap will be projected into the volume as a file whose" + " name is the key and content is the value. If specified, the listed keys" + " will be projected into the specified paths, and unlisted keys will not be" + " present. If a key is specified which is not present in the ConfigMap, the" + " volume setup will error unless it is marked optional. Paths must be" + " relative and may not contain the '..' path or start with '..'." + ), + ) + name: Optional[str] = Field( + default=None, + description=( + "Name of the referent. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + ), + ) + optional: Optional[bool] = Field( + default=None, + description=( + "optional specify whether the ConfigMap or its keys must be defined" + ), + ) + + +class ContainerStateRunning(BaseModel): + startedAt: Optional[datetime] = Field( + default=None, description="Time at which the container was last (re-)started" + ) + + +class ContainerStateTerminated(BaseModel): + containerID: Optional[str] = Field( + default=None, + description="Container's ID in the format '://'", + ) + exitCode: int = Field( + ..., description="Exit status from the last termination of the container" + ) + finishedAt: Optional[datetime] = Field( + default=None, description="Time at which the container last terminated" + ) + message: Optional[str] = Field( + default=None, + description="Message regarding the last termination of the container", + ) + reason: Optional[str] = Field( + default=None, + description="(brief) reason from the last termination of the container", + ) + signal: Optional[int] = Field( + default=None, description="Signal from the last termination of the container" + ) + startedAt: Optional[datetime] = Field( + default=None, + description="Time at which previous execution of the container started", + ) + + +class EmptyDirVolumeSource(BaseModel): + medium: Optional[str] = Field( + default=None, + description=( + "medium represents what type of storage medium should back this directory." + ' The default is "" which means to use the node\'s default medium. Must be' + " an empty string (default) or Memory. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + ), + ) + sizeLimit: Optional[Union[str, float]] = Field( + default=None, + description=( + "sizeLimit is the total amount of local storage required for this EmptyDir" + " volume. The size limit is also applicable for memory medium. The maximum" + " usage on memory medium EmptyDir would be the minimum value between the" + " SizeLimit specified here and the sum of memory limits of all containers" + " in a pod. The default is nil which means that the limit is undefined." + " More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + ), + ) + + +class EndpointAddress(BaseModel): + hostname: Optional[str] = Field( + default=None, description="The Hostname of this endpoint" + ) + ip: str = Field( + ..., + description=( + "The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1)," + " link-local (169.254.0.0/16 or fe80::/10), or link-local multicast" + " (224.0.0.0/24 or ff02::/16)." + ), + ) + nodeName: Optional[str] = Field( + default=None, + description=( + "Optional: Node hosting this endpoint. This can be used to determine" + " endpoints local to a node." + ), + ) + targetRef: Optional[ObjectReference] = Field( + default=None, description="Reference to object providing the endpoint." + ) + + +class EndpointSubset(BaseModel): + addresses: Optional[List[EndpointAddress]] = Field( + default=None, + description=( + "IP addresses which offer the related ports that are marked as ready. These" + " endpoints should be considered safe for load balancers and clients to" + " utilize." + ), + ) + notReadyAddresses: Optional[List[EndpointAddress]] = Field( + default=None, + description=( + "IP addresses which offer the related ports but are not currently marked as" + " ready because they have not yet finished starting, have recently failed a" + " readiness check, or have recently failed a liveness check." + ), + ) + ports: Optional[List[EndpointPort]] = Field( + default=None, description="Port numbers available on the related IP addresses." + ) + + +class EnvFromSource(BaseModel): + configMapRef: Optional[ConfigMapEnvSource] = Field( + default=None, description="The ConfigMap to select from" + ) + prefix: Optional[str] = Field( + default=None, + description=( + "An optional identifier to prepend to each key in the ConfigMap. Must be a" + " C_IDENTIFIER." + ), + ) + secretRef: Optional[SecretEnvSource] = Field( + default=None, description="The Secret to select from" + ) + + +class EventSeries(BaseModel): + count: Optional[int] = Field( + default=None, + description=( + "Number of occurrences in this series up to the last heartbeat time" + ), + ) + lastObservedTime: Optional[datetime] = Field( + default=None, description="Time of the last occurrence observed" + ) + + +class FlexPersistentVolumeSource(BaseModel): + driver: str = Field( + ..., description="driver is the name of the driver to use for this volume." + ) + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is the Filesystem type to mount. Must be a filesystem type" + ' supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The' + " default filesystem depends on FlexVolume script." + ), + ) + options: Optional[Dict[str, str]] = Field( + default=None, + description=( + "options is Optional: this field holds extra command options if any." + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly is Optional: defaults to false (read/write). ReadOnly here will" + " force the ReadOnly setting in VolumeMounts." + ), + ) + secretRef: Optional[SecretReference] = Field( + default=None, + description=( + "secretRef is Optional: SecretRef is reference to the secret object" + " containing sensitive information to pass to the plugin scripts. This may" + " be empty if no secret object is specified. If the secret object contains" + " more than one secret, all secrets are passed to the plugin scripts." + ), + ) + + +class FlexVolumeSource(BaseModel): + driver: str = Field( + ..., description="driver is the name of the driver to use for this volume." + ) + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is the filesystem type to mount. Must be a filesystem type" + ' supported by the host operating system. Ex. "ext4", "xfs", "ntfs". The' + " default filesystem depends on FlexVolume script." + ), + ) + options: Optional[Dict[str, str]] = Field( + default=None, + description=( + "options is Optional: this field holds extra command options if any." + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly is Optional: defaults to false (read/write). ReadOnly here will" + " force the ReadOnly setting in VolumeMounts." + ), + ) + secretRef: Optional[LocalObjectReference] = Field( + default=None, + description=( + "secretRef is Optional: secretRef is reference to the secret object" + " containing sensitive information to pass to the plugin scripts. This may" + " be empty if no secret object is specified. If the secret object contains" + " more than one secret, all secrets are passed to the plugin scripts." + ), + ) + + +class HTTPGetAction(BaseModel): + host: Optional[str] = Field( + default=None, + description=( + "Host name to connect to, defaults to the pod IP. You probably want to set" + ' "Host" in httpHeaders instead.' + ), + ) + httpHeaders: Optional[List[HTTPHeader]] = Field( + default=None, + description=( + "Custom headers to set in the request. HTTP allows repeated headers." + ), + ) + path: Optional[str] = Field( + default=None, description="Path to access on the HTTP server." + ) + port: Union[int, str] = Field( + ..., + description=( + "Name or number of the port to access on the container. Number must be in" + " the range 1 to 65535. Name must be an IANA_SVC_NAME." + ), + ) + scheme: Optional[Scheme] = Field( + default=None, + description=( + "Scheme to use for connecting to the host. Defaults to HTTP.\n\nPossible" + ' enum values:\n - `"HTTP"` means that the scheme used will be http://\n -' + ' `"HTTPS"` means that the scheme used will be https://' + ), + ) + + +class ISCSIPersistentVolumeSource(BaseModel): + chapAuthDiscovery: Optional[bool] = Field( + default=None, + description=( + "chapAuthDiscovery defines whether support iSCSI Discovery CHAP" + " authentication" + ), + ) + chapAuthSession: Optional[bool] = Field( + default=None, + description=( + "chapAuthSession defines whether support iSCSI Session CHAP authentication" + ), + ) + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is the filesystem type of the volume that you want to mount. Tip:" + " Ensure that the filesystem type is supported by the host operating" + ' system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"' + " if unspecified. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#iscsi" + ), + ) + initiatorName: Optional[str] = Field( + default=None, + description=( + "initiatorName is the custom iSCSI Initiator Name. If initiatorName is" + " specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + ), + ) + iqn: str = Field(..., description="iqn is Target iSCSI Qualified Name.") + iscsiInterface: Optional[str] = Field( + default=None, + description=( + "iscsiInterface is the interface Name that uses an iSCSI transport." + " Defaults to 'default' (tcp)." + ), + ) + lun: int = Field(..., description="lun is iSCSI Target Lun number.") + portals: Optional[List[str]] = Field( + default=None, + description=( + "portals is the iSCSI Target Portal List. The Portal is either an IP or" + " ip_addr:port if the port is other than default (typically TCP ports 860" + " and 3260)." + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to" + " false." + ), + ) + secretRef: Optional[SecretReference] = Field( + default=None, + description=( + "secretRef is the CHAP Secret for iSCSI target and initiator authentication" + ), + ) + targetPortal: str = Field( + ..., + description=( + "targetPortal is iSCSI Target Portal. The Portal is either an IP or" + " ip_addr:port if the port is other than default (typically TCP ports 860" + " and 3260)." + ), + ) + + +class ISCSIVolumeSource(BaseModel): + chapAuthDiscovery: Optional[bool] = Field( + default=None, + description=( + "chapAuthDiscovery defines whether support iSCSI Discovery CHAP" + " authentication" + ), + ) + chapAuthSession: Optional[bool] = Field( + default=None, + description=( + "chapAuthSession defines whether support iSCSI Session CHAP authentication" + ), + ) + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is the filesystem type of the volume that you want to mount. Tip:" + " Ensure that the filesystem type is supported by the host operating" + ' system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"' + " if unspecified. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#iscsi" + ), + ) + initiatorName: Optional[str] = Field( + default=None, + description=( + "initiatorName is the custom iSCSI Initiator Name. If initiatorName is" + " specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + ), + ) + iqn: str = Field(..., description="iqn is the target iSCSI Qualified Name.") + iscsiInterface: Optional[str] = Field( + default=None, + description=( + "iscsiInterface is the interface Name that uses an iSCSI transport." + " Defaults to 'default' (tcp)." + ), + ) + lun: int = Field(..., description="lun represents iSCSI Target Lun number.") + portals: Optional[List[str]] = Field( + default=None, + description=( + "portals is the iSCSI Target Portal List. The portal is either an IP or" + " ip_addr:port if the port is other than default (typically TCP ports 860" + " and 3260)." + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to" + " false." + ), + ) + secretRef: Optional[LocalObjectReference] = Field( + default=None, + description=( + "secretRef is the CHAP Secret for iSCSI target and initiator authentication" + ), + ) + targetPortal: str = Field( + ..., + description=( + "targetPortal is iSCSI Target Portal. The Portal is either an IP or" + " ip_addr:port if the port is other than default (typically TCP ports 860" + " and 3260)." + ), + ) + + +class LimitRangeItem(BaseModel): + default: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "Default resource requirement limit value by resource name if resource" + " limit is omitted." + ), + ) + defaultRequest: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "DefaultRequest is the default resource requirement request value by" + " resource name if resource request is omitted." + ), + ) + max: Optional[Dict[str, Union[str, float]]] = Field( + default=None, description="Max usage constraints on this kind by resource name." + ) + maxLimitRequestRatio: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "MaxLimitRequestRatio if specified, the named resource must have a request" + " and limit that are both non-zero where limit divided by request is less" + " than or equal to the enumerated value; this represents the max burst for" + " the named resource." + ), + ) + min: Optional[Dict[str, Union[str, float]]] = Field( + default=None, description="Min usage constraints on this kind by resource name." + ) + type: str = Field(..., description="Type of resource that this limit applies to.") + + +class LimitRangeSpec(BaseModel): + limits: List[LimitRangeItem] = Field( + ..., + description="Limits is the list of LimitRangeItem objects that are enforced.", + ) + + +class LoadBalancerIngress(BaseModel): + hostname: Optional[str] = Field( + default=None, + description=( + "Hostname is set for load-balancer ingress points that are DNS based" + " (typically AWS load-balancers)" + ), + ) + ip: Optional[str] = Field( + default=None, + description=( + "IP is set for load-balancer ingress points that are IP based (typically" + " GCE or OpenStack load-balancers)" + ), + ) + ipMode: Optional[str] = Field( + default=None, + description=( + "IPMode specifies how the load-balancer IP behaves, and may only be" + ' specified when the ip field is specified. Setting this to "VIP" indicates' + " that traffic is delivered to the node with the destination set to the" + ' load-balancer\'s IP and port. Setting this to "Proxy" indicates that' + " traffic is delivered to the node or pod with the destination set to the" + " node's IP and node port or the pod's IP and port. Service" + " implementations may use this information to adjust traffic routing." + ), + ) + ports: Optional[List[PortStatus]] = Field( + default=None, + description=( + "Ports is a list of records of service ports If used, every port defined in" + " the service should have an entry in it" + ), + ) + + +class LoadBalancerStatus(BaseModel): + ingress: Optional[List[LoadBalancerIngress]] = Field( + default=None, + description=( + "Ingress is a list containing ingress points for the load-balancer. Traffic" + " intended for the service should be sent to these ingress points." + ), + ) + + +class NamespaceCondition(BaseModel): + lastTransitionTime: Optional[datetime] = Field( + default=None, + description=( + "Time is a wrapper around time.Time which supports correct marshaling to" + " YAML and JSON. Wrappers are provided for many of the factory methods" + " that the time package offers." + ), + ) + message: Optional[str] = None + reason: Optional[str] = None + status: str = Field( + ..., description="Status of the condition, one of True, False, Unknown." + ) + type: str = Field(..., description="Type of namespace controller condition.") + + +class NamespaceStatus(BaseModel): + conditions: Optional[List[NamespaceCondition]] = Field( + default=None, + description=( + "Represents the latest available observations of a namespace's current" + " state." + ), + ) + phase: Optional[Phase] = Field( + default=None, + description=( + "Phase is the current lifecycle phase of the namespace. More info:" + " https://kubernetes.io/docs/tasks/administer-cluster/namespaces/\n\nPossible" + ' enum values:\n - `"Active"` means the namespace is available for use in' + ' the system\n - `"Terminating"` means the namespace is undergoing graceful' + " termination" + ), + ) + + +class NodeCondition(BaseModel): + lastHeartbeatTime: Optional[datetime] = Field( + default=None, description="Last time we got an update on a given condition." + ) + lastTransitionTime: Optional[datetime] = Field( + default=None, + description="Last time the condition transit from one status to another.", + ) + message: Optional[str] = Field( + default=None, + description="Human readable message indicating details about last transition.", + ) + reason: Optional[str] = Field( + default=None, description="(brief) reason for the condition's last transition." + ) + status: str = Field( + ..., description="Status of the condition, one of True, False, Unknown." + ) + type: str = Field(..., description="Type of node condition.") + + +class NodeRuntimeHandler(BaseModel): + features: Optional[NodeRuntimeHandlerFeatures] = Field( + default=None, description="Supported features." + ) + name: Optional[str] = Field( + default="", + description="Runtime handler name. Empty for the default runtime handler.", + ) + + +class NodeSelector(BaseModel): + nodeSelectorTerms: List[NodeSelectorTerm] = Field( + ..., description="Required. A list of node selector terms. The terms are ORed." + ) + + +class NodeStatus(BaseModel): + addresses: Optional[List[NodeAddress]] = Field( + default=None, + description=( + "List of addresses reachable to the node. Queried from cloud provider, if" + " available. More info:" + " https://kubernetes.io/docs/concepts/nodes/node/#addresses Note: This" + " field is declared as mergeable, but the merge key is not sufficiently" + " unique, which can cause data corruption when it is merged. Callers should" + " instead use a full-replacement patch. See https://pr.k8s.io/79391 for an" + " example. Consumers should assume that addresses can change during the" + " lifetime of a Node. However, there are some exceptions where this may not" + " be possible, such as Pods that inherit a Node's address in its own status" + " or consumers of the downward API (status.hostIP)." + ), + ) + allocatable: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "Allocatable represents the resources of a node that are available for" + " scheduling. Defaults to Capacity." + ), + ) + capacity: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "Capacity represents the total resources of a node. More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity" + ), + ) + conditions: Optional[List[NodeCondition]] = Field( + default=None, + description=( + "Conditions is an array of current observed node conditions. More info:" + " https://kubernetes.io/docs/concepts/nodes/node/#condition" + ), + ) + config: Optional[NodeConfigStatus] = Field( + default=None, + description=( + "Status of the config assigned to the node via the dynamic Kubelet config" + " feature." + ), + ) + daemonEndpoints: Optional[NodeDaemonEndpoints] = Field( + default=None, description="Endpoints of daemons running on the Node." + ) + images: Optional[List[ContainerImage]] = Field( + default=None, description="List of container images on this node" + ) + nodeInfo: Optional[NodeSystemInfo] = Field( + default=None, + description=( + "Set of ids/uuids to uniquely identify the node. More info:" + " https://kubernetes.io/docs/concepts/nodes/node/#info" + ), + ) + phase: Optional[PhaseModel] = Field( + default=None, + description=( + "NodePhase is the recently observed lifecycle phase of the node. More info:" + " https://kubernetes.io/docs/concepts/nodes/node/#phase The field is never" + " populated, and now is deprecated.\n\nPossible enum values:\n -" + ' `"Pending"` means the node has been created/added by the system, but not' + ' configured.\n - `"Running"` means the node has been configured and has' + ' Kubernetes components running.\n - `"Terminated"` means the node has been' + " removed from the cluster." + ), + ) + runtimeHandlers: Optional[List[NodeRuntimeHandler]] = Field( + default=None, description="The available runtime handlers." + ) + volumesAttached: Optional[List[AttachedVolume]] = Field( + default=None, description="List of volumes that are attached to the node." + ) + volumesInUse: Optional[List[str]] = Field( + default=None, + description="List of attachable volumes in use (mounted) by the node.", + ) + + +class PersistentVolumeClaimCondition(BaseModel): + lastProbeTime: Optional[datetime] = Field( + default=None, description="lastProbeTime is the time we probed the condition." + ) + lastTransitionTime: Optional[datetime] = Field( + default=None, + description=( + "lastTransitionTime is the time the condition transitioned from one status" + " to another." + ), + ) + message: Optional[str] = Field( + default=None, + description=( + "message is the human-readable message indicating details about last" + " transition." + ), + ) + reason: Optional[str] = Field( + default=None, + description=( + "reason is a unique, this should be a short, machine understandable string" + " that gives the reason for condition's last transition. If it reports" + ' "Resizing" that means the underlying persistent volume is being resized.' + ), + ) + status: str + type: str + + +class PersistentVolumeClaimStatus(BaseModel): + accessModes: Optional[List[AccessMode]] = Field( + default=None, + description=( + "accessModes contains the actual access modes the volume backing the PVC" + " has. More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + ), + ) + allocatedResourceStatuses: Optional[Dict[str, AllocatedResourceStatuses]] = Field( + default=None, + description=( + "allocatedResourceStatuses stores status of resource being resized for the" + " given PVC. Key names follow standard Kubernetes label syntax. Valid" + " values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity" + " of the volume.\n\t* Custom resources must use implementation-defined" + ' prefixed names such as "example.com/my-custom-resource"\nApart from above' + " values - keys that are unprefixed or have kubernetes.io prefix are" + " considered reserved and hence may not be used.\n\nClaimResourceStatus can" + " be in any of following states:\n\t-" + " ControllerResizeInProgress:\n\t\tState set when resize controller starts" + " resizing the volume in control-plane.\n\t-" + " ControllerResizeFailed:\n\t\tState set when resize has failed in resize" + " controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set" + " when resize controller has finished resizing the volume but further" + " resizing of\n\t\tvolume is needed on the node.\n\t-" + " NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the" + " volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in" + " kubelet with a terminal error. Transient errors don't" + " set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more" + " capacity - this field can be one of the following states:\n\t-" + " pvc.status.allocatedResourceStatus['storage'] =" + ' "ControllerResizeInProgress"\n -' + " pvc.status.allocatedResourceStatus['storage'] =" + ' "ControllerResizeFailed"\n -' + " pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n " + " - pvc.status.allocatedResourceStatus['storage'] =" + ' "NodeResizeInProgress"\n -' + " pvc.status.allocatedResourceStatus['storage'] =" + ' "NodeResizeFailed"\nWhen this field is not set, it means that no resize' + " operation is in progress for the given PVC.\n\nA controller that receives" + " PVC update with previously unknown resourceName or ClaimResourceStatus" + " should ignore the update for the purpose it was designed. For example - a" + " controller that only is responsible for resizing capacity of the volume," + " should ignore PVC updates that change other valid resources associated" + " with PVC.\n\nThis is an alpha field and requires enabling" + " RecoverVolumeExpansionFailure feature." + ), + ) + allocatedResources: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "allocatedResources tracks the resources allocated to a PVC including its" + " capacity. Key names follow standard Kubernetes label syntax. Valid values" + " are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the" + " volume.\n\t* Custom resources must use implementation-defined prefixed" + ' names such as "example.com/my-custom-resource"\nApart from above values -' + " keys that are unprefixed or have kubernetes.io prefix are considered" + " reserved and hence may not be used.\n\nCapacity reported here may be" + " larger than the actual capacity when a volume expansion operation is" + " requested. For storage quota, the larger value from allocatedResources" + " and PVC.spec.resources is used. If allocatedResources is not set," + " PVC.spec.resources alone is used for quota calculation. If a volume" + " expansion capacity request is lowered, allocatedResources is only lowered" + " if there are no expansion operations in progress and if the actual volume" + " capacity is equal or lower than the requested capacity.\n\nA controller" + " that receives PVC update with previously unknown resourceName should" + " ignore the update for the purpose it was designed. For example - a" + " controller that only is responsible for resizing capacity of the volume," + " should ignore PVC updates that change other valid resources associated" + " with PVC.\n\nThis is an alpha field and requires enabling" + " RecoverVolumeExpansionFailure feature." + ), + ) + capacity: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "capacity represents the actual resources of the underlying volume." + ), + ) + conditions: Optional[List[PersistentVolumeClaimCondition]] = Field( + default=None, + description=( + "conditions is the current Condition of persistent volume claim. If" + " underlying persistent volume is being resized then the Condition will be" + " set to 'Resizing'." + ), + ) + currentVolumeAttributesClassName: Optional[str] = Field( + default=None, + description=( + "currentVolumeAttributesClassName is the current name of the" + " VolumeAttributesClass the PVC is using. When unset, there is no" + " VolumeAttributeClass applied to this PersistentVolumeClaim This is an" + " alpha field and requires enabling VolumeAttributesClass feature." + ), + ) + modifyVolumeStatus: Optional[ModifyVolumeStatus] = Field( + default=None, + description=( + "ModifyVolumeStatus represents the status object of ControllerModifyVolume" + " operation. When this is unset, there is no ModifyVolume operation being" + " attempted. This is an alpha field and requires enabling" + " VolumeAttributesClass feature." + ), + ) + phase: Optional[PhaseModel1] = Field( + default=None, + description=( + "phase represents the current phase of PersistentVolumeClaim.\n\nPossible" + ' enum values:\n - `"Bound"` used for PersistentVolumeClaims that are' + ' bound\n - `"Lost"` used for PersistentVolumeClaims that lost their' + " underlying PersistentVolume. The claim was bound to a PersistentVolume" + " and this volume does not exist any longer and all data on it was lost.\n" + ' - `"Pending"` used for PersistentVolumeClaims that are not yet bound' + ), + ) + + +class PersistentVolumeStatus(BaseModel): + lastPhaseTransitionTime: Optional[datetime] = Field( + default=None, + description=( + "lastPhaseTransitionTime is the time the phase transitioned from one to" + " another and automatically resets to current time everytime a volume phase" + " transitions. This is a beta field and requires the" + " PersistentVolumeLastPhaseTransitionTime feature to be enabled (enabled by" + " default)." + ), + ) + message: Optional[str] = Field( + default=None, + description=( + "message is a human-readable message indicating details about why the" + " volume is in this state." + ), + ) + phase: Optional[PhaseModel2] = Field( + default=None, + description=( + "phase indicates if a volume is available, bound to a claim, or released by" + " a claim. More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#phase\n\nPossible" + ' enum values:\n - `"Available"` used for PersistentVolumes that are not' + " yet bound Available volumes are held by the binder and matched to" + ' PersistentVolumeClaims\n - `"Bound"` used for PersistentVolumes that are' + ' bound\n - `"Failed"` used for PersistentVolumes that failed to be' + " correctly recycled or deleted after being released from a claim\n -" + ' `"Pending"` used for PersistentVolumes that are not available\n -' + ' `"Released"` used for PersistentVolumes where the bound' + " PersistentVolumeClaim was deleted released volumes must be recycled" + " before becoming available again this phase is used by the persistent" + " volume claim binder to signal to another process to reclaim the resource" + ), + ) + reason: Optional[str] = Field( + default=None, + description=( + "reason is a brief CamelCase string that describes any failure and is meant" + " for machine parsing and tidy display in the CLI." + ), + ) + + +class PodCondition(BaseModel): + lastProbeTime: Optional[datetime] = Field( + default=None, description="Last time we probed the condition." + ) + lastTransitionTime: Optional[datetime] = Field( + default=None, + description="Last time the condition transitioned from one status to another.", + ) + message: Optional[str] = Field( + default=None, + description="Human-readable message indicating details about last transition.", + ) + reason: Optional[str] = Field( + default=None, + description=( + "Unique, one-word, CamelCase reason for the condition's last transition." + ), + ) + status: str = Field( + ..., + description=( + "Status is the status of the condition. Can be True, False, Unknown. More" + " info:" + " https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions" + ), + ) + type: str = Field( + ..., + description=( + "Type is the type of the condition. More info:" + " https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions" + ), + ) + + +class PodDNSConfig(BaseModel): + nameservers: Optional[List[str]] = Field( + default=None, + description=( + "A list of DNS name server IP addresses. This will be appended to the base" + " nameservers generated from DNSPolicy. Duplicated nameservers will be" + " removed." + ), + ) + options: Optional[List[PodDNSConfigOption]] = Field( + default=None, + description=( + "A list of DNS resolver options. This will be merged with the base options" + " generated from DNSPolicy. Duplicated entries will be removed. Resolution" + " options given in Options will override those that appear in the base" + " DNSPolicy." + ), + ) + searches: Optional[List[str]] = Field( + default=None, + description=( + "A list of DNS search domains for host-name lookup. This will be appended" + " to the base search paths generated from DNSPolicy. Duplicated search" + " paths will be removed." + ), + ) + + +class PodSecurityContext(BaseModel): + appArmorProfile: Optional[AppArmorProfile] = Field( + default=None, + description=( + "appArmorProfile is the AppArmor options to use by the containers in this" + " pod. Note that this field cannot be set when spec.os.name is windows." + ), + ) + fsGroup: Optional[int] = Field( + default=None, + description=( + "A special supplemental group that applies to all containers in a pod. Some" + " volume types allow the Kubelet to change the ownership of that volume to" + " be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The" + " setgid bit is set (new files created in the volume will be owned by" + " FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the" + " Kubelet will not modify the ownership and permissions of any volume. Note" + " that this field cannot be set when spec.os.name is windows." + ), + ) + fsGroupChangePolicy: Optional[FsGroupChangePolicy] = Field( + default=None, + description=( + "fsGroupChangePolicy defines behavior of changing ownership and permission" + " of the volume before being exposed inside Pod. This field will only apply" + " to volume types which support fsGroup based ownership(and permissions)." + " It will have no effect on ephemeral volume types such as: secret," + ' configmaps and emptydir. Valid values are "OnRootMismatch" and "Always".' + ' If not specified, "Always" is used. Note that this field cannot be set' + ' when spec.os.name is windows.\n\nPossible enum values:\n - `"Always"`' + " indicates that volume's ownership and permissions should always be" + " changed whenever volume is mounted inside a Pod. This the default" + ' behavior.\n - `"OnRootMismatch"` indicates that volume\'s ownership and' + " permissions will be changed only when permission and ownership of root" + " directory does not match with expected permissions on the volume. This" + " can help shorten the time it takes to change ownership and permissions of" + " a volume." + ), + ) + runAsGroup: Optional[int] = Field( + default=None, + description=( + "The GID to run the entrypoint of the container process. Uses runtime" + " default if unset. May also be set in SecurityContext. If set in both" + " SecurityContext and PodSecurityContext, the value specified in" + " SecurityContext takes precedence for that container. Note that this field" + " cannot be set when spec.os.name is windows." + ), + ) + runAsNonRoot: Optional[bool] = Field( + default=None, + description=( + "Indicates that the container must run as a non-root user. If true, the" + " Kubelet will validate the image at runtime to ensure that it does not run" + " as UID 0 (root) and fail to start the container if it does. If unset or" + " false, no such validation will be performed. May also be set in" + " SecurityContext. If set in both SecurityContext and PodSecurityContext," + " the value specified in SecurityContext takes precedence." + ), + ) + runAsUser: Optional[int] = Field( + default=None, + description=( + "The UID to run the entrypoint of the container process. Defaults to user" + " specified in image metadata if unspecified. May also be set in" + " SecurityContext. If set in both SecurityContext and PodSecurityContext," + " the value specified in SecurityContext takes precedence for that" + " container. Note that this field cannot be set when spec.os.name is" + " windows." + ), + ) + seLinuxOptions: Optional[SELinuxOptions] = Field( + default=None, + description=( + "The SELinux context to be applied to all containers. If unspecified, the" + " container runtime will allocate a random SELinux context for each" + " container. May also be set in SecurityContext. If set in both" + " SecurityContext and PodSecurityContext, the value specified in" + " SecurityContext takes precedence for that container. Note that this field" + " cannot be set when spec.os.name is windows." + ), + ) + seccompProfile: Optional[SeccompProfile] = Field( + default=None, + description=( + "The seccomp options to use by the containers in this pod. Note that this" + " field cannot be set when spec.os.name is windows." + ), + ) + supplementalGroups: Optional[List[int]] = Field( + default=None, + description=( + "A list of groups applied to the first process run in each container, in" + " addition to the container's primary GID, the fsGroup (if specified), and" + " group memberships defined in the container image for the uid of the" + " container process. If unspecified, no additional groups are added to any" + " container. Note that group memberships defined in the container image for" + " the uid of the container process are still effective, even if they are" + " not included in this list. Note that this field cannot be set when" + " spec.os.name is windows." + ), + ) + sysctls: Optional[List[Sysctl]] = Field( + default=None, + description=( + "Sysctls hold a list of namespaced sysctls used for the pod. Pods with" + " unsupported sysctls (by the container runtime) might fail to launch. Note" + " that this field cannot be set when spec.os.name is windows." + ), + ) + windowsOptions: Optional[WindowsSecurityContextOptions] = Field( + default=None, + description=( + "The Windows specific settings applied to all containers. If unspecified," + " the options within a container's SecurityContext will be used. If set in" + " both SecurityContext and PodSecurityContext, the value specified in" + " SecurityContext takes precedence. Note that this field cannot be set when" + " spec.os.name is linux." + ), + ) + + +class RBDPersistentVolumeSource(BaseModel): + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is the filesystem type of the volume that you want to mount. Tip:" + " Ensure that the filesystem type is supported by the host operating" + ' system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"' + " if unspecified. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#rbd" + ), + ) + image: str = Field( + ..., + description=( + "image is the rados image name. More info:" + " https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + ), + ) + keyring: Optional[str] = Field( + default=None, + description=( + "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring." + " More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + ), + ) + monitors: List[str] = Field( + ..., + description=( + "monitors is a collection of Ceph monitors. More info:" + " https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + ), + ) + pool: Optional[str] = Field( + default=None, + description=( + "pool is the rados pool name. Default is rbd. More info:" + " https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to" + " false. More info:" + " https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + ), + ) + secretRef: Optional[SecretReference] = Field( + default=None, + description=( + "secretRef is name of the authentication secret for RBDUser. If provided" + " overrides keyring. Default is nil. More info:" + " https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + ), + ) + user: Optional[str] = Field( + default=None, + description=( + "user is the rados user name. Default is admin. More info:" + " https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + ), + ) + + +class ReplicationControllerCondition(BaseModel): + lastTransitionTime: Optional[datetime] = Field( + default=None, + description=( + "The last time the condition transitioned from one status to another." + ), + ) + message: Optional[str] = Field( + default=None, + description="A human readable message indicating details about the transition.", + ) + reason: Optional[str] = Field( + default=None, description="The reason for the condition's last transition." + ) + status: str = Field( + ..., description="Status of the condition, one of True, False, Unknown." + ) + type: str = Field(..., description="Type of replication controller condition.") + + +class ReplicationControllerStatus(BaseModel): + availableReplicas: Optional[int] = Field( + default=None, + description=( + "The number of available replicas (ready for at least minReadySeconds) for" + " this replication controller." + ), + ) + conditions: Optional[List[ReplicationControllerCondition]] = Field( + default=None, + description=( + "Represents the latest available observations of a replication controller's" + " current state." + ), + ) + fullyLabeledReplicas: Optional[int] = Field( + default=None, + description=( + "The number of pods that have labels matching the labels of the pod" + " template of the replication controller." + ), + ) + observedGeneration: Optional[int] = Field( + default=None, + description=( + "ObservedGeneration reflects the generation of the most recently observed" + " replication controller." + ), + ) + readyReplicas: Optional[int] = Field( + default=None, + description="The number of ready replicas for this replication controller.", + ) + replicas: int = Field( + ..., + description=( + "Replicas is the most recently observed number of replicas. More info:" + " https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller" + ), + ) + + +class ResourceFieldSelector(BaseModel): + containerName: Optional[str] = Field( + default=None, + description="Container name: required for volumes, optional for env vars", + ) + divisor: Optional[Union[str, float]] = Field( + default=None, + description=( + 'Specifies the output format of the exposed resources, defaults to "1"' + ), + ) + resource: str = Field(..., description="Required: resource to select") + + +class ResourceQuotaStatus(BaseModel): + hard: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "Hard is the set of enforced hard limits for each named resource. More" + " info: https://kubernetes.io/docs/concepts/policy/resource-quotas/" + ), + ) + used: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "Used is the current observed total usage of the resource in the namespace." + ), + ) + + +class ResourceRequirements(BaseModel): + claims: Optional[List[ResourceClaim]] = Field( + default=None, + description=( + "Claims lists the names of resources, defined in spec.resourceClaims, that" + " are used by this container.\n\nThis is an alpha field and requires" + " enabling the DynamicResourceAllocation feature gate.\n\nThis field is" + " immutable. It can only be set for containers." + ), + ) + limits: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "Limits describes the maximum amount of compute resources allowed. More" + " info:" + " https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + ), + ) + requests: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "Requests describes the minimum amount of compute resources required. If" + " Requests is omitted for a container, it defaults to Limits if that is" + " explicitly specified, otherwise to an implementation-defined value." + " Requests cannot exceed Limits. More info:" + " https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + ), + ) + + +class ScaleIOPersistentVolumeSource(BaseModel): + fsType: Optional[str] = Field( + default=None, + description=( + "fsType is the filesystem type to mount. Must be a filesystem type" + ' supported by the host operating system. Ex. "ext4", "xfs", "ntfs".' + ' Default is "xfs"' + ), + ) + gateway: str = Field( + ..., description="gateway is the host address of the ScaleIO API Gateway." + ) + protectionDomain: Optional[str] = Field( + default=None, + description=( + "protectionDomain is the name of the ScaleIO Protection Domain for the" + " configured storage." + ), + ) + readOnly: Optional[bool] = Field( + default=None, + description=( + "readOnly defaults to false (read/write). ReadOnly here will force the" + " ReadOnly setting in VolumeMounts." + ), + ) + secretRef: SecretReference = Field( + ..., + description=( + "secretRef references to the secret for ScaleIO user and other sensitive" + " information. If this is not provided, Login operation will fail." + ), + ) + sslEnabled: Optional[bool] = Field( + default=None, + description=( + "sslEnabled is the flag to enable/disable SSL communication with Gateway," + " default false" + ), + ) + storageMode: Optional[str] = Field( + default=None, + description=( + "storageMode indicates whether the storage for a volume should be" + " ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + ), + ) + storagePool: Optional[str] = Field( + default=None, + description=( + "storagePool is the ScaleIO Storage Pool associated with the protection" + " domain." + ), + ) + system: str = Field( + ..., + description=( + "system is the name of the storage system as configured in ScaleIO." + ), + ) + volumeName: Optional[str] = Field( + default=None, + description=( + "volumeName is the name of a volume already created in the ScaleIO system" + " that is associated with this volume source." + ), + ) + + +class ScopeSelector(BaseModel): + matchExpressions: Optional[List[ScopedResourceSelectorRequirement]] = Field( + default=None, + description="A list of scope selector requirements by scope of the resources.", + ) + + +class SecurityContext(BaseModel): + allowPrivilegeEscalation: Optional[bool] = Field( + default=None, + description=( + "AllowPrivilegeEscalation controls whether a process can gain more" + " privileges than its parent process. This bool directly controls if the" + " no_new_privs flag will be set on the container process." + " AllowPrivilegeEscalation is true always when the container is: 1) run as" + " Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when" + " spec.os.name is windows." + ), + ) + appArmorProfile: Optional[AppArmorProfile] = Field( + default=None, + description=( + "appArmorProfile is the AppArmor options to use by this container. If set," + " this profile overrides the pod's appArmorProfile. Note that this field" + " cannot be set when spec.os.name is windows." + ), + ) + capabilities: Optional[Capabilities] = Field( + default=None, + description=( + "The capabilities to add/drop when running containers. Defaults to the" + " default set of capabilities granted by the container runtime. Note that" + " this field cannot be set when spec.os.name is windows." + ), + ) + privileged: Optional[bool] = Field( + default=None, + description=( + "Run container in privileged mode. Processes in privileged containers are" + " essentially equivalent to root on the host. Defaults to false. Note that" + " this field cannot be set when spec.os.name is windows." + ), + ) + procMount: Optional[ProcMount] = Field( + default=None, + description=( + "procMount denotes the type of proc mount to use for the containers. The" + " default is DefaultProcMount which uses the container runtime defaults for" + " readonly paths and masked paths. This requires the ProcMountType feature" + " flag to be enabled. Note that this field cannot be set when spec.os.name" + ' is windows.\n\nPossible enum values:\n - `"Default"` uses the container' + " runtime defaults for readonly and masked paths for /proc. Most container" + " runtimes mask certain paths in /proc to avoid accidental security" + ' exposure of special devices or information.\n - `"Unmasked"` bypasses the' + " default masking behavior of the container runtime and ensures the newly" + " created /proc the container stays in tact with no modifications." + ), + ) + readOnlyRootFilesystem: Optional[bool] = Field( + default=None, + description=( + "Whether this container has a read-only root filesystem. Default is false." + " Note that this field cannot be set when spec.os.name is windows." + ), + ) + runAsGroup: Optional[int] = Field( + default=None, + description=( + "The GID to run the entrypoint of the container process. Uses runtime" + " default if unset. May also be set in PodSecurityContext. If set in both" + " SecurityContext and PodSecurityContext, the value specified in" + " SecurityContext takes precedence. Note that this field cannot be set when" + " spec.os.name is windows." + ), + ) + runAsNonRoot: Optional[bool] = Field( + default=None, + description=( + "Indicates that the container must run as a non-root user. If true, the" + " Kubelet will validate the image at runtime to ensure that it does not run" + " as UID 0 (root) and fail to start the container if it does. If unset or" + " false, no such validation will be performed. May also be set in" + " PodSecurityContext. If set in both SecurityContext and" + " PodSecurityContext, the value specified in SecurityContext takes" + " precedence." + ), + ) + runAsUser: Optional[int] = Field( + default=None, + description=( + "The UID to run the entrypoint of the container process. Defaults to user" + " specified in image metadata if unspecified. May also be set in" + " PodSecurityContext. If set in both SecurityContext and" + " PodSecurityContext, the value specified in SecurityContext takes" + " precedence. Note that this field cannot be set when spec.os.name is" + " windows." + ), + ) + seLinuxOptions: Optional[SELinuxOptions] = Field( + default=None, + description=( + "The SELinux context to be applied to the container. If unspecified, the" + " container runtime will allocate a random SELinux context for each" + " container. May also be set in PodSecurityContext. If set in both" + " SecurityContext and PodSecurityContext, the value specified in" + " SecurityContext takes precedence. Note that this field cannot be set when" + " spec.os.name is windows." + ), + ) + seccompProfile: Optional[SeccompProfile] = Field( + default=None, + description=( + "The seccomp options to use by this container. If seccomp options are" + " provided at both the pod & container level, the container options" + " override the pod options. Note that this field cannot be set when" + " spec.os.name is windows." + ), + ) + windowsOptions: Optional[WindowsSecurityContextOptions] = Field( + default=None, + description=( + "The Windows specific settings applied to all containers. If unspecified," + " the options from the PodSecurityContext will be used. If set in both" + " SecurityContext and PodSecurityContext, the value specified in" + " SecurityContext takes precedence. Note that this field cannot be set when" + " spec.os.name is linux." + ), + ) + + +class ServicePort(BaseModel): + appProtocol: Optional[str] = Field( + default=None, + description=( + "The application protocol for this port. This is used as a hint for" + " implementations to offer richer behavior for protocols that they" + " understand. This field follows standard Kubernetes label syntax. Valid" + " values are either:\n\n* Un-prefixed protocol names - reserved for IANA" + " standard service names (as per RFC-6335 and" + " https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined" + " prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over" + " cleartext as described in" + " https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n" + " * 'kubernetes.io/ws' - WebSocket over cleartext as described in" + " https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' -" + " WebSocket over TLS as described in" + " https://www.rfc-editor.org/rfc/rfc6455\n\n* Other protocols should use" + " implementation-defined prefixed names such as" + " mycompany.com/my-custom-protocol." + ), + ) + name: Optional[str] = Field( + default=None, + description=( + "The name of this port within the service. This must be a DNS_LABEL. All" + " ports within a ServiceSpec must have unique names. When considering the" + " endpoints for a Service, this must match the 'name' field in the" + " EndpointPort. Optional if only one ServicePort is defined on this" + " service." + ), + ) + nodePort: Optional[int] = Field( + default=None, + description=( + "The port on each node on which this service is exposed when type is" + " NodePort or LoadBalancer. Usually assigned by the system. If a value is" + " specified, in-range, and not in use it will be used, otherwise the" + " operation will fail. If not specified, a port will be allocated if this" + " Service requires one. If this field is specified when creating a Service" + " which does not need it, creation will fail. This field will be wiped when" + " updating a Service to no longer need it (e.g. changing type from NodePort" + " to ClusterIP). More info:" + " https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport" + ), + ) + port: int = Field(..., description="The port that will be exposed by this service.") + protocol: Optional[Protocol] = Field( + default="TCP", + description=( + 'The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". Default' + ' is TCP.\n\nPossible enum values:\n - `"SCTP"` is the SCTP protocol.\n -' + ' `"TCP"` is the TCP protocol.\n - `"UDP"` is the UDP protocol.' + ), + ) + targetPort: Optional[Union[int, str]] = Field( + default=None, + description=( + "Number or name of the port to access on the pods targeted by the service." + " Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If" + " this is a string, it will be looked up as a named port in the target" + " Pod's container ports. If this is not specified, the value of the 'port'" + " field is used (an identity map). This field is ignored for services with" + " clusterIP=None, and should be omitted or set equal to the 'port' field." + " More info:" + " https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service" + ), + ) + + +class ServiceSpec(BaseModel): + allocateLoadBalancerNodePorts: Optional[bool] = Field( + default=None, + description=( + "allocateLoadBalancerNodePorts defines if NodePorts will be automatically" + ' allocated for services with type LoadBalancer. Default is "true". It may' + ' be set to "false" if the cluster load-balancer does not rely on' + " NodePorts. If the caller requests specific NodePorts (by specifying a" + " value), those requests will be respected, regardless of this field. This" + " field may only be set for services with type LoadBalancer and will be" + " cleared if the type is changed to any other type." + ), + ) + clusterIP: Optional[str] = Field( + default=None, + description=( + "clusterIP is the IP address of the service and is usually assigned" + " randomly. If an address is specified manually, is in-range (as per system" + " configuration), and is not in use, it will be allocated to the service;" + " otherwise creation of the service will fail. This field may not be" + " changed through updates unless the type field is also being changed to" + " ExternalName (which requires this field to be blank) or the type field is" + " being changed from ExternalName (in which case this field may optionally" + ' be specified, as describe above). Valid values are "None", empty string' + ' (""), or a valid IP address. Setting this to "None" makes a "headless' + ' service" (no virtual IP), which is useful when direct endpoint' + " connections are preferred and proxying is not required. Only applies to" + " types ClusterIP, NodePort, and LoadBalancer. If this field is specified" + " when creating a Service of type ExternalName, creation will fail. This" + " field will be wiped when updating a Service to type ExternalName. More" + " info:" + " https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + ), + ) + clusterIPs: Optional[List[str]] = Field( + default=None, + description=( + "ClusterIPs is a list of IP addresses assigned to this service, and are" + " usually assigned randomly. If an address is specified manually, is" + " in-range (as per system configuration), and is not in use, it will be" + " allocated to the service; otherwise creation of the service will fail." + " This field may not be changed through updates unless the type field is" + " also being changed to ExternalName (which requires this field to be" + " empty) or the type field is being changed from ExternalName (in which" + " case this field may optionally be specified, as describe above). Valid" + ' values are "None", empty string (""), or a valid IP address. Setting' + ' this to "None" makes a "headless service" (no virtual IP), which is' + " useful when direct endpoint connections are preferred and proxying is not" + " required. Only applies to types ClusterIP, NodePort, and LoadBalancer." + " If this field is specified when creating a Service of type ExternalName," + " creation will fail. This field will be wiped when updating a Service to" + " type ExternalName. If this field is not specified, it will be" + " initialized from the clusterIP field. If this field is specified," + " clients must ensure that clusterIPs[0] and clusterIP have the same" + " value.\n\nThis field may hold a maximum of two entries (dual-stack IPs," + " in either order). These IPs must correspond to the values of the" + " ipFamilies field. Both clusterIPs and ipFamilies are governed by the" + " ipFamilyPolicy field. More info:" + " https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + ), + ) + externalIPs: Optional[List[str]] = Field( + default=None, + description=( + "externalIPs is a list of IP addresses for which nodes in the cluster will" + " also accept traffic for this service. These IPs are not managed by" + " Kubernetes. The user is responsible for ensuring that traffic arrives at" + " a node with this IP. A common example is external load-balancers that" + " are not part of the Kubernetes system." + ), + ) + externalName: Optional[str] = Field( + default=None, + description=( + "externalName is the external reference that discovery mechanisms will" + " return as an alias for this service (e.g. a DNS CNAME record). No" + " proxying will be involved. Must be a lowercase RFC-1123 hostname" + " (https://tools.ietf.org/html/rfc1123) and requires `type` to be" + ' "ExternalName".' + ), + ) + externalTrafficPolicy: Optional[ExternalTrafficPolicy] = Field( + default=None, + description=( + "externalTrafficPolicy describes how nodes distribute service traffic they" + ' receive on one of the Service\'s "externally-facing" addresses' + ' (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to "Local", the' + " proxy will configure the service in a way that assumes that external load" + " balancers will take care of balancing the service traffic between nodes," + " and so each node will deliver traffic only to the node-local endpoints of" + " the service, without masquerading the client source IP. (Traffic" + " mistakenly sent to a node with no endpoints will be dropped.) The default" + ' value, "Cluster", uses the standard behavior of routing to all endpoints' + " evenly (possibly modified by topology and other features). Note that" + " traffic sent to an External IP or LoadBalancer IP from within the cluster" + ' will always get "Cluster" semantics, but clients sending to a NodePort' + " from within the cluster may need to take traffic policy into account when" + ' picking a node.\n\nPossible enum values:\n - `"Cluster"` routes traffic' + ' to all endpoints.\n - `"Local"` preserves the source IP of the traffic by' + " routing only to endpoints on the same node as the traffic was received on" + " (dropping the traffic if there are no local endpoints)." + ), + ) + healthCheckNodePort: Optional[int] = Field( + default=None, + description=( + "healthCheckNodePort specifies the healthcheck nodePort for the service." + " This only applies when type is set to LoadBalancer and" + " externalTrafficPolicy is set to Local. If a value is specified, is" + " in-range, and is not in use, it will be used. If not specified, a value" + " will be automatically allocated. External systems (e.g. load-balancers)" + " can use this port to determine if a given node holds endpoints for this" + " service or not. If this field is specified when creating a Service which" + " does not need it, creation will fail. This field will be wiped when" + " updating a Service to no longer need it (e.g. changing type). This field" + " cannot be updated once set." + ), + ) + internalTrafficPolicy: Optional[InternalTrafficPolicy] = Field( + default=None, + description=( + "InternalTrafficPolicy describes how nodes distribute service traffic they" + ' receive on the ClusterIP. If set to "Local", the proxy will assume that' + " pods only want to talk to endpoints of the service on the same node as" + " the pod, dropping the traffic if there are no local endpoints. The" + ' default value, "Cluster", uses the standard behavior of routing to all' + " endpoints evenly (possibly modified by topology and other" + ' features).\n\nPossible enum values:\n - `"Cluster"` routes traffic to all' + ' endpoints.\n - `"Local"` routes traffic only to endpoints on the same' + " node as the client pod (dropping the traffic if there are no local" + " endpoints)." + ), + ) + ipFamilies: Optional[List[IpFamily]] = Field( + default=None, + description=( + "IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this" + " service. This field is usually assigned automatically based on cluster" + " configuration and the ipFamilyPolicy field. If this field is specified" + " manually, the requested family is available in the cluster, and" + " ipFamilyPolicy allows it, it will be used; otherwise creation of the" + " service will fail. This field is conditionally mutable: it allows for" + " adding or removing a secondary IP family, but it does not allow changing" + ' the primary IP family of the Service. Valid values are "IPv4" and "IPv6".' + " This field only applies to Services of types ClusterIP, NodePort, and" + ' LoadBalancer, and does apply to "headless" services. This field will be' + " wiped when updating a Service to type ExternalName.\n\nThis field may" + " hold a maximum of two entries (dual-stack families, in either order). " + " These families must correspond to the values of the clusterIPs field, if" + " specified. Both clusterIPs and ipFamilies are governed by the" + " ipFamilyPolicy field." + ), + ) + ipFamilyPolicy: Optional[IpFamilyPolicy] = Field( + default=None, + description=( + "IPFamilyPolicy represents the dual-stack-ness requested or required by" + " this Service. If there is no value provided, then this field will be set" + ' to SingleStack. Services can be "SingleStack" (a single IP family),' + ' "PreferDualStack" (two IP families on dual-stack configured clusters or a' + ' single IP family on single-stack clusters), or "RequireDualStack" (two IP' + " families on dual-stack configured clusters, otherwise fail). The" + " ipFamilies and clusterIPs fields depend on the value of this field. This" + " field will be wiped when updating a service to type" + ' ExternalName.\n\nPossible enum values:\n - `"PreferDualStack"` indicates' + " that this service prefers dual-stack when the cluster is configured for" + " dual-stack. If the cluster is not configured for dual-stack the service" + " will be assigned a single IPFamily. If the IPFamily is not set in" + " service.spec.ipFamilies then the service will be assigned the default" + ' IPFamily configured on the cluster\n - `"RequireDualStack"` indicates' + " that this service requires dual-stack. Using" + " IPFamilyPolicyRequireDualStack on a single stack cluster will result in" + " validation errors. The IPFamilies (and their order) assigned to this" + " service is based on service.spec.ipFamilies. If service.spec.ipFamilies" + " was not provided then it will be assigned according to how they are" + " configured on the cluster. If service.spec.ipFamilies has only one entry" + " then the alternative IPFamily will be added by apiserver\n -" + ' `"SingleStack"` indicates that this service is required to have a single' + " IPFamily. The IPFamily assigned is based on the default IPFamily used by" + " the cluster or as identified by service.spec.ipFamilies field" + ), + ) + loadBalancerClass: Optional[str] = Field( + default=None, + description=( + "loadBalancerClass is the class of the load balancer implementation this" + " Service belongs to. If specified, the value of this field must be a" + ' label-style identifier, with an optional prefix, e.g. "internal-vip" or' + ' "example.com/internal-vip". Unprefixed names are reserved for' + " end-users. This field can only be set when the Service type is" + " 'LoadBalancer'. If not set, the default load balancer implementation is" + " used, today this is typically done through the cloud provider" + " integration, but should apply for any default implementation. If set, it" + " is assumed that a load balancer implementation is watching for Services" + " with a matching class. Any default load balancer implementation (e.g." + " cloud providers) should ignore Services that set this field. This field" + " can only be set when creating or updating a Service to type" + " 'LoadBalancer'. Once set, it can not be changed. This field will be wiped" + " when a service is updated to a non 'LoadBalancer' type." + ), + ) + loadBalancerIP: Optional[str] = Field( + default=None, + description=( + "Only applies to Service Type: LoadBalancer. This feature depends on" + " whether the underlying cloud-provider supports specifying the" + " loadBalancerIP when a load balancer is created. This field will be" + " ignored if the cloud-provider does not support the feature. Deprecated:" + " This field was under-specified and its meaning varies across" + " implementations. Using it is non-portable and it may not support" + " dual-stack. Users are encouraged to use implementation-specific" + " annotations when available." + ), + ) + loadBalancerSourceRanges: Optional[List[str]] = Field( + default=None, + description=( + "If specified and supported by the platform, this will restrict traffic" + " through the cloud-provider load-balancer will be restricted to the" + " specified client IPs. This field will be ignored if the cloud-provider" + ' does not support the feature." More info:' + " https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/" + ), + ) + ports: Optional[List[ServicePort]] = Field( + default=None, + description=( + "The list of ports that are exposed by this service. More info:" + " https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + ), + ) + publishNotReadyAddresses: Optional[bool] = Field( + default=None, + description=( + "publishNotReadyAddresses indicates that any agent which deals with" + " endpoints for this Service should disregard any indications of" + " ready/not-ready. The primary use case for setting this field is for a" + " StatefulSet's Headless Service to propagate SRV DNS records for its Pods" + " for the purpose of peer discovery. The Kubernetes controllers that" + " generate Endpoints and EndpointSlice resources for Services interpret" + ' this to mean that all endpoints are considered "ready" even if the Pods' + " themselves are not. Agents which consume only Kubernetes generated" + " endpoints through the Endpoints or EndpointSlice resources can safely" + " assume this behavior." + ), + ) + selector: Optional[Dict[str, str]] = Field( + default=None, + description=( + "Route service traffic to pods with label keys and values matching this" + " selector. If empty or not present, the service is assumed to have an" + " external process managing its endpoints, which Kubernetes will not" + " modify. Only applies to types ClusterIP, NodePort, and LoadBalancer." + " Ignored if type is ExternalName. More info:" + " https://kubernetes.io/docs/concepts/services-networking/service/" + ), + ) + sessionAffinity: Optional[SessionAffinity] = Field( + default=None, + description=( + 'Supports "ClientIP" and "None". Used to maintain session affinity. Enable' + " client IP based session affinity. Must be ClientIP or None. Defaults to" + " None. More info:" + " https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies\n\nPossible" + ' enum values:\n - `"ClientIP"` is the Client IP based.\n - `"None"` - no' + " session affinity." + ), + ) + sessionAffinityConfig: Optional[SessionAffinityConfig] = Field( + default=None, + description=( + "sessionAffinityConfig contains the configurations of session affinity." + ), + ) + trafficDistribution: Optional[str] = Field( + default=None, + description=( + "TrafficDistribution offers a way to express preferences for how traffic is" + " distributed to Service endpoints. Implementations can use this field as a" + " hint, but are not required to guarantee strict adherence. If the field is" + " not set, the implementation will apply its default routing strategy. If" + ' set to "PreferClose", implementations should prioritize endpoints that' + " are topologically close (e.g., same zone)." + ), + ) + type: Optional[TypeModel2] = Field( + default=None, + description=( + "type determines how the Service is exposed. Defaults to ClusterIP. Valid" + " options are ExternalName, ClusterIP, NodePort, and LoadBalancer." + ' "ClusterIP" allocates a cluster-internal IP address for load-balancing to' + " endpoints. Endpoints are determined by the selector or if that is not" + " specified, by manual construction of an Endpoints object or EndpointSlice" + ' objects. If clusterIP is "None", no virtual IP is allocated and the' + " endpoints are published as a set of endpoints rather than a virtual IP." + ' "NodePort" builds on ClusterIP and allocates a port on every node which' + ' routes to the same endpoints as the clusterIP. "LoadBalancer" builds on' + " NodePort and creates an external load-balancer (if supported in the" + " current cloud) which routes to the same endpoints as the clusterIP." + ' "ExternalName" aliases this service to the specified externalName.' + " Several other fields do not apply to ExternalName services. More info:" + " https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types\n\nPossible" + ' enum values:\n - `"ClusterIP"` means a service will only be accessible' + ' inside the cluster, via the cluster IP.\n - `"ExternalName"` means a' + " service consists of only a reference to an external name that kubedns or" + " equivalent will return as a CNAME record, with no exposing or proxying of" + ' any pods involved.\n - `"LoadBalancer"` means a service will be exposed' + " via an external load balancer (if the cloud provider supports it), in" + " addition to 'NodePort' type.\n - `\"NodePort\"` means a service will be" + " exposed on one port of every node, in addition to 'ClusterIP' type." + ), + ) + + +class TCPSocketAction(BaseModel): + host: Optional[str] = Field( + default=None, + description="Optional: Host name to connect to, defaults to the pod IP.", + ) + port: Union[int, str] = Field( + ..., + description=( + "Number or name of the port to access on the container. Number must be in" + " the range 1 to 65535. Name must be an IANA_SVC_NAME." + ), + ) + + +class Taint(BaseModel): + effect: Effect = Field( + ..., + description=( + "Required. The effect of the taint on pods that do not tolerate the taint." + " Valid effects are NoSchedule, PreferNoSchedule and NoExecute.\n\nPossible" + ' enum values:\n - `"NoExecute"` Evict any already-running pods that do not' + " tolerate the taint. Currently enforced by NodeController.\n -" + ' `"NoSchedule"` Do not allow new pods to schedule onto the node unless' + " they tolerate the taint, but allow all pods submitted to Kubelet without" + " going through the scheduler to start, and allow all already-running pods" + ' to continue running. Enforced by the scheduler.\n - `"PreferNoSchedule"`' + " Like TaintEffectNoSchedule, but the scheduler tries not to schedule new" + " pods onto the node, rather than prohibiting new pods from scheduling onto" + " the node entirely. Enforced by the scheduler." + ), + ) + key: str = Field( + ..., description="Required. The taint key to be applied to a node." + ) + timeAdded: Optional[datetime] = Field( + default=None, + description=( + "TimeAdded represents the time at which the taint was added. It is only" + " written for NoExecute taints." + ), + ) + value: Optional[str] = Field( + default=None, description="The taint value corresponding to the taint key." + ) + + +class VolumeNodeAffinity(BaseModel): + required: Optional[NodeSelector] = Field( + default=None, + description="required specifies hard node constraints that must be met.", + ) + + +class VolumeResourceRequirements(BaseModel): + limits: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "Limits describes the maximum amount of compute resources allowed. More" + " info:" + " https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + ), + ) + requests: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "Requests describes the minimum amount of compute resources required. If" + " Requests is omitted for a container, it defaults to Limits if that is" + " explicitly specified, otherwise to an implementation-defined value." + " Requests cannot exceed Limits. More info:" + " https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + ), + ) + + +class Binding(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="Binding", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + target: ObjectReference = Field( + ..., + description="The target object that you want to bind to the standard object.", + ) + + +class ClusterTrustBundleProjection(BaseModel): + labelSelector: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "Select all ClusterTrustBundles that match this label selector. Only has" + " effect if signerName is set. Mutually-exclusive with name. If unset," + ' interpreted as "match nothing". If set but empty, interpreted as "match' + ' everything".' + ), + ) + name: Optional[str] = Field( + default=None, + description=( + "Select a single ClusterTrustBundle by object name. Mutually-exclusive" + " with signerName and labelSelector." + ), + ) + optional: Optional[bool] = Field( + default=None, + description=( + "If true, don't block pod startup if the referenced ClusterTrustBundle(s)" + " aren't available. If using name, then the named ClusterTrustBundle is" + " allowed not to exist. If using signerName, then the combination of" + " signerName and labelSelector is allowed to match zero" + " ClusterTrustBundles." + ), + ) + path: str = Field( + ..., description="Relative path from the volume root to write the bundle." + ) + signerName: Optional[str] = Field( + default=None, + description=( + "Select all ClusterTrustBundles that match this signer name." + " Mutually-exclusive with name. The contents of all selected" + " ClusterTrustBundles will be unified and deduplicated." + ), + ) + + +class ComponentStatus(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + conditions: Optional[List[ComponentCondition]] = Field( + default=None, description="List of component conditions observed" + ) + kind: Optional[str] = Field( + default="ComponentStatus", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + + +class ComponentStatusList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[ComponentStatus] = Field( + ..., description="List of ComponentStatus objects." + ) + kind: Optional[str] = Field( + default="ComponentStatusList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class ConfigMap(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + binaryData: Optional[Dict[str, str]] = Field( + default=None, + description=( + "BinaryData contains the binary data. Each key must consist of alphanumeric" + " characters, '-', '_' or '.'. BinaryData can contain byte sequences that" + " are not in the UTF-8 range. The keys stored in BinaryData must not" + " overlap with the ones in the Data field, this is enforced during" + " validation process. Using this field will require 1.10+ apiserver and" + " kubelet." + ), + ) + data: Optional[Dict[str, str]] = Field( + default=None, + description=( + "Data contains the configuration data. Each key must consist of" + " alphanumeric characters, '-', '_' or '.'. Values with non-UTF-8 byte" + " sequences must use the BinaryData field. The keys stored in Data must not" + " overlap with the keys in the BinaryData field, this is enforced during" + " validation process." + ), + ) + immutable: Optional[bool] = Field( + default=None, + description=( + "Immutable, if set to true, ensures that data stored in the ConfigMap" + " cannot be updated (only object metadata can be modified). If not set to" + " true, the field can be modified at any time. Defaulted to nil." + ), + ) + kind: Optional[str] = Field( + default="ConfigMap", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + + +class ConfigMapList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[ConfigMap] = Field(..., description="Items is the list of ConfigMaps.") + kind: Optional[str] = Field( + default="ConfigMapList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + + +class ContainerState(BaseModel): + running: Optional[ContainerStateRunning] = Field( + default=None, description="Details about a running container" + ) + terminated: Optional[ContainerStateTerminated] = Field( + default=None, description="Details about a terminated container" + ) + waiting: Optional[ContainerStateWaiting] = Field( + default=None, description="Details about a waiting container" + ) + + +class ContainerStatus(BaseModel): + allocatedResources: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "AllocatedResources represents the compute resources allocated for this" + " container by the node. Kubelet sets this value to" + " Container.Resources.Requests upon successful pod admission and after" + " successfully admitting desired pod resize." + ), + ) + containerID: Optional[str] = Field( + default=None, + description=( + "ContainerID is the ID of the container in the format" + " '://'. Where type is a container runtime identifier," + ' returned from Version call of CRI API (for example "containerd").' + ), + ) + image: str = Field( + ..., + description=( + "Image is the name of container image that the container is running. The" + " container image may not match the image used in the PodSpec, as it may" + " have been resolved by the runtime. More info:" + " https://kubernetes.io/docs/concepts/containers/images." + ), + ) + imageID: str = Field( + ..., + description=( + "ImageID is the image ID of the container's image. The image ID may not" + " match the image ID of the image used in the PodSpec, as it may have been" + " resolved by the runtime." + ), + ) + lastState: Optional[ContainerState] = Field( + default=None, + description=( + "LastTerminationState holds the last termination state of the container to" + " help debug container crashes and restarts. This field is not populated if" + " the container is still running and RestartCount is 0." + ), + ) + name: str = Field( + ..., + description=( + "Name is a DNS_LABEL representing the unique name of the container. Each" + " container in a pod must have a unique name across all container types." + " Cannot be updated." + ), + ) + ready: bool = Field( + ..., + description=( + "Ready specifies whether the container is currently passing its readiness" + " check. The value will change as readiness probes keep executing. If no" + " readiness probes are specified, this field defaults to true once the" + " container is fully started (see Started field).\n\nThe value is typically" + " used to determine whether a container is ready to accept traffic." + ), + ) + resources: Optional[ResourceRequirements] = Field( + default=None, + description=( + "Resources represents the compute resource requests and limits that have" + " been successfully enacted on the running container after it has been" + " started or has been successfully resized." + ), + ) + restartCount: int = Field( + ..., + description=( + "RestartCount holds the number of times the container has been restarted." + " Kubelet makes an effort to always increment the value, but there are" + " cases when the state may be lost due to node restarts and then the value" + " may be reset to 0. The value is never negative." + ), + ) + started: Optional[bool] = Field( + default=None, + description=( + "Started indicates whether the container has finished its postStart" + " lifecycle hook and passed its startup probe. Initialized as false," + " becomes true after startupProbe is considered successful. Resets to false" + " when the container is restarted, or if kubelet loses state temporarily." + " In both cases, startup probes will run again. Is always true when no" + " startupProbe is defined and container is running and has passed the" + " postStart lifecycle hook. The null value must be treated the same as" + " false." + ), + ) + state: Optional[ContainerState] = Field( + default=None, + description="State holds details about the container's current condition.", + ) + volumeMounts: Optional[List[VolumeMountStatus]] = Field( + default=None, description="Status of volume mounts." + ) + + +class DownwardAPIVolumeFile(BaseModel): + fieldRef: Optional[ObjectFieldSelector] = Field( + default=None, + description=( + "Required: Selects a field of the pod: only annotations, labels, name," + " namespace and uid are supported." + ), + ) + mode: Optional[int] = Field( + default=None, + description=( + "Optional: mode bits used to set permissions on this file, must be an octal" + " value between 0000 and 0777 or a decimal value between 0 and 511. YAML" + " accepts both octal and decimal values, JSON requires decimal values for" + " mode bits. If not specified, the volume defaultMode will be used. This" + " might be in conflict with other options that affect the file mode, like" + " fsGroup, and the result can be other mode bits set." + ), + ) + path: str = Field( + ..., + description=( + "Required: Path is the relative path name of the file to be created. Must" + " not be absolute or contain the '..' path. Must be utf-8 encoded. The" + " first item of the relative path must not start with '..'" + ), + ) + resourceFieldRef: Optional[ResourceFieldSelector] = Field( + default=None, + description=( + "Selects a resource of the container: only resources limits and requests" + " (limits.cpu, limits.memory, requests.cpu and requests.memory) are" + " currently supported." + ), + ) + + +class DownwardAPIVolumeSource(BaseModel): + defaultMode: Optional[int] = Field( + default=None, + description=( + "Optional: mode bits to use on created files by default. Must be a" + " Optional: mode bits used to set permissions on created files by default." + " Must be an octal value between 0000 and 0777 or a decimal value between 0" + " and 511. YAML accepts both octal and decimal values, JSON requires" + " decimal values for mode bits. Defaults to 0644. Directories within the" + " path are not affected by this setting. This might be in conflict with" + " other options that affect the file mode, like fsGroup, and the result can" + " be other mode bits set." + ), + ) + items: Optional[List[DownwardAPIVolumeFile]] = Field( + default=None, description="Items is a list of downward API volume file" + ) + + +class Endpoints(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="Endpoints", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + subsets: Optional[List[EndpointSubset]] = Field( + default=None, + description=( + "The set of all endpoints is the union of all subsets. Addresses are placed" + " into subsets according to the IPs they share. A single address with" + " multiple ports, some of which are ready and some of which are not" + " (because they come from different containers) will result in the address" + " being displayed in different subsets for the different ports. No address" + " will appear in both Addresses and NotReadyAddresses in the same subset." + " Sets of addresses and ports that comprise a service." + ), + ) + + +class EndpointsList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[Endpoints] = Field(..., description="List of endpoints.") + kind: Optional[str] = Field( + default="EndpointsList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class EnvVarSource(BaseModel): + configMapKeyRef: Optional[ConfigMapKeySelector] = Field( + default=None, description="Selects a key of a ConfigMap." + ) + fieldRef: Optional[ObjectFieldSelector] = Field( + default=None, + description=( + "Selects a field of the pod: supports metadata.name, metadata.namespace," + " `metadata.labels['']`, `metadata.annotations['']`," + " spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP," + " status.podIPs." + ), + ) + resourceFieldRef: Optional[ResourceFieldSelector] = Field( + default=None, + description=( + "Selects a resource of the container: only resources limits and requests" + " (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu," + " requests.memory and requests.ephemeral-storage) are currently supported." + ), + ) + secretKeyRef: Optional[SecretKeySelector] = Field( + default=None, description="Selects a key of a secret in the pod's namespace" + ) + + +class Event(BaseModel): + action: Optional[str] = Field( + default=None, + description="What action was taken/failed regarding to the Regarding object.", + ) + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + count: Optional[int] = Field( + default=None, description="The number of times this event has occurred." + ) + eventTime: Optional[datetime] = Field( + default=None, description="Time when this Event was first observed." + ) + firstTimestamp: Optional[datetime] = Field( + default=None, + description=( + "The time at which the event was first recorded. (Time of server receipt is" + " in TypeMeta.)" + ), + ) + involvedObject: ObjectReference = Field( + ..., description="The object that this event is about." + ) + kind: Optional[str] = Field( + default="Event", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + lastTimestamp: Optional[datetime] = Field( + default=None, + description=( + "The time at which the most recent occurrence of this event was recorded." + ), + ) + message: Optional[str] = Field( + default=None, + description="A human-readable description of the status of this operation.", + ) + metadata: v1.ObjectMeta = Field( + ..., + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + reason: Optional[str] = Field( + default=None, + description=( + "This should be a short, machine understandable string that gives the" + " reason for the transition into the object's current status." + ), + ) + related: Optional[ObjectReference] = Field( + default=None, description="Optional secondary object for more complex actions." + ) + reportingComponent: Optional[str] = Field( + default="", + description=( + "Name of the controller that emitted this Event, e.g." + " `kubernetes.io/kubelet`." + ), + ) + reportingInstance: Optional[str] = Field( + default="", description="ID of the controller instance, e.g. `kubelet-xyzf`." + ) + series: Optional[EventSeries] = Field( + default=None, + description=( + "Data about the Event series this event represents or nil if it's a" + " singleton Event." + ), + ) + source: Optional[EventSource] = Field( + default=None, + description=( + "The component reporting this event. Should be a short machine" + " understandable string." + ), + ) + type: Optional[str] = Field( + default=None, + description=( + "Type of this event (Normal, Warning), new types could be added in the" + " future" + ), + ) + + +class EventList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[Event] = Field(..., description="List of events") + kind: Optional[str] = Field( + default="EventList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class LifecycleHandler(BaseModel): + exec: Optional[ExecAction] = Field( + default=None, description="Exec specifies the action to take." + ) + httpGet: Optional[HTTPGetAction] = Field( + default=None, description="HTTPGet specifies the http request to perform." + ) + sleep: Optional[SleepAction] = Field( + default=None, + description=( + "Sleep represents the duration that the container should sleep before being" + " terminated." + ), + ) + tcpSocket: Optional[TCPSocketAction] = Field( + default=None, + description=( + "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for" + " the backward compatibility. There are no validation of this field and" + " lifecycle hooks will fail in runtime when tcp handler is specified." + ), + ) + + +class LimitRange(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="LimitRange", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[LimitRangeSpec] = Field( + default=None, + description=( + "Spec defines the limits enforced. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class LimitRangeList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[LimitRange] = Field( + ..., + description=( + "Items is a list of LimitRange objects. More info:" + " https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + ), + ) + kind: Optional[str] = Field( + default="LimitRangeList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class Namespace(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="Namespace", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[NamespaceSpec] = Field( + default=None, + description=( + "Spec defines the behavior of the Namespace. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + status: Optional[NamespaceStatus] = Field( + default=None, + description=( + "Status describes the current status of a Namespace. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class NamespaceList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[Namespace] = Field( + ..., + description=( + "Items is the list of Namespace objects in the list. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + ), + ) + kind: Optional[str] = Field( + default="NamespaceList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class NodeAffinity(BaseModel): + preferredDuringSchedulingIgnoredDuringExecution: Optional[ + List[PreferredSchedulingTerm] + ] = Field( + default=None, + description=( + "The scheduler will prefer to schedule pods to nodes that satisfy the" + " affinity expressions specified by this field, but it may choose a node" + " that violates one or more of the expressions. The node that is most" + " preferred is the one with the greatest sum of weights, i.e. for each node" + " that meets all of the scheduling requirements (resource request," + " requiredDuringScheduling affinity expressions, etc.), compute a sum by" + ' iterating through the elements of this field and adding "weight" to the' + " sum if the node matches the corresponding matchExpressions; the node(s)" + " with the highest sum are the most preferred." + ), + ) + requiredDuringSchedulingIgnoredDuringExecution: Optional[NodeSelector] = Field( + default=None, + description=( + "If the affinity requirements specified by this field are not met at" + " scheduling time, the pod will not be scheduled onto the node. If the" + " affinity requirements specified by this field cease to be met at some" + " point during pod execution (e.g. due to an update), the system may or may" + " not try to eventually evict the pod from its node." + ), + ) + + +class NodeSpec(BaseModel): + configSource: Optional[NodeConfigSource] = Field( + default=None, + description=( + "Deprecated: Previously used to specify the source of the node's" + " configuration for the DynamicKubeletConfig feature. This feature is" + " removed." + ), + ) + externalID: Optional[str] = Field( + default=None, + description=( + "Deprecated. Not all kubelets will set this field. Remove field after 1.13." + " see: https://issues.k8s.io/61966" + ), + ) + podCIDR: Optional[str] = Field( + default=None, + description="PodCIDR represents the pod IP range assigned to the node.", + ) + podCIDRs: Optional[List[str]] = Field( + default=None, + description=( + "podCIDRs represents the IP ranges assigned to the node for usage by Pods" + " on that node. If this field is specified, the 0th entry must match the" + " podCIDR field. It may contain at most 1 value for each of IPv4 and IPv6." + ), + ) + providerID: Optional[str] = Field( + default=None, + description=( + "ID of the node assigned by the cloud provider in the format:" + " ://" + ), + ) + taints: Optional[List[Taint]] = Field( + default=None, description="If specified, the node's taints." + ) + unschedulable: Optional[bool] = Field( + default=None, + description=( + "Unschedulable controls node schedulability of new pods. By default, node" + " is schedulable. More info:" + " https://kubernetes.io/docs/concepts/nodes/node/#manual-node-administration" + ), + ) + + +class PersistentVolumeClaimSpec(BaseModel): + accessModes: Optional[List[AccessMode]] = Field( + default=None, + description=( + "accessModes contains the desired access modes the volume should have. More" + " info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + ), + ) + dataSource: Optional[TypedLocalObjectReference] = Field( + default=None, + description=( + "dataSource field can be used to specify either: * An existing" + " VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An" + " existing PVC (PersistentVolumeClaim) If the provisioner or an external" + " controller can support the specified data source, it will create a new" + " volume based on the contents of the specified data source. When the" + " AnyVolumeDataSource feature gate is enabled, dataSource contents will be" + " copied to dataSourceRef, and dataSourceRef contents will be copied to" + " dataSource when dataSourceRef.namespace is not specified. If the" + " namespace is specified, then dataSourceRef will not be copied to" + " dataSource." + ), + ) + dataSourceRef: Optional[TypedObjectReference] = Field( + default=None, + description=( + "dataSourceRef specifies the object from which to populate the volume with" + " data, if a non-empty volume is desired. This may be any object from a" + " non-empty API group (non core object) or a PersistentVolumeClaim object." + " When this field is specified, volume binding will only succeed if the" + " type of the specified object matches some installed volume populator or" + " dynamic provisioner. This field will replace the functionality of the" + " dataSource field and as such if both fields are non-empty, they must have" + " the same value. For backwards compatibility, when namespace isn't" + " specified in dataSourceRef, both fields (dataSource and dataSourceRef)" + " will be set to the same value automatically if one of them is empty and" + " the other is non-empty. When namespace is specified in dataSourceRef," + " dataSource isn't set to the same value and must be empty. There are three" + " important differences between dataSource and dataSourceRef: * While" + " dataSource only allows two specific types of objects, dataSourceRef\n " + " allows any non-core object, as well as PersistentVolumeClaim objects.\n*" + " While dataSource ignores disallowed values (dropping them)," + " dataSourceRef\n preserves all values, and generates an error if a" + " disallowed value is\n specified.\n* While dataSource only allows local" + " objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using" + " this field requires the AnyVolumeDataSource feature gate to be enabled." + " (Alpha) Using the namespace field of dataSourceRef requires the" + " CrossNamespaceVolumeDataSource feature gate to be enabled." + ), + ) + resources: Optional[VolumeResourceRequirements] = Field( + default=None, + description=( + "resources represents the minimum resources the volume should have. If" + " RecoverVolumeExpansionFailure feature is enabled users are allowed to" + " specify resource requirements that are lower than previous value but must" + " still be higher than capacity recorded in the status field of the claim." + " More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + ), + ) + selector: Optional[v1.LabelSelector] = Field( + default=None, + description="selector is a label query over volumes to consider for binding.", + ) + storageClassName: Optional[str] = Field( + default=None, + description=( + "storageClassName is the name of the StorageClass required by the claim." + " More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + ), + ) + volumeAttributesClassName: Optional[str] = Field( + default=None, + description=( + "volumeAttributesClassName may be used to set the VolumeAttributesClass" + " used by this claim. If specified, the CSI driver will create or update" + " the volume with the attributes defined in the corresponding" + " VolumeAttributesClass. This has a different purpose than" + " storageClassName, it can be changed after the claim is created. An empty" + " string value means that no VolumeAttributesClass will be applied to the" + " claim but it's not allowed to reset this field to empty string once it is" + " set. If unspecified and the PersistentVolumeClaim is unbound, the default" + " VolumeAttributesClass will be set by the persistentvolume controller if" + " it exists. If the resource referred to by volumeAttributesClass does not" + " exist, this PersistentVolumeClaim will be set to a Pending state, as" + " reflected by the modifyVolumeStatus field, until such as a resource" + " exists. More info:" + " https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/" + " (Alpha) Using this field requires the VolumeAttributesClass feature gate" + " to be enabled." + ), + ) + volumeMode: Optional[VolumeMode] = Field( + default=None, + description=( + "volumeMode defines what type of volume is required by the claim. Value of" + " Filesystem is implied when not included in claim spec.\n\nPossible enum" + ' values:\n - `"Block"` means the volume will not be formatted with a' + ' filesystem and will remain a raw block device.\n - `"Filesystem"` means' + " the volume will be or is formatted with a filesystem." + ), + ) + volumeName: Optional[str] = Field( + default=None, + description=( + "volumeName is the binding reference to the PersistentVolume backing this" + " claim." + ), + ) + + +class PersistentVolumeClaimTemplate(BaseModel): + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "May contain labels and annotations that will be copied into the PVC when" + " creating it. No other fields are allowed and will be rejected during" + " validation." + ), + ) + spec: PersistentVolumeClaimSpec = Field( + ..., + description=( + "The specification for the PersistentVolumeClaim. The entire content is" + " copied unchanged into the PVC that gets created from this template. The" + " same fields as in a PersistentVolumeClaim are also valid here." + ), + ) + + +class PersistentVolumeSpec(BaseModel): + accessModes: Optional[List[AccessMode]] = Field( + default=None, + description=( + "accessModes contains all ways the volume can be mounted. More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes" + ), + ) + awsElasticBlockStore: Optional[AWSElasticBlockStoreVolumeSource] = Field( + default=None, + description=( + "awsElasticBlockStore represents an AWS Disk resource that is attached to a" + " kubelet's host machine and then exposed to the pod. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + ), + ) + azureDisk: Optional[AzureDiskVolumeSource] = Field( + default=None, + description=( + "azureDisk represents an Azure Data Disk mount on the host and bind mount" + " to the pod." + ), + ) + azureFile: Optional[AzureFilePersistentVolumeSource] = Field( + default=None, + description=( + "azureFile represents an Azure File Service mount on the host and bind" + " mount to the pod." + ), + ) + capacity: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "capacity is the description of the persistent volume's resources and" + " capacity. More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity" + ), + ) + cephfs: Optional[CephFSPersistentVolumeSource] = Field( + default=None, + description=( + "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + ), + ) + cinder: Optional[CinderPersistentVolumeSource] = Field( + default=None, + description=( + "cinder represents a cinder volume attached and mounted on kubelets host" + " machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + ), + ) + claimRef: Optional[ObjectReference] = Field( + default=None, + description=( + "claimRef is part of a bi-directional binding between PersistentVolume and" + " PersistentVolumeClaim. Expected to be non-nil when bound." + " claim.VolumeName is the authoritative bind between PV and PVC. More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding" + ), + ) + csi: Optional[CSIPersistentVolumeSource] = Field( + default=None, + description=( + "csi represents storage that is handled by an external CSI driver (Beta" + " feature)." + ), + ) + fc: Optional[FCVolumeSource] = Field( + default=None, + description=( + "fc represents a Fibre Channel resource that is attached to a kubelet's" + " host machine and then exposed to the pod." + ), + ) + flexVolume: Optional[FlexPersistentVolumeSource] = Field( + default=None, + description=( + "flexVolume represents a generic volume resource that is" + " provisioned/attached using an exec based plugin." + ), + ) + flocker: Optional[FlockerVolumeSource] = Field( + default=None, + description=( + "flocker represents a Flocker volume attached to a kubelet's host machine" + " and exposed to the pod for its usage. This depends on the Flocker control" + " service being running" + ), + ) + gcePersistentDisk: Optional[GCEPersistentDiskVolumeSource] = Field( + default=None, + description=( + "gcePersistentDisk represents a GCE Disk resource that is attached to a" + " kubelet's host machine and then exposed to the pod. Provisioned by an" + " admin. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + ), + ) + glusterfs: Optional[GlusterfsPersistentVolumeSource] = Field( + default=None, + description=( + "glusterfs represents a Glusterfs volume that is attached to a host and" + " exposed to the pod. Provisioned by an admin. More info:" + " https://examples.k8s.io/volumes/glusterfs/README.md" + ), + ) + hostPath: Optional[HostPathVolumeSource] = Field( + default=None, + description=( + "hostPath represents a directory on the host. Provisioned by a developer or" + " tester. This is useful for single-node development and testing only!" + " On-host storage is not supported in any way and WILL NOT WORK in a" + " multi-node cluster. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + ), + ) + iscsi: Optional[ISCSIPersistentVolumeSource] = Field( + default=None, + description=( + "iscsi represents an ISCSI Disk resource that is attached to a kubelet's" + " host machine and then exposed to the pod. Provisioned by an admin." + ), + ) + local: Optional[LocalVolumeSource] = Field( + default=None, + description="local represents directly-attached storage with node affinity", + ) + mountOptions: Optional[List[str]] = Field( + default=None, + description=( + 'mountOptions is the list of mount options, e.g. ["ro", "soft"]. Not' + " validated - mount will simply fail if one is invalid. More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options" + ), + ) + nfs: Optional[NFSVolumeSource] = Field( + default=None, + description=( + "nfs represents an NFS mount on the host. Provisioned by an admin. More" + " info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + ), + ) + nodeAffinity: Optional[VolumeNodeAffinity] = Field( + default=None, + description=( + "nodeAffinity defines constraints that limit what nodes this volume can be" + " accessed from. This field influences the scheduling of pods that use this" + " volume." + ), + ) + persistentVolumeReclaimPolicy: Optional[PersistentVolumeReclaimPolicy] = Field( + default=None, + description=( + "persistentVolumeReclaimPolicy defines what happens to a persistent volume" + " when released from its claim. Valid options are Retain (default for" + " manually created PersistentVolumes), Delete (default for dynamically" + " provisioned PersistentVolumes), and Recycle (deprecated). Recycle must be" + " supported by the volume plugin underlying this PersistentVolume. More" + " info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming\n\nPossible" + ' enum values:\n - `"Delete"` means the volume will be deleted from' + " Kubernetes on release from its claim. The volume plugin must support" + ' Deletion.\n - `"Recycle"` means the volume will be recycled back into the' + " pool of unbound persistent volumes on release from its claim. The volume" + ' plugin must support Recycling.\n - `"Retain"` means the volume will be' + " left in its current phase (Released) for manual reclamation by the" + " administrator. The default policy is Retain." + ), + ) + photonPersistentDisk: Optional[PhotonPersistentDiskVolumeSource] = Field( + default=None, + description=( + "photonPersistentDisk represents a PhotonController persistent disk" + " attached and mounted on kubelets host machine" + ), + ) + portworxVolume: Optional[PortworxVolumeSource] = Field( + default=None, + description=( + "portworxVolume represents a portworx volume attached and mounted on" + " kubelets host machine" + ), + ) + quobyte: Optional[QuobyteVolumeSource] = Field( + default=None, + description=( + "quobyte represents a Quobyte mount on the host that shares a pod's" + " lifetime" + ), + ) + rbd: Optional[RBDPersistentVolumeSource] = Field( + default=None, + description=( + "rbd represents a Rados Block Device mount on the host that shares a pod's" + " lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + ), + ) + scaleIO: Optional[ScaleIOPersistentVolumeSource] = Field( + default=None, + description=( + "scaleIO represents a ScaleIO persistent volume attached and mounted on" + " Kubernetes nodes." + ), + ) + storageClassName: Optional[str] = Field( + default=None, + description=( + "storageClassName is the name of StorageClass to which this persistent" + " volume belongs. Empty value means that this volume does not belong to any" + " StorageClass." + ), + ) + storageos: Optional[StorageOSPersistentVolumeSource] = Field( + default=None, + description=( + "storageOS represents a StorageOS volume that is attached to the kubelet's" + " host machine and mounted into the pod More info:" + " https://examples.k8s.io/volumes/storageos/README.md" + ), + ) + volumeAttributesClassName: Optional[str] = Field( + default=None, + description=( + "Name of VolumeAttributesClass to which this persistent volume belongs." + " Empty value is not allowed. When this field is not set, it indicates that" + " this volume does not belong to any VolumeAttributesClass. This field is" + " mutable and can be changed by the CSI driver after a volume has been" + " updated successfully to a new class. For an unbound PersistentVolume, the" + " volumeAttributesClassName will be matched with unbound" + " PersistentVolumeClaims during the binding process. This is an alpha field" + " and requires enabling VolumeAttributesClass feature." + ), + ) + volumeMode: Optional[VolumeMode] = Field( + default=None, + description=( + "volumeMode defines if a volume is intended to be used with a formatted" + " filesystem or to remain in raw block state. Value of Filesystem is" + ' implied when not included in spec.\n\nPossible enum values:\n - `"Block"`' + " means the volume will not be formatted with a filesystem and will remain" + ' a raw block device.\n - `"Filesystem"` means the volume will be or is' + " formatted with a filesystem." + ), + ) + vsphereVolume: Optional[VsphereVirtualDiskVolumeSource] = Field( + default=None, + description=( + "vsphereVolume represents a vSphere volume attached and mounted on kubelets" + " host machine" + ), + ) + + +class PodAffinityTerm(BaseModel): + labelSelector: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "A label query over a set of resources, in this case pods. If it's null," + " this PodAffinityTerm matches with no Pods." + ), + ) + matchLabelKeys: Optional[List[str]] = Field( + default=None, + description=( + "MatchLabelKeys is a set of pod label keys to select which pods will be" + " taken into consideration. The keys are used to lookup values from the" + " incoming pod labels, those key-value labels are merged with" + " `labelSelector` as `key in (value)` to select the group of existing pods" + " which pods will be taken into consideration for the incoming pod's pod" + " (anti) affinity. Keys that don't exist in the incoming pod labels will be" + " ignored. The default value is empty. The same key is forbidden to exist" + " in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be" + " set when labelSelector isn't set. This is an alpha field and requires" + " enabling MatchLabelKeysInPodAffinity feature gate." + ), + ) + mismatchLabelKeys: Optional[List[str]] = Field( + default=None, + description=( + "MismatchLabelKeys is a set of pod label keys to select which pods will be" + " taken into consideration. The keys are used to lookup values from the" + " incoming pod labels, those key-value labels are merged with" + " `labelSelector` as `key notin (value)` to select the group of existing" + " pods which pods will be taken into consideration for the incoming pod's" + " pod (anti) affinity. Keys that don't exist in the incoming pod labels" + " will be ignored. The default value is empty. The same key is forbidden to" + " exist in both mismatchLabelKeys and labelSelector. Also," + " mismatchLabelKeys cannot be set when labelSelector isn't set. This is an" + " alpha field and requires enabling MatchLabelKeysInPodAffinity feature" + " gate." + ), + ) + namespaceSelector: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "A label query over the set of namespaces that the term applies to. The" + " term is applied to the union of the namespaces selected by this field and" + " the ones listed in the namespaces field. null selector and null or empty" + ' namespaces list means "this pod\'s namespace". An empty selector ({})' + " matches all namespaces." + ), + ) + namespaces: Optional[List[str]] = Field( + default=None, + description=( + "namespaces specifies a static list of namespace names that the term" + " applies to. The term is applied to the union of the namespaces listed in" + " this field and the ones selected by namespaceSelector. null or empty" + ' namespaces list and null namespaceSelector means "this pod\'s namespace".' + ), + ) + topologyKey: str = Field( + ..., + description=( + "This pod should be co-located (affinity) or not co-located (anti-affinity)" + " with the pods matching the labelSelector in the specified namespaces," + " where co-located is defined as running on a node whose value of the label" + " with key topologyKey matches that of any node on which any of the" + " selected pods is running. Empty topologyKey is not allowed." + ), + ) + + +class PodStatus(BaseModel): + conditions: Optional[List[PodCondition]] = Field( + default=None, + description=( + "Current service state of pod. More info:" + " https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions" + ), + ) + containerStatuses: Optional[List[ContainerStatus]] = Field( + default=None, + description=( + "The list has one entry per container in the manifest. More info:" + " https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status" + ), + ) + ephemeralContainerStatuses: Optional[List[ContainerStatus]] = Field( + default=None, + description="Status for any ephemeral containers that have run in this pod.", + ) + hostIP: Optional[str] = Field( + default=None, + description=( + "hostIP holds the IP address of the host to which the pod is assigned." + " Empty if the pod has not started yet. A pod can be assigned to a node" + " that has a problem in kubelet which in turns mean that HostIP will not be" + " updated even if there is a node is assigned to pod" + ), + ) + hostIPs: Optional[List[HostIP]] = Field( + default=None, + description=( + "hostIPs holds the IP addresses allocated to the host. If this field is" + " specified, the first entry must match the hostIP field. This list is" + " empty if the pod has not started yet. A pod can be assigned to a node" + " that has a problem in kubelet which in turns means that HostIPs will not" + " be updated even if there is a node is assigned to this pod." + ), + ) + initContainerStatuses: Optional[List[ContainerStatus]] = Field( + default=None, + description=( + "The list has one entry per init container in the manifest. The most recent" + " successful init container will have ready = true, the most recently" + " started container will have startTime set. More info:" + " https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status" + ), + ) + message: Optional[str] = Field( + default=None, + description=( + "A human readable message indicating details about why the pod is in this" + " condition." + ), + ) + nominatedNodeName: Optional[str] = Field( + default=None, + description=( + "nominatedNodeName is set only when this pod preempts other pods on the" + " node, but it cannot be scheduled right away as preemption victims receive" + " their graceful termination periods. This field does not guarantee that" + " the pod will be scheduled on this node. Scheduler may decide to place the" + " pod elsewhere if other nodes become available sooner. Scheduler may also" + " decide to give the resources on this node to a higher priority pod that" + " is created after preemption. As a result, this field may be different" + " than PodSpec.nodeName when the pod is scheduled." + ), + ) + phase: Optional[PhaseModel3] = Field( + default=None, + description=( + "The phase of a Pod is a simple, high-level summary of where the Pod is in" + " its lifecycle. The conditions array, the reason and message fields, and" + " the individual container status arrays contain more detail about the" + " pod's status. There are five possible phase values:\n\nPending: The pod" + " has been accepted by the Kubernetes system, but one or more of the" + " container images has not been created. This includes time before being" + " scheduled as well as time spent downloading images over the network," + " which could take a while. Running: The pod has been bound to a node, and" + " all of the containers have been created. At least one container is still" + " running, or is in the process of starting or restarting. Succeeded: All" + " containers in the pod have terminated in success, and will not be" + " restarted. Failed: All containers in the pod have terminated, and at" + " least one container has terminated in failure. The container either" + " exited with non-zero status or was terminated by the system. Unknown: For" + " some reason the state of the pod could not be obtained, typically due to" + " an error in communicating with the host of the pod.\n\nMore info:" + " https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase\n\nPossible" + ' enum values:\n - `"Failed"` means that all containers in the pod have' + " terminated, and at least one container has terminated in a failure" + " (exited with a non-zero exit code or was stopped by the system).\n -" + ' `"Pending"` means the pod has been accepted by the system, but one or' + " more of the containers has not been started. This includes time before" + " being bound to a node, as well as time spent pulling images onto the" + ' host.\n - `"Running"` means the pod has been bound to a node and all of' + " the containers have been started. At least one container is still running" + ' or is in the process of being restarted.\n - `"Succeeded"` means that all' + " containers in the pod have voluntarily terminated with a container exit" + " code of 0, and the system is not going to restart any of these" + ' containers.\n - `"Unknown"` means that for some reason the state of the' + " pod could not be obtained, typically due to an error in communicating" + " with the host of the pod. Deprecated: It isn't being set since 2015" + " (74da3b14b0c0f658b3bb8d2def5094686d0e9095)" + ), + ) + podIP: Optional[str] = Field( + default=None, + description=( + "podIP address allocated to the pod. Routable at least within the cluster." + " Empty if not yet allocated." + ), + ) + podIPs: Optional[List[PodIP]] = Field( + default=None, + description=( + "podIPs holds the IP addresses allocated to the pod. If this field is" + " specified, the 0th entry must match the podIP field. Pods may be" + " allocated at most 1 value for each of IPv4 and IPv6. This list is empty" + " if no IPs have been allocated yet." + ), + ) + qosClass: Optional[QosClass] = Field( + default=None, + description=( + "The Quality of Service (QOS) classification assigned to the pod based on" + " resource requirements See PodQOSClass type for available QOS classes More" + " info:" + " https://kubernetes.io/docs/concepts/workloads/pods/pod-qos/#quality-of-service-classes\n\nPossible" + ' enum values:\n - `"BestEffort"` is the BestEffort qos class.\n -' + ' `"Burstable"` is the Burstable qos class.\n - `"Guaranteed"` is the' + " Guaranteed qos class." + ), + ) + reason: Optional[str] = Field( + default=None, + description=( + "A brief CamelCase message indicating details about why the pod is in this" + " state. e.g. 'Evicted'" + ), + ) + resize: Optional[str] = Field( + default=None, + description=( + "Status of resources resize desired for pod's containers. It is empty if" + " no resources resize is pending. Any changes to container resources will" + ' automatically set this to "Proposed"' + ), + ) + resourceClaimStatuses: Optional[List[PodResourceClaimStatus]] = Field( + default=None, description="Status of resource claims." + ) + startTime: Optional[datetime] = Field( + default=None, + description=( + "RFC 3339 date and time at which the object was acknowledged by the" + " Kubelet. This is before the Kubelet pulled the container image(s) for the" + " pod." + ), + ) + + +class Probe(BaseModel): + exec: Optional[ExecAction] = Field( + default=None, description="Exec specifies the action to take." + ) + failureThreshold: Optional[int] = Field( + default=None, + description=( + "Minimum consecutive failures for the probe to be considered failed after" + " having succeeded. Defaults to 3. Minimum value is 1." + ), + ) + grpc: Optional[GRPCAction] = Field( + default=None, description="GRPC specifies an action involving a GRPC port." + ) + httpGet: Optional[HTTPGetAction] = Field( + default=None, description="HTTPGet specifies the http request to perform." + ) + initialDelaySeconds: Optional[int] = Field( + default=None, + description=( + "Number of seconds after the container has started before liveness probes" + " are initiated. More info:" + " https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + ), + ) + periodSeconds: Optional[int] = Field( + default=None, + description=( + "How often (in seconds) to perform the probe. Default to 10 seconds." + " Minimum value is 1." + ), + ) + successThreshold: Optional[int] = Field( + default=None, + description=( + "Minimum consecutive successes for the probe to be considered successful" + " after having failed. Defaults to 1. Must be 1 for liveness and startup." + " Minimum value is 1." + ), + ) + tcpSocket: Optional[TCPSocketAction] = Field( + default=None, description="TCPSocket specifies an action involving a TCP port." + ) + terminationGracePeriodSeconds: Optional[int] = Field( + default=None, + description=( + "Optional duration in seconds the pod needs to terminate gracefully upon" + " probe failure. The grace period is the duration in seconds after the" + " processes running in the pod are sent a termination signal and the time" + " when the processes are forcibly halted with a kill signal. Set this value" + " longer than the expected cleanup time for your process. If this value is" + " nil, the pod's terminationGracePeriodSeconds will be used. Otherwise," + " this value overrides the value provided by the pod spec. Value must be" + " non-negative integer. The value zero indicates stop immediately via the" + " kill signal (no opportunity to shut down). This is a beta field and" + " requires enabling ProbeTerminationGracePeriod feature gate. Minimum value" + " is 1. spec.terminationGracePeriodSeconds is used if unset." + ), + ) + timeoutSeconds: Optional[int] = Field( + default=None, + description=( + "Number of seconds after which the probe times out. Defaults to 1 second." + " Minimum value is 1. More info:" + " https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + ), + ) + + +class ResourceQuotaSpec(BaseModel): + hard: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "hard is the set of desired hard limits for each named resource. More info:" + " https://kubernetes.io/docs/concepts/policy/resource-quotas/" + ), + ) + scopeSelector: Optional[ScopeSelector] = Field( + default=None, + description=( + "scopeSelector is also a collection of filters like scopes that must match" + " each object tracked by a quota but expressed using ScopeSelectorOperator" + " in combination with possible values. For a resource to match, both scopes" + " AND scopeSelector (if specified in spec), must be matched." + ), + ) + scopes: Optional[List[Scope]] = Field( + default=None, + description=( + "A collection of filters that must match each object tracked by a quota. If" + " not specified, the quota matches all objects." + ), + ) + + +class Secret(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + data: Optional[Dict[str, str]] = Field( + default=None, + description=( + "Data contains the secret data. Each key must consist of alphanumeric" + " characters, '-', '_' or '.'. The serialized form of the secret data is a" + " base64 encoded string, representing the arbitrary (possibly non-string)" + " data value here. Described in" + " https://tools.ietf.org/html/rfc4648#section-4" + ), + ) + immutable: Optional[bool] = Field( + default=None, + description=( + "Immutable, if set to true, ensures that data stored in the Secret cannot" + " be updated (only object metadata can be modified). If not set to true," + " the field can be modified at any time. Defaulted to nil." + ), + ) + kind: Optional[str] = Field( + default="Secret", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + stringData: Optional[Dict[str, str]] = Field( + default=None, + description=( + "stringData allows specifying non-binary secret data in string form. It is" + " provided as a write-only input field for convenience. All keys and values" + " are merged into the data field on write, overwriting any existing values." + " The stringData field is never output when reading from the API." + ), + ) + type: Optional[str] = Field( + default=None, + description=( + "Used to facilitate programmatic handling of secret data. More info:" + " https://kubernetes.io/docs/concepts/configuration/secret/#secret-types" + ), + ) + + +class SecretList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[Secret] = Field( + ..., + description=( + "Items is a list of secret objects. More info:" + " https://kubernetes.io/docs/concepts/configuration/secret" + ), + ) + kind: Optional[str] = Field( + default="SecretList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class ServiceAccount(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + automountServiceAccountToken: Optional[bool] = Field( + default=None, + description=( + "AutomountServiceAccountToken indicates whether pods running as this" + " service account should have an API token automatically mounted. Can be" + " overridden at the pod level." + ), + ) + imagePullSecrets: Optional[List[LocalObjectReference]] = Field( + default=None, + description=( + "ImagePullSecrets is a list of references to secrets in the same namespace" + " to use for pulling any images in pods that reference this ServiceAccount." + " ImagePullSecrets are distinct from Secrets because Secrets can be mounted" + " in the pod, but ImagePullSecrets are only accessed by the kubelet. More" + " info:" + " https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod" + ), + ) + kind: Optional[str] = Field( + default="ServiceAccount", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + secrets: Optional[List[ObjectReference]] = Field( + default=None, + description=( + "Secrets is a list of the secrets in the same namespace that pods running" + " using this ServiceAccount are allowed to use. Pods are only limited to" + " this list if this service account has a" + ' "kubernetes.io/enforce-mountable-secrets" annotation set to "true". This' + " field should not be used to find auto-generated service account token" + " secrets for use outside of pods. Instead, tokens can be requested" + " directly using the TokenRequest API, or service account token secrets can" + " be manually created. More info:" + " https://kubernetes.io/docs/concepts/configuration/secret" + ), + ) + + +class ServiceAccountList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[ServiceAccount] = Field( + ..., + description=( + "List of ServiceAccounts. More info:" + " https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/" + ), + ) + kind: Optional[str] = Field( + default="ServiceAccountList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class ServiceStatus(BaseModel): + conditions: Optional[List[v1.Condition]] = Field( + default=None, description="Current service state" + ) + loadBalancer: Optional[LoadBalancerStatus] = Field( + default=None, + description=( + "LoadBalancer contains the current status of the load-balancer, if one is" + " present." + ), + ) + + +class TopologySpreadConstraint(BaseModel): + labelSelector: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "LabelSelector is used to find matching pods. Pods that match this label" + " selector are counted to determine the number of pods in their" + " corresponding topology domain." + ), + ) + matchLabelKeys: Optional[List[str]] = Field( + default=None, + description=( + "MatchLabelKeys is a set of pod label keys to select the pods over which" + " spreading will be calculated. The keys are used to lookup values from the" + " incoming pod labels, those key-value labels are ANDed with labelSelector" + " to select the group of existing pods over which spreading will be" + " calculated for the incoming pod. The same key is forbidden to exist in" + " both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when" + " LabelSelector isn't set. Keys that don't exist in the incoming pod labels" + " will be ignored. A null or empty list means only match against" + " labelSelector.\n\nThis is a beta field and requires the" + " MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by" + " default)." + ), + ) + maxSkew: int = Field( + ..., + description=( + "MaxSkew describes the degree to which pods may be unevenly distributed." + " When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted" + " difference between the number of matching pods in the target topology and" + " the global minimum. The global minimum is the minimum number of matching" + " pods in an eligible domain or zero if the number of eligible domains is" + " less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to" + " 1, and pods with the same labelSelector spread as 2/2/1: In this case," + " the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P " + " | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to" + " become 2/2/2; scheduling it onto zone1(zone2) would make the" + " ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2," + " incoming pod can be scheduled onto any zone. When" + " `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence" + " to topologies that satisfy it. It's a required field. Default value is 1" + " and 0 is not allowed." + ), + ) + minDomains: Optional[int] = Field( + default=None, + description=( + "MinDomains indicates a minimum number of eligible domains. When the number" + " of eligible domains with matching topology keys is less than minDomains," + ' Pod Topology Spread treats "global minimum" as 0, and then the' + " calculation of Skew is performed. And when the number of eligible domains" + " with matching topology keys equals or greater than minDomains, this value" + " has no effect on scheduling. As a result, when the number of eligible" + " domains is less than minDomains, scheduler won't schedule more than" + " maxSkew Pods to those domains. If value is nil, the constraint behaves as" + " if MinDomains is equal to 1. Valid values are integers greater than 0." + " When value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor" + " example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5" + " and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 |" + " zone3 | | P P | P P | P P | The number of domains is less than" + ' 5(MinDomains), so "global minimum" is treated as 0. In this situation,' + " new pod with the same labelSelector cannot be scheduled, because computed" + " skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones," + " it will violate MaxSkew." + ), + ) + nodeAffinityPolicy: Optional[NodeAffinityPolicy] = Field( + default=None, + description=( + "NodeAffinityPolicy indicates how we will treat Pod's" + " nodeAffinity/nodeSelector when calculating pod topology spread skew." + " Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are" + " included in the calculations. - Ignore: nodeAffinity/nodeSelector are" + " ignored. All nodes are included in the calculations.\n\nIf this value is" + " nil, the behavior is equivalent to the Honor policy. This is a beta-level" + " feature default enabled by the NodeInclusionPolicyInPodTopologySpread" + ' feature flag.\n\nPossible enum values:\n - `"Honor"` means use this' + " scheduling directive when calculating pod topology spread skew.\n -" + ' `"Ignore"` means ignore this scheduling directive when calculating pod' + " topology spread skew." + ), + ) + nodeTaintsPolicy: Optional[NodeTaintsPolicy] = Field( + default=None, + description=( + "NodeTaintsPolicy indicates how we will treat node taints when calculating" + " pod topology spread skew. Options are: - Honor: nodes without taints," + " along with tainted nodes for which the incoming pod has a toleration, are" + " included. - Ignore: node taints are ignored. All nodes are" + " included.\n\nIf this value is nil, the behavior is equivalent to the" + " Ignore policy. This is a beta-level feature default enabled by the" + " NodeInclusionPolicyInPodTopologySpread feature flag.\n\nPossible enum" + ' values:\n - `"Honor"` means use this scheduling directive when' + ' calculating pod topology spread skew.\n - `"Ignore"` means ignore this' + " scheduling directive when calculating pod topology spread skew." + ), + ) + topologyKey: str = Field( + ..., + description=( + "TopologyKey is the key of node labels. Nodes that have a label with this" + " key and identical values are considered to be in the same topology. We" + ' consider each as a "bucket", and try to put balanced number' + " of pods into each bucket. We define a domain as a particular instance of" + " a topology. Also, we define an eligible domain as a domain whose nodes" + " meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If" + ' TopologyKey is "kubernetes.io/hostname", each Node is a domain of that' + ' topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone' + " is a domain of that topology. It's a required field." + ), + ) + whenUnsatisfiable: WhenUnsatisfiable = Field( + ..., + description=( + "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy" + " the spread constraint. - DoNotSchedule (default) tells the scheduler not" + " to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod" + " in any location,\n but giving higher precedence to topologies that would" + ' help reduce the\n skew.\nA constraint is considered "Unsatisfiable" for' + " an incoming pod if and only if every possible node assignment for that" + ' pod would violate "MaxSkew" on some topology. For example, in a 3-zone' + " cluster, MaxSkew is set to 1, and pods with the same labelSelector spread" + " as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If" + " WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be" + " scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on" + " zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still" + " be imbalanced, but scheduler won't make it *more* imbalanced. It's a" + ' required field.\n\nPossible enum values:\n - `"DoNotSchedule"` instructs' + " the scheduler not to schedule the pod when constraints are not" + ' satisfied.\n - `"ScheduleAnyway"` instructs the scheduler to schedule the' + " pod even if constraints are not satisfied." + ), + ) + + +class WeightedPodAffinityTerm(BaseModel): + podAffinityTerm: PodAffinityTerm = Field( + ..., + description=( + "Required. A pod affinity term, associated with the corresponding weight." + ), + ) + weight: int = Field( + ..., + description=( + "weight associated with matching the corresponding podAffinityTerm, in the" + " range 1-100." + ), + ) + + +class DownwardAPIProjection(BaseModel): + items: Optional[List[DownwardAPIVolumeFile]] = Field( + default=None, description="Items is a list of DownwardAPIVolume file" + ) + + +class EnvVar(BaseModel): + name: str = Field( + ..., description="Name of the environment variable. Must be a C_IDENTIFIER." + ) + value: Optional[str] = Field( + default=None, + description=( + "Variable references $(VAR_NAME) are expanded using the previously defined" + " environment variables in the container and any service environment" + " variables. If a variable cannot be resolved, the reference in the input" + " string will be unchanged. Double $$ are reduced to a single $, which" + ' allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will' + ' produce the string literal "$(VAR_NAME)". Escaped references will never' + " be expanded, regardless of whether the variable exists or not. Defaults" + ' to "".' + ), + ) + valueFrom: Optional[EnvVarSource] = Field( + default=None, + description=( + "Source for the environment variable's value. Cannot be used if value is" + " not empty." + ), + ) + + +class EphemeralVolumeSource(BaseModel): + volumeClaimTemplate: Optional[PersistentVolumeClaimTemplate] = Field( + default=None, + description=( + "Will be used to create a stand-alone PVC to provision the volume. The pod" + " in which this EphemeralVolumeSource is embedded will be the owner of the" + " PVC, i.e. the PVC will be deleted together with the pod. The name of the" + " PVC will be `-` where `` is the name" + " from the `PodSpec.Volumes` array entry. Pod validation will reject the" + " pod if the concatenated name is not valid for a PVC (for example, too" + " long).\n\nAn existing PVC with that name that is not owned by the pod" + " will *not* be used for the pod to avoid using an unrelated volume by" + " mistake. Starting the pod is then blocked until the unrelated PVC is" + " removed. If such a pre-created PVC is meant to be used by the pod, the" + " PVC has to updated with an owner reference to the pod once the pod" + " exists. Normally this should not be necessary, but it may be useful when" + " manually reconstructing a broken cluster.\n\nThis field is read-only and" + " no changes will be made by Kubernetes to the PVC after it has been" + " created.\n\nRequired, must not be nil." + ), + ) + + +class Lifecycle(BaseModel): + postStart: Optional[LifecycleHandler] = Field( + default=None, + description=( + "PostStart is called immediately after a container is created. If the" + " handler fails, the container is terminated and restarted according to its" + " restart policy. Other management of the container blocks until the hook" + " completes. More info:" + " https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + ), + ) + preStop: Optional[LifecycleHandler] = Field( + default=None, + description=( + "PreStop is called immediately before a container is terminated due to an" + " API request or management event such as liveness/startup probe failure," + " preemption, resource contention, etc. The handler is not called if the" + " container crashes or exits. The Pod's termination grace period countdown" + " begins before the PreStop hook is executed. Regardless of the outcome of" + " the handler, the container will eventually terminate within the Pod's" + " termination grace period (unless delayed by finalizers). Other management" + " of the container blocks until the hook completes or until the termination" + " grace period is reached. More info:" + " https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + ), + ) + + +class Node(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="Node", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[NodeSpec] = Field( + default=None, + description=( + "Spec defines the behavior of a node." + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + status: Optional[NodeStatus] = Field( + default=None, + description=( + "Most recently observed status of the node. Populated by the system." + " Read-only. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class NodeList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[Node] = Field(..., description="List of nodes") + kind: Optional[str] = Field( + default="NodeList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class PersistentVolume(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="PersistentVolume", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[PersistentVolumeSpec] = Field( + default=None, + description=( + "spec defines a specification of a persistent volume owned by the cluster." + " Provisioned by an administrator. More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes" + ), + ) + status: Optional[PersistentVolumeStatus] = Field( + default=None, + description=( + "status represents the current information/status for the persistent" + " volume. Populated by the system. Read-only. More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes" + ), + ) + + +class PersistentVolumeClaim(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="PersistentVolumeClaim", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[PersistentVolumeClaimSpec] = Field( + default=None, + description=( + "spec defines the desired characteristics of a volume requested by a pod" + " author. More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + ), + ) + status: Optional[PersistentVolumeClaimStatus] = Field( + default=None, + description=( + "status represents the current information/status of a persistent volume" + " claim. Read-only. More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + ), + ) + + +class PersistentVolumeClaimList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[PersistentVolumeClaim] = Field( + ..., + description=( + "items is a list of persistent volume claims. More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + ), + ) + kind: Optional[str] = Field( + default="PersistentVolumeClaimList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class PersistentVolumeList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[PersistentVolume] = Field( + ..., + description=( + "items is a list of persistent volumes. More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes" + ), + ) + kind: Optional[str] = Field( + default="PersistentVolumeList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class PodAffinity(BaseModel): + preferredDuringSchedulingIgnoredDuringExecution: Optional[ + List[WeightedPodAffinityTerm] + ] = Field( + default=None, + description=( + "The scheduler will prefer to schedule pods to nodes that satisfy the" + " affinity expressions specified by this field, but it may choose a node" + " that violates one or more of the expressions. The node that is most" + " preferred is the one with the greatest sum of weights, i.e. for each node" + " that meets all of the scheduling requirements (resource request," + " requiredDuringScheduling affinity expressions, etc.), compute a sum by" + ' iterating through the elements of this field and adding "weight" to the' + " sum if the node has pods which matches the corresponding podAffinityTerm;" + " the node(s) with the highest sum are the most preferred." + ), + ) + requiredDuringSchedulingIgnoredDuringExecution: Optional[List[PodAffinityTerm]] = ( + Field( + default=None, + description=( + "If the affinity requirements specified by this field are not met at" + " scheduling time, the pod will not be scheduled onto the node. If the" + " affinity requirements specified by this field cease to be met at some" + " point during pod execution (e.g. due to a pod label update), the" + " system may or may not try to eventually evict the pod from its node." + " When there are multiple elements, the lists of nodes corresponding to" + " each podAffinityTerm are intersected, i.e. all terms must be" + " satisfied." + ), + ) + ) + + +class PodAntiAffinity(BaseModel): + preferredDuringSchedulingIgnoredDuringExecution: Optional[ + List[WeightedPodAffinityTerm] + ] = Field( + default=None, + description=( + "The scheduler will prefer to schedule pods to nodes that satisfy the" + " anti-affinity expressions specified by this field, but it may choose a" + " node that violates one or more of the expressions. The node that is most" + " preferred is the one with the greatest sum of weights, i.e. for each node" + " that meets all of the scheduling requirements (resource request," + " requiredDuringScheduling anti-affinity expressions, etc.), compute a sum" + ' by iterating through the elements of this field and adding "weight" to' + " the sum if the node has pods which matches the corresponding" + " podAffinityTerm; the node(s) with the highest sum are the most preferred." + ), + ) + requiredDuringSchedulingIgnoredDuringExecution: Optional[List[PodAffinityTerm]] = ( + Field( + default=None, + description=( + "If the anti-affinity requirements specified by this field are not met" + " at scheduling time, the pod will not be scheduled onto the node. If" + " the anti-affinity requirements specified by this field cease to be" + " met at some point during pod execution (e.g. due to a pod label" + " update), the system may or may not try to eventually evict the pod" + " from its node. When there are multiple elements, the lists of nodes" + " corresponding to each podAffinityTerm are intersected, i.e. all terms" + " must be satisfied." + ), + ) + ) + + +class ResourceQuota(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="ResourceQuota", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[ResourceQuotaSpec] = Field( + default=None, + description=( + "Spec defines the desired quota." + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + status: Optional[ResourceQuotaStatus] = Field( + default=None, + description=( + "Status defines the actual enforced quota and its current usage." + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class ResourceQuotaList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[ResourceQuota] = Field( + ..., + description=( + "Items is a list of ResourceQuota objects. More info:" + " https://kubernetes.io/docs/concepts/policy/resource-quotas/" + ), + ) + kind: Optional[str] = Field( + default="ResourceQuotaList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class Service(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="Service", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[ServiceSpec] = Field( + default=None, + description=( + "Spec defines the behavior of a service." + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + status: Optional[ServiceStatus] = Field( + default=None, + description=( + "Most recently observed status of the service. Populated by the system." + " Read-only. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class ServiceList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[Service] = Field(..., description="List of services") + kind: Optional[str] = Field( + default="ServiceList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class VolumeProjection(BaseModel): + clusterTrustBundle: Optional[ClusterTrustBundleProjection] = Field( + default=None, + description=( + "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of" + " ClusterTrustBundle objects in an auto-updating file.\n\nAlpha, gated by" + " the ClusterTrustBundleProjection feature gate.\n\nClusterTrustBundle" + " objects can either be selected by name, or by the combination of signer" + " name and a label selector.\n\nKubelet performs aggressive normalization" + " of the PEM contents written into the pod filesystem. Esoteric PEM" + " features such as inter-block comments and block headers are stripped. " + " Certificates are deduplicated. The ordering of certificates within the" + " file is arbitrary, and Kubelet may change the order over time." + ), + ) + configMap: Optional[ConfigMapProjection] = Field( + default=None, + description="configMap information about the configMap data to project", + ) + downwardAPI: Optional[DownwardAPIProjection] = Field( + default=None, + description="downwardAPI information about the downwardAPI data to project", + ) + secret: Optional[SecretProjection] = Field( + default=None, description="secret information about the secret data to project" + ) + serviceAccountToken: Optional[ServiceAccountTokenProjection] = Field( + default=None, + description=( + "serviceAccountToken is information about the serviceAccountToken data to" + " project" + ), + ) + + +class Affinity(BaseModel): + nodeAffinity: Optional[NodeAffinity] = Field( + default=None, + description="Describes node affinity scheduling rules for the pod.", + ) + podAffinity: Optional[PodAffinity] = Field( + default=None, + description=( + "Describes pod affinity scheduling rules (e.g. co-locate this pod in the" + " same node, zone, etc. as some other pod(s))." + ), + ) + podAntiAffinity: Optional[PodAntiAffinity] = Field( + default=None, + description=( + "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod" + " in the same node, zone, etc. as some other pod(s))." + ), + ) + + +class Container(BaseModel): + args: Optional[List[str]] = Field( + default=None, + description=( + "Arguments to the entrypoint. The container image's CMD is used if this is" + " not provided. Variable references $(VAR_NAME) are expanded using the" + " container's environment. If a variable cannot be resolved, the reference" + " in the input string will be unchanged. Double $$ are reduced to a single" + ' $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)"' + ' will produce the string literal "$(VAR_NAME)". Escaped references will' + " never be expanded, regardless of whether the variable exists or not." + " Cannot be updated. More info:" + " https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + ), + ) + command: Optional[List[str]] = Field( + default=None, + description=( + "Entrypoint array. Not executed within a shell. The container image's" + " ENTRYPOINT is used if this is not provided. Variable references" + " $(VAR_NAME) are expanded using the container's environment. If a" + " variable cannot be resolved, the reference in the input string will be" + " unchanged. Double $$ are reduced to a single $, which allows for escaping" + ' the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string' + ' literal "$(VAR_NAME)". Escaped references will never be expanded,' + " regardless of whether the variable exists or not. Cannot be updated. More" + " info:" + " https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + ), + ) + env: Optional[List[EnvVar]] = Field( + default=None, + description=( + "List of environment variables to set in the container. Cannot be updated." + ), + ) + envFrom: Optional[List[EnvFromSource]] = Field( + default=None, + description=( + "List of sources to populate environment variables in the container. The" + " keys defined within a source must be a C_IDENTIFIER. All invalid keys" + " will be reported as an event when the container is starting. When a key" + " exists in multiple sources, the value associated with the last source" + " will take precedence. Values defined by an Env with a duplicate key will" + " take precedence. Cannot be updated." + ), + ) + image: Optional[str] = Field( + default=None, + description=( + "Container image name. More info:" + " https://kubernetes.io/docs/concepts/containers/images This field is" + " optional to allow higher level config management to default or override" + " container images in workload controllers like Deployments and" + " StatefulSets." + ), + ) + imagePullPolicy: Optional[ImagePullPolicy] = Field( + default=None, + description=( + "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always" + " if :latest tag is specified, or IfNotPresent otherwise. Cannot be" + " updated. More info:" + " https://kubernetes.io/docs/concepts/containers/images#updating-images\n\nPossible" + ' enum values:\n - `"Always"` means that kubelet always attempts to pull' + " the latest image. Container will fail If the pull fails.\n -" + ' `"IfNotPresent"` means that kubelet pulls if the image isn\'t present on' + " disk. Container will fail if the image isn't present and the pull" + ' fails.\n - `"Never"` means that kubelet never pulls an image, but only' + " uses a local image. Container will fail if the image isn't present" + ), + ) + lifecycle: Optional[Lifecycle] = Field( + default=None, + description=( + "Actions that the management system should take in response to container" + " lifecycle events. Cannot be updated." + ), + ) + livenessProbe: Optional[Probe] = Field( + default=None, + description=( + "Periodic probe of container liveness. Container will be restarted if the" + " probe fails. Cannot be updated. More info:" + " https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + ), + ) + name: str = Field( + ..., + description=( + "Name of the container specified as a DNS_LABEL. Each container in a pod" + " must have a unique name (DNS_LABEL). Cannot be updated." + ), + ) + ports: Optional[List[ContainerPort]] = Field( + default=None, + description=( + "List of ports to expose from the container. Not specifying a port here" + " DOES NOT prevent that port from being exposed. Any port which is" + ' listening on the default "0.0.0.0" address inside a container will be' + " accessible from the network. Modifying this array with strategic merge" + " patch may corrupt the data. For more information See" + " https://github.com/kubernetes/kubernetes/issues/108255. Cannot be" + " updated." + ), + ) + readinessProbe: Optional[Probe] = Field( + default=None, + description=( + "Periodic probe of container service readiness. Container will be removed" + " from service endpoints if the probe fails. Cannot be updated. More info:" + " https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + ), + ) + resizePolicy: Optional[List[ContainerResizePolicy]] = Field( + default=None, description="Resources resize policy for the container." + ) + resources: Optional[ResourceRequirements] = Field( + default=None, + description=( + "Compute Resources required by this container. Cannot be updated. More" + " info:" + " https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + ), + ) + restartPolicy: Optional[str] = Field( + default=None, + description=( + "RestartPolicy defines the restart behavior of individual containers in a" + " pod. This field may only be set for init containers, and the only allowed" + ' value is "Always". For non-init containers or when this field is not' + " specified, the restart behavior is defined by the Pod's restart policy" + ' and the container type. Setting the RestartPolicy as "Always" for the' + " init container will have the following effect: this init container will" + " be continually restarted on exit until all regular containers have" + " terminated. Once all regular containers have completed, all init" + ' containers with restartPolicy "Always" will be shut down. This lifecycle' + " differs from normal init containers and is often referred to as a" + ' "sidecar" container. Although this init container still starts in the' + " init container sequence, it does not wait for the container to complete" + " before proceeding to the next init container. Instead, the next init" + " container starts immediately after this init container is started, or" + " after any startupProbe has successfully completed." + ), + ) + securityContext: Optional[SecurityContext] = Field( + default=None, + description=( + "SecurityContext defines the security options the container should be run" + " with. If set, the fields of SecurityContext override the equivalent" + " fields of PodSecurityContext. More info:" + " https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + ), + ) + startupProbe: Optional[Probe] = Field( + default=None, + description=( + "StartupProbe indicates that the Pod has successfully initialized. If" + " specified, no other probes are executed until this completes" + " successfully. If this probe fails, the Pod will be restarted, just as if" + " the livenessProbe failed. This can be used to provide different probe" + " parameters at the beginning of a Pod's lifecycle, when it might take a" + " long time to load data or warm a cache, than during steady-state" + " operation. This cannot be updated. More info:" + " https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + ), + ) + stdin: Optional[bool] = Field( + default=None, + description=( + "Whether this container should allocate a buffer for stdin in the container" + " runtime. If this is not set, reads from stdin in the container will" + " always result in EOF. Default is false." + ), + ) + stdinOnce: Optional[bool] = Field( + default=None, + description=( + "Whether the container runtime should close the stdin channel after it has" + " been opened by a single attach. When stdin is true the stdin stream will" + " remain open across multiple attach sessions. If stdinOnce is set to true," + " stdin is opened on container start, is empty until the first client" + " attaches to stdin, and then remains open and accepts data until the" + " client disconnects, at which time stdin is closed and remains closed" + " until the container is restarted. If this flag is false, a container" + " processes that reads from stdin will never receive an EOF. Default is" + " false" + ), + ) + terminationMessagePath: Optional[str] = Field( + default=None, + description=( + "Optional: Path at which the file to which the container's termination" + " message will be written is mounted into the container's filesystem." + " Message written is intended to be brief final status, such as an" + " assertion failure message. Will be truncated by the node if greater than" + " 4096 bytes. The total message length across all containers will be" + " limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + ), + ) + terminationMessagePolicy: Optional[TerminationMessagePolicy] = Field( + default=None, + description=( + "Indicate how the termination message should be populated. File will use" + " the contents of terminationMessagePath to populate the container status" + " message on both success and failure. FallbackToLogsOnError will use the" + " last chunk of container log output if the termination message file is" + " empty and the container exited with an error. The log output is limited" + " to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot" + ' be updated.\n\nPossible enum values:\n - `"FallbackToLogsOnError"` will' + " read the most recent contents of the container logs for the container" + " status message when the container exits with an error and the" + ' terminationMessagePath has no contents.\n - `"File"` is the default' + " behavior and will set the container status message to the contents of the" + " container's terminationMessagePath when the container exits." + ), + ) + tty: Optional[bool] = Field( + default=None, + description=( + "Whether this container should allocate a TTY for itself, also requires" + " 'stdin' to be true. Default is false." + ), + ) + volumeDevices: Optional[List[VolumeDevice]] = Field( + default=None, + description=( + "volumeDevices is the list of block devices to be used by the container." + ), + ) + volumeMounts: Optional[List[VolumeMount]] = Field( + default=None, + description=( + "Pod volumes to mount into the container's filesystem. Cannot be updated." + ), + ) + workingDir: Optional[str] = Field( + default=None, + description=( + "Container's working directory. If not specified, the container runtime's" + " default will be used, which might be configured in the container image." + " Cannot be updated." + ), + ) + + +class EphemeralContainer(BaseModel): + args: Optional[List[str]] = Field( + default=None, + description=( + "Arguments to the entrypoint. The image's CMD is used if this is not" + " provided. Variable references $(VAR_NAME) are expanded using the" + " container's environment. If a variable cannot be resolved, the reference" + " in the input string will be unchanged. Double $$ are reduced to a single" + ' $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)"' + ' will produce the string literal "$(VAR_NAME)". Escaped references will' + " never be expanded, regardless of whether the variable exists or not." + " Cannot be updated. More info:" + " https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + ), + ) + command: Optional[List[str]] = Field( + default=None, + description=( + "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is" + " used if this is not provided. Variable references $(VAR_NAME) are" + " expanded using the container's environment. If a variable cannot be" + " resolved, the reference in the input string will be unchanged. Double $$" + " are reduced to a single $, which allows for escaping the $(VAR_NAME)" + ' syntax: i.e. "$$(VAR_NAME)" will produce the string literal' + ' "$(VAR_NAME)". Escaped references will never be expanded, regardless of' + " whether the variable exists or not. Cannot be updated. More info:" + " https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + ), + ) + env: Optional[List[EnvVar]] = Field( + default=None, + description=( + "List of environment variables to set in the container. Cannot be updated." + ), + ) + envFrom: Optional[List[EnvFromSource]] = Field( + default=None, + description=( + "List of sources to populate environment variables in the container. The" + " keys defined within a source must be a C_IDENTIFIER. All invalid keys" + " will be reported as an event when the container is starting. When a key" + " exists in multiple sources, the value associated with the last source" + " will take precedence. Values defined by an Env with a duplicate key will" + " take precedence. Cannot be updated." + ), + ) + image: Optional[str] = Field( + default=None, + description=( + "Container image name. More info:" + " https://kubernetes.io/docs/concepts/containers/images" + ), + ) + imagePullPolicy: Optional[ImagePullPolicy] = Field( + default=None, + description=( + "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always" + " if :latest tag is specified, or IfNotPresent otherwise. Cannot be" + " updated. More info:" + " https://kubernetes.io/docs/concepts/containers/images#updating-images\n\nPossible" + ' enum values:\n - `"Always"` means that kubelet always attempts to pull' + " the latest image. Container will fail If the pull fails.\n -" + ' `"IfNotPresent"` means that kubelet pulls if the image isn\'t present on' + " disk. Container will fail if the image isn't present and the pull" + ' fails.\n - `"Never"` means that kubelet never pulls an image, but only' + " uses a local image. Container will fail if the image isn't present" + ), + ) + lifecycle: Optional[Lifecycle] = Field( + default=None, description="Lifecycle is not allowed for ephemeral containers." + ) + livenessProbe: Optional[Probe] = Field( + default=None, description="Probes are not allowed for ephemeral containers." + ) + name: str = Field( + ..., + description=( + "Name of the ephemeral container specified as a DNS_LABEL. This name must" + " be unique among all containers, init containers and ephemeral containers." + ), + ) + ports: Optional[List[ContainerPort]] = Field( + default=None, description="Ports are not allowed for ephemeral containers." + ) + readinessProbe: Optional[Probe] = Field( + default=None, description="Probes are not allowed for ephemeral containers." + ) + resizePolicy: Optional[List[ContainerResizePolicy]] = Field( + default=None, description="Resources resize policy for the container." + ) + resources: Optional[ResourceRequirements] = Field( + default=None, + description=( + "Resources are not allowed for ephemeral containers. Ephemeral containers" + " use spare resources already allocated to the pod." + ), + ) + restartPolicy: Optional[str] = Field( + default=None, + description=( + "Restart policy for the container to manage the restart behavior of each" + " container within a pod. This may only be set for init containers. You" + " cannot set this field on ephemeral containers." + ), + ) + securityContext: Optional[SecurityContext] = Field( + default=None, + description=( + "Optional: SecurityContext defines the security options the ephemeral" + " container should be run with. If set, the fields of SecurityContext" + " override the equivalent fields of PodSecurityContext." + ), + ) + startupProbe: Optional[Probe] = Field( + default=None, description="Probes are not allowed for ephemeral containers." + ) + stdin: Optional[bool] = Field( + default=None, + description=( + "Whether this container should allocate a buffer for stdin in the container" + " runtime. If this is not set, reads from stdin in the container will" + " always result in EOF. Default is false." + ), + ) + stdinOnce: Optional[bool] = Field( + default=None, + description=( + "Whether the container runtime should close the stdin channel after it has" + " been opened by a single attach. When stdin is true the stdin stream will" + " remain open across multiple attach sessions. If stdinOnce is set to true," + " stdin is opened on container start, is empty until the first client" + " attaches to stdin, and then remains open and accepts data until the" + " client disconnects, at which time stdin is closed and remains closed" + " until the container is restarted. If this flag is false, a container" + " processes that reads from stdin will never receive an EOF. Default is" + " false" + ), + ) + targetContainerName: Optional[str] = Field( + default=None, + description=( + "If set, the name of the container from PodSpec that this ephemeral" + " container targets. The ephemeral container will be run in the namespaces" + " (IPC, PID, etc) of this container. If not set then the ephemeral" + " container uses the namespaces configured in the Pod spec.\n\nThe" + " container runtime must implement support for this feature. If the runtime" + " does not support namespace targeting then the result of setting this" + " field is undefined." + ), + ) + terminationMessagePath: Optional[str] = Field( + default=None, + description=( + "Optional: Path at which the file to which the container's termination" + " message will be written is mounted into the container's filesystem." + " Message written is intended to be brief final status, such as an" + " assertion failure message. Will be truncated by the node if greater than" + " 4096 bytes. The total message length across all containers will be" + " limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + ), + ) + terminationMessagePolicy: Optional[TerminationMessagePolicy] = Field( + default=None, + description=( + "Indicate how the termination message should be populated. File will use" + " the contents of terminationMessagePath to populate the container status" + " message on both success and failure. FallbackToLogsOnError will use the" + " last chunk of container log output if the termination message file is" + " empty and the container exited with an error. The log output is limited" + " to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot" + ' be updated.\n\nPossible enum values:\n - `"FallbackToLogsOnError"` will' + " read the most recent contents of the container logs for the container" + " status message when the container exits with an error and the" + ' terminationMessagePath has no contents.\n - `"File"` is the default' + " behavior and will set the container status message to the contents of the" + " container's terminationMessagePath when the container exits." + ), + ) + tty: Optional[bool] = Field( + default=None, + description=( + "Whether this container should allocate a TTY for itself, also requires" + " 'stdin' to be true. Default is false." + ), + ) + volumeDevices: Optional[List[VolumeDevice]] = Field( + default=None, + description=( + "volumeDevices is the list of block devices to be used by the container." + ), + ) + volumeMounts: Optional[List[VolumeMount]] = Field( + default=None, + description=( + "Pod volumes to mount into the container's filesystem. Subpath mounts are" + " not allowed for ephemeral containers. Cannot be updated." + ), + ) + workingDir: Optional[str] = Field( + default=None, + description=( + "Container's working directory. If not specified, the container runtime's" + " default will be used, which might be configured in the container image." + " Cannot be updated." + ), + ) + + +class ProjectedVolumeSource(BaseModel): + defaultMode: Optional[int] = Field( + default=None, + description=( + "defaultMode are the mode bits used to set permissions on created files by" + " default. Must be an octal value between 0000 and 0777 or a decimal value" + " between 0 and 511. YAML accepts both octal and decimal values, JSON" + " requires decimal values for mode bits. Directories within the path are" + " not affected by this setting. This might be in conflict with other" + " options that affect the file mode, like fsGroup, and the result can be" + " other mode bits set." + ), + ) + sources: Optional[List[VolumeProjection]] = Field( + default=None, description="sources is the list of volume projections" + ) + + +class Volume(BaseModel): + awsElasticBlockStore: Optional[AWSElasticBlockStoreVolumeSource] = Field( + default=None, + description=( + "awsElasticBlockStore represents an AWS Disk resource that is attached to a" + " kubelet's host machine and then exposed to the pod. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + ), + ) + azureDisk: Optional[AzureDiskVolumeSource] = Field( + default=None, + description=( + "azureDisk represents an Azure Data Disk mount on the host and bind mount" + " to the pod." + ), + ) + azureFile: Optional[AzureFileVolumeSource] = Field( + default=None, + description=( + "azureFile represents an Azure File Service mount on the host and bind" + " mount to the pod." + ), + ) + cephfs: Optional[CephFSVolumeSource] = Field( + default=None, + description=( + "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" + ), + ) + cinder: Optional[CinderVolumeSource] = Field( + default=None, + description=( + "cinder represents a cinder volume attached and mounted on kubelets host" + " machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + ), + ) + configMap: Optional[ConfigMapVolumeSource] = Field( + default=None, + description="configMap represents a configMap that should populate this volume", + ) + csi: Optional[CSIVolumeSource] = Field( + default=None, + description=( + "csi (Container Storage Interface) represents ephemeral storage that is" + " handled by certain external CSI drivers (Beta feature)." + ), + ) + downwardAPI: Optional[DownwardAPIVolumeSource] = Field( + default=None, + description=( + "downwardAPI represents downward API about the pod that should populate" + " this volume" + ), + ) + emptyDir: Optional[EmptyDirVolumeSource] = Field( + default=None, + description=( + "emptyDir represents a temporary directory that shares a pod's lifetime." + " More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + ), + ) + ephemeral: Optional[EphemeralVolumeSource] = Field( + default=None, + description=( + "ephemeral represents a volume that is handled by a cluster storage driver." + " The volume's lifecycle is tied to the pod that defines it - it will be" + " created before the pod starts, and deleted when the pod is" + " removed.\n\nUse this if: a) the volume is only needed while the pod runs," + " b) features of normal volumes like restoring from snapshot or capacity\n " + " tracking are needed,\nc) the storage driver is specified through a" + " storage class, and d) the storage driver supports dynamic volume" + " provisioning through\n a PersistentVolumeClaim (see" + " EphemeralVolumeSource for more\n information on the connection between" + " this volume type\n and PersistentVolumeClaim).\n\nUse" + " PersistentVolumeClaim or one of the vendor-specific APIs for volumes that" + " persist for longer than the lifecycle of an individual pod.\n\nUse CSI" + " for light-weight local ephemeral volumes if the CSI driver is meant to be" + " used that way - see the documentation of the driver for more" + " information.\n\nA pod can use both types of ephemeral volumes and" + " persistent volumes at the same time." + ), + ) + fc: Optional[FCVolumeSource] = Field( + default=None, + description=( + "fc represents a Fibre Channel resource that is attached to a kubelet's" + " host machine and then exposed to the pod." + ), + ) + flexVolume: Optional[FlexVolumeSource] = Field( + default=None, + description=( + "flexVolume represents a generic volume resource that is" + " provisioned/attached using an exec based plugin." + ), + ) + flocker: Optional[FlockerVolumeSource] = Field( + default=None, + description=( + "flocker represents a Flocker volume attached to a kubelet's host machine." + " This depends on the Flocker control service being running" + ), + ) + gcePersistentDisk: Optional[GCEPersistentDiskVolumeSource] = Field( + default=None, + description=( + "gcePersistentDisk represents a GCE Disk resource that is attached to a" + " kubelet's host machine and then exposed to the pod. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + ), + ) + gitRepo: Optional[GitRepoVolumeSource] = Field( + default=None, + description=( + "gitRepo represents a git repository at a particular revision. DEPRECATED:" + " GitRepo is deprecated. To provision a container with a git repo, mount an" + " EmptyDir into an InitContainer that clones the repo using git, then mount" + " the EmptyDir into the Pod's container." + ), + ) + glusterfs: Optional[GlusterfsVolumeSource] = Field( + default=None, + description=( + "glusterfs represents a Glusterfs mount on the host that shares a pod's" + " lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + ), + ) + hostPath: Optional[HostPathVolumeSource] = Field( + default=None, + description=( + "hostPath represents a pre-existing file or directory on the host machine" + " that is directly exposed to the container. This is generally used for" + " system agents or other privileged things that are allowed to see the host" + " machine. Most containers will NOT need this. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + ), + ) + iscsi: Optional[ISCSIVolumeSource] = Field( + default=None, + description=( + "iscsi represents an ISCSI Disk resource that is attached to a kubelet's" + " host machine and then exposed to the pod. More info:" + " https://examples.k8s.io/volumes/iscsi/README.md" + ), + ) + name: str = Field( + ..., + description=( + "name of the volume. Must be a DNS_LABEL and unique within the pod. More" + " info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + ), + ) + nfs: Optional[NFSVolumeSource] = Field( + default=None, + description=( + "nfs represents an NFS mount on the host that shares a pod's lifetime More" + " info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + ), + ) + persistentVolumeClaim: Optional[PersistentVolumeClaimVolumeSource] = Field( + default=None, + description=( + "persistentVolumeClaimVolumeSource represents a reference to a" + " PersistentVolumeClaim in the same namespace. More info:" + " https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + ), + ) + photonPersistentDisk: Optional[PhotonPersistentDiskVolumeSource] = Field( + default=None, + description=( + "photonPersistentDisk represents a PhotonController persistent disk" + " attached and mounted on kubelets host machine" + ), + ) + portworxVolume: Optional[PortworxVolumeSource] = Field( + default=None, + description=( + "portworxVolume represents a portworx volume attached and mounted on" + " kubelets host machine" + ), + ) + projected: Optional[ProjectedVolumeSource] = Field( + default=None, + description=( + "projected items for all in one resources secrets, configmaps, and" + " downward API" + ), + ) + quobyte: Optional[QuobyteVolumeSource] = Field( + default=None, + description=( + "quobyte represents a Quobyte mount on the host that shares a pod's" + " lifetime" + ), + ) + rbd: Optional[RBDVolumeSource] = Field( + default=None, + description=( + "rbd represents a Rados Block Device mount on the host that shares a pod's" + " lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + ), + ) + scaleIO: Optional[ScaleIOVolumeSource] = Field( + default=None, + description=( + "scaleIO represents a ScaleIO persistent volume attached and mounted on" + " Kubernetes nodes." + ), + ) + secret: Optional[SecretVolumeSource] = Field( + default=None, + description=( + "secret represents a secret that should populate this volume. More info:" + " https://kubernetes.io/docs/concepts/storage/volumes#secret" + ), + ) + storageos: Optional[StorageOSVolumeSource] = Field( + default=None, + description=( + "storageOS represents a StorageOS volume attached and mounted on Kubernetes" + " nodes." + ), + ) + vsphereVolume: Optional[VsphereVirtualDiskVolumeSource] = Field( + default=None, + description=( + "vsphereVolume represents a vSphere volume attached and mounted on kubelets" + " host machine" + ), + ) + + +class PodSpec(BaseModel): + activeDeadlineSeconds: Optional[int] = Field( + default=None, + description=( + "Optional duration in seconds the pod may be active on the node relative to" + " StartTime before the system will actively try to mark it failed and kill" + " associated containers. Value must be a positive integer." + ), + ) + affinity: Optional[Affinity] = Field( + default=None, description="If specified, the pod's scheduling constraints" + ) + automountServiceAccountToken: Optional[bool] = Field( + default=None, + description=( + "AutomountServiceAccountToken indicates whether a service account token" + " should be automatically mounted." + ), + ) + containers: List[Container] = Field( + ..., + description=( + "List of containers belonging to the pod. Containers cannot currently be" + " added or removed. There must be at least one container in a Pod. Cannot" + " be updated." + ), + ) + dnsConfig: Optional[PodDNSConfig] = Field( + default=None, + description=( + "Specifies the DNS parameters of a pod. Parameters specified here will be" + " merged to the generated DNS configuration based on DNSPolicy." + ), + ) + dnsPolicy: Optional[DnsPolicy] = Field( + default=None, + description=( + 'Set DNS policy for the pod. Defaults to "ClusterFirst". Valid values are' + " 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS" + " parameters given in DNSConfig will be merged with the policy selected" + " with DNSPolicy. To have DNS options set along with hostNetwork, you have" + " to specify DNS policy explicitly to" + " 'ClusterFirstWithHostNet'.\n\nPossible enum values:\n -" + ' `"ClusterFirst"` indicates that the pod should use cluster DNS first' + " unless hostNetwork is true, if it is available, then fall back on the" + " default (as determined by kubelet) DNS settings.\n -" + ' `"ClusterFirstWithHostNet"` indicates that the pod should use cluster' + " DNS first, if it is available, then fall back on the default (as" + ' determined by kubelet) DNS settings.\n - `"Default"` indicates that the' + " pod should use the default (as determined by kubelet) DNS settings.\n -" + ' `"None"` indicates that the pod should use empty DNS settings. DNS' + " parameters such as nameservers and search paths should be defined via" + " DNSConfig." + ), + ) + enableServiceLinks: Optional[bool] = Field( + default=None, + description=( + "EnableServiceLinks indicates whether information about services should be" + " injected into pod's environment variables, matching the syntax of Docker" + " links. Optional: Defaults to true." + ), + ) + ephemeralContainers: Optional[List[EphemeralContainer]] = Field( + default=None, + description=( + "List of ephemeral containers run in this pod. Ephemeral containers may be" + " run in an existing pod to perform user-initiated actions such as" + " debugging. This list cannot be specified when creating a pod, and it" + " cannot be modified by updating the pod spec. In order to add an ephemeral" + " container to an existing pod, use the pod's ephemeralcontainers" + " subresource." + ), + ) + hostAliases: Optional[List[HostAlias]] = Field( + default=None, + description=( + "HostAliases is an optional list of hosts and IPs that will be injected" + " into the pod's hosts file if specified." + ), + ) + hostIPC: Optional[bool] = Field( + default=None, + description="Use the host's ipc namespace. Optional: Default to false.", + ) + hostNetwork: Optional[bool] = Field( + default=None, + description=( + "Host networking requested for this pod. Use the host's network namespace." + " If this option is set, the ports that will be used must be specified." + " Default to false." + ), + ) + hostPID: Optional[bool] = Field( + default=None, + description="Use the host's pid namespace. Optional: Default to false.", + ) + hostUsers: Optional[bool] = Field( + default=None, + description=( + "Use the host's user namespace. Optional: Default to true. If set to true" + " or not present, the pod will be run in the host user namespace, useful" + " for when the pod needs a feature only available to the host user" + " namespace, such as loading a kernel module with CAP_SYS_MODULE. When set" + " to false, a new userns is created for the pod. Setting false is useful" + " for mitigating container breakout vulnerabilities even allowing users to" + " run their containers as root without actually having root privileges on" + " the host. This field is alpha-level and is only honored by servers that" + " enable the UserNamespacesSupport feature." + ), + ) + hostname: Optional[str] = Field( + default=None, + description=( + "Specifies the hostname of the Pod If not specified, the pod's hostname" + " will be set to a system-defined value." + ), + ) + imagePullSecrets: Optional[List[LocalObjectReference]] = Field( + default=None, + description=( + "ImagePullSecrets is an optional list of references to secrets in the same" + " namespace to use for pulling any of the images used by this PodSpec. If" + " specified, these secrets will be passed to individual puller" + " implementations for them to use. More info:" + " https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod" + ), + ) + initContainers: Optional[List[Container]] = Field( + default=None, + description=( + "List of initialization containers belonging to the pod. Init containers" + " are executed in order prior to containers being started. If any init" + " container fails, the pod is considered to have failed and is handled" + " according to its restartPolicy. The name for an init container or normal" + " container must be unique among all containers. Init containers may not" + " have Lifecycle actions, Readiness probes, Liveness probes, or Startup" + " probes. The resourceRequirements of an init container are taken into" + " account during scheduling by finding the highest request/limit for each" + " resource type, and then using the max of of that value or the sum of the" + " normal containers. Limits are applied to init containers in a similar" + " fashion. Init containers cannot currently be added or removed. Cannot be" + " updated. More info:" + " https://kubernetes.io/docs/concepts/workloads/pods/init-containers/" + ), + ) + nodeName: Optional[str] = Field( + default=None, + description=( + "NodeName is a request to schedule this pod onto a specific node. If it is" + " non-empty, the scheduler simply schedules this pod onto that node," + " assuming that it fits resource requirements." + ), + ) + nodeSelector: Optional[Dict[str, str]] = Field( + default=None, + description=( + "NodeSelector is a selector which must be true for the pod to fit on a" + " node. Selector which must match a node's labels for the pod to be" + " scheduled on that node. More info:" + " https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" + ), + ) + os: Optional[PodOS] = Field( + default=None, + description=( + "Specifies the OS of the containers in the pod. Some pod and container" + " fields are restricted if this is set.\n\nIf the OS field is set to linux," + " the following fields must be unset: -securityContext.windowsOptions\n\nIf" + " the OS field is set to windows, following fields must be unset: -" + " spec.hostPID - spec.hostIPC - spec.hostUsers -" + " spec.securityContext.appArmorProfile -" + " spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile" + " - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy" + " - spec.securityContext.sysctls - spec.shareProcessNamespace -" + " spec.securityContext.runAsUser - spec.securityContext.runAsGroup -" + " spec.securityContext.supplementalGroups -" + " spec.containers[*].securityContext.appArmorProfile -" + " spec.containers[*].securityContext.seLinuxOptions -" + " spec.containers[*].securityContext.seccompProfile -" + " spec.containers[*].securityContext.capabilities -" + " spec.containers[*].securityContext.readOnlyRootFilesystem -" + " spec.containers[*].securityContext.privileged -" + " spec.containers[*].securityContext.allowPrivilegeEscalation -" + " spec.containers[*].securityContext.procMount -" + " spec.containers[*].securityContext.runAsUser -" + " spec.containers[*].securityContext.runAsGroup" + ), + ) + overhead: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "Overhead represents the resource overhead associated with running a pod" + " for a given RuntimeClass. This field will be autopopulated at admission" + " time by the RuntimeClass admission controller. If the RuntimeClass" + " admission controller is enabled, overhead must not be set in Pod create" + " requests. The RuntimeClass admission controller will reject Pod create" + " requests which have the overhead already set. If RuntimeClass is" + " configured and selected in the PodSpec, Overhead will be set to the value" + " defined in the corresponding RuntimeClass, otherwise it will remain unset" + " and treated as zero. More info:" + " https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md" + ), + ) + preemptionPolicy: Optional[PreemptionPolicy] = Field( + default=None, + description=( + "PreemptionPolicy is the Policy for preempting pods with lower priority." + " One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if" + ' unset.\n\nPossible enum values:\n - `"Never"` means that pod never' + ' preempts other pods with lower priority.\n - `"PreemptLowerPriority"`' + " means that pod can preempt other pods with lower priority." + ), + ) + priority: Optional[int] = Field( + default=None, + description=( + "The priority value. Various system components use this field to find the" + " priority of the pod. When Priority Admission Controller is enabled, it" + " prevents users from setting this field. The admission controller" + " populates this field from PriorityClassName. The higher the value, the" + " higher the priority." + ), + ) + priorityClassName: Optional[str] = Field( + default=None, + description=( + 'If specified, indicates the pod\'s priority. "system-node-critical" and' + ' "system-cluster-critical" are two special keywords which indicate the' + " highest priorities with the former being the highest priority. Any other" + " name must be defined by creating a PriorityClass object with that name." + " If not specified, the pod priority will be default or zero if there is no" + " default." + ), + ) + readinessGates: Optional[List[PodReadinessGate]] = Field( + default=None, + description=( + "If specified, all readiness gates will be evaluated for pod readiness. A" + " pod is ready when all its containers are ready AND all conditions" + ' specified in the readiness gates have status equal to "True" More info:' + " https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates" + ), + ) + resourceClaims: Optional[List[PodResourceClaim]] = Field( + default=None, + description=( + "ResourceClaims defines which ResourceClaims must be allocated and reserved" + " before the Pod is allowed to start. The resources will be made available" + " to those containers which consume them by name.\n\nThis is an alpha field" + " and requires enabling the DynamicResourceAllocation feature gate.\n\nThis" + " field is immutable." + ), + ) + restartPolicy: Optional[RestartPolicy] = Field( + default=None, + description=( + "Restart policy for all containers within the pod. One of Always," + " OnFailure, Never. In some contexts, only a subset of those values may be" + " permitted. Default to Always. More info:" + " https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy\n\nPossible" + ' enum values:\n - `"Always"`\n - `"Never"`\n - `"OnFailure"`' + ), + ) + runtimeClassName: Optional[str] = Field( + default=None, + description=( + "RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group," + " which should be used to run this pod. If no RuntimeClass resource" + " matches the named class, the pod will not be run. If unset or empty, the" + ' "legacy" RuntimeClass will be used, which is an implicit class with an' + " empty definition that uses the default runtime handler. More info:" + " https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class" + ), + ) + schedulerName: Optional[str] = Field( + default=None, + description=( + "If specified, the pod will be dispatched by specified scheduler. If not" + " specified, the pod will be dispatched by default scheduler." + ), + ) + schedulingGates: Optional[List[PodSchedulingGate]] = Field( + default=None, + description=( + "SchedulingGates is an opaque list of values that if specified will block" + " scheduling the pod. If schedulingGates is not empty, the pod will stay in" + " the SchedulingGated state and the scheduler will not attempt to schedule" + " the pod.\n\nSchedulingGates can only be set at pod creation time, and be" + " removed only afterwards." + ), + ) + securityContext: Optional[PodSecurityContext] = Field( + default=None, + description=( + "SecurityContext holds pod-level security attributes and common container" + " settings. Optional: Defaults to empty. See type description for default" + " values of each field." + ), + ) + serviceAccount: Optional[str] = Field( + default=None, + description=( + "DeprecatedServiceAccount is a deprecated alias for ServiceAccountName." + " Deprecated: Use serviceAccountName instead." + ), + ) + serviceAccountName: Optional[str] = Field( + default=None, + description=( + "ServiceAccountName is the name of the ServiceAccount to use to run this" + " pod. More info:" + " https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/" + ), + ) + setHostnameAsFQDN: Optional[bool] = Field( + default=None, + description=( + "If true the pod's hostname will be configured as the pod's FQDN, rather" + " than the leaf name (the default). In Linux containers, this means setting" + " the FQDN in the hostname field of the kernel (the nodename field of" + " struct utsname). In Windows containers, this means setting the registry" + " value of hostname for the registry key" + " HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters" + " to FQDN. If a pod does not have FQDN, this has no effect. Default to" + " false." + ), + ) + shareProcessNamespace: Optional[bool] = Field( + default=None, + description=( + "Share a single process namespace between all of the containers in a pod." + " When this is set containers will be able to view and signal processes" + " from other containers in the same pod, and the first process in each" + " container will not be assigned PID 1. HostPID and ShareProcessNamespace" + " cannot both be set. Optional: Default to false." + ), + ) + subdomain: Optional[str] = Field( + default=None, + description=( + "If specified, the fully qualified Pod hostname will be" + ' "...svc.". If not' + " specified, the pod will not have a domainname at all." + ), + ) + terminationGracePeriodSeconds: Optional[int] = Field( + default=None, + description=( + "Optional duration in seconds the pod needs to terminate gracefully. May be" + " decreased in delete request. Value must be non-negative integer. The" + " value zero indicates stop immediately via the kill signal (no opportunity" + " to shut down). If this value is nil, the default grace period will be" + " used instead. The grace period is the duration in seconds after the" + " processes running in the pod are sent a termination signal and the time" + " when the processes are forcibly halted with a kill signal. Set this value" + " longer than the expected cleanup time for your process. Defaults to 30" + " seconds." + ), + ) + tolerations: Optional[List[Toleration]] = Field( + default=None, description="If specified, the pod's tolerations." + ) + topologySpreadConstraints: Optional[List[TopologySpreadConstraint]] = Field( + default=None, + description=( + "TopologySpreadConstraints describes how a group of pods ought to spread" + " across topology domains. Scheduler will schedule pods in a way which" + " abides by the constraints. All topologySpreadConstraints are ANDed." + ), + ) + volumes: Optional[List[Volume]] = Field( + default=None, + description=( + "List of volumes that can be mounted by containers belonging to the pod." + " More info: https://kubernetes.io/docs/concepts/storage/volumes" + ), + ) + + +class PodTemplateSpec(BaseModel): + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[PodSpec] = Field( + default=None, + description=( + "Specification of the desired behavior of the pod. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class ReplicationControllerSpec(BaseModel): + minReadySeconds: Optional[int] = Field( + default=None, + description=( + "Minimum number of seconds for which a newly created pod should be ready" + " without any of its container crashing, for it to be considered available." + " Defaults to 0 (pod will be considered available as soon as it is ready)" + ), + ) + replicas: Optional[int] = Field( + default=None, + description=( + "Replicas is the number of desired replicas. This is a pointer to" + " distinguish between explicit zero and unspecified. Defaults to 1. More" + " info:" + " https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller" + ), + ) + selector: Optional[Dict[str, str]] = Field( + default=None, + description=( + "Selector is a label query over pods that should match the Replicas count." + " If Selector is empty, it is defaulted to the labels present on the Pod" + " template. Label keys and values that must match in order to be controlled" + " by this replication controller, if empty defaulted to labels on Pod" + " template. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" + ), + ) + template: Optional[PodTemplateSpec] = Field( + default=None, + description=( + "Template is the object that describes the pod that will be created if" + " insufficient replicas are detected. This takes precedence over a" + " TemplateRef. The only allowed template.spec.restartPolicy value is" + ' "Always". More info:' + " https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template" + ), + ) + + +class Pod(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="Pod", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[PodSpec] = Field( + default=None, + description=( + "Specification of the desired behavior of the pod. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + status: Optional[PodStatus] = Field( + default=None, + description=( + "Most recently observed status of the pod. This data may not be up to date." + " Populated by the system. Read-only. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class PodList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[Pod] = Field( + ..., + description=( + "List of pods. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md" + ), + ) + kind: Optional[str] = Field( + default="PodList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class PodTemplate(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="PodTemplate", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + template: Optional[PodTemplateSpec] = Field( + default=None, + description=( + "Template defines the pods that will be created from this pod template." + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class PodTemplateList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[PodTemplate] = Field(..., description="List of pod templates") + kind: Optional[str] = Field( + default="PodTemplateList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + + +class ReplicationController(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="ReplicationController", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "If the Labels of a ReplicationController are empty, they are defaulted to" + " be the same as the Pod(s) that the replication controller manages." + " Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[ReplicationControllerSpec] = Field( + default=None, + description=( + "Spec defines the specification of the desired behavior of the replication" + " controller. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + status: Optional[ReplicationControllerStatus] = Field( + default=None, + description=( + "Status is the most recently observed status of the replication controller." + " This data may be out of date by some window of time. Populated by the" + " system. Read-only. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class ReplicationControllerList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[ReplicationController] = Field( + ..., + description=( + "List of replication controllers. More info:" + " https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller" + ), + ) + kind: Optional[str] = Field( + default="ReplicationControllerList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) diff --git a/src/kubedantic/models/io/k8s/api/discovery/__init__.py b/src/kubedantic/models/io/k8s/api/discovery/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/discovery/v1.py b/src/kubedantic/models/io/k8s/api/discovery/v1.py new file mode 100644 index 0000000..66327d8 --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/discovery/v1.py @@ -0,0 +1,269 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from enum import Enum +from typing import Dict, List, Optional + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 as v1_1 +from ..core import v1 + + +class EndpointConditions(BaseModel): + ready: Optional[bool] = Field( + default=None, + description=( + "ready indicates that this endpoint is prepared to receive traffic," + " according to whatever system is managing the endpoint. A nil value" + " indicates an unknown state. In most cases consumers should interpret this" + " unknown state as ready. For compatibility reasons, ready should never be" + ' "true" for terminating endpoints, except when the normal readiness' + " behavior is being explicitly overridden, for example when the associated" + " Service has set the publishNotReadyAddresses flag." + ), + ) + serving: Optional[bool] = Field( + default=None, + description=( + "serving is identical to ready except that it is set regardless of the" + " terminating state of endpoints. This condition should be set to true for" + " a ready endpoint that is terminating. If nil, consumers should defer to" + " the ready condition." + ), + ) + terminating: Optional[bool] = Field( + default=None, + description=( + "terminating indicates that this endpoint is terminating. A nil value" + " indicates an unknown state. Consumers should interpret this unknown state" + " to mean that the endpoint is not terminating." + ), + ) + + +class Protocol(Enum): + SCTP = "SCTP" + TCP = "TCP" + UDP = "UDP" + + +class EndpointPort(BaseModel): + appProtocol: Optional[str] = Field( + default=None, + description=( + "The application protocol for this port. This is used as a hint for" + " implementations to offer richer behavior for protocols that they" + " understand. This field follows standard Kubernetes label syntax. Valid" + " values are either:\n\n* Un-prefixed protocol names - reserved for IANA" + " standard service names (as per RFC-6335 and" + " https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined" + " prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over" + " cleartext as described in" + " https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n" + " * 'kubernetes.io/ws' - WebSocket over cleartext as described in" + " https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' -" + " WebSocket over TLS as described in" + " https://www.rfc-editor.org/rfc/rfc6455\n\n* Other protocols should use" + " implementation-defined prefixed names such as" + " mycompany.com/my-custom-protocol." + ), + ) + name: Optional[str] = Field( + default=None, + description=( + "name represents the name of this port. All ports in an EndpointSlice must" + " have a unique name. If the EndpointSlice is derived from a Kubernetes" + " service, this corresponds to the Service.ports[].name. Name must either" + " be an empty string or pass DNS_LABEL validation: * must be no more than" + " 63 characters long. * must consist of lower case alphanumeric characters" + " or '-'. * must start and end with an alphanumeric character. Default is" + " empty string." + ), + ) + port: Optional[int] = Field( + default=None, + description=( + "port represents the port number of the endpoint. If this is not specified," + " ports are not restricted and must be interpreted in the context of the" + " specific consumer." + ), + ) + protocol: Optional[Protocol] = Field( + default=None, + description=( + "protocol represents the IP protocol for this port. Must be UDP, TCP, or" + ' SCTP. Default is TCP.\n\nPossible enum values:\n - `"SCTP"` is the SCTP' + ' protocol.\n - `"TCP"` is the TCP protocol.\n - `"UDP"` is the UDP' + " protocol." + ), + ) + + +class AddressType(Enum): + FQDN = "FQDN" + IPv4 = "IPv4" + IPv6 = "IPv6" + + +class ForZone(BaseModel): + name: str = Field(..., description="name represents the name of the zone.") + + +class EndpointHints(BaseModel): + forZones: Optional[List[ForZone]] = Field( + default=None, + description=( + "forZones indicates the zone(s) this endpoint should be consumed by to" + " enable topology aware routing." + ), + ) + + +class Endpoint(BaseModel): + addresses: List[str] = Field( + ..., + description=( + "addresses of this endpoint. The contents of this field are interpreted" + " according to the corresponding EndpointSlice addressType field. Consumers" + " must handle different types of addresses in the context of their own" + " capabilities. This must contain at least one address but no more than" + " 100. These are all assumed to be fungible and clients may choose to only" + " use the first element. Refer to: https://issue.k8s.io/106267" + ), + ) + conditions: Optional[EndpointConditions] = Field( + default=None, + description=( + "conditions contains information about the current status of the endpoint." + ), + ) + deprecatedTopology: Optional[Dict[str, str]] = Field( + default=None, + description=( + "deprecatedTopology contains topology information part of the v1beta1 API." + " This field is deprecated, and will be removed when the v1beta1 API is" + " removed (no sooner than kubernetes v1.24). While this field can hold" + " values, it is not writable through the v1 API, and any attempts to write" + " to it will be silently ignored. Topology information can be found in the" + " zone and nodeName fields instead." + ), + ) + hints: Optional[EndpointHints] = Field( + default=None, + description=( + "hints contains information associated with how an endpoint should be" + " consumed." + ), + ) + hostname: Optional[str] = Field( + default=None, + description=( + "hostname of this endpoint. This field may be used by consumers of" + " endpoints to distinguish endpoints from each other (e.g. in DNS names)." + " Multiple endpoints which use the same hostname should be considered" + " fungible (e.g. multiple A values in DNS). Must be lowercase and pass DNS" + " Label (RFC 1123) validation." + ), + ) + nodeName: Optional[str] = Field( + default=None, + description=( + "nodeName represents the name of the Node hosting this endpoint. This can" + " be used to determine endpoints local to a Node." + ), + ) + targetRef: Optional[v1.ObjectReference] = Field( + default=None, + description=( + "targetRef is a reference to a Kubernetes object that represents this" + " endpoint." + ), + ) + zone: Optional[str] = Field( + default=None, + description="zone is the name of the Zone this endpoint exists in.", + ) + + +class EndpointSlice(BaseModel): + addressType: AddressType = Field( + ..., + description=( + "addressType specifies the type of address carried by this EndpointSlice." + " All addresses in this slice must be the same type. This field is" + " immutable after creation. The following address types are currently" + " supported: * IPv4: Represents an IPv4 Address. * IPv6: Represents an IPv6" + " Address. * FQDN: Represents a Fully Qualified Domain Name.\n\nPossible" + ' enum values:\n - `"FQDN"` represents a FQDN.\n - `"IPv4"` represents an' + ' IPv4 Address.\n - `"IPv6"` represents an IPv6 Address.' + ), + ) + apiVersion: Optional[str] = Field( + default="discovery.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + endpoints: List[Endpoint] = Field( + ..., + description=( + "endpoints is a list of unique endpoints in this slice. Each slice may" + " include a maximum of 1000 endpoints." + ), + ) + kind: Optional[str] = Field( + default="EndpointSlice", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1_1.ObjectMeta] = Field( + default=None, description="Standard object's metadata." + ) + ports: Optional[List[EndpointPort]] = Field( + default=None, + description=( + "ports specifies the list of network ports exposed by each endpoint in this" + " slice. Each port must have a unique name. When ports is empty, it" + " indicates that there are no defined ports. When a port is defined with a" + ' nil port value, it indicates "all ports". Each slice may include a' + " maximum of 100 ports." + ), + ) + + +class EndpointSliceList(BaseModel): + apiVersion: Optional[str] = Field( + default="discovery.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[EndpointSlice] = Field( + ..., description="items is the list of endpoint slices" + ) + kind: Optional[str] = Field( + default="EndpointSliceList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1_1.ListMeta] = Field( + default=None, description="Standard list metadata." + ) diff --git a/src/kubedantic/models/io/k8s/api/events/__init__.py b/src/kubedantic/models/io/k8s/api/events/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/events/v1.py b/src/kubedantic/models/io/k8s/api/events/v1.py new file mode 100644 index 0000000..2ead60a --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/events/v1.py @@ -0,0 +1,190 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from typing import List, Optional + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 +from ..core import v1 as v1_1 + + +class EventSeries(BaseModel): + count: int = Field( + ..., + description=( + "count is the number of occurrences in this series up to the last heartbeat" + " time." + ), + ) + lastObservedTime: datetime = Field( + ..., + description=( + "lastObservedTime is the time when last Event from the series was seen" + " before last heartbeat." + ), + ) + + +class Event(BaseModel): + action: Optional[str] = Field( + default=None, + description=( + "action is what action was taken/failed regarding to the regarding object." + " It is machine-readable. This field cannot be empty for new Events and it" + " can have at most 128 characters." + ), + ) + apiVersion: Optional[str] = Field( + default="events.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + deprecatedCount: Optional[int] = Field( + default=None, + description=( + "deprecatedCount is the deprecated field assuring backward compatibility" + " with core.v1 Event type." + ), + ) + deprecatedFirstTimestamp: Optional[datetime] = Field( + default=None, + description=( + "deprecatedFirstTimestamp is the deprecated field assuring backward" + " compatibility with core.v1 Event type." + ), + ) + deprecatedLastTimestamp: Optional[datetime] = Field( + default=None, + description=( + "deprecatedLastTimestamp is the deprecated field assuring backward" + " compatibility with core.v1 Event type." + ), + ) + deprecatedSource: Optional[v1_1.EventSource] = Field( + default=None, + description=( + "deprecatedSource is the deprecated field assuring backward compatibility" + " with core.v1 Event type." + ), + ) + eventTime: datetime = Field( + ..., + description=( + "eventTime is the time when this Event was first observed. It is required." + ), + ) + kind: Optional[str] = Field( + default="Event", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + note: Optional[str] = Field( + default=None, + description=( + "note is a human-readable description of the status of this operation." + " Maximal length of the note is 1kB, but libraries should be prepared to" + " handle values up to 64kB." + ), + ) + reason: Optional[str] = Field( + default=None, + description=( + "reason is why the action was taken. It is human-readable. This field" + " cannot be empty for new Events and it can have at most 128 characters." + ), + ) + regarding: Optional[v1_1.ObjectReference] = Field( + default=None, + description=( + "regarding contains the object this Event is about. In most cases it's an" + " Object reporting controller implements, e.g. ReplicaSetController" + " implements ReplicaSets and this event is emitted because it acts on some" + " changes in a ReplicaSet object." + ), + ) + related: Optional[v1_1.ObjectReference] = Field( + default=None, + description=( + "related is the optional secondary object for more complex actions. E.g." + " when regarding object triggers a creation or deletion of related object." + ), + ) + reportingController: Optional[str] = Field( + default=None, + description=( + "reportingController is the name of the controller that emitted this Event," + " e.g. `kubernetes.io/kubelet`. This field cannot be empty for new Events." + ), + ) + reportingInstance: Optional[str] = Field( + default=None, + description=( + "reportingInstance is the ID of the controller instance, e.g." + " `kubelet-xyzf`. This field cannot be empty for new Events and it can have" + " at most 128 characters." + ), + ) + series: Optional[EventSeries] = Field( + default=None, + description=( + "series is data about the Event series this event represents or nil if it's" + " a singleton Event." + ), + ) + type: Optional[str] = Field( + default=None, + description=( + "type is the type of this event (Normal, Warning), new types could be added" + " in the future. It is machine-readable. This field cannot be empty for new" + " Events." + ), + ) + + +class EventList(BaseModel): + apiVersion: Optional[str] = Field( + default="events.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[Event] = Field(..., description="items is a list of schema objects.") + kind: Optional[str] = Field( + default="EventList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) diff --git a/src/kubedantic/models/io/k8s/api/flowcontrol/__init__.py b/src/kubedantic/models/io/k8s/api/flowcontrol/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/flowcontrol/v1.py b/src/kubedantic/models/io/k8s/api/flowcontrol/v1.py new file mode 100644 index 0000000..75ea332 --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/flowcontrol/v1.py @@ -0,0 +1,623 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from typing import List, Optional + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 + + +class ExemptPriorityLevelConfiguration(BaseModel): + lendablePercent: Optional[int] = Field( + default=None, + description=( + "`lendablePercent` prescribes the fraction of the level's NominalCL that" + " can be borrowed by other priority levels. This value of this field must" + " be between 0 and 100, inclusive, and it defaults to 0. The number of" + " seats that other levels can borrow from this level, known as this level's" + " LendableConcurrencyLimit (LendableCL), is defined as" + " follows.\n\nLendableCL(i) = round( NominalCL(i) *" + " lendablePercent(i)/100.0 )" + ), + ) + nominalConcurrencyShares: Optional[int] = Field( + default=None, + description=( + "`nominalConcurrencyShares` (NCS) contributes to the computation of the" + " NominalConcurrencyLimit (NominalCL) of this level. This is the number of" + " execution seats nominally reserved for this priority level. This DOES NOT" + " limit the dispatching from this priority level but affects the other" + " priority levels through the borrowing mechanism. The server's concurrency" + " limit (ServerCL) is divided among all the priority levels in proportion" + " to their NCS values:\n\nNominalCL(i) = ceil( ServerCL * NCS(i) / sum_ncs" + " ) sum_ncs = sum[priority level k] NCS(k)\n\nBigger numbers mean a larger" + " nominal concurrency limit, at the expense of every other priority level." + " This field has a default value of zero." + ), + ) + + +class FlowDistinguisherMethod(BaseModel): + type: str = Field( + ..., + description=( + "`type` is the type of flow distinguisher method The supported types are" + ' "ByUser" and "ByNamespace". Required.' + ), + ) + + +class FlowSchemaCondition(BaseModel): + lastTransitionTime: Optional[datetime] = Field( + default=None, + description=( + "`lastTransitionTime` is the last time the condition transitioned from one" + " status to another." + ), + ) + message: Optional[str] = Field( + default=None, + description=( + "`message` is a human-readable message indicating details about last" + " transition." + ), + ) + reason: Optional[str] = Field( + default=None, + description=( + "`reason` is a unique, one-word, CamelCase reason for the condition's last" + " transition." + ), + ) + status: Optional[str] = Field( + default=None, + description=( + "`status` is the status of the condition. Can be True, False, Unknown." + " Required." + ), + ) + type: Optional[str] = Field( + default=None, description="`type` is the type of the condition. Required." + ) + + +class FlowSchemaStatus(BaseModel): + conditions: Optional[List[FlowSchemaCondition]] = Field( + default=None, + description="`conditions` is a list of the current states of FlowSchema.", + ) + + +class GroupSubject(BaseModel): + name: str = Field( + ..., + description=( + 'name is the user group that matches, or "*" to match all user groups. See' + " https://github.com/kubernetes/apiserver/blob/master/pkg/authentication/user/user.go" + " for some well-known group names. Required." + ), + ) + + +class NonResourcePolicyRule(BaseModel): + nonResourceURLs: List[str] = Field( + ..., + description=( + "`nonResourceURLs` is a set of url prefixes that a user should have access" + ' to and may not be empty. For example:\n - "/healthz" is legal\n -' + ' "/hea*" is illegal\n - "/hea" is legal but matches nothing\n - "/hea/*"' + ' also matches nothing\n - "/healthz/*" matches all per-component health' + ' checks.\n"*" matches all non-resource urls. if it is present, it must be' + " the only entry. Required." + ), + ) + verbs: List[str] = Field( + ..., + description=( + '`verbs` is a list of matching verbs and may not be empty. "*" matches all' + " verbs. If it is present, it must be the only entry. Required." + ), + ) + + +class PriorityLevelConfigurationCondition(BaseModel): + lastTransitionTime: Optional[datetime] = Field( + default=None, + description=( + "`lastTransitionTime` is the last time the condition transitioned from one" + " status to another." + ), + ) + message: Optional[str] = Field( + default=None, + description=( + "`message` is a human-readable message indicating details about last" + " transition." + ), + ) + reason: Optional[str] = Field( + default=None, + description=( + "`reason` is a unique, one-word, CamelCase reason for the condition's last" + " transition." + ), + ) + status: Optional[str] = Field( + default=None, + description=( + "`status` is the status of the condition. Can be True, False, Unknown." + " Required." + ), + ) + type: Optional[str] = Field( + default=None, description="`type` is the type of the condition. Required." + ) + + +class PriorityLevelConfigurationReference(BaseModel): + name: str = Field( + ..., + description=( + "`name` is the name of the priority level configuration being referenced" + " Required." + ), + ) + + +class PriorityLevelConfigurationStatus(BaseModel): + conditions: Optional[List[PriorityLevelConfigurationCondition]] = Field( + default=None, + description='`conditions` is the current state of "request-priority".', + ) + + +class QueuingConfiguration(BaseModel): + handSize: Optional[int] = Field( + default=0, + description=( + "`handSize` is a small positive number that configures the shuffle sharding" + " of requests into queues. When enqueuing a request at this priority level" + " the request's flow identifier (a string pair) is hashed and the hash" + " value is used to shuffle the list of queues and deal a hand of the size" + " specified here. The request is put into one of the shortest queues in" + " that hand. `handSize` must be no larger than `queues`, and should be" + " significantly smaller (so that a few heavy flows do not saturate most of" + " the queues). See the user-facing documentation for more extensive" + " guidance on setting this field. This field has a default value of 8." + ), + ) + queueLengthLimit: Optional[int] = Field( + default=0, + description=( + "`queueLengthLimit` is the maximum number of requests allowed to be waiting" + " in a given queue of this priority level at a time; excess requests are" + " rejected. This value must be positive. If not specified, it will be" + " defaulted to 50." + ), + ) + queues: Optional[int] = Field( + default=0, + description=( + "`queues` is the number of queues for this priority level. The queues exist" + " independently at each apiserver. The value must be positive. Setting it" + " to 1 effectively precludes shufflesharding and thus makes the" + " distinguisher method of associated flow schemas irrelevant. This field" + " has a default value of 64." + ), + ) + + +class ResourcePolicyRule(BaseModel): + apiGroups: List[str] = Field( + ..., + description=( + '`apiGroups` is a list of matching API groups and may not be empty. "*"' + " matches all API groups and, if present, must be the only entry. Required." + ), + ) + clusterScope: Optional[bool] = Field( + default=None, + description=( + "`clusterScope` indicates whether to match requests that do not specify a" + " namespace (which happens either because the resource is not namespaced or" + " the request targets all namespaces). If this field is omitted or false" + " then the `namespaces` field must contain a non-empty list." + ), + ) + namespaces: Optional[List[str]] = Field( + default=None, + description=( + "`namespaces` is a list of target namespaces that restricts matches. A" + " request that specifies a target namespace matches only if either (a) this" + ' list contains that target namespace or (b) this list contains "*". Note' + ' that "*" matches any specified namespace but does not match a request' + " that _does not specify_ a namespace (see the `clusterScope` field for" + " that). This list may be empty, but only if `clusterScope` is true." + ), + ) + resources: List[str] = Field( + ..., + description=( + "`resources` is a list of matching resources (i.e., lowercase and plural)" + ' with, if desired, subresource. For example, [ "services", "nodes/status"' + ' ]. This list may not be empty. "*" matches all resources and, if' + " present, must be the only entry. Required." + ), + ) + verbs: List[str] = Field( + ..., + description=( + '`verbs` is a list of matching verbs and may not be empty. "*" matches all' + " verbs and, if present, must be the only entry. Required." + ), + ) + + +class ServiceAccountSubject(BaseModel): + name: str = Field( + ..., + description=( + '`name` is the name of matching ServiceAccount objects, or "*" to match' + " regardless of name. Required." + ), + ) + namespace: str = Field( + ..., + description=( + "`namespace` is the namespace of matching ServiceAccount objects. Required." + ), + ) + + +class UserSubject(BaseModel): + name: str = Field( + ..., + description=( + '`name` is the username that matches, or "*" to match all usernames.' + " Required." + ), + ) + + +class LimitResponse(BaseModel): + queuing: Optional[QueuingConfiguration] = Field( + default=None, + description=( + "`queuing` holds the configuration parameters for queuing. This field may" + ' be non-empty only if `type` is `"Queue"`.' + ), + ) + type: str = Field( + ..., + description=( + '`type` is "Queue" or "Reject". "Queue" means that requests that can not be' + " executed upon arrival are held in a queue until they can be executed or a" + ' queuing limit is reached. "Reject" means that requests that can not be' + " executed upon arrival are rejected. Required." + ), + ) + + +class LimitedPriorityLevelConfiguration(BaseModel): + borrowingLimitPercent: Optional[int] = Field( + default=None, + description=( + "`borrowingLimitPercent`, if present, configures a limit on how many seats" + " this priority level can borrow from other priority levels. The limit is" + " known as this level's BorrowingConcurrencyLimit (BorrowingCL) and is a" + " limit on the total number of seats that this level may borrow at any one" + " time. This field holds the ratio of that limit to the level's nominal" + " concurrency limit. When this field is non-nil, it must hold a" + " non-negative integer and the limit is calculated as" + " follows.\n\nBorrowingCL(i) = round( NominalCL(i) *" + " borrowingLimitPercent(i)/100.0 )\n\nThe value of this field can be more" + " than 100, implying that this priority level can borrow a number of seats" + " that is greater than its own nominal concurrency limit (NominalCL). When" + " this field is left `nil`, the limit is effectively infinite." + ), + ) + lendablePercent: Optional[int] = Field( + default=None, + description=( + "`lendablePercent` prescribes the fraction of the level's NominalCL that" + " can be borrowed by other priority levels. The value of this field must be" + " between 0 and 100, inclusive, and it defaults to 0. The number of seats" + " that other levels can borrow from this level, known as this level's" + " LendableConcurrencyLimit (LendableCL), is defined as" + " follows.\n\nLendableCL(i) = round( NominalCL(i) *" + " lendablePercent(i)/100.0 )" + ), + ) + limitResponse: Optional[LimitResponse] = Field( + default=None, + description=( + "`limitResponse` indicates what to do with requests that can not be" + " executed right now" + ), + ) + nominalConcurrencyShares: Optional[int] = Field( + default=None, + description=( + "`nominalConcurrencyShares` (NCS) contributes to the computation of the" + " NominalConcurrencyLimit (NominalCL) of this level. This is the number of" + " execution seats available at this priority level. This is used both for" + " requests dispatched from this priority level as well as requests" + " dispatched from other priority levels borrowing seats from this level." + " The server's concurrency limit (ServerCL) is divided among the Limited" + " priority levels in proportion to their NCS values:\n\nNominalCL(i) =" + " ceil( ServerCL * NCS(i) / sum_ncs ) sum_ncs = sum[priority level k]" + " NCS(k)\n\nBigger numbers mean a larger nominal concurrency limit, at the" + " expense of every other priority level.\n\nIf not specified, this field" + " defaults to a value of 30.\n\nSetting this field to zero supports the" + ' construction of a "jail" for this priority level that is used to hold' + " some request(s)" + ), + ) + + +class PriorityLevelConfigurationSpec(BaseModel): + exempt: Optional[ExemptPriorityLevelConfiguration] = Field( + default=None, + description=( + "`exempt` specifies how requests are handled for an exempt priority level." + ' This field MUST be empty if `type` is `"Limited"`. This field MAY be' + ' non-empty if `type` is `"Exempt"`. If empty and `type` is `"Exempt"` then' + " the default values for `ExemptPriorityLevelConfiguration` apply." + ), + ) + limited: Optional[LimitedPriorityLevelConfiguration] = Field( + default=None, + description=( + "`limited` specifies how requests are handled for a Limited priority level." + ' This field must be non-empty if and only if `type` is `"Limited"`.' + ), + ) + type: str = Field( + ..., + description=( + "`type` indicates whether this priority level is subject to limitation on" + ' request execution. A value of `"Exempt"` means that requests of this' + " priority level are not subject to a limit (and thus are never queued) and" + " do not detract from the capacity made available to other priority levels." + ' A value of `"Limited"` means that (a) requests of this priority level' + " _are_ subject to limits and (b) some of the server's limited capacity is" + " made available exclusively to this priority level. Required." + ), + ) + + +class Subject(BaseModel): + group: Optional[GroupSubject] = Field( + default=None, description="`group` matches based on user group name." + ) + kind: str = Field( + ..., + description=( + "`kind` indicates which one of the other fields is non-empty. Required" + ), + ) + serviceAccount: Optional[ServiceAccountSubject] = Field( + default=None, description="`serviceAccount` matches ServiceAccounts." + ) + user: Optional[UserSubject] = Field( + default=None, description="`user` matches based on username." + ) + + +class PolicyRulesWithSubjects(BaseModel): + nonResourceRules: Optional[List[NonResourcePolicyRule]] = Field( + default=None, + description=( + "`nonResourceRules` is a list of NonResourcePolicyRules that identify" + " matching requests according to their verb and the target non-resource" + " URL." + ), + ) + resourceRules: Optional[List[ResourcePolicyRule]] = Field( + default=None, + description=( + "`resourceRules` is a slice of ResourcePolicyRules that identify matching" + " requests according to their verb and the target resource. At least one of" + " `resourceRules` and `nonResourceRules` has to be non-empty." + ), + ) + subjects: List[Subject] = Field( + ..., + description=( + "subjects is the list of normal user, serviceaccount, or group that this" + " rule cares about. There must be at least one member in this slice. A" + " slice that includes both the system:authenticated and" + " system:unauthenticated user groups matches every request. Required." + ), + ) + + +class PriorityLevelConfiguration(BaseModel): + apiVersion: Optional[str] = Field( + default="flowcontrol.apiserver.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="PriorityLevelConfiguration", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "`metadata` is the standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[PriorityLevelConfigurationSpec] = Field( + default=None, + description=( + "`spec` is the specification of the desired behavior of a" + ' "request-priority". More info:' + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + status: Optional[PriorityLevelConfigurationStatus] = Field( + default=None, + description=( + '`status` is the current status of a "request-priority". More info:' + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class PriorityLevelConfigurationList(BaseModel): + apiVersion: Optional[str] = Field( + default="flowcontrol.apiserver.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[PriorityLevelConfiguration] = Field( + ..., description="`items` is a list of request-priorities." + ) + kind: Optional[str] = Field( + default="PriorityLevelConfigurationList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "`metadata` is the standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + + +class FlowSchemaSpec(BaseModel): + distinguisherMethod: Optional[FlowDistinguisherMethod] = Field( + default=None, + description=( + "`distinguisherMethod` defines how to compute the flow distinguisher for" + " requests that match this schema. `nil` specifies that the distinguisher" + " is disabled and thus will always be the empty string." + ), + ) + matchingPrecedence: Optional[int] = Field( + default=0, + description=( + "`matchingPrecedence` is used to choose among the FlowSchemas that match a" + " given request. The chosen FlowSchema is among those with the numerically" + " lowest (which we take to be logically highest) MatchingPrecedence. Each" + " MatchingPrecedence value must be ranged in [1,10000]. Note that if the" + " precedence is not specified, it will be set to 1000 as default." + ), + ) + priorityLevelConfiguration: PriorityLevelConfigurationReference = Field( + ..., + description=( + "`priorityLevelConfiguration` should reference a PriorityLevelConfiguration" + " in the cluster. If the reference cannot be resolved, the FlowSchema will" + " be ignored and marked as invalid in its status. Required." + ), + ) + rules: Optional[List[PolicyRulesWithSubjects]] = Field( + default=None, + description=( + "`rules` describes which requests will match this flow schema. This" + " FlowSchema matches a request if and only if at least one member of rules" + " matches the request. if it is an empty slice, there will be no requests" + " matching the FlowSchema." + ), + ) + + +class FlowSchema(BaseModel): + apiVersion: Optional[str] = Field( + default="flowcontrol.apiserver.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="FlowSchema", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "`metadata` is the standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[FlowSchemaSpec] = Field( + default=None, + description=( + "`spec` is the specification of the desired behavior of a FlowSchema. More" + " info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + status: Optional[FlowSchemaStatus] = Field( + default=None, + description=( + "`status` is the current status of a FlowSchema. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class FlowSchemaList(BaseModel): + apiVersion: Optional[str] = Field( + default="flowcontrol.apiserver.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[FlowSchema] = Field( + ..., description="`items` is a list of FlowSchemas." + ) + kind: Optional[str] = Field( + default="FlowSchemaList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "`metadata` is the standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) diff --git a/src/kubedantic/models/io/k8s/api/flowcontrol/v1beta3.py b/src/kubedantic/models/io/k8s/api/flowcontrol/v1beta3.py new file mode 100644 index 0000000..bf19d70 --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/flowcontrol/v1beta3.py @@ -0,0 +1,621 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from typing import List, Optional + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 + + +class ExemptPriorityLevelConfiguration(BaseModel): + lendablePercent: Optional[int] = Field( + default=None, + description=( + "`lendablePercent` prescribes the fraction of the level's NominalCL that" + " can be borrowed by other priority levels. This value of this field must" + " be between 0 and 100, inclusive, and it defaults to 0. The number of" + " seats that other levels can borrow from this level, known as this level's" + " LendableConcurrencyLimit (LendableCL), is defined as" + " follows.\n\nLendableCL(i) = round( NominalCL(i) *" + " lendablePercent(i)/100.0 )" + ), + ) + nominalConcurrencyShares: Optional[int] = Field( + default=None, + description=( + "`nominalConcurrencyShares` (NCS) contributes to the computation of the" + " NominalConcurrencyLimit (NominalCL) of this level. This is the number of" + " execution seats nominally reserved for this priority level. This DOES NOT" + " limit the dispatching from this priority level but affects the other" + " priority levels through the borrowing mechanism. The server's concurrency" + " limit (ServerCL) is divided among all the priority levels in proportion" + " to their NCS values:\n\nNominalCL(i) = ceil( ServerCL * NCS(i) / sum_ncs" + " ) sum_ncs = sum[priority level k] NCS(k)\n\nBigger numbers mean a larger" + " nominal concurrency limit, at the expense of every other priority level." + " This field has a default value of zero." + ), + ) + + +class FlowDistinguisherMethod(BaseModel): + type: str = Field( + ..., + description=( + "`type` is the type of flow distinguisher method The supported types are" + ' "ByUser" and "ByNamespace". Required.' + ), + ) + + +class FlowSchemaCondition(BaseModel): + lastTransitionTime: Optional[datetime] = Field( + default=None, + description=( + "`lastTransitionTime` is the last time the condition transitioned from one" + " status to another." + ), + ) + message: Optional[str] = Field( + default=None, + description=( + "`message` is a human-readable message indicating details about last" + " transition." + ), + ) + reason: Optional[str] = Field( + default=None, + description=( + "`reason` is a unique, one-word, CamelCase reason for the condition's last" + " transition." + ), + ) + status: Optional[str] = Field( + default=None, + description=( + "`status` is the status of the condition. Can be True, False, Unknown." + " Required." + ), + ) + type: Optional[str] = Field( + default=None, description="`type` is the type of the condition. Required." + ) + + +class FlowSchemaStatus(BaseModel): + conditions: Optional[List[FlowSchemaCondition]] = Field( + default=None, + description="`conditions` is a list of the current states of FlowSchema.", + ) + + +class GroupSubject(BaseModel): + name: str = Field( + ..., + description=( + 'name is the user group that matches, or "*" to match all user groups. See' + " https://github.com/kubernetes/apiserver/blob/master/pkg/authentication/user/user.go" + " for some well-known group names. Required." + ), + ) + + +class NonResourcePolicyRule(BaseModel): + nonResourceURLs: List[str] = Field( + ..., + description=( + "`nonResourceURLs` is a set of url prefixes that a user should have access" + ' to and may not be empty. For example:\n - "/healthz" is legal\n -' + ' "/hea*" is illegal\n - "/hea" is legal but matches nothing\n - "/hea/*"' + ' also matches nothing\n - "/healthz/*" matches all per-component health' + ' checks.\n"*" matches all non-resource urls. if it is present, it must be' + " the only entry. Required." + ), + ) + verbs: List[str] = Field( + ..., + description=( + '`verbs` is a list of matching verbs and may not be empty. "*" matches all' + " verbs. If it is present, it must be the only entry. Required." + ), + ) + + +class PriorityLevelConfigurationCondition(BaseModel): + lastTransitionTime: Optional[datetime] = Field( + default=None, + description=( + "`lastTransitionTime` is the last time the condition transitioned from one" + " status to another." + ), + ) + message: Optional[str] = Field( + default=None, + description=( + "`message` is a human-readable message indicating details about last" + " transition." + ), + ) + reason: Optional[str] = Field( + default=None, + description=( + "`reason` is a unique, one-word, CamelCase reason for the condition's last" + " transition." + ), + ) + status: Optional[str] = Field( + default=None, + description=( + "`status` is the status of the condition. Can be True, False, Unknown." + " Required." + ), + ) + type: Optional[str] = Field( + default=None, description="`type` is the type of the condition. Required." + ) + + +class PriorityLevelConfigurationReference(BaseModel): + name: str = Field( + ..., + description=( + "`name` is the name of the priority level configuration being referenced" + " Required." + ), + ) + + +class PriorityLevelConfigurationStatus(BaseModel): + conditions: Optional[List[PriorityLevelConfigurationCondition]] = Field( + default=None, + description='`conditions` is the current state of "request-priority".', + ) + + +class QueuingConfiguration(BaseModel): + handSize: Optional[int] = Field( + default=0, + description=( + "`handSize` is a small positive number that configures the shuffle sharding" + " of requests into queues. When enqueuing a request at this priority level" + " the request's flow identifier (a string pair) is hashed and the hash" + " value is used to shuffle the list of queues and deal a hand of the size" + " specified here. The request is put into one of the shortest queues in" + " that hand. `handSize` must be no larger than `queues`, and should be" + " significantly smaller (so that a few heavy flows do not saturate most of" + " the queues). See the user-facing documentation for more extensive" + " guidance on setting this field. This field has a default value of 8." + ), + ) + queueLengthLimit: Optional[int] = Field( + default=0, + description=( + "`queueLengthLimit` is the maximum number of requests allowed to be waiting" + " in a given queue of this priority level at a time; excess requests are" + " rejected. This value must be positive. If not specified, it will be" + " defaulted to 50." + ), + ) + queues: Optional[int] = Field( + default=0, + description=( + "`queues` is the number of queues for this priority level. The queues exist" + " independently at each apiserver. The value must be positive. Setting it" + " to 1 effectively precludes shufflesharding and thus makes the" + " distinguisher method of associated flow schemas irrelevant. This field" + " has a default value of 64." + ), + ) + + +class ResourcePolicyRule(BaseModel): + apiGroups: List[str] = Field( + ..., + description=( + '`apiGroups` is a list of matching API groups and may not be empty. "*"' + " matches all API groups and, if present, must be the only entry. Required." + ), + ) + clusterScope: Optional[bool] = Field( + default=None, + description=( + "`clusterScope` indicates whether to match requests that do not specify a" + " namespace (which happens either because the resource is not namespaced or" + " the request targets all namespaces). If this field is omitted or false" + " then the `namespaces` field must contain a non-empty list." + ), + ) + namespaces: Optional[List[str]] = Field( + default=None, + description=( + "`namespaces` is a list of target namespaces that restricts matches. A" + " request that specifies a target namespace matches only if either (a) this" + ' list contains that target namespace or (b) this list contains "*". Note' + ' that "*" matches any specified namespace but does not match a request' + " that _does not specify_ a namespace (see the `clusterScope` field for" + " that). This list may be empty, but only if `clusterScope` is true." + ), + ) + resources: List[str] = Field( + ..., + description=( + "`resources` is a list of matching resources (i.e., lowercase and plural)" + ' with, if desired, subresource. For example, [ "services", "nodes/status"' + ' ]. This list may not be empty. "*" matches all resources and, if' + " present, must be the only entry. Required." + ), + ) + verbs: List[str] = Field( + ..., + description=( + '`verbs` is a list of matching verbs and may not be empty. "*" matches all' + " verbs and, if present, must be the only entry. Required." + ), + ) + + +class ServiceAccountSubject(BaseModel): + name: str = Field( + ..., + description=( + '`name` is the name of matching ServiceAccount objects, or "*" to match' + " regardless of name. Required." + ), + ) + namespace: str = Field( + ..., + description=( + "`namespace` is the namespace of matching ServiceAccount objects. Required." + ), + ) + + +class UserSubject(BaseModel): + name: str = Field( + ..., + description=( + '`name` is the username that matches, or "*" to match all usernames.' + " Required." + ), + ) + + +class LimitResponse(BaseModel): + queuing: Optional[QueuingConfiguration] = Field( + default=None, + description=( + "`queuing` holds the configuration parameters for queuing. This field may" + ' be non-empty only if `type` is `"Queue"`.' + ), + ) + type: str = Field( + ..., + description=( + '`type` is "Queue" or "Reject". "Queue" means that requests that can not be' + " executed upon arrival are held in a queue until they can be executed or a" + ' queuing limit is reached. "Reject" means that requests that can not be' + " executed upon arrival are rejected. Required." + ), + ) + + +class LimitedPriorityLevelConfiguration(BaseModel): + borrowingLimitPercent: Optional[int] = Field( + default=None, + description=( + "`borrowingLimitPercent`, if present, configures a limit on how many seats" + " this priority level can borrow from other priority levels. The limit is" + " known as this level's BorrowingConcurrencyLimit (BorrowingCL) and is a" + " limit on the total number of seats that this level may borrow at any one" + " time. This field holds the ratio of that limit to the level's nominal" + " concurrency limit. When this field is non-nil, it must hold a" + " non-negative integer and the limit is calculated as" + " follows.\n\nBorrowingCL(i) = round( NominalCL(i) *" + " borrowingLimitPercent(i)/100.0 )\n\nThe value of this field can be more" + " than 100, implying that this priority level can borrow a number of seats" + " that is greater than its own nominal concurrency limit (NominalCL). When" + " this field is left `nil`, the limit is effectively infinite." + ), + ) + lendablePercent: Optional[int] = Field( + default=None, + description=( + "`lendablePercent` prescribes the fraction of the level's NominalCL that" + " can be borrowed by other priority levels. The value of this field must be" + " between 0 and 100, inclusive, and it defaults to 0. The number of seats" + " that other levels can borrow from this level, known as this level's" + " LendableConcurrencyLimit (LendableCL), is defined as" + " follows.\n\nLendableCL(i) = round( NominalCL(i) *" + " lendablePercent(i)/100.0 )" + ), + ) + limitResponse: Optional[LimitResponse] = Field( + default=None, + description=( + "`limitResponse` indicates what to do with requests that can not be" + " executed right now" + ), + ) + nominalConcurrencyShares: Optional[int] = Field( + default=0, + description=( + "`nominalConcurrencyShares` (NCS) contributes to the computation of the" + " NominalConcurrencyLimit (NominalCL) of this level. This is the number of" + " execution seats available at this priority level. This is used both for" + " requests dispatched from this priority level as well as requests" + " dispatched from other priority levels borrowing seats from this level." + " The server's concurrency limit (ServerCL) is divided among the Limited" + " priority levels in proportion to their NCS values:\n\nNominalCL(i) =" + " ceil( ServerCL * NCS(i) / sum_ncs ) sum_ncs = sum[priority level k]" + " NCS(k)\n\nBigger numbers mean a larger nominal concurrency limit, at the" + " expense of every other priority level. This field has a default value" + " of 30." + ), + ) + + +class PriorityLevelConfigurationSpec(BaseModel): + exempt: Optional[ExemptPriorityLevelConfiguration] = Field( + default=None, + description=( + "`exempt` specifies how requests are handled for an exempt priority level." + ' This field MUST be empty if `type` is `"Limited"`. This field MAY be' + ' non-empty if `type` is `"Exempt"`. If empty and `type` is `"Exempt"` then' + " the default values for `ExemptPriorityLevelConfiguration` apply." + ), + ) + limited: Optional[LimitedPriorityLevelConfiguration] = Field( + default=None, + description=( + "`limited` specifies how requests are handled for a Limited priority level." + ' This field must be non-empty if and only if `type` is `"Limited"`.' + ), + ) + type: str = Field( + ..., + description=( + "`type` indicates whether this priority level is subject to limitation on" + ' request execution. A value of `"Exempt"` means that requests of this' + " priority level are not subject to a limit (and thus are never queued) and" + " do not detract from the capacity made available to other priority levels." + ' A value of `"Limited"` means that (a) requests of this priority level' + " _are_ subject to limits and (b) some of the server's limited capacity is" + " made available exclusively to this priority level. Required." + ), + ) + + +class Subject(BaseModel): + group: Optional[GroupSubject] = Field( + default=None, description="`group` matches based on user group name." + ) + kind: str = Field( + ..., + description=( + "`kind` indicates which one of the other fields is non-empty. Required" + ), + ) + serviceAccount: Optional[ServiceAccountSubject] = Field( + default=None, description="`serviceAccount` matches ServiceAccounts." + ) + user: Optional[UserSubject] = Field( + default=None, description="`user` matches based on username." + ) + + +class PolicyRulesWithSubjects(BaseModel): + nonResourceRules: Optional[List[NonResourcePolicyRule]] = Field( + default=None, + description=( + "`nonResourceRules` is a list of NonResourcePolicyRules that identify" + " matching requests according to their verb and the target non-resource" + " URL." + ), + ) + resourceRules: Optional[List[ResourcePolicyRule]] = Field( + default=None, + description=( + "`resourceRules` is a slice of ResourcePolicyRules that identify matching" + " requests according to their verb and the target resource. At least one of" + " `resourceRules` and `nonResourceRules` has to be non-empty." + ), + ) + subjects: List[Subject] = Field( + ..., + description=( + "subjects is the list of normal user, serviceaccount, or group that this" + " rule cares about. There must be at least one member in this slice. A" + " slice that includes both the system:authenticated and" + " system:unauthenticated user groups matches every request. Required." + ), + ) + + +class PriorityLevelConfiguration(BaseModel): + apiVersion: Optional[str] = Field( + default="flowcontrol.apiserver.k8s.io/v1beta3", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="PriorityLevelConfiguration", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "`metadata` is the standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[PriorityLevelConfigurationSpec] = Field( + default=None, + description=( + "`spec` is the specification of the desired behavior of a" + ' "request-priority". More info:' + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + status: Optional[PriorityLevelConfigurationStatus] = Field( + default=None, + description=( + '`status` is the current status of a "request-priority". More info:' + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class PriorityLevelConfigurationList(BaseModel): + apiVersion: Optional[str] = Field( + default="flowcontrol.apiserver.k8s.io/v1beta3", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[PriorityLevelConfiguration] = Field( + ..., description="`items` is a list of request-priorities." + ) + kind: Optional[str] = Field( + default="PriorityLevelConfigurationList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "`metadata` is the standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + + +class FlowSchemaSpec(BaseModel): + distinguisherMethod: Optional[FlowDistinguisherMethod] = Field( + default=None, + description=( + "`distinguisherMethod` defines how to compute the flow distinguisher for" + " requests that match this schema. `nil` specifies that the distinguisher" + " is disabled and thus will always be the empty string." + ), + ) + matchingPrecedence: Optional[int] = Field( + default=0, + description=( + "`matchingPrecedence` is used to choose among the FlowSchemas that match a" + " given request. The chosen FlowSchema is among those with the numerically" + " lowest (which we take to be logically highest) MatchingPrecedence. Each" + " MatchingPrecedence value must be ranged in [1,10000]. Note that if the" + " precedence is not specified, it will be set to 1000 as default." + ), + ) + priorityLevelConfiguration: PriorityLevelConfigurationReference = Field( + ..., + description=( + "`priorityLevelConfiguration` should reference a PriorityLevelConfiguration" + " in the cluster. If the reference cannot be resolved, the FlowSchema will" + " be ignored and marked as invalid in its status. Required." + ), + ) + rules: Optional[List[PolicyRulesWithSubjects]] = Field( + default=None, + description=( + "`rules` describes which requests will match this flow schema. This" + " FlowSchema matches a request if and only if at least one member of rules" + " matches the request. if it is an empty slice, there will be no requests" + " matching the FlowSchema." + ), + ) + + +class FlowSchema(BaseModel): + apiVersion: Optional[str] = Field( + default="flowcontrol.apiserver.k8s.io/v1beta3", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="FlowSchema", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "`metadata` is the standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[FlowSchemaSpec] = Field( + default=None, + description=( + "`spec` is the specification of the desired behavior of a FlowSchema. More" + " info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + status: Optional[FlowSchemaStatus] = Field( + default=None, + description=( + "`status` is the current status of a FlowSchema. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class FlowSchemaList(BaseModel): + apiVersion: Optional[str] = Field( + default="flowcontrol.apiserver.k8s.io/v1beta3", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[FlowSchema] = Field( + ..., description="`items` is a list of FlowSchemas." + ) + kind: Optional[str] = Field( + default="FlowSchemaList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "`metadata` is the standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) diff --git a/src/kubedantic/models/io/k8s/api/networking/__init__.py b/src/kubedantic/models/io/k8s/api/networking/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/networking/v1.py b/src/kubedantic/models/io/k8s/api/networking/v1.py new file mode 100644 index 0000000..787062a --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/networking/v1.py @@ -0,0 +1,733 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from enum import Enum +from typing import List, Optional, Union + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 +from ..core import v1 as v1_1 + + +class PathType(Enum): + Exact = "Exact" + ImplementationSpecific = "ImplementationSpecific" + Prefix = "Prefix" + + +class IPBlock(BaseModel): + cidr: str = Field( + ..., + description=( + "cidr is a string representing the IPBlock Valid examples are" + ' "192.168.1.0/24" or "2001:db8::/64"' + ), + ) + except_: Optional[List[str]] = Field( + default=None, + alias="except", + description=( + "except is a slice of CIDRs that should not be included within an IPBlock" + ' Valid examples are "192.168.1.0/24" or "2001:db8::/64" Except values will' + " be rejected if they are outside the cidr range" + ), + ) + + +class IngressClassParametersReference(BaseModel): + apiGroup: Optional[str] = Field( + default=None, + description=( + "apiGroup is the group for the resource being referenced. If APIGroup is" + " not specified, the specified Kind must be in the core API group. For any" + " other third-party types, APIGroup is required." + ), + ) + kind: str = Field(..., description="kind is the type of resource being referenced.") + name: str = Field(..., description="name is the name of resource being referenced.") + namespace: Optional[str] = Field( + default=None, + description=( + "namespace is the namespace of the resource being referenced. This field is" + ' required when scope is set to "Namespace" and must be unset when scope is' + ' set to "Cluster".' + ), + ) + scope: Optional[str] = Field( + default=None, + description=( + "scope represents if this refers to a cluster or namespace scoped resource." + ' This may be set to "Cluster" (default) or "Namespace".' + ), + ) + + +class IngressClassSpec(BaseModel): + controller: Optional[str] = Field( + default=None, + description=( + "controller refers to the name of the controller that should handle this" + ' class. This allows for different "flavors" that are controlled by the' + " same controller. For example, you may have different parameters for the" + " same implementing controller. This should be specified as a" + " domain-prefixed path no more than 250 characters in length, e.g." + ' "acme.io/ingress-controller". This field is immutable.' + ), + ) + parameters: Optional[IngressClassParametersReference] = Field( + default=None, + description=( + "parameters is a link to a custom resource containing additional" + " configuration for the controller. This is optional if the controller does" + " not require extra parameters." + ), + ) + + +class Protocol(Enum): + SCTP = "SCTP" + TCP = "TCP" + UDP = "UDP" + + +class IngressPortStatus(BaseModel): + error: Optional[str] = Field( + default=None, + description=( + "error is to record the problem with the service port The format of the" + " error shall comply with the following rules: - built-in error values" + " shall be specified in this file and those shall use\n CamelCase names\n-" + " cloud provider specific error values must have names that comply with" + " the\n format foo.example.com/CamelCase." + ), + ) + port: int = Field(..., description="port is the port number of the ingress port.") + protocol: Protocol = Field( + ..., + description=( + "protocol is the protocol of the ingress port. The supported values are:" + ' "TCP", "UDP", "SCTP"\n\nPossible enum values:\n - `"SCTP"` is the SCTP' + ' protocol.\n - `"TCP"` is the TCP protocol.\n - `"UDP"` is the UDP' + " protocol." + ), + ) + + +class IngressTLS(BaseModel): + hosts: Optional[List[str]] = Field( + default=None, + description=( + "hosts is a list of hosts included in the TLS certificate. The values in" + " this list must match the name/s used in the tlsSecret. Defaults to the" + " wildcard host setting for the loadbalancer controller fulfilling this" + " Ingress, if left unspecified." + ), + ) + secretName: Optional[str] = Field( + default=None, + description=( + "secretName is the name of the secret used to terminate TLS traffic on port" + " 443. Field is left optional to allow TLS routing based on SNI hostname" + ' alone. If the SNI host in a listener conflicts with the "Host" header' + " field used by an IngressRule, the SNI host is used for termination and" + ' value of the "Host" header is used for routing.' + ), + ) + + +class NetworkPolicyPort(BaseModel): + endPort: Optional[int] = Field( + default=None, + description=( + "endPort indicates that the range of ports from port to endPort if set," + " inclusive, should be allowed by the policy. This field cannot be defined" + " if the port field is not defined or if the port field is defined as a" + " named (string) port. The endPort must be equal or greater than port." + ), + ) + port: Optional[Union[int, str]] = Field( + default=None, + description=( + "port represents the port on the given protocol. This can either be a" + " numerical or named port on a pod. If this field is not provided, this" + " matches all port names and numbers. If present, only traffic on the" + " specified protocol AND port will be matched." + ), + ) + protocol: Optional[Protocol] = Field( + default="", + description=( + "protocol represents the protocol (TCP, UDP, or SCTP) which traffic must" + " match. If not specified, this field defaults to TCP.\n\nPossible enum" + ' values:\n - `"SCTP"` is the SCTP protocol.\n - `"TCP"` is the TCP' + ' protocol.\n - `"UDP"` is the UDP protocol.' + ), + ) + + +class PolicyType(Enum): + Egress = "Egress" + Ingress = "Ingress" + + +class ServiceBackendPort(BaseModel): + name: Optional[str] = Field( + default=None, + description=( + "name is the name of the port on the Service. This is a mutually exclusive" + ' setting with "Number".' + ), + ) + number: Optional[int] = Field( + default=None, + description=( + "number is the numerical port number (e.g. 80) on the Service. This is a" + ' mutually exclusive setting with "Name".' + ), + ) + + +class IngressClass(BaseModel): + apiVersion: Optional[str] = Field( + default="networking.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="IngressClass", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[IngressClassSpec] = Field( + default=None, + description=( + "spec is the desired state of the IngressClass. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class IngressClassList(BaseModel): + apiVersion: Optional[str] = Field( + default="networking.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[IngressClass] = Field( + ..., description="items is the list of IngressClasses." + ) + kind: Optional[str] = Field( + default="IngressClassList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, description="Standard list metadata." + ) + + +class IngressLoadBalancerIngress(BaseModel): + hostname: Optional[str] = Field( + default=None, + description=( + "hostname is set for load-balancer ingress points that are DNS based." + ), + ) + ip: Optional[str] = Field( + default=None, + description="ip is set for load-balancer ingress points that are IP based.", + ) + ports: Optional[List[IngressPortStatus]] = Field( + default=None, + description=( + "ports provides information about the ports exposed by this LoadBalancer." + ), + ) + + +class IngressLoadBalancerStatus(BaseModel): + ingress: Optional[List[IngressLoadBalancerIngress]] = Field( + default=None, + description=( + "ingress is a list containing ingress points for the load-balancer." + ), + ) + + +class IngressServiceBackend(BaseModel): + name: str = Field( + ..., + description=( + "name is the referenced service. The service must exist in the same" + " namespace as the Ingress object." + ), + ) + port: Optional[ServiceBackendPort] = Field( + default=None, + description=( + "port of the referenced service. A port name or port number is required for" + " a IngressServiceBackend." + ), + ) + + +class IngressStatus(BaseModel): + loadBalancer: Optional[IngressLoadBalancerStatus] = Field( + default=None, + description="loadBalancer contains the current status of the load-balancer.", + ) + + +class NetworkPolicyPeer(BaseModel): + ipBlock: Optional[IPBlock] = Field( + default=None, + description=( + "ipBlock defines policy on a particular IPBlock. If this field is set then" + " neither of the other fields can be." + ), + ) + namespaceSelector: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "namespaceSelector selects namespaces using cluster-scoped labels. This" + " field follows standard label selector semantics; if present but empty, it" + " selects all namespaces.\n\nIf podSelector is also set, then the" + " NetworkPolicyPeer as a whole selects the pods matching podSelector in the" + " namespaces selected by namespaceSelector. Otherwise it selects all pods" + " in the namespaces selected by namespaceSelector." + ), + ) + podSelector: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "podSelector is a label selector which selects pods. This field follows" + " standard label selector semantics; if present but empty, it selects all" + " pods.\n\nIf namespaceSelector is also set, then the NetworkPolicyPeer as" + " a whole selects the pods matching podSelector in the Namespaces selected" + " by NamespaceSelector. Otherwise it selects the pods matching podSelector" + " in the policy's own namespace." + ), + ) + + +class IngressBackend(BaseModel): + resource: Optional[v1_1.TypedLocalObjectReference] = Field( + default=None, + description=( + "resource is an ObjectRef to another Kubernetes resource in the namespace" + " of the Ingress object. If resource is specified, a service.Name and" + " service.Port must not be specified. This is a mutually exclusive setting" + ' with "Service".' + ), + ) + service: Optional[IngressServiceBackend] = Field( + default=None, + description=( + "service references a service as a backend. This is a mutually exclusive" + ' setting with "Resource".' + ), + ) + + +class NetworkPolicyEgressRule(BaseModel): + ports: Optional[List[NetworkPolicyPort]] = Field( + default=None, + description=( + "ports is a list of destination ports for outgoing traffic. Each item in" + " this list is combined using a logical OR. If this field is empty or" + " missing, this rule matches all ports (traffic not restricted by port). If" + " this field is present and contains at least one item, then this rule" + " allows traffic only if the traffic matches at least one port in the list." + ), + ) + to: Optional[List[NetworkPolicyPeer]] = Field( + default=None, + description=( + "to is a list of destinations for outgoing traffic of pods selected for" + " this rule. Items in this list are combined using a logical OR operation." + " If this field is empty or missing, this rule matches all destinations" + " (traffic not restricted by destination). If this field is present and" + " contains at least one item, this rule allows traffic only if the traffic" + " matches at least one item in the to list." + ), + ) + + +class NetworkPolicyIngressRule(BaseModel): + from_: Optional[List[NetworkPolicyPeer]] = Field( + default=None, + alias="from", + description=( + "from is a list of sources which should be able to access the pods selected" + " for this rule. Items in this list are combined using a logical OR" + " operation. If this field is empty or missing, this rule matches all" + " sources (traffic not restricted by source). If this field is present and" + " contains at least one item, this rule allows traffic only if the traffic" + " matches at least one item in the from list." + ), + ) + ports: Optional[List[NetworkPolicyPort]] = Field( + default=None, + description=( + "ports is a list of ports which should be made accessible on the pods" + " selected for this rule. Each item in this list is combined using a" + " logical OR. If this field is empty or missing, this rule matches all" + " ports (traffic not restricted by port). If this field is present and" + " contains at least one item, then this rule allows traffic only if the" + " traffic matches at least one port in the list." + ), + ) + + +class NetworkPolicySpec(BaseModel): + egress: Optional[List[NetworkPolicyEgressRule]] = Field( + default=None, + description=( + "egress is a list of egress rules to be applied to the selected pods." + " Outgoing traffic is allowed if there are no NetworkPolicies selecting the" + " pod (and cluster policy otherwise allows the traffic), OR if the traffic" + " matches at least one egress rule across all of the NetworkPolicy objects" + " whose podSelector matches the pod. If this field is empty then this" + " NetworkPolicy limits all outgoing traffic (and serves solely to ensure" + " that the pods it selects are isolated by default). This field is" + " beta-level in 1.8" + ), + ) + ingress: Optional[List[NetworkPolicyIngressRule]] = Field( + default=None, + description=( + "ingress is a list of ingress rules to be applied to the selected pods." + " Traffic is allowed to a pod if there are no NetworkPolicies selecting the" + " pod (and cluster policy otherwise allows the traffic), OR if the traffic" + " source is the pod's local node, OR if the traffic matches at least one" + " ingress rule across all of the NetworkPolicy objects whose podSelector" + " matches the pod. If this field is empty then this NetworkPolicy does not" + " allow any traffic (and serves solely to ensure that the pods it selects" + " are isolated by default)" + ), + ) + podSelector: v1.LabelSelector = Field( + ..., + description=( + "podSelector selects the pods to which this NetworkPolicy object applies." + " The array of ingress rules is applied to any pods selected by this field." + " Multiple network policies can select the same set of pods. In this case," + " the ingress rules for each are combined additively. This field is NOT" + " optional and follows standard label selector semantics. An empty" + " podSelector matches all pods in this namespace." + ), + ) + policyTypes: Optional[List[PolicyType]] = Field( + default=None, + description=( + "policyTypes is a list of rule types that the NetworkPolicy relates to." + ' Valid options are ["Ingress"], ["Egress"], or ["Ingress", "Egress"]. If' + " this field is not specified, it will default based on the existence of" + " ingress or egress rules; policies that contain an egress section are" + " assumed to affect egress, and all policies (whether or not they contain" + " an ingress section) are assumed to affect ingress. If you want to write" + ' an egress-only policy, you must explicitly specify policyTypes [ "Egress"' + " ]. Likewise, if you want to write a policy that specifies that no egress" + ' is allowed, you must specify a policyTypes value that include "Egress"' + " (since such a policy would not include an egress section and would" + ' otherwise default to just [ "Ingress" ]). This field is beta-level in 1.8' + ), + ) + + +class HTTPIngressPath(BaseModel): + backend: IngressBackend = Field( + ..., + description=( + "backend defines the referenced service endpoint to which the traffic will" + " be forwarded to." + ), + ) + path: Optional[str] = Field( + default=None, + description=( + "path is matched against the path of an incoming request. Currently it can" + ' contain characters disallowed from the conventional "path" part of a URL' + " as defined by RFC 3986. Paths must begin with a '/' and must be present" + ' when using PathType with value "Exact" or "Prefix".' + ), + ) + pathType: PathType = Field( + ..., + description=( + "pathType determines the interpretation of the path matching. PathType can" + " be one of the following values: * Exact: Matches the URL path exactly. *" + " Prefix: Matches based on a URL path prefix split by '/'. Matching is\n " + " done on a path element by element basis. A path element refers is the\n " + " list of labels in the path split by the '/' separator. A request is a\n " + " match for path p if every p is an element-wise prefix of p of the\n " + " request path. Note that if the last element of the path is a substring\n " + " of the last element in request path, it is not a match (e.g. /foo/bar\n " + " matches /foo/bar/baz, but does not match /foo/barbaz).\n*" + " ImplementationSpecific: Interpretation of the Path matching is up to\n " + " the IngressClass. Implementations can treat this as a separate PathType\n" + " or treat it identically to Prefix or Exact path types.\nImplementations" + " are required to support all path types.\n\nPossible enum values:\n -" + ' `"Exact"` matches the URL path exactly and with case sensitivity.\n -' + ' `"ImplementationSpecific"` matching is up to the IngressClass.' + " Implementations can treat this as a separate PathType or treat it" + ' identically to Prefix or Exact path types.\n - `"Prefix"` matches based' + " on a URL path prefix split by '/'. Matching is case sensitive and done on" + " a path element by element basis. A path element refers to the list of" + " labels in the path split by the '/' separator. A request is a match for" + " path p if every p is an element-wise prefix of p of the request path." + " Note that if the last element of the path is a substring of the last" + " element in request path, it is not a match (e.g. /foo/bar matches" + " /foo/bar/baz, but does not match /foo/barbaz). If multiple matching paths" + " exist in an Ingress spec, the longest matching path is given priority." + " Examples: - /foo/bar does not match requests to /foo/barbaz - /foo/bar" + " matches request to /foo/bar and /foo/bar/baz - /foo and /foo/ both match" + " requests to /foo and /foo/. If both paths are present in an Ingress spec," + " the longest matching path (/foo/) is given priority." + ), + ) + + +class HTTPIngressRuleValue(BaseModel): + paths: List[HTTPIngressPath] = Field( + ..., description="paths is a collection of paths that map requests to backends." + ) + + +class IngressRule(BaseModel): + host: Optional[str] = Field( + default=None, + description=( + "host is the fully qualified domain name of a network host, as defined by" + ' RFC 3986. Note the following deviations from the "host" part of the URI' + " as defined in RFC 3986: 1. IPs are not allowed. Currently an" + " IngressRuleValue can only apply to\n the IP in the Spec of the parent" + " Ingress.\n2. The `:` delimiter is not respected because ports are not" + " allowed.\n\t Currently the port of an Ingress is implicitly :80 for http" + " and\n\t :443 for https.\nBoth these may change in the future. Incoming" + " requests are matched against the host before the IngressRuleValue. If the" + " host is unspecified, the Ingress routes all traffic based on the" + ' specified IngressRuleValue.\n\nhost can be "precise" which is a domain' + ' name without the terminating dot of a network host (e.g. "foo.bar.com")' + ' or "wildcard", which is a domain name prefixed with a single wildcard' + " label (e.g. \"*.foo.com\"). The wildcard character '*' must appear by" + " itself as the first DNS label and matches only a single label. You cannot" + ' have a wildcard label by itself (e.g. Host == "*"). Requests will be' + " matched against the Host field in the following way: 1. If host is" + " precise, the request matches this rule if the http host header is equal" + " to Host. 2. If host is a wildcard, then the request matches this rule if" + " the http host header is to equal to the suffix (removing the first label)" + " of the wildcard rule." + ), + ) + http: Optional[HTTPIngressRuleValue] = None + + +class IngressSpec(BaseModel): + defaultBackend: Optional[IngressBackend] = Field( + default=None, + description=( + "defaultBackend is the backend that should handle requests that don't match" + " any rule. If Rules are not specified, DefaultBackend must be specified." + " If DefaultBackend is not set, the handling of requests that do not match" + " any of the rules will be up to the Ingress controller." + ), + ) + ingressClassName: Optional[str] = Field( + default=None, + description=( + "ingressClassName is the name of an IngressClass cluster resource. Ingress" + " controller implementations use this field to know whether they should be" + " serving this Ingress resource, by a transitive connection (controller ->" + " IngressClass -> Ingress resource). Although the" + " `kubernetes.io/ingress.class` annotation (simple constant name) was never" + " formally defined, it was widely supported by Ingress controllers to" + " create a direct binding between Ingress controller and Ingress resources." + " Newly created Ingress resources should prefer using the field. However," + " even though the annotation is officially deprecated, for backwards" + " compatibility reasons, ingress controllers should still honor that" + " annotation if present." + ), + ) + rules: Optional[List[IngressRule]] = Field( + default=None, + description=( + "rules is a list of host rules used to configure the Ingress. If" + " unspecified, or no rule matches, all traffic is sent to the default" + " backend." + ), + ) + tls: Optional[List[IngressTLS]] = Field( + default=None, + description=( + "tls represents the TLS configuration. Currently the Ingress only supports" + " a single TLS port, 443. If multiple members of this list specify" + " different hosts, they will be multiplexed on the same port according to" + " the hostname specified through the SNI TLS extension, if the ingress" + " controller fulfilling the ingress supports SNI." + ), + ) + + +class NetworkPolicy(BaseModel): + apiVersion: Optional[str] = Field( + default="networking.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="NetworkPolicy", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[NetworkPolicySpec] = Field( + default=None, + description=( + "spec represents the specification of the desired behavior for this" + " NetworkPolicy." + ), + ) + + +class NetworkPolicyList(BaseModel): + apiVersion: Optional[str] = Field( + default="networking.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[NetworkPolicy] = Field( + ..., description="items is a list of schema objects." + ) + kind: Optional[str] = Field( + default="NetworkPolicyList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + + +class Ingress(BaseModel): + apiVersion: Optional[str] = Field( + default="networking.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="Ingress", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[IngressSpec] = Field( + default=None, + description=( + "spec is the desired state of the Ingress. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + status: Optional[IngressStatus] = Field( + default=None, + description=( + "status is the current state of the Ingress. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class IngressList(BaseModel): + apiVersion: Optional[str] = Field( + default="networking.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[Ingress] = Field(..., description="items is the list of Ingress.") + kind: Optional[str] = Field( + default="IngressList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) diff --git a/src/kubedantic/models/io/k8s/api/node/__init__.py b/src/kubedantic/models/io/k8s/api/node/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/node/v1.py b/src/kubedantic/models/io/k8s/api/node/v1.py new file mode 100644 index 0000000..6302ebc --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/node/v1.py @@ -0,0 +1,132 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from typing import Dict, List, Optional, Union + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 as v1_1 +from ..core import v1 + + +class Overhead(BaseModel): + podFixed: Optional[Dict[str, Union[str, float]]] = Field( + default=None, + description=( + "podFixed represents the fixed resource overhead associated with running a" + " pod." + ), + ) + + +class Scheduling(BaseModel): + nodeSelector: Optional[Dict[str, str]] = Field( + default=None, + description=( + "nodeSelector lists labels that must be present on nodes that support this" + " RuntimeClass. Pods using this RuntimeClass can only be scheduled to a" + " node matched by this selector. The RuntimeClass nodeSelector is merged" + " with a pod's existing nodeSelector. Any conflicts will cause the pod to" + " be rejected in admission." + ), + ) + tolerations: Optional[List[v1.Toleration]] = Field( + default=None, + description=( + "tolerations are appended (excluding duplicates) to pods running with this" + " RuntimeClass during admission, effectively unioning the set of nodes" + " tolerated by the pod and the RuntimeClass." + ), + ) + + +class RuntimeClass(BaseModel): + apiVersion: Optional[str] = Field( + default="node.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + handler: str = Field( + ..., + description=( + "handler specifies the underlying runtime and configuration that the CRI" + " implementation will use to handle pods of this class. The possible values" + " are specific to the node & CRI configuration. It is assumed that all" + " handlers are available on every node, and handlers of the same name are" + ' equivalent on every node. For example, a handler called "runc" might' + " specify that the runc OCI runtime (using native Linux containers) will be" + " used to run the containers in a pod. The Handler must be lowercase," + " conform to the DNS Label (RFC 1123) requirements, and is immutable." + ), + ) + kind: Optional[str] = Field( + default="RuntimeClass", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1_1.ObjectMeta] = Field( + default=None, + description=( + "More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + overhead: Optional[Overhead] = Field( + default=None, + description=( + "overhead represents the resource overhead associated with running a pod" + " for a given RuntimeClass. For more details, see\n" + " https://kubernetes.io/docs/concepts/scheduling-eviction/pod-overhead/" + ), + ) + scheduling: Optional[Scheduling] = Field( + default=None, + description=( + "scheduling holds the scheduling constraints to ensure that pods running" + " with this RuntimeClass are scheduled to nodes that support it. If" + " scheduling is nil, this RuntimeClass is assumed to be supported by all" + " nodes." + ), + ) + + +class RuntimeClassList(BaseModel): + apiVersion: Optional[str] = Field( + default="node.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[RuntimeClass] = Field( + ..., description="items is a list of schema objects." + ) + kind: Optional[str] = Field( + default="RuntimeClassList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1_1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) diff --git a/src/kubedantic/models/io/k8s/api/policy/__init__.py b/src/kubedantic/models/io/k8s/api/policy/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/policy/v1.py b/src/kubedantic/models/io/k8s/api/policy/v1.py new file mode 100644 index 0000000..525abf7 --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/policy/v1.py @@ -0,0 +1,231 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from enum import Enum +from typing import Dict, List, Optional, Union + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 + + +class UnhealthyPodEvictionPolicy(Enum): + AlwaysAllow = "AlwaysAllow" + IfHealthyBudget = "IfHealthyBudget" + + +class PodDisruptionBudgetSpec(BaseModel): + maxUnavailable: Optional[Union[int, str]] = Field( + default=None, + description=( + 'An eviction is allowed if at most "maxUnavailable" pods selected by' + ' "selector" are unavailable after the eviction, i.e. even in absence of' + " the evicted pod. For example, one can prevent all voluntary evictions by" + ' specifying 0. This is a mutually exclusive setting with "minAvailable".' + ), + ) + minAvailable: Optional[Union[int, str]] = Field( + default=None, + description=( + 'An eviction is allowed if at least "minAvailable" pods selected by' + ' "selector" will still be available after the eviction, i.e. even in the' + " absence of the evicted pod. So for example you can prevent all voluntary" + ' evictions by specifying "100%".' + ), + ) + selector: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "Label query over pods whose evictions are managed by the disruption" + " budget. A null selector will match no pods, while an empty ({}) selector" + " will select all pods within the namespace." + ), + ) + unhealthyPodEvictionPolicy: Optional[UnhealthyPodEvictionPolicy] = Field( + default=None, + description=( + "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods" + " should be considered for eviction. Current implementation considers" + " healthy pods, as pods that have status.conditions item with" + ' type="Ready",status="True".\n\nValid policies are IfHealthyBudget and' + " AlwaysAllow. If no policy is specified, the default behavior will be" + " used, which corresponds to the IfHealthyBudget policy.\n\nIfHealthyBudget" + ' policy means that running pods (status.phase="Running"), but not yet' + " healthy can be evicted only if the guarded application is not disrupted" + " (status.currentHealthy is at least equal to status.desiredHealthy)." + " Healthy pods will be subject to the PDB for eviction.\n\nAlwaysAllow" + ' policy means that all running pods (status.phase="Running"), but not yet' + " healthy are considered disrupted and can be evicted regardless of whether" + " the criteria in a PDB is met. This means perspective running pods of a" + " disrupted application might not get a chance to become healthy. Healthy" + " pods will be subject to the PDB for eviction.\n\nAdditional policies may" + " be added in the future. Clients making eviction decisions should disallow" + " eviction of unhealthy pods if they encounter an unrecognized policy in" + " this field.\n\nThis field is beta-level. The eviction API uses this field" + " when the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled" + ' by default).\n\nPossible enum values:\n - `"AlwaysAllow"` policy means' + ' that all running pods (status.phase="Running"), but not yet healthy are' + " considered disrupted and can be evicted regardless of whether the" + " criteria in a PDB is met. This means perspective running pods of a" + " disrupted application might not get a chance to become healthy. Healthy" + ' pods will be subject to the PDB for eviction.\n - `"IfHealthyBudget"`' + ' policy means that running pods (status.phase="Running"), but not yet' + " healthy can be evicted only if the guarded application is not disrupted" + " (status.currentHealthy is at least equal to status.desiredHealthy)." + " Healthy pods will be subject to the PDB for eviction." + ), + ) + + +class PodDisruptionBudgetStatus(BaseModel): + conditions: Optional[List[v1.Condition]] = Field( + default=None, + description=( + "Conditions contain conditions for PDB. The disruption controller sets the" + " DisruptionAllowed condition. The following are known values for the" + " reason field (additional reasons could be added in the future): -" + " SyncFailed: The controller encountered an error and wasn't able to" + " compute\n the number of allowed disruptions. Therefore no" + " disruptions are\n allowed and the status of the condition" + " will be False.\n- InsufficientPods: The number of pods are either at or" + " below the number\n required by the" + " PodDisruptionBudget. No disruptions are\n allowed and" + " the status of the condition will be False.\n- SufficientPods: There are" + " more pods than required by the PodDisruptionBudget.\n " + " The condition will be True, and the number of allowed\n " + " disruptions are provided by the disruptionsAllowed property." + ), + ) + currentHealthy: int = Field(..., description="current number of healthy pods") + desiredHealthy: int = Field( + ..., description="minimum desired number of healthy pods" + ) + disruptedPods: Optional[Dict[str, datetime]] = Field( + default=None, + description=( + "DisruptedPods contains information about pods whose eviction was processed" + " by the API server eviction subresource handler but has not yet been" + " observed by the PodDisruptionBudget controller. A pod will be in this map" + " from the time when the API server processed the eviction request to the" + " time when the pod is seen by PDB controller as having been marked for" + " deletion (or after a timeout). The key in the map is the name of the pod" + " and the value is the time when the API server processed the eviction" + " request. If the deletion didn't occur and a pod is still there it will be" + " removed from the list automatically by PodDisruptionBudget controller" + " after some time. If everything goes smooth this map should be empty for" + " the most of the time. Large number of entries in the map may indicate" + " problems with pod deletions." + ), + ) + disruptionsAllowed: int = Field( + ..., description="Number of pod disruptions that are currently allowed." + ) + expectedPods: int = Field( + ..., description="total number of pods counted by this disruption budget" + ) + observedGeneration: Optional[int] = Field( + default=None, + description=( + "Most recent generation observed when updating this PDB status." + " DisruptionsAllowed and other status information is valid only if" + " observedGeneration equals to PDB's object generation." + ), + ) + + +class Eviction(BaseModel): + apiVersion: Optional[str] = Field( + default="policy/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + deleteOptions: Optional[v1.DeleteOptions] = Field( + default=None, description="DeleteOptions may be provided" + ) + kind: Optional[str] = Field( + default="Eviction", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, description="ObjectMeta describes the pod that is being evicted." + ) + + +class PodDisruptionBudget(BaseModel): + apiVersion: Optional[str] = Field( + default="policy/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="PodDisruptionBudget", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[PodDisruptionBudgetSpec] = Field( + default=None, + description="Specification of the desired behavior of the PodDisruptionBudget.", + ) + status: Optional[PodDisruptionBudgetStatus] = Field( + default=None, + description="Most recently observed status of the PodDisruptionBudget.", + ) + + +class PodDisruptionBudgetList(BaseModel): + apiVersion: Optional[str] = Field( + default="policy/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[PodDisruptionBudget] = Field( + ..., description="Items is a list of PodDisruptionBudgets" + ) + kind: Optional[str] = Field( + default="PodDisruptionBudgetList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) diff --git a/src/kubedantic/models/io/k8s/api/rbac/__init__.py b/src/kubedantic/models/io/k8s/api/rbac/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/rbac/v1.py b/src/kubedantic/models/io/k8s/api/rbac/v1.py new file mode 100644 index 0000000..1c9229b --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/rbac/v1.py @@ -0,0 +1,339 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from typing import List, Optional + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 + + +class PolicyRule(BaseModel): + apiGroups: Optional[List[str]] = Field( + default=None, + description=( + "APIGroups is the name of the APIGroup that contains the resources. If" + " multiple API groups are specified, any action requested against one of" + ' the enumerated resources in any API group will be allowed. "" represents' + ' the core API group and "*" represents all API groups.' + ), + ) + nonResourceURLs: Optional[List[str]] = Field( + default=None, + description=( + "NonResourceURLs is a set of partial urls that a user should have access" + " to. *s are allowed, but only as the full, final step in the path Since" + " non-resource URLs are not namespaced, this field is only applicable for" + " ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply" + ' to API resources (such as "pods" or "secrets") or non-resource URL paths' + ' (such as "/api"), but not both.' + ), + ) + resourceNames: Optional[List[str]] = Field( + default=None, + description=( + "ResourceNames is an optional white list of names that the rule applies to." + " An empty set means that everything is allowed." + ), + ) + resources: Optional[List[str]] = Field( + default=None, + description=( + "Resources is a list of resources this rule applies to. '*' represents all" + " resources." + ), + ) + verbs: List[str] = Field( + ..., + description=( + "Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in" + " this rule. '*' represents all verbs." + ), + ) + + +class RoleRef(BaseModel): + apiGroup: str = Field( + ..., description="APIGroup is the group for the resource being referenced" + ) + kind: str = Field(..., description="Kind is the type of resource being referenced") + name: str = Field(..., description="Name is the name of resource being referenced") + + +class Subject(BaseModel): + apiGroup: Optional[str] = Field( + default=None, + description=( + 'APIGroup holds the API group of the referenced subject. Defaults to "" for' + ' ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" for User' + " and Group subjects." + ), + ) + kind: str = Field( + ..., + description=( + "Kind of object being referenced. Values defined by this API group are" + ' "User", "Group", and "ServiceAccount". If the Authorizer does not' + " recognized the kind value, the Authorizer should report an error." + ), + ) + name: str = Field(..., description="Name of the object being referenced.") + namespace: Optional[str] = Field( + default=None, + description=( + "Namespace of the referenced object. If the object kind is non-namespace," + ' such as "User" or "Group", and this value is not empty the Authorizer' + " should report an error." + ), + ) + + +class AggregationRule(BaseModel): + clusterRoleSelectors: Optional[List[v1.LabelSelector]] = Field( + default=None, + description=( + "ClusterRoleSelectors holds a list of selectors which will be used to find" + " ClusterRoles and create the rules. If any of the selectors match, then" + " the ClusterRole's permissions will be added" + ), + ) + + +class ClusterRole(BaseModel): + aggregationRule: Optional[AggregationRule] = Field( + default=None, + description=( + "AggregationRule is an optional field that describes how to build the Rules" + " for this ClusterRole. If AggregationRule is set, then the Rules are" + " controller managed and direct changes to Rules will be stomped by the" + " controller." + ), + ) + apiVersion: Optional[str] = Field( + default="rbac.authorization.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="ClusterRole", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, description="Standard object's metadata." + ) + rules: Optional[List[PolicyRule]] = Field( + default=None, description="Rules holds all the PolicyRules for this ClusterRole" + ) + + +class ClusterRoleBinding(BaseModel): + apiVersion: Optional[str] = Field( + default="rbac.authorization.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="ClusterRoleBinding", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, description="Standard object's metadata." + ) + roleRef: RoleRef = Field( + ..., + description=( + "RoleRef can only reference a ClusterRole in the global namespace. If the" + " RoleRef cannot be resolved, the Authorizer must return an error. This" + " field is immutable." + ), + ) + subjects: Optional[List[Subject]] = Field( + default=None, + description="Subjects holds references to the objects the role applies to.", + ) + + +class ClusterRoleBindingList(BaseModel): + apiVersion: Optional[str] = Field( + default="rbac.authorization.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[ClusterRoleBinding] = Field( + ..., description="Items is a list of ClusterRoleBindings" + ) + kind: Optional[str] = Field( + default="ClusterRoleBindingList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, description="Standard object's metadata." + ) + + +class ClusterRoleList(BaseModel): + apiVersion: Optional[str] = Field( + default="rbac.authorization.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[ClusterRole] = Field(..., description="Items is a list of ClusterRoles") + kind: Optional[str] = Field( + default="ClusterRoleList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, description="Standard object's metadata." + ) + + +class Role(BaseModel): + apiVersion: Optional[str] = Field( + default="rbac.authorization.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="Role", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, description="Standard object's metadata." + ) + rules: Optional[List[PolicyRule]] = Field( + default=None, description="Rules holds all the PolicyRules for this Role" + ) + + +class RoleBinding(BaseModel): + apiVersion: Optional[str] = Field( + default="rbac.authorization.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="RoleBinding", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, description="Standard object's metadata." + ) + roleRef: RoleRef = Field( + ..., + description=( + "RoleRef can reference a Role in the current namespace or a ClusterRole in" + " the global namespace. If the RoleRef cannot be resolved, the Authorizer" + " must return an error. This field is immutable." + ), + ) + subjects: Optional[List[Subject]] = Field( + default=None, + description="Subjects holds references to the objects the role applies to.", + ) + + +class RoleBindingList(BaseModel): + apiVersion: Optional[str] = Field( + default="rbac.authorization.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[RoleBinding] = Field(..., description="Items is a list of RoleBindings") + kind: Optional[str] = Field( + default="RoleBindingList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, description="Standard object's metadata." + ) + + +class RoleList(BaseModel): + apiVersion: Optional[str] = Field( + default="rbac.authorization.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[Role] = Field(..., description="Items is a list of Roles") + kind: Optional[str] = Field( + default="RoleList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, description="Standard object's metadata." + ) diff --git a/src/kubedantic/models/io/k8s/api/scheduling/__init__.py b/src/kubedantic/models/io/k8s/api/scheduling/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/scheduling/v1.py b/src/kubedantic/models/io/k8s/api/scheduling/v1.py new file mode 100644 index 0000000..786e94a --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/scheduling/v1.py @@ -0,0 +1,112 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from enum import Enum +from typing import List, Optional + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 + + +class PreemptionPolicy(Enum): + Never = "Never" + PreemptLowerPriority = "PreemptLowerPriority" + + +class PriorityClass(BaseModel): + apiVersion: Optional[str] = Field( + default="scheduling.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + description: Optional[str] = Field( + default=None, + description=( + "description is an arbitrary string that usually provides guidelines on" + " when this priority class should be used." + ), + ) + globalDefault: Optional[bool] = Field( + default=None, + description=( + "globalDefault specifies whether this PriorityClass should be considered as" + " the default priority for pods that do not have any priority class. Only" + " one PriorityClass can be marked as `globalDefault`. However, if more than" + " one PriorityClasses exists with their `globalDefault` field set to true," + " the smallest value of such global default PriorityClasses will be used as" + " the default priority." + ), + ) + kind: Optional[str] = Field( + default="PriorityClass", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + preemptionPolicy: Optional[PreemptionPolicy] = Field( + default=None, + description=( + "preemptionPolicy is the Policy for preempting pods with lower priority." + " One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if" + ' unset.\n\nPossible enum values:\n - `"Never"` means that pod never' + ' preempts other pods with lower priority.\n - `"PreemptLowerPriority"`' + " means that pod can preempt other pods with lower priority." + ), + ) + value: int = Field( + ..., + description=( + "value represents the integer value of this priority class. This is the" + " actual priority that pods receive when they have the name of this class" + " in their pod spec." + ), + ) + + +class PriorityClassList(BaseModel): + apiVersion: Optional[str] = Field( + default="scheduling.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[PriorityClass] = Field( + ..., description="items is the list of PriorityClasses" + ) + kind: Optional[str] = Field( + default="PriorityClassList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) diff --git a/src/kubedantic/models/io/k8s/api/storage/__init__.py b/src/kubedantic/models/io/k8s/api/storage/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/api/storage/v1.py b/src/kubedantic/models/io/k8s/api/storage/v1.py new file mode 100644 index 0000000..aa71b8c --- /dev/null +++ b/src/kubedantic/models/io/k8s/api/storage/v1.py @@ -0,0 +1,762 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from enum import Enum +from typing import Dict, List, Optional, Union + +from pydantic import BaseModel, Field + +from ...apimachinery.pkg.apis.meta import v1 +from ..core import v1 as v1_1 + + +class ReclaimPolicy(Enum): + Delete = "Delete" + Recycle = "Recycle" + Retain = "Retain" + + +class VolumeBindingMode(Enum): + Immediate = "Immediate" + WaitForFirstConsumer = "WaitForFirstConsumer" + + +class TokenRequest(BaseModel): + audience: str = Field( + ..., + description=( + 'audience is the intended audience of the token in "TokenRequestSpec". It' + " will default to the audiences of kube apiserver." + ), + ) + expirationSeconds: Optional[int] = Field( + default=None, + description=( + "expirationSeconds is the duration of validity of the token in" + ' "TokenRequestSpec". It has the same default value of "ExpirationSeconds"' + ' in "TokenRequestSpec".' + ), + ) + + +class VolumeError(BaseModel): + message: Optional[str] = Field( + default=None, + description=( + "message represents the error encountered during Attach or Detach" + " operation. This string may be logged, so it should not contain sensitive" + " information." + ), + ) + time: Optional[datetime] = Field( + default=None, description="time represents the time the error was encountered." + ) + + +class VolumeNodeResources(BaseModel): + count: Optional[int] = Field( + default=None, + description=( + "count indicates the maximum number of unique volumes managed by the CSI" + " driver that can be used on a node. A volume that is both attached and" + " mounted on a node is considered to be used once, not twice. The same rule" + " applies for a unique volume that is shared among multiple pods on the" + " same node. If this field is not specified, then the supported number of" + " volumes on this node is unbounded." + ), + ) + + +class CSIDriverSpec(BaseModel): + attachRequired: Optional[bool] = Field( + default=None, + description=( + "attachRequired indicates this CSI volume driver requires an attach" + " operation (because it implements the CSI ControllerPublishVolume()" + " method), and that the Kubernetes attach detach controller should call the" + " attach volume interface which checks the volumeattachment status and" + " waits until the volume is attached before proceeding to mounting. The CSI" + " external-attacher coordinates with CSI volume driver and updates the" + " volumeattachment status when the attach operation is complete. If the" + " CSIDriverRegistry feature gate is enabled and the value is specified to" + " false, the attach operation will be skipped. Otherwise the attach" + " operation will be called.\n\nThis field is immutable." + ), + ) + fsGroupPolicy: Optional[str] = Field( + default=None, + description=( + "fsGroupPolicy defines if the underlying volume supports changing ownership" + " and permission of the volume before being mounted. Refer to the specific" + " FSGroupPolicy values for additional details.\n\nThis field was immutable" + " in Kubernetes < 1.29 and now is mutable.\n\nDefaults to" + " ReadWriteOnceWithFSType, which will examine each volume to determine if" + " Kubernetes should modify ownership and permissions of the volume. With" + " the default policy the defined fsGroup will only be applied if a fstype" + " is defined and the volume's access mode contains ReadWriteOnce." + ), + ) + podInfoOnMount: Optional[bool] = Field( + default=None, + description=( + "podInfoOnMount indicates this CSI volume driver requires additional pod" + " information (like podName, podUID, etc.) during mount operations, if set" + " to true. If set to false, pod information will not be passed on mount." + " Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of" + " driver deployment. If true, Kubelet will pass pod information as" + " VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is" + " responsible for parsing and validating the information passed in as" + " VolumeContext.\n\nThe following VolumeContext will be passed if" + " podInfoOnMount is set to true. This list might grow, but the prefix will" + ' be used. "csi.storage.k8s.io/pod.name": pod.Name' + ' "csi.storage.k8s.io/pod.namespace": pod.Namespace' + ' "csi.storage.k8s.io/pod.uid": string(pod.UID)' + ' "csi.storage.k8s.io/ephemeral": "true" if the volume is an ephemeral' + " inline volume\n defined by a" + ' CSIVolumeSource, otherwise "false"\n\n"csi.storage.k8s.io/ephemeral" is a' + " new feature in Kubernetes 1.16. It is only required for drivers which" + ' support both the "Persistent" and "Ephemeral" VolumeLifecycleMode. Other' + " drivers can leave pod info disabled and/or ignore this field. As" + " Kubernetes 1.15 doesn't support this field, drivers can only support one" + " mode when deployed on such a cluster and the deployment determines which" + " mode that is, for example via a command line parameter of the" + " driver.\n\nThis field was immutable in Kubernetes < 1.29 and now is" + " mutable." + ), + ) + requiresRepublish: Optional[bool] = Field( + default=None, + description=( + "requiresRepublish indicates the CSI driver wants `NodePublishVolume` being" + " periodically called to reflect any possible change in the mounted volume." + " This field defaults to false.\n\nNote: After a successful initial" + " NodePublishVolume call, subsequent calls to NodePublishVolume should only" + " update the contents of the volume. New mount points will not be seen by a" + " running container." + ), + ) + seLinuxMount: Optional[bool] = Field( + default=None, + description=( + 'seLinuxMount specifies if the CSI driver supports "-o context" mount' + ' option.\n\nWhen "true", the CSI driver must ensure that all volumes' + " provided by this CSI driver can be mounted separately with different `-o" + " context` options. This is typical for storage backends that provide" + " volumes as filesystems on block devices or as independent shared volumes." + ' Kubernetes will call NodeStage / NodePublish with "-o context=xyz" mount' + " option when mounting a ReadWriteOncePod volume used in Pod that has" + " explicitly set SELinux context. In the future, it may be expanded to" + " other volume AccessModes. In any case, Kubernetes will ensure that the" + ' volume is mounted only with a single SELinux context.\n\nWhen "false",' + " Kubernetes won't pass any special SELinux mount options to the driver." + " This is typical for volumes that represent subdirectories of a bigger" + ' shared filesystem.\n\nDefault is "false".' + ), + ) + storageCapacity: Optional[bool] = Field( + default=None, + description=( + "storageCapacity indicates that the CSI volume driver wants pod scheduling" + " to consider the storage capacity that the driver deployment will report" + " by creating CSIStorageCapacity objects with capacity information, if set" + " to true.\n\nThe check can be enabled immediately when deploying a driver." + " In that case, provisioning new volumes with late binding will pause until" + " the driver deployment has published some suitable CSIStorageCapacity" + " object.\n\nAlternatively, the driver can be deployed with the field unset" + " or false and it can be flipped later when storage capacity information" + " has been published.\n\nThis field was immutable in Kubernetes <= 1.22 and" + " now is mutable." + ), + ) + tokenRequests: Optional[List[TokenRequest]] = Field( + default=None, + description=( + "tokenRequests indicates the CSI driver needs pods' service account tokens" + " it is mounting volume for to do necessary authentication. Kubelet will" + " pass the tokens in VolumeContext in the CSI NodePublishVolume calls. The" + " CSI driver should parse and validate the following VolumeContext:" + ' "csi.storage.k8s.io/serviceAccount.tokens": {\n "": {\n ' + ' "token": ,\n "expirationTimestamp": ,\n },\n ...\n}\n\nNote: Audience in each TokenRequest should" + " be different and at most one token is empty string. To receive a new" + " token after expiry, RequiresRepublish can be used to trigger" + " NodePublishVolume periodically." + ), + ) + volumeLifecycleModes: Optional[List[str]] = Field( + default=None, + description=( + "volumeLifecycleModes defines what kind of volumes this CSI volume driver" + ' supports. The default if the list is empty is "Persistent", which is the' + " usage defined by the CSI specification and implemented in Kubernetes via" + ' the usual PV/PVC mechanism.\n\nThe other mode is "Ephemeral". In this' + " mode, volumes are defined inline inside the pod spec with CSIVolumeSource" + " and their lifecycle is tied to the lifecycle of that pod. A driver has to" + " be aware of this because it is only going to get a NodePublishVolume call" + " for such a volume.\n\nFor more information about implementing this mode," + " see https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html A" + " driver can support one or more of these modes and more modes may be added" + " in the future.\n\nThis field is beta. This field is immutable." + ), + ) + + +class CSINodeDriver(BaseModel): + allocatable: Optional[VolumeNodeResources] = Field( + default=None, + description=( + "allocatable represents the volume resources of a node that are available" + " for scheduling. This field is beta." + ), + ) + name: str = Field( + ..., + description=( + "name represents the name of the CSI driver that this object refers to." + " This MUST be the same name returned by the CSI GetPluginName() call for" + " that driver." + ), + ) + nodeID: str = Field( + ..., + description=( + "nodeID of the node from the driver point of view. This field enables" + " Kubernetes to communicate with storage systems that do not share the same" + " nomenclature for nodes. For example, Kubernetes may refer to a given node" + ' as "node1", but the storage system may refer to the same node as "nodeA".' + " When Kubernetes issues a command to the storage system to attach a volume" + " to a specific node, it can use this field to refer to the node name using" + ' the ID that the storage system will understand, e.g. "nodeA" instead of' + ' "node1". This field is required.' + ), + ) + topologyKeys: Optional[List[str]] = Field( + default=None, + description=( + "topologyKeys is the list of keys supported by the driver. When a driver is" + " initialized on a cluster, it provides a set of topology keys that it" + ' understands (e.g. "company.com/zone", "company.com/region"). When a' + " driver is initialized on a node, it provides the same topology keys along" + " with values. Kubelet will expose these topology keys as labels on its own" + " node object. When Kubernetes does topology aware provisioning, it can use" + " this list to determine which labels it should retrieve from the node" + " object and pass back to the driver. It is possible for different nodes to" + " use different topology keys. This can be empty if driver does not support" + " topology." + ), + ) + + +class CSINodeSpec(BaseModel): + drivers: List[CSINodeDriver] = Field( + ..., + description=( + "drivers is a list of information of all CSI Drivers existing on a node. If" + " all drivers in the list are uninstalled, this can become empty." + ), + ) + + +class CSIStorageCapacity(BaseModel): + apiVersion: Optional[str] = Field( + default="storage.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + capacity: Optional[Union[str, float]] = Field( + default=None, + description=( + "capacity is the value reported by the CSI driver in its" + " GetCapacityResponse for a GetCapacityRequest with topology and parameters" + " that match the previous fields.\n\nThe semantic is currently (CSI spec" + " 1.2) defined as: The available capacity, in bytes, of the storage that" + " can be used to provision volumes. If not set, that information is" + " currently unavailable." + ), + ) + kind: Optional[str] = Field( + default="CSIStorageCapacity", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + maximumVolumeSize: Optional[Union[str, float]] = Field( + default=None, + description=( + "maximumVolumeSize is the value reported by the CSI driver in its" + " GetCapacityResponse for a GetCapacityRequest with topology and parameters" + " that match the previous fields.\n\nThis is defined since CSI spec 1.4.0" + " as the largest size that may be used in a" + " CreateVolumeRequest.capacity_range.required_bytes field to create a" + " volume with the same parameters as those in GetCapacityRequest. The" + " corresponding value in the Kubernetes API is" + " ResourceRequirements.Requests in a volume claim." + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. The name has no particular meaning. It must be" + " a DNS subdomain (dots allowed, 253 characters). To ensure that there are" + " no conflicts with other CSI drivers on the cluster, the recommendation is" + " to use csisc-, a generated name, or a reverse-domain name which" + " ends with the unique CSI driver name.\n\nObjects are namespaced.\n\nMore" + " info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + nodeTopology: Optional[v1.LabelSelector] = Field( + default=None, + description=( + "nodeTopology defines which nodes have access to the storage for which" + " capacity was reported. If not set, the storage is not accessible from any" + " node in the cluster. If empty, the storage is accessible from all nodes." + " This field is immutable." + ), + ) + storageClassName: str = Field( + ..., + description=( + "storageClassName represents the name of the StorageClass that the reported" + " capacity applies to. It must meet the same requirements as the name of a" + " StorageClass object (non-empty, DNS subdomain). If that object no longer" + " exists, the CSIStorageCapacity object is obsolete and should be removed" + " by its creator. This field is immutable." + ), + ) + + +class CSIStorageCapacityList(BaseModel): + apiVersion: Optional[str] = Field( + default="storage.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[CSIStorageCapacity] = Field( + ..., description="items is the list of CSIStorageCapacity objects." + ) + kind: Optional[str] = Field( + default="CSIStorageCapacityList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + + +class StorageClass(BaseModel): + allowVolumeExpansion: Optional[bool] = Field( + default=None, + description=( + "allowVolumeExpansion shows whether the storage class allow volume expand." + ), + ) + allowedTopologies: Optional[List[v1_1.TopologySelectorTerm]] = Field( + default=None, + description=( + "allowedTopologies restrict the node topologies where volumes can be" + " dynamically provisioned. Each volume plugin defines its own supported" + " topology specifications. An empty TopologySelectorTerm list means there" + " is no topology restriction. This field is only honored by servers that" + " enable the VolumeScheduling feature." + ), + ) + apiVersion: Optional[str] = Field( + default="storage.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="StorageClass", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + mountOptions: Optional[List[str]] = Field( + default=None, + description=( + "mountOptions controls the mountOptions for dynamically provisioned" + ' PersistentVolumes of this storage class. e.g. ["ro", "soft"]. Not' + " validated - mount of the PVs will simply fail if one is invalid." + ), + ) + parameters: Optional[Dict[str, str]] = Field( + default=None, + description=( + "parameters holds the parameters for the provisioner that should create" + " volumes of this storage class." + ), + ) + provisioner: str = Field( + ..., description="provisioner indicates the type of the provisioner." + ) + reclaimPolicy: Optional[ReclaimPolicy] = Field( + default=None, + description=( + "reclaimPolicy controls the reclaimPolicy for dynamically provisioned" + " PersistentVolumes of this storage class. Defaults to Delete.\n\nPossible" + ' enum values:\n - `"Delete"` means the volume will be deleted from' + " Kubernetes on release from its claim. The volume plugin must support" + ' Deletion.\n - `"Recycle"` means the volume will be recycled back into the' + " pool of unbound persistent volumes on release from its claim. The volume" + ' plugin must support Recycling.\n - `"Retain"` means the volume will be' + " left in its current phase (Released) for manual reclamation by the" + " administrator. The default policy is Retain." + ), + ) + volumeBindingMode: Optional[VolumeBindingMode] = Field( + default=None, + description=( + "volumeBindingMode indicates how PersistentVolumeClaims should be" + " provisioned and bound. When unset, VolumeBindingImmediate is used. This" + " field is only honored by servers that enable the VolumeScheduling" + ' feature.\n\nPossible enum values:\n - `"Immediate"` indicates that' + " PersistentVolumeClaims should be immediately provisioned and bound. This" + ' is the default mode.\n - `"WaitForFirstConsumer"` indicates that' + " PersistentVolumeClaims should not be provisioned and bound until the" + " first Pod is created that references the PeristentVolumeClaim. The volume" + " provisioning and binding will occur during Pod scheduing." + ), + ) + + +class StorageClassList(BaseModel): + apiVersion: Optional[str] = Field( + default="storage.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[StorageClass] = Field( + ..., description="items is the list of StorageClasses" + ) + kind: Optional[str] = Field( + default="StorageClassList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + + +class VolumeAttachmentStatus(BaseModel): + attachError: Optional[VolumeError] = Field( + default=None, + description=( + "attachError represents the last error encountered during attach operation," + " if any. This field must only be set by the entity completing the attach" + " operation, i.e. the external-attacher." + ), + ) + attached: bool = Field( + ..., + description=( + "attached indicates the volume is successfully attached. This field must" + " only be set by the entity completing the attach operation, i.e. the" + " external-attacher." + ), + ) + attachmentMetadata: Optional[Dict[str, str]] = Field( + default=None, + description=( + "attachmentMetadata is populated with any information returned by the" + " attach operation, upon successful attach, that must be passed into" + " subsequent WaitForAttach or Mount calls. This field must only be set by" + " the entity completing the attach operation, i.e. the external-attacher." + ), + ) + detachError: Optional[VolumeError] = Field( + default=None, + description=( + "detachError represents the last error encountered during detach operation," + " if any. This field must only be set by the entity completing the detach" + " operation, i.e. the external-attacher." + ), + ) + + +class CSIDriver(BaseModel): + apiVersion: Optional[str] = Field( + default="storage.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="CSIDriver", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object metadata. metadata.Name indicates the name of the CSI" + " driver that this object refers to; it MUST be the same name returned by" + " the CSI GetPluginName() call for that driver. The driver name must be 63" + " characters or less, beginning and ending with an alphanumeric character" + " ([a-z0-9A-Z]) with dashes (-), dots (.), and alphanumerics between. More" + " info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: CSIDriverSpec = Field( + ..., description="spec represents the specification of the CSI Driver." + ) + + +class CSIDriverList(BaseModel): + apiVersion: Optional[str] = Field( + default="storage.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[CSIDriver] = Field(..., description="items is the list of CSIDriver") + kind: Optional[str] = Field( + default="CSIDriverList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + + +class CSINode(BaseModel): + apiVersion: Optional[str] = Field( + default="storage.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="CSINode", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. metadata.name must be the Kubernetes node" + " name." + ), + ) + spec: CSINodeSpec = Field(..., description="spec is the specification of CSINode") + + +class CSINodeList(BaseModel): + apiVersion: Optional[str] = Field( + default="storage.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[CSINode] = Field(..., description="items is the list of CSINode") + kind: Optional[str] = Field( + default="CSINodeList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + + +class VolumeAttachmentSource(BaseModel): + inlineVolumeSpec: Optional[v1_1.PersistentVolumeSpec] = Field( + default=None, + description=( + "inlineVolumeSpec contains all the information necessary to attach a" + " persistent volume defined by a pod's inline VolumeSource. This field is" + " populated only for the CSIMigration feature. It contains translated" + " fields from a pod's inline VolumeSource to a PersistentVolumeSpec. This" + " field is beta-level and is only honored by servers that enabled the" + " CSIMigration feature." + ), + ) + persistentVolumeName: Optional[str] = Field( + default=None, + description=( + "persistentVolumeName represents the name of the persistent volume to" + " attach." + ), + ) + + +class VolumeAttachmentSpec(BaseModel): + attacher: str = Field( + ..., + description=( + "attacher indicates the name of the volume driver that MUST handle this" + " request. This is the name returned by GetPluginName()." + ), + ) + nodeName: str = Field( + ..., + description=( + "nodeName represents the node that the volume should be attached to." + ), + ) + source: VolumeAttachmentSource = Field( + ..., description="source represents the volume that should be attached." + ) + + +class VolumeAttachment(BaseModel): + apiVersion: Optional[str] = Field( + default="storage.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="VolumeAttachment", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: VolumeAttachmentSpec = Field( + ..., + description=( + "spec represents specification of the desired attach/detach volume" + " behavior. Populated by the Kubernetes system." + ), + ) + status: Optional[VolumeAttachmentStatus] = Field( + default=None, + description=( + "status represents status of the VolumeAttachment request. Populated by the" + " entity completing the attach or detach operation, i.e. the" + " external-attacher." + ), + ) + + +class VolumeAttachmentList(BaseModel): + apiVersion: Optional[str] = Field( + default="storage.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[VolumeAttachment] = Field( + ..., description="items is the list of VolumeAttachments" + ) + kind: Optional[str] = Field( + default="VolumeAttachmentList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) diff --git a/src/kubedantic/models/io/k8s/apiextensions_apiserver/pkg/apis/__init__.py b/src/kubedantic/models/io/k8s/apiextensions_apiserver/pkg/apis/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/apiextensions_apiserver/pkg/apis/apiextensions/v1.py b/src/kubedantic/models/io/k8s/apiextensions_apiserver/pkg/apis/apiextensions/v1.py new file mode 100644 index 0000000..9132a3f --- /dev/null +++ b/src/kubedantic/models/io/k8s/apiextensions_apiserver/pkg/apis/apiextensions/v1.py @@ -0,0 +1,930 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from enum import Enum +from typing import Any, Dict, List, Optional + +from pydantic import BaseModel, Field + +from .....apimachinery.pkg.apis.meta import v1 + + +class CustomResourceColumnDefinition(BaseModel): + description: Optional[str] = Field( + default=None, + description="description is a human readable description of this column.", + ) + format: Optional[str] = Field( + default=None, + description=( + "format is an optional OpenAPI type definition for this column. The 'name'" + " format is applied to the primary identifier column to assist in clients" + " identifying column is the resource name. See" + " https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types" + " for details." + ), + ) + jsonPath: str = Field( + ..., + description=( + "jsonPath is a simple JSON path (i.e. with array notation) which is" + " evaluated against each custom resource to produce the value for this" + " column." + ), + ) + name: str = Field(..., description="name is a human readable name for the column.") + priority: Optional[int] = Field( + default=None, + description=( + "priority is an integer defining the relative importance of this column" + " compared to others. Lower numbers are considered higher priority. Columns" + " that may be omitted in limited space scenarios should be given a priority" + " greater than 0." + ), + ) + type: str = Field( + ..., + description=( + "type is an OpenAPI type definition for this column. See" + " https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types" + " for details." + ), + ) + + +class CustomResourceDefinitionCondition(BaseModel): + lastTransitionTime: Optional[datetime] = Field( + default=None, + description=( + "lastTransitionTime last time the condition transitioned from one status to" + " another." + ), + ) + message: Optional[str] = Field( + default=None, + description=( + "message is a human-readable message indicating details about last" + " transition." + ), + ) + reason: Optional[str] = Field( + default=None, + description=( + "reason is a unique, one-word, CamelCase reason for the condition's last" + " transition." + ), + ) + status: str = Field( + ..., + description=( + "status is the status of the condition. Can be True, False, Unknown." + ), + ) + type: str = Field( + ..., + description=( + "type is the type of the condition. Types include Established," + " NamesAccepted and Terminating." + ), + ) + + +class CustomResourceDefinitionNames(BaseModel): + categories: Optional[List[str]] = Field( + default=None, + description=( + "categories is a list of grouped resources this custom resource belongs to" + " (e.g. 'all'). This is published in API discovery documents, and used by" + " clients to support invocations like `kubectl get all`." + ), + ) + kind: str = Field( + ..., + description=( + "kind is the serialized kind of the resource. It is normally CamelCase and" + " singular. Custom resource instances will use this value as the `kind`" + " attribute in API calls." + ), + ) + listKind: Optional[str] = Field( + default=None, + description=( + "listKind is the serialized kind of the list for this resource. Defaults to" + ' "`kind`List".' + ), + ) + plural: str = Field( + ..., + description=( + "plural is the plural name of the resource to serve. The custom resources" + " are served under `/apis///.../`. Must match the" + " name of the CustomResourceDefinition (in the form" + " `.`). Must be all lowercase." + ), + ) + shortNames: Optional[List[str]] = Field( + default=None, + description=( + "shortNames are short names for the resource, exposed in API discovery" + " documents, and used by clients to support invocations like `kubectl get" + " `. It must be all lowercase." + ), + ) + singular: Optional[str] = Field( + default=None, + description=( + "singular is the singular name of the resource. It must be all lowercase." + " Defaults to lowercased `kind`." + ), + ) + + +class CustomResourceDefinitionStatus(BaseModel): + acceptedNames: Optional[CustomResourceDefinitionNames] = Field( + default=None, + description=( + "acceptedNames are the names that are actually being used to serve" + " discovery. They may be different than the names in spec." + ), + ) + conditions: Optional[List[CustomResourceDefinitionCondition]] = Field( + default=None, + description=( + "conditions indicate state for particular aspects of a" + " CustomResourceDefinition" + ), + ) + storedVersions: Optional[List[str]] = Field( + default=None, + description=( + "storedVersions lists all versions of CustomResources that were ever" + " persisted. Tracking these versions allows a migration path for stored" + " versions in etcd. The field is mutable so a migration controller can" + " finish a migration to another version (ensuring no old objects are left" + " in storage), and then remove the rest of the versions from this list." + " Versions may not be removed from `spec.versions` while they exist in this" + " list." + ), + ) + + +class CustomResourceSubresourceScale(BaseModel): + labelSelectorPath: Optional[str] = Field( + default=None, + description=( + "labelSelectorPath defines the JSON path inside of a custom resource that" + " corresponds to Scale `status.selector`. Only JSON paths without the array" + " notation are allowed. Must be a JSON Path under `.status` or `.spec`." + " Must be set to work with HorizontalPodAutoscaler. The field pointed by" + " this JSON path must be a string field (not a complex selector struct)" + " which contains a serialized label selector in string form. More info:" + " https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions#scale-subresource" + " If there is no value under the given path in the custom resource, the" + " `status.selector` value in the `/scale` subresource will default to the" + " empty string." + ), + ) + specReplicasPath: str = Field( + ..., + description=( + "specReplicasPath defines the JSON path inside of a custom resource that" + " corresponds to Scale `spec.replicas`. Only JSON paths without the array" + " notation are allowed. Must be a JSON Path under `.spec`. If there is no" + " value under the given path in the custom resource, the `/scale`" + " subresource will return an error on GET." + ), + ) + statusReplicasPath: str = Field( + ..., + description=( + "statusReplicasPath defines the JSON path inside of a custom resource that" + " corresponds to Scale `status.replicas`. Only JSON paths without the array" + " notation are allowed. Must be a JSON Path under `.status`. If there is no" + " value under the given path in the custom resource, the `status.replicas`" + " value in the `/scale` subresource will default to 0." + ), + ) + + +class CustomResourceSubresourceStatus(BaseModel): + pass + + +class CustomResourceSubresources(BaseModel): + scale: Optional[CustomResourceSubresourceScale] = Field( + default=None, + description=( + "scale indicates the custom resource should serve a `/scale` subresource" + " that returns an `autoscaling/v1` Scale object." + ), + ) + status: Optional[CustomResourceSubresourceStatus] = Field( + default=None, + description=( + "status indicates the custom resource should serve a `/status` subresource." + " When enabled: 1. requests to the custom resource primary endpoint ignore" + " changes to the `status` stanza of the object. 2. requests to the custom" + " resource `/status` subresource ignore changes to anything other than the" + " `status` stanza of the object." + ), + ) + + +class ExternalDocumentation(BaseModel): + description: Optional[str] = None + url: Optional[str] = None + + +class SelectableField(BaseModel): + jsonPath: str = Field( + ..., + description=( + "jsonPath is a simple JSON path which is evaluated against each custom" + " resource to produce a field selector value. Only JSON paths without the" + " array notation are allowed. Must point to a field of type string, boolean" + " or integer. Types with enum values and strings with formats are allowed." + " If jsonPath refers to absent field in a resource, the jsonPath evaluates" + " to an empty string. Must not point to metdata fields. Required." + ), + ) + + +class ServiceReference(BaseModel): + name: str = Field(..., description="name is the name of the service. Required") + namespace: str = Field( + ..., description="namespace is the namespace of the service. Required" + ) + path: Optional[str] = Field( + default=None, + description=( + "path is an optional URL path at which the webhook will be contacted." + ), + ) + port: Optional[int] = Field( + default=None, + description=( + "port is an optional service port at which the webhook will be contacted." + " `port` should be a valid port number (1-65535, inclusive). Defaults to" + " 443 for backward compatibility." + ), + ) + + +class Reason(Enum): + FieldValueDuplicate = "FieldValueDuplicate" + FieldValueForbidden = "FieldValueForbidden" + FieldValueInvalid = "FieldValueInvalid" + FieldValueRequired = "FieldValueRequired" + + +class ValidationRule(BaseModel): + fieldPath: Optional[str] = Field( + default=None, + description=( + "fieldPath represents the field path returned when the validation fails. It" + " must be a relative JSON path (i.e. with array notation) scoped to the" + " location of this x-kubernetes-validations extension in the schema and" + " refer to an existing field. e.g. when validation checks if a specific" + " attribute `foo` under a map `testMap`, the fieldPath could be set to" + " `.testMap.foo` If the validation checks two lists must have unique" + " attributes, the fieldPath could be set to either of the list: e.g." + " `.testList` It does not support list numeric index. It supports child" + " operation to refer to an existing field currently. Refer to [JSONPath" + " support in" + " Kubernetes](https://kubernetes.io/docs/reference/kubectl/jsonpath/) for" + " more info. Numeric index of array is not supported. For field name which" + " contains special characters, use `['specialName']` to refer the field" + " name. e.g. for attribute `foo.34$` appears in a list `testList`, the" + " fieldPath could be set to `.testList['foo.34$']`" + ), + ) + message: Optional[str] = Field( + default=None, + description=( + "Message represents the message displayed when validation fails. The" + " message is required if the Rule contains line breaks. The message must" + ' not contain line breaks. If unset, the message is "failed rule: {Rule}".' + ' e.g. "must be a URL with the host matching spec.host"' + ), + ) + messageExpression: Optional[str] = Field( + default=None, + description=( + "MessageExpression declares a CEL expression that evaluates to the" + " validation failure message that is returned when this rule fails. Since" + " messageExpression is used as a failure message, it must evaluate to a" + " string. If both message and messageExpression are present on a rule, then" + " messageExpression will be used if validation fails. If messageExpression" + " results in a runtime error, the runtime error is logged, and the" + " validation failure message is produced as if the messageExpression field" + " were unset. If messageExpression evaluates to an empty string, a string" + " with only spaces, or a string that contains line breaks, then the" + " validation failure message will also be produced as if the" + " messageExpression field were unset, and the fact that messageExpression" + " produced an empty string/string with only spaces/string with line breaks" + " will be logged. messageExpression has access to all the same variables as" + ' the rule; the only difference is the return type. Example: "x must be' + ' less than max ("+string(self.max)+")"' + ), + ) + optionalOldSelf: Optional[bool] = Field( + default=None, + description=( + "optionalOldSelf is used to opt a transition rule into evaluation even when" + " the object is first created, or if the old object is missing the" + " value.\n\nWhen enabled `oldSelf` will be a CEL optional whose value will" + " be `None` if there is no old value, or when the object is initially" + " created.\n\nYou may check for presence of oldSelf using" + " `oldSelf.hasValue()` and unwrap it after checking using" + " `oldSelf.value()`. Check the CEL documentation for Optional types for" + " more information:" + " https://pkg.go.dev/github.com/google/cel-go/cel#OptionalTypes\n\nMay not" + " be set unless `oldSelf` is used in `rule`." + ), + ) + reason: Optional[Reason] = Field( + default=None, + description=( + "reason provides a machine-readable validation failure reason that is" + " returned to the caller when a request fails this validation rule. The" + " HTTP status code returned to the caller will match the reason of the" + " reason of the first failed validation rule. The currently supported" + ' reasons are: "FieldValueInvalid", "FieldValueForbidden",' + ' "FieldValueRequired", "FieldValueDuplicate". If not set, default to use' + ' "FieldValueInvalid". All future added reasons must be accepted by clients' + " when reading this value and unknown reasons should be treated as" + ' FieldValueInvalid.\n\nPossible enum values:\n - `"FieldValueDuplicate"`' + " is used to report collisions of values that must be unique (e.g. unique" + ' IDs).\n - `"FieldValueForbidden"` is used to report valid (as per' + " formatting rules) values which would be accepted under some conditions," + " but which are not permitted by the current conditions (such as security" + ' policy).\n - `"FieldValueInvalid"` is used to report malformed values' + " (e.g. failed regex match, too long, out of bounds).\n -" + ' `"FieldValueRequired"` is used to report required values that are not' + " provided (e.g. empty strings, null values, or empty arrays)." + ), + ) + rule: str = Field( + ..., + description=( + "Rule represents the expression which will be evaluated by CEL. ref:" + " https://github.com/google/cel-spec The Rule is scoped to the location of" + " the x-kubernetes-validations extension in the schema. The `self` variable" + " in the CEL expression is bound to the scoped value. Example: - Rule" + ' scoped to the root of a resource with a status subresource: {"rule":' + ' "self.status.actual <= self.spec.maxDesired"}\n\nIf the Rule is scoped to' + " an object with properties, the accessible properties of the object are" + " field selectable via `self.field` and field presence can be checked via" + " `has(self.field)`. Null valued fields are treated as absent fields in CEL" + " expressions. If the Rule is scoped to an object with additionalProperties" + " (i.e. a map) the value of the map are accessible via `self[mapKey]`, map" + " containment can be checked via `mapKey in self` and all entries of the" + " map are accessible via CEL macros and functions such as `self.all(...)`." + " If the Rule is scoped to an array, the elements of the array are" + " accessible via `self[i]` and also by macros and functions. If the Rule is" + " scoped to a scalar, `self` is bound to the scalar value. Examples: - Rule" + ' scoped to a map of objects: {"rule":' + " \"self.components['Widget'].priority < 10\"} - Rule scoped to a list of" + ' integers: {"rule": "self.values.all(value, value >= 0 && value < 100)"} -' + ' Rule scoped to a string value: {"rule":' + " \"self.startsWith('kube')\"}\n\nThe `apiVersion`, `kind`, `metadata.name`" + " and `metadata.generateName` are always accessible from the root of the" + " object and from any x-kubernetes-embedded-resource annotated objects. No" + " other metadata properties are accessible.\n\nUnknown data preserved in" + " custom resources via x-kubernetes-preserve-unknown-fields is not" + " accessible in CEL expressions. This includes: - Unknown field values that" + " are preserved by object schemas with" + " x-kubernetes-preserve-unknown-fields. - Object properties where the" + ' property schema is of an "unknown type". An "unknown type" is recursively' + " defined as:\n - A schema with no type and" + " x-kubernetes-preserve-unknown-fields set to true\n - An array where the" + ' items schema is of an "unknown type"\n - An object where the' + ' additionalProperties schema is of an "unknown type"\n\nOnly property' + " names of the form `[a-zA-Z_.-/][a-zA-Z0-9_.-/]*` are accessible." + " Accessible property names are escaped according to the following rules" + " when accessed in the expression: - '__' escapes to '__underscores__'" + " - '.' escapes to '__dot__' - '-' escapes to '__dash__' - '/'" + " escapes to '__slash__' - Property names that exactly match a CEL" + " RESERVED keyword escape to '__{keyword}__'. The keywords are:\n\t " + ' "true", "false", "null", "in", "as", "break", "const", "continue",' + ' "else", "for", "function", "if",\n\t "import", "let", "loop", "package",' + ' "namespace", "return".\nExamples:\n - Rule accessing a property named' + ' "namespace": {"rule": "self.__namespace__ > 0"}\n - Rule accessing a' + ' property named "x-prop": {"rule": "self.x__dash__prop > 0"}\n - Rule' + ' accessing a property named "redact__d": {"rule":' + ' "self.redact__underscores__d > 0"}\n\nEquality on arrays with' + " x-kubernetes-list-type of 'set' or 'map' ignores element order, i.e." + " [1, 2] == [2, 1]. Concatenation on arrays with x-kubernetes-list-type use" + " the semantics of the list type:\n - 'set': `X + Y` performs a union" + " where the array positions of all elements in `X` are preserved and\n " + " non-intersecting elements in `Y` are appended, retaining their partial" + " order.\n - 'map': `X + Y` performs a merge where the array positions" + " of all keys in `X` are preserved but the values\n are overwritten by" + " values in `Y` when the key sets of `X` and `Y` intersect. Elements in `Y`" + " with\n non-intersecting keys are appended, retaining their partial" + " order.\n\nIf `rule` makes use of the `oldSelf` variable it is implicitly" + " a `transition rule`.\n\nBy default, the `oldSelf` variable is the same" + " type as `self`. When `optionalOldSelf` is true, the `oldSelf` variable is" + " a CEL optional\n variable whose value() is the same type as `self`.\nSee" + " the documentation for the `optionalOldSelf` field for" + " details.\n\nTransition rules by default are applied only on UPDATE" + " requests and are skipped if an old value could not be found. You can opt" + " a transition rule into unconditional evaluation by setting" + " `optionalOldSelf` to true." + ), + ) + + +class WebhookClientConfig(BaseModel): + caBundle: Optional[str] = Field( + default=None, + description=( + "caBundle is a PEM encoded CA bundle which will be used to validate the" + " webhook's server certificate. If unspecified, system trust roots on the" + " apiserver are used." + ), + ) + service: Optional[ServiceReference] = Field( + default=None, + description=( + "service is a reference to the service for this webhook. Either service or" + " url must be specified.\n\nIf the webhook is running within the cluster," + " then you should use `service`." + ), + ) + url: Optional[str] = Field( + default=None, + description=( + "url gives the location of the webhook, in standard URL form" + " (`scheme://host:port/path`). Exactly one of `url` or `service` must be" + " specified.\n\nThe `host` should not refer to a service running in the" + " cluster; use the `service` field instead. The host might be resolved via" + " external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve" + " in-cluster DNS as that would be a layering violation). `host` may also be" + " an IP address.\n\nPlease note that using `localhost` or `127.0.0.1` as a" + " `host` is risky unless you take great care to run this webhook on all" + " hosts which run an apiserver which might need to make calls to this" + " webhook. Such installs are likely to be non-portable, i.e., not easy to" + ' turn up in a new cluster.\n\nThe scheme must be "https"; the URL must' + ' begin with "https://".\n\nA path is optional, and if present may be any' + " string permissible in a URL. You may use the path to pass an arbitrary" + " string to the webhook, for example, a cluster identifier.\n\nAttempting" + ' to use a user or basic auth e.g. "user:password@" is not allowed.' + ' Fragments ("#...") and query parameters ("?...") are not allowed, either.' + ), + ) + + +class WebhookConversion(BaseModel): + clientConfig: Optional[WebhookClientConfig] = Field( + default=None, + description=( + "clientConfig is the instructions for how to call the webhook if strategy" + " is `Webhook`." + ), + ) + conversionReviewVersions: List[str] = Field( + ..., + description=( + "conversionReviewVersions is an ordered list of preferred" + " `ConversionReview` versions the Webhook expects. The API server will use" + " the first version in the list which it supports. If none of the versions" + " specified in this list are supported by API server, conversion will fail" + " for the custom resource. If a persisted Webhook configuration specifies" + " allowed versions and does not include any versions known to the API" + " Server, calls to the webhook will fail." + ), + ) + + +class CustomResourceConversion(BaseModel): + strategy: str = Field( + ..., + description=( + "strategy specifies how custom resources are converted between versions." + ' Allowed values are: - `"None"`: The converter only change the apiVersion' + " and would not touch any other field in the custom resource. -" + ' `"Webhook"`: API Server will call to an external webhook to do the' + " conversion. Additional information\n is needed for this option. This" + " requires spec.preserveUnknownFields to be false, and" + " spec.conversion.webhook to be set." + ), + ) + webhook: Optional[WebhookConversion] = Field( + default=None, + description=( + "webhook describes how to call the conversion webhook. Required when" + ' `strategy` is set to `"Webhook"`.' + ), + ) + + +class JSONSchemaProps(BaseModel): + field_ref: Optional[str] = Field(default=None, alias="$ref") + field_schema: Optional[str] = Field(default=None, alias="$schema") + additionalItems: Optional[Any] = Field( + default=None, + description=( + "JSONSchemaPropsOrBool represents JSONSchemaProps or a boolean value." + " Defaults to true for the boolean property." + ), + ) + additionalProperties: Optional[Any] = Field( + default=None, + description=( + "JSONSchemaPropsOrBool represents JSONSchemaProps or a boolean value." + " Defaults to true for the boolean property." + ), + ) + allOf: Optional[List[JSONSchemaProps]] = None + anyOf: Optional[List[JSONSchemaProps]] = None + default: Optional[Any] = Field( + default=None, + description=( + "default is a default value for undefined object fields. Defaulting is a" + " beta feature under the CustomResourceDefaulting feature gate. Defaulting" + " requires spec.preserveUnknownFields to be false." + ), + ) + definitions: Optional[Dict[str, JSONSchemaProps]] = None + dependencies: Optional[Dict[str, Any]] = None + description: Optional[str] = None + enum: Optional[List[Any]] = None + example: Optional[Any] = Field( + default=None, + description=( + "JSON represents any valid JSON value. These types are supported: bool," + " int64, float64, string, []interface{}, map[string]interface{} and nil." + ), + ) + exclusiveMaximum: Optional[bool] = None + exclusiveMinimum: Optional[bool] = None + externalDocs: Optional[ExternalDocumentation] = None + format: Optional[str] = Field( + default=None, + description=( + "format is an OpenAPI v3 format string. Unknown formats are ignored. The" + " following formats are validated:\n\n- bsonobjectid: a bson object ID," + " i.e. a 24 characters hex string - uri: an URI as parsed by Golang" + " net/url.ParseRequestURI - email: an email address as parsed by Golang" + " net/mail.ParseAddress - hostname: a valid representation for an Internet" + " host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4" + " IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang" + " net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC" + " address as parsed by Golang net.ParseMAC - uuid: an UUID that allows" + " uppercase defined by the regex" + " (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ -" + " uuid3: an UUID3 that allows uppercase defined by the regex" + " (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ -" + " uuid4: an UUID4 that allows uppercase defined by the regex" + " (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$" + " - uuid5: an UUID5 that allows uppercase defined by the regex" + " (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$" + ' - isbn: an ISBN10 or ISBN13 number string like "0321751043" or' + ' "978-0321751041" - isbn10: an ISBN10 number string like "0321751043" -' + ' isbn13: an ISBN13 number string like "978-0321751041" - creditcard: a' + " credit card number defined by the regex" + " ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$" + " with any non digit characters mixed in - ssn: a U.S. social security" + " number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ - hexcolor: an" + ' hexadecimal color code like "#FFFFFF: following the regex' + " ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like" + ' rgb like "rgb(255,255,2559" - byte: base64 encoded binary data -' + ' password: any kind of string - date: a date string like "2006-01-02" as' + ' defined by full-date in RFC3339 - duration: a duration string like "22' + ' ns" as parsed by Golang time.ParseDuration or compatible with Scala' + " duration format - datetime: a date time string like" + ' "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.' + ), + ) + id: Optional[str] = None + items: Optional[Any] = Field( + default=None, + description=( + "JSONSchemaPropsOrArray represents a value that can either be a" + " JSONSchemaProps or an array of JSONSchemaProps. Mainly here for" + " serialization purposes." + ), + ) + maxItems: Optional[int] = None + maxLength: Optional[int] = None + maxProperties: Optional[int] = None + maximum: Optional[float] = None + minItems: Optional[int] = None + minLength: Optional[int] = None + minProperties: Optional[int] = None + minimum: Optional[float] = None + multipleOf: Optional[float] = None + not_: Optional[JSONSchemaProps] = Field(default=None, alias="not") + nullable: Optional[bool] = None + oneOf: Optional[List[JSONSchemaProps]] = None + pattern: Optional[str] = None + patternProperties: Optional[Dict[str, JSONSchemaProps]] = None + properties: Optional[Dict[str, JSONSchemaProps]] = None + required: Optional[List[str]] = None + title: Optional[str] = None + type: Optional[str] = None + uniqueItems: Optional[bool] = None + x_kubernetes_embedded_resource: Optional[bool] = Field( + default=None, + alias="x-kubernetes-embedded-resource", + description=( + "x-kubernetes-embedded-resource defines that the value is an embedded" + " Kubernetes runtime.Object, with TypeMeta and ObjectMeta. The type must be" + " object. It is allowed to further restrict the embedded object. kind," + " apiVersion and metadata are validated automatically." + " x-kubernetes-preserve-unknown-fields is allowed to be true, but does not" + " have to be if the object is fully specified (up to kind, apiVersion," + " metadata)." + ), + ) + x_kubernetes_int_or_string: Optional[bool] = Field( + default=None, + alias="x-kubernetes-int-or-string", + description=( + "x-kubernetes-int-or-string specifies that this value is either an integer" + " or a string. If this is true, an empty type is allowed and type as child" + " of anyOf is permitted if following one of the following patterns:\n\n1)" + " anyOf:\n - type: integer\n - type: string\n2) allOf:\n - anyOf:\n " + " - type: integer\n - type: string\n - ... zero or more" + ), + ) + x_kubernetes_list_map_keys: Optional[List[str]] = Field( + default=None, + alias="x-kubernetes-list-map-keys", + description=( + "x-kubernetes-list-map-keys annotates an array with the" + " x-kubernetes-list-type `map` by specifying the keys used as the index of" + " the map.\n\nThis tag MUST only be used on lists that have the" + ' "x-kubernetes-list-type" extension set to "map". Also, the values' + " specified for this attribute must be a scalar typed field of the child" + " structure (no nesting is supported).\n\nThe properties specified must" + " either be required or have a default value, to ensure those properties" + " are present for all list items." + ), + ) + x_kubernetes_list_type: Optional[str] = Field( + default=None, + alias="x-kubernetes-list-type", + description=( + "x-kubernetes-list-type annotates an array to further describe its" + " topology. This extension must only be used on lists and may have 3" + " possible values:\n\n1) `atomic`: the list is treated as a single entity," + " like a scalar.\n Atomic lists will be entirely replaced when updated." + " This extension\n may be used on any type of list (struct, scalar," + " ...).\n2) `set`:\n Sets are lists that must not have multiple items" + " with the same value. Each\n value must be a scalar, an object with" + " x-kubernetes-map-type `atomic` or an\n array with" + " x-kubernetes-list-type `atomic`.\n3) `map`:\n These lists are like" + " maps in that their elements have a non-index key\n used to identify" + " them. Order is preserved upon merge. The map tag\n must only be used" + " on a list with elements of type object.\nDefaults to atomic for arrays." + ), + ) + x_kubernetes_map_type: Optional[str] = Field( + default=None, + alias="x-kubernetes-map-type", + description=( + "x-kubernetes-map-type annotates an object to further describe its" + " topology. This extension must only be used when type is object and may" + " have 2 possible values:\n\n1) `granular`:\n These maps are actual" + " maps (key-value pairs) and each fields are independent\n from each" + " other (they can each be manipulated by separate actors). This is\n " + " the default behaviour for all maps.\n2) `atomic`: the list is treated as" + " a single entity, like a scalar.\n Atomic maps will be entirely" + " replaced when updated." + ), + ) + x_kubernetes_preserve_unknown_fields: Optional[bool] = Field( + default=None, + alias="x-kubernetes-preserve-unknown-fields", + description=( + "x-kubernetes-preserve-unknown-fields stops the API server decoding step" + " from pruning fields which are not specified in the validation schema." + " This affects fields recursively, but switches back to normal pruning" + " behaviour if nested properties or additionalProperties are specified in" + " the schema. This can either be true or undefined. False is forbidden." + ), + ) + x_kubernetes_validations: Optional[List[ValidationRule]] = Field( + default=None, + alias="x-kubernetes-validations", + description=( + "x-kubernetes-validations describes a list of validation rules written in" + " the CEL expression language. This field is an alpha-level. Using this" + " field requires the feature gate `CustomResourceValidationExpressions` to" + " be enabled." + ), + ) + + +class CustomResourceValidation(BaseModel): + openAPIV3Schema: Optional[JSONSchemaProps] = Field( + default=None, + description=( + "openAPIV3Schema is the OpenAPI v3 schema to use for validation and" + " pruning." + ), + ) + + +class CustomResourceDefinitionVersion(BaseModel): + additionalPrinterColumns: Optional[List[CustomResourceColumnDefinition]] = Field( + default=None, + description=( + "additionalPrinterColumns specifies additional columns returned in Table" + " output. See" + " https://kubernetes.io/docs/reference/using-api/api-concepts/#receiving-resources-as-tables" + " for details. If no columns are specified, a single column displaying the" + " age of the custom resource is used." + ), + ) + deprecated: Optional[bool] = Field( + default=None, + description=( + "deprecated indicates this version of the custom resource API is" + " deprecated. When set to true, API requests to this version receive a" + " warning header in the server response. Defaults to false." + ), + ) + deprecationWarning: Optional[str] = Field( + default=None, + description=( + "deprecationWarning overrides the default warning returned to API clients." + " May only be set when `deprecated` is true. The default warning indicates" + " this version is deprecated and recommends use of the newest served" + " version of equal or greater stability, if one exists." + ), + ) + name: str = Field( + ..., + description=( + "name is the version name, e.g. “v1”, “v2beta1”, etc. The custom resources" + " are served under this version at `/apis///...` if" + " `served` is true." + ), + ) + schema_: Optional[CustomResourceValidation] = Field( + default=None, + alias="schema", + description=( + "schema describes the schema used for validation, pruning, and defaulting" + " of this version of the custom resource." + ), + ) + selectableFields: Optional[List[SelectableField]] = Field( + default=None, + description=( + "selectableFields specifies paths to fields that may be used as field" + " selectors. A maximum of 8 selectable fields are allowed. See" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/field-selectors" + ), + ) + served: bool = Field( + ..., + description=( + "served is a flag enabling/disabling this version from being served via" + " REST APIs" + ), + ) + storage: bool = Field( + ..., + description=( + "storage indicates this version should be used when persisting custom" + " resources to storage. There must be exactly one version with" + " storage=true." + ), + ) + subresources: Optional[CustomResourceSubresources] = Field( + default=None, + description=( + "subresources specify what subresources this version of the defined custom" + " resource have." + ), + ) + + +class CustomResourceDefinitionSpec(BaseModel): + conversion: Optional[CustomResourceConversion] = Field( + default=None, description="conversion defines conversion settings for the CRD." + ) + group: str = Field( + ..., + description=( + "group is the API group of the defined custom resource. The custom" + " resources are served under `/apis//...`. Must match the name of" + " the CustomResourceDefinition (in the form `.`)." + ), + ) + names: CustomResourceDefinitionNames = Field( + ..., + description=( + "names specify the resource and kind names for the custom resource." + ), + ) + preserveUnknownFields: Optional[bool] = Field( + default=None, + description=( + "preserveUnknownFields indicates that object fields which are not specified" + " in the OpenAPI schema should be preserved when persisting to storage." + " apiVersion, kind, metadata and known fields inside metadata are always" + " preserved. This field is deprecated in favor of setting" + " `x-preserve-unknown-fields` to true in" + " `spec.versions[*].schema.openAPIV3Schema`. See" + " https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#field-pruning" + " for details." + ), + ) + scope: str = Field( + ..., + description=( + "scope indicates whether the defined custom resource is cluster- or" + " namespace-scoped. Allowed values are `Cluster` and `Namespaced`." + ), + ) + versions: List[CustomResourceDefinitionVersion] = Field( + ..., + description=( + "versions is the list of all API versions of the defined custom resource." + " Version names are used to compute the order in which served versions are" + ' listed in API discovery. If the version string is "kube-like", it will' + ' sort above non "kube-like" version strings, which are ordered' + ' lexicographically. "Kube-like" versions start with a "v", then are' + " followed by a number (the major version), then optionally the string" + ' "alpha" or "beta" and another number (the minor version). These are' + " sorted first by GA > beta > alpha (where GA is a version with no suffix" + " such as beta or alpha), and then by comparing major version, then minor" + " version. An example sorted list of versions: v10, v2, v1, v11beta2," + " v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10." + ), + ) + + +class CustomResourceDefinition(BaseModel): + apiVersion: Optional[str] = Field( + default="apiextensions.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="CustomResourceDefinition", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: CustomResourceDefinitionSpec = Field( + ..., description="spec describes how the user wants the resources to appear" + ) + status: Optional[CustomResourceDefinitionStatus] = Field( + default=None, + description="status indicates the actual state of the CustomResourceDefinition", + ) + + +class CustomResourceDefinitionList(BaseModel): + apiVersion: Optional[str] = Field( + default="apiextensions.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[CustomResourceDefinition] = Field( + ..., description="items list individual CustomResourceDefinition objects" + ) + kind: Optional[str] = Field( + default="CustomResourceDefinitionList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard object's metadata More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) diff --git a/src/kubedantic/models/io/k8s/apimachinery/pkg/__init__.py b/src/kubedantic/models/io/k8s/apimachinery/pkg/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/apimachinery/pkg/apis/meta/__init__.py b/src/kubedantic/models/io/k8s/apimachinery/pkg/apis/meta/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/apimachinery/pkg/apis/meta/v1.py b/src/kubedantic/models/io/k8s/apimachinery/pkg/apis/meta/v1.py new file mode 100644 index 0000000..c47c307 --- /dev/null +++ b/src/kubedantic/models/io/k8s/apimachinery/pkg/apis/meta/v1.py @@ -0,0 +1,767 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from typing import Dict, List, Optional + +from pydantic import BaseModel, Field + +from ... import runtime + + +class APIResource(BaseModel): + categories: Optional[List[str]] = Field( + default=None, + description=( + "categories is a list of the grouped resources this resource belongs to" + " (e.g. 'all')" + ), + ) + group: Optional[str] = Field( + default=None, + description=( + "group is the preferred group of the resource. Empty implies the group of" + " the containing resource list. For subresources, this may have a different" + ' value, for example: Scale".' + ), + ) + kind: str = Field( + ..., + description=( + "kind is the kind for the resource (e.g. 'Foo' is the kind for a resource" + " 'foo')" + ), + ) + name: str = Field(..., description="name is the plural name of the resource.") + namespaced: bool = Field( + ..., description="namespaced indicates if a resource is namespaced or not." + ) + shortNames: Optional[List[str]] = Field( + default=None, + description="shortNames is a list of suggested short names of the resource.", + ) + singularName: str = Field( + ..., + description=( + "singularName is the singular name of the resource. This allows clients to" + " handle plural and singular opaquely. The singularName is more correct for" + " reporting status on a single item and both singular and plural are" + " allowed from the kubectl CLI interface." + ), + ) + storageVersionHash: Optional[str] = Field( + default=None, + description=( + "The hash value of the storage version, the version this resource is" + " converted to when written to the data store. Value must be treated as" + " opaque by clients. Only equality comparison on the value is valid. This" + " is an alpha feature and may change or be removed in the future. The field" + " is populated by the apiserver only if the StorageVersionHash feature gate" + " is enabled. This field will remain optional even if it graduates." + ), + ) + verbs: List[str] = Field( + ..., + description=( + "verbs is a list of supported kube verbs (this includes get, list, watch," + " create, update, patch, delete, deletecollection, and proxy)" + ), + ) + version: Optional[str] = Field( + default=None, + description=( + "version is the preferred version of the resource. Empty implies the" + " version of the containing resource list For subresources, this may have a" + " different value, for example: v1 (while inside a v1beta1 version of the" + " core resource's group)\"." + ), + ) + + +class APIResourceList(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + groupVersion: str = Field( + ..., + description=( + "groupVersion is the group and version this APIResourceList is for." + ), + ) + kind: Optional[str] = Field( + default="APIResourceList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + resources: List[APIResource] = Field( + ..., + description=( + "resources contains the name of the resources and if they are namespaced." + ), + ) + + +class FieldsV1(BaseModel): + pass + + +class LabelSelectorRequirement(BaseModel): + key: str = Field( + ..., description="key is the label key that the selector applies to." + ) + operator: str = Field( + ..., + description=( + "operator represents a key's relationship to a set of values. Valid" + " operators are In, NotIn, Exists and DoesNotExist." + ), + ) + values: Optional[List[str]] = Field( + default=None, + description=( + "values is an array of string values. If the operator is In or NotIn, the" + " values array must be non-empty. If the operator is Exists or" + " DoesNotExist, the values array must be empty. This array is replaced" + " during a strategic merge patch." + ), + ) + + +class ListMeta(BaseModel): + continue_: Optional[str] = Field( + default=None, + alias="continue", + description=( + "continue may be set if the user set a limit on the number of items" + " returned, and indicates that the server has more data available. The" + " value is opaque and may be used to issue another request to the endpoint" + " that served this list to retrieve the next set of available objects." + " Continuing a consistent list may not be possible if the server" + " configuration has changed or more than a few minutes have passed. The" + " resourceVersion field returned when using this continue value will be" + " identical to the value in the first response, unless you have received" + " this token from an error message." + ), + ) + remainingItemCount: Optional[int] = Field( + default=None, + description=( + "remainingItemCount is the number of subsequent items in the list which are" + " not included in this list response. If the list request contained label" + " or field selectors, then the number of remaining items is unknown and the" + " field will be left unset and omitted during serialization. If the list is" + " complete (either because it is not chunking or because this is the last" + " chunk), then there are no more remaining items and this field will be" + " left unset and omitted during serialization. Servers older than v1.15 do" + " not set this field. The intended use of the remainingItemCount is" + " *estimating* the size of a collection. Clients should not rely on the" + " remainingItemCount to be set or to be exact." + ), + ) + resourceVersion: Optional[str] = Field( + default=None, + description=( + "String that identifies the server's internal version of this object that" + " can be used by clients to determine when objects have changed. Value must" + " be treated as opaque by clients and passed unmodified back to the server." + " Populated by the system. Read-only. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + ), + ) + selfLink: Optional[str] = Field( + default=None, + description=( + "Deprecated: selfLink is a legacy read-only field that is no longer" + " populated by the system." + ), + ) + + +class OwnerReference(BaseModel): + apiVersion: str = Field(..., description="API version of the referent.") + blockOwnerDeletion: Optional[bool] = Field( + default=None, + description=( + 'If true, AND if the owner has the "foregroundDeletion" finalizer, then the' + " owner cannot be deleted from the key-value store until this reference is" + " removed. See" + " https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion" + " for how the garbage collector interacts with this field and enforces the" + " foreground deletion. Defaults to false. To set this field, a user needs" + ' "delete" permission of the owner, otherwise 422 (Unprocessable Entity)' + " will be returned." + ), + ) + controller: Optional[bool] = Field( + default=None, + description="If true, this reference points to the managing controller.", + ) + kind: str = Field( + ..., + description=( + "Kind of the referent. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + name: str = Field( + ..., + description=( + "Name of the referent. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names" + ), + ) + uid: str = Field( + ..., + description=( + "UID of the referent. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids" + ), + ) + + +class Patch(BaseModel): + pass + + +class Preconditions(BaseModel): + resourceVersion: Optional[str] = Field( + default=None, description="Specifies the target ResourceVersion" + ) + uid: Optional[str] = Field(default=None, description="Specifies the target UID.") + + +class StatusCause(BaseModel): + field: Optional[str] = Field( + default=None, + description=( + "The field of the resource that has caused this error, as named by its JSON" + " serialization. May include dot and postfix notation for nested" + " attributes. Arrays are zero-indexed. Fields may appear more than once in" + " an array of causes due to fields having multiple errors." + ' Optional.\n\nExamples:\n "name" - the field "name" on the current' + ' resource\n "items[0].name" - the field "name" on the first array entry' + ' in "items"' + ), + ) + message: Optional[str] = Field( + default=None, + description=( + "A human-readable description of the cause of the error. This field may be" + " presented as-is to a reader." + ), + ) + reason: Optional[str] = Field( + default=None, + description=( + "A machine-readable description of the cause of the error. If this value is" + " empty there is no information available." + ), + ) + + +class StatusDetails(BaseModel): + causes: Optional[List[StatusCause]] = Field( + default=None, + description=( + "The Causes array includes more details associated with the StatusReason" + " failure. Not all StatusReasons may provide detailed causes." + ), + ) + group: Optional[str] = Field( + default=None, + description=( + "The group attribute of the resource associated with the status" + " StatusReason." + ), + ) + kind: Optional[str] = Field( + default=None, + description=( + "The kind attribute of the resource associated with the status" + " StatusReason. On some operations may differ from the requested resource" + " Kind. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + name: Optional[str] = Field( + default=None, + description=( + "The name attribute of the resource associated with the status StatusReason" + " (when there is a single name which can be described)." + ), + ) + retryAfterSeconds: Optional[int] = Field( + default=None, + description=( + "If specified, the time in seconds before the operation should be retried." + " Some errors may indicate the client must take an alternate action - for" + " those errors this field may indicate how long to wait before taking the" + " alternate action." + ), + ) + uid: Optional[str] = Field( + default=None, + description=( + "UID of the resource. (when there is a single resource which can be" + " described). More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids" + ), + ) + + +class Condition(BaseModel): + lastTransitionTime: datetime = Field( + ..., + description=( + "lastTransitionTime is the last time the condition transitioned from one" + " status to another. This should be when the underlying condition changed. " + " If that is not known, then using the time when the API field changed is" + " acceptable." + ), + ) + message: str = Field( + ..., + description=( + "message is a human readable message indicating details about the" + " transition. This may be an empty string." + ), + ) + observedGeneration: Optional[int] = Field( + default=None, + description=( + "observedGeneration represents the .metadata.generation that the condition" + " was set based upon. For instance, if .metadata.generation is currently" + " 12, but the .status.conditions[x].observedGeneration is 9, the condition" + " is out of date with respect to the current state of the instance." + ), + ) + reason: str = Field( + ..., + description=( + "reason contains a programmatic identifier indicating the reason for the" + " condition's last transition. Producers of specific condition types may" + " define expected values and meanings for this field, and whether the" + " values are considered a guaranteed API. The value should be a CamelCase" + " string. This field may not be empty." + ), + ) + status: str = Field( + ..., description="status of the condition, one of True, False, Unknown." + ) + type: str = Field( + ..., + description="type of condition in CamelCase or in foo.example.com/CamelCase.", + ) + + +class DeleteOptions(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + dryRun: Optional[List[str]] = Field( + default=None, + description=( + "When present, indicates that modifications should not be persisted. An" + " invalid or unrecognized dryRun directive will result in an error response" + " and no further processing of the request. Valid values are: - All: all" + " dry run stages will be processed" + ), + ) + gracePeriodSeconds: Optional[int] = Field( + default=None, + description=( + "The duration in seconds before the object should be deleted. Value must be" + " non-negative integer. The value zero indicates delete immediately. If" + " this value is nil, the default grace period for the specified type will" + " be used. Defaults to a per object value if not specified. zero means" + " delete immediately." + ), + ) + kind: Optional[str] = Field( + default=None, + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + orphanDependents: Optional[bool] = Field( + default=None, + description=( + "Deprecated: please use the PropagationPolicy, this field will be" + " deprecated in 1.7. Should the dependent objects be orphaned. If" + ' true/false, the "orphan" finalizer will be added to/removed from the' + " object's finalizers list. Either this field or PropagationPolicy may be" + " set, but not both." + ), + ) + preconditions: Optional[Preconditions] = Field( + default=None, + description=( + "Must be fulfilled before a deletion is carried out. If not possible, a 409" + " Conflict status will be returned." + ), + ) + propagationPolicy: Optional[str] = Field( + default=None, + description=( + "Whether and how garbage collection will be performed. Either this field or" + " OrphanDependents may be set, but not both. The default policy is decided" + " by the existing finalizer set in the metadata.finalizers and the" + " resource-specific default policy. Acceptable values are: 'Orphan' -" + " orphan the dependents; 'Background' - allow the garbage collector to" + " delete the dependents in the background; 'Foreground' - a cascading" + " policy that deletes all dependents in the foreground." + ), + ) + + +class LabelSelector(BaseModel): + matchExpressions: Optional[List[LabelSelectorRequirement]] = Field( + default=None, + description=( + "matchExpressions is a list of label selector requirements. The" + " requirements are ANDed." + ), + ) + matchLabels: Optional[Dict[str, str]] = Field( + default=None, + description=( + "matchLabels is a map of {key,value} pairs. A single {key,value} in the" + " matchLabels map is equivalent to an element of matchExpressions, whose" + ' key field is "key", the operator is "In", and the values array contains' + ' only "value". The requirements are ANDed.' + ), + ) + + +class ManagedFieldsEntry(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the version of this resource that this field set" + ' applies to. The format is "group/version" just like the top-level' + " APIVersion field. It is necessary to track the version of a field set" + " because it cannot be automatically converted." + ), + ) + fieldsType: Optional[str] = Field( + default=None, + description=( + "FieldsType is the discriminator for the different fields format and" + ' version. There is currently only one possible value: "FieldsV1"' + ), + ) + fieldsV1: Optional[FieldsV1] = Field( + default=None, + description=( + "FieldsV1 holds the first JSON version format as described in the" + ' "FieldsV1" type.' + ), + ) + manager: Optional[str] = Field( + default=None, + description="Manager is an identifier of the workflow managing these fields.", + ) + operation: Optional[str] = Field( + default=None, + description=( + "Operation is the type of operation which lead to this ManagedFieldsEntry" + " being created. The only valid values for this field are 'Apply' and" + " 'Update'." + ), + ) + subresource: Optional[str] = Field( + default=None, + description=( + "Subresource is the name of the subresource used to update that object, or" + " empty string if the object was updated through the main resource. The" + " value of this field is used to distinguish between managers, even if they" + " share the same name. For example, a status update will be distinct from a" + " regular update using the same manager name. Note that the APIVersion" + " field is not related to the Subresource field and it always corresponds" + " to the version of the main resource." + ), + ) + time: Optional[datetime] = Field( + default=None, + description=( + "Time is the timestamp of when the ManagedFields entry was added. The" + " timestamp will also be updated if a field is added, the manager changes" + " any of the owned fields value or removes a field. The timestamp does not" + " update when a field is removed from the entry because another manager" + " took it over." + ), + ) + + +class ObjectMeta(BaseModel): + annotations: Optional[Dict[str, str]] = Field( + default=None, + description=( + "Annotations is an unstructured key value map stored with a resource that" + " may be set by external tools to store and retrieve arbitrary metadata." + " They are not queryable and should be preserved when modifying objects." + " More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations" + ), + ) + creationTimestamp: Optional[datetime] = Field( + default=None, + description=( + "CreationTimestamp is a timestamp representing the server time when this" + " object was created. It is not guaranteed to be set in happens-before" + " order across separate operations. Clients may not set this value. It is" + " represented in RFC3339 form and is in UTC.\n\nPopulated by the system." + " Read-only. Null for lists. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + deletionGracePeriodSeconds: Optional[int] = Field( + default=None, + description=( + "Number of seconds allowed for this object to gracefully terminate before" + " it will be removed from the system. Only set when deletionTimestamp is" + " also set. May only be shortened. Read-only." + ), + ) + deletionTimestamp: Optional[datetime] = Field( + default=None, + description=( + "DeletionTimestamp is RFC 3339 date and time at which this resource will be" + " deleted. This field is set by the server when a graceful deletion is" + " requested by the user, and is not directly settable by a client. The" + " resource is expected to be deleted (no longer visible from resource" + " lists, and not reachable by name) after the time in this field, once the" + " finalizers list is empty. As long as the finalizers list contains items," + " deletion is blocked. Once the deletionTimestamp is set, this value may" + " not be unset or be set further into the future, although it may be" + " shortened or the resource may be deleted prior to this time. For example," + " a user may request that a pod is deleted in 30 seconds. The Kubelet will" + " react by sending a graceful termination signal to the containers in the" + " pod. After that 30 seconds, the Kubelet will send a hard termination" + " signal (SIGKILL) to the container and after cleanup, remove the pod from" + " the API. In the presence of network partitions, this object may still" + " exist after this timestamp, until an administrator or automated process" + " can determine the resource is fully terminated. If not set, graceful" + " deletion of the object has not been requested.\n\nPopulated by the system" + " when a graceful deletion is requested. Read-only. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + finalizers: Optional[List[str]] = Field( + default=None, + description=( + "Must be empty before the object is deleted from the registry. Each entry" + " is an identifier for the responsible component that will remove the entry" + " from the list. If the deletionTimestamp of the object is non-nil, entries" + " in this list can only be removed. Finalizers may be processed and removed" + " in any order. Order is NOT enforced because it introduces significant" + " risk of stuck finalizers. finalizers is a shared field, any actor with" + " permission can reorder it. If the finalizer list is processed in order," + " then this can lead to a situation in which the component responsible for" + " the first finalizer in the list is waiting for a signal (field value," + " external system, or other) produced by a component responsible for a" + " finalizer later in the list, resulting in a deadlock. Without enforced" + " ordering finalizers are free to order amongst themselves and are not" + " vulnerable to ordering changes in the list." + ), + ) + generateName: Optional[str] = Field( + default=None, + description=( + "GenerateName is an optional prefix, used by the server, to generate a" + " unique name ONLY IF the Name field has not been provided. If this field" + " is used, the name returned to the client will be different than the name" + " passed. This value will also be combined with a unique suffix. The" + " provided value has the same validation rules as the Name field, and may" + " be truncated by the length of the suffix required to make the value" + " unique on the server.\n\nIf this field is specified and the generated" + " name exists, the server will return a 409.\n\nApplied only if Name is not" + " specified. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency" + ), + ) + generation: Optional[int] = Field( + default=None, + description=( + "A sequence number representing a specific generation of the desired state." + " Populated by the system. Read-only." + ), + ) + labels: Optional[Dict[str, str]] = Field( + default=None, + description=( + "Map of string keys and values that can be used to organize and categorize" + " (scope and select) objects. May match selectors of replication" + " controllers and services. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/labels" + ), + ) + managedFields: Optional[List[ManagedFieldsEntry]] = Field( + default=None, + description=( + "ManagedFields maps workflow-id and version to the set of fields that are" + " managed by that workflow. This is mostly for internal housekeeping, and" + " users typically shouldn't need to set or understand this field. A" + " workflow can be the user's name, a controller's name, or the name of a" + ' specific apply path like "ci-cd". The set of fields is always in the' + " version that the workflow used when modifying the object." + ), + ) + name: Optional[str] = Field( + default=None, + description=( + "Name must be unique within a namespace. Is required when creating" + " resources, although some resources may allow a client to request the" + " generation of an appropriate name automatically. Name is primarily" + " intended for creation idempotence and configuration definition. Cannot be" + " updated. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names" + ), + ) + namespace: Optional[str] = Field( + default=None, + description=( + "Namespace defines the space within which each name must be unique. An" + ' empty namespace is equivalent to the "default" namespace, but "default"' + " is the canonical representation. Not all objects are required to be" + " scoped to a namespace - the value of this field for those objects will be" + " empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces" + ), + ) + ownerReferences: Optional[List[OwnerReference]] = Field( + default=None, + description=( + "List of objects depended by this object. If ALL objects in the list have" + " been deleted, this object will be garbage collected. If this object is" + " managed by a controller, then an entry in this list will point to this" + " controller, with the controller field set to true. There cannot be more" + " than one managing controller." + ), + ) + resourceVersion: Optional[str] = Field( + default=None, + description=( + "An opaque value that represents the internal version of this object that" + " can be used by clients to determine when objects have changed. May be" + " used for optimistic concurrency, change detection, and the watch" + " operation on a resource or set of resources. Clients must treat these" + " values as opaque and passed unmodified back to the server. They may only" + " be valid for a particular resource or set of resources.\n\nPopulated by" + " the system. Read-only. Value must be treated as opaque by clients and ." + " More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + ), + ) + selfLink: Optional[str] = Field( + default=None, + description=( + "Deprecated: selfLink is a legacy read-only field that is no longer" + " populated by the system." + ), + ) + uid: Optional[str] = Field( + default=None, + description=( + "UID is the unique in time and space value for this object. It is typically" + " generated by the server on successful creation of a resource and is not" + " allowed to change on PUT operations.\n\nPopulated by the system." + " Read-only. More info:" + " https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids" + ), + ) + + +class Status(BaseModel): + apiVersion: Optional[str] = Field( + default=None, + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + code: Optional[int] = Field( + default=None, + description="Suggested HTTP return code for this status, 0 if not set.", + ) + details: Optional[StatusDetails] = Field( + default=None, + description=( + "Extended data associated with the reason. Each reason may define its own" + " extended details. This field is optional and the data returned is not" + " guaranteed to conform to any schema except that defined by the reason" + " type." + ), + ) + kind: Optional[str] = Field( + default=None, + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + message: Optional[str] = Field( + default=None, + description="A human-readable description of the status of this operation.", + ) + metadata: Optional[ListMeta] = Field( + default=None, + description=( + "Standard list metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + reason: Optional[str] = Field( + default=None, + description=( + 'A machine-readable description of why this operation is in the "Failure"' + " status. If this value is empty there is no information available. A" + " Reason clarifies an HTTP status code but does not override it." + ), + ) + status: Optional[str] = Field( + default=None, + description=( + 'Status of the operation. One of: "Success" or "Failure". More info:' + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status" + ), + ) + + +class WatchEvent(BaseModel): + object: runtime.RawExtension = Field( + ..., + description=( + "Object is:\n * If Type is Added or Modified: the new state of the" + " object.\n * If Type is Deleted: the state of the object immediately" + " before deletion.\n * If Type is Error: *Status is recommended; other" + " types may make sense\n depending on context." + ), + ) + type: str diff --git a/src/kubedantic/models/io/k8s/apimachinery/pkg/runtime.py b/src/kubedantic/models/io/k8s/apimachinery/pkg/runtime.py new file mode 100644 index 0000000..cff84a0 --- /dev/null +++ b/src/kubedantic/models/io/k8s/apimachinery/pkg/runtime.py @@ -0,0 +1,11 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from pydantic import BaseModel + + +class RawExtension(BaseModel): + pass diff --git a/src/kubedantic/models/io/k8s/kube_aggregator/pkg/apis/apiregistration/__init__.py b/src/kubedantic/models/io/k8s/kube_aggregator/pkg/apis/apiregistration/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/kubedantic/models/io/k8s/kube_aggregator/pkg/apis/apiregistration/v1.py b/src/kubedantic/models/io/k8s/kube_aggregator/pkg/apis/apiregistration/v1.py new file mode 100644 index 0000000..b3de11e --- /dev/null +++ b/src/kubedantic/models/io/k8s/kube_aggregator/pkg/apis/apiregistration/v1.py @@ -0,0 +1,195 @@ +# generated by datamodel-codegen: +# timestamp: 2024-04-28T13:01:54+00:00 +# k8s version: v1.30.0 + +from __future__ import annotations + +from datetime import datetime +from typing import List, Optional + +from pydantic import BaseModel, Field + +from .....apimachinery.pkg.apis.meta import v1 + + +class APIServiceCondition(BaseModel): + lastTransitionTime: Optional[datetime] = Field( + default=None, + description="Last time the condition transitioned from one status to another.", + ) + message: Optional[str] = Field( + default=None, + description="Human-readable message indicating details about last transition.", + ) + reason: Optional[str] = Field( + default=None, + description=( + "Unique, one-word, CamelCase reason for the condition's last transition." + ), + ) + status: str = Field( + ..., + description=( + "Status is the status of the condition. Can be True, False, Unknown." + ), + ) + type: str = Field(..., description="Type is the type of the condition.") + + +class APIServiceStatus(BaseModel): + conditions: Optional[List[APIServiceCondition]] = Field( + default=None, description="Current service state of apiService." + ) + + +class ServiceReference(BaseModel): + name: Optional[str] = Field( + default=None, description="Name is the name of the service" + ) + namespace: Optional[str] = Field( + default=None, description="Namespace is the namespace of the service" + ) + port: Optional[int] = Field( + default=None, + description=( + "If specified, the port on the service that hosting webhook. Default to 443" + " for backward compatibility. `port` should be a valid port number" + " (1-65535, inclusive)." + ), + ) + + +class APIServiceSpec(BaseModel): + caBundle: Optional[str] = Field( + default=None, + description=( + "CABundle is a PEM encoded CA bundle which will be used to validate an API" + " server's serving certificate. If unspecified, system trust roots on the" + " apiserver are used." + ), + ) + group: Optional[str] = Field( + default=None, description="Group is the API group name this server hosts" + ) + groupPriorityMinimum: int = Field( + ..., + description=( + "GroupPriorityMinimum is the priority this group should have at least." + " Higher priority means that the group is preferred by clients over lower" + " priority ones. Note that other versions of this group might specify even" + " higher GroupPriorityMinimum values such that the whole group gets a" + " higher priority. The primary sort is based on GroupPriorityMinimum," + " ordered highest number to lowest (20 before 10). The secondary sort is" + " based on the alphabetical comparison of the name of the object. (v1.bar" + " before v1.foo) We'd recommend something like: *.k8s.io (except" + " extensions) at 18000 and PaaSes (OpenShift, Deis) are recommended to be" + " in the 2000s" + ), + ) + insecureSkipTLSVerify: Optional[bool] = Field( + default=None, + description=( + "InsecureSkipTLSVerify disables TLS certificate verification when" + " communicating with this server. This is strongly discouraged. You should" + " use the CABundle instead." + ), + ) + service: Optional[ServiceReference] = Field( + default=None, + description=( + "Service is a reference to the service for this API server. It must" + " communicate on port 443. If the Service is nil, that means the handling" + " for the API groupversion is handled locally on this server. The call will" + " simply delegate to the normal handler chain to be fulfilled." + ), + ) + version: Optional[str] = Field( + default=None, + description='Version is the API version this server hosts. For example, "v1"', + ) + versionPriority: int = Field( + ..., + description=( + "VersionPriority controls the ordering of this API version inside of its" + " group. Must be greater than zero. The primary sort is based on" + " VersionPriority, ordered highest to lowest (20 before 10). Since it's" + " inside of a group, the number can be small, probably in the 10s. In case" + " of equal version priorities, the version string will be used to compute" + ' the order inside a group. If the version string is "kube-like", it will' + ' sort above non "kube-like" version strings, which are ordered' + ' lexicographically. "Kube-like" versions start with a "v", then are' + " followed by a number (the major version), then optionally the string" + ' "alpha" or "beta" and another number (the minor version). These are' + " sorted first by GA > beta > alpha (where GA is a version with no suffix" + " such as beta or alpha), and then by comparing major version, then minor" + " version. An example sorted list of versions: v10, v2, v1, v11beta2," + " v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10." + ), + ) + + +class APIService(BaseModel): + apiVersion: Optional[str] = Field( + default="apiregistration.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + kind: Optional[str] = Field( + default="APIService", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ObjectMeta] = Field( + default=None, + description=( + "Standard object's metadata. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) + spec: Optional[APIServiceSpec] = Field( + default=None, + description=( + "Spec contains information for locating and communicating with a server" + ), + ) + status: Optional[APIServiceStatus] = Field( + default=None, + description="Status contains derived information about an API server", + ) + + +class APIServiceList(BaseModel): + apiVersion: Optional[str] = Field( + default="apiregistration.k8s.io/v1", + description=( + "APIVersion defines the versioned schema of this representation of an" + " object. Servers should convert recognized schemas to the latest internal" + " value, and may reject unrecognized values. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + ), + ) + items: List[APIService] = Field(..., description="Items is the list of APIService") + kind: Optional[str] = Field( + default="APIServiceList", + description=( + "Kind is a string value representing the REST resource this object" + " represents. Servers may infer this from the endpoint the client submits" + " requests to. Cannot be updated. In CamelCase. More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + ), + ) + metadata: Optional[v1.ListMeta] = Field( + default=None, + description=( + "Standard list metadata More info:" + " https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata" + ), + ) diff --git a/tests/test_models.py b/tests/test_models.py new file mode 100644 index 0000000..23b87f7 --- /dev/null +++ b/tests/test_models.py @@ -0,0 +1,29 @@ +from kubedantic.models.io.k8s.api.apps.v1 import Deployment, DeploymentSpec +from kubedantic.models.io.k8s.api.core.v1 import PodTemplateSpec +from kubedantic.models.io.k8s.apimachinery.pkg.apis.meta.v1 import ( + LabelSelector, + ObjectMeta, +) + + +def test_deployment(): + deployment = Deployment( + metadata=ObjectMeta(name="test"), + spec=DeploymentSpec( + replicas=1, + selector=LabelSelector(matchLabels={"app": "test"}), + template=PodTemplateSpec( + metadata=ObjectMeta(labels={"app": "test"}), + ), + ), + ) + + assert deployment.apiVersion == "apps/v1" + assert deployment.kind == "Deployment" + assert deployment.metadata is not None + assert deployment.metadata.name == "test" + assert deployment.spec is not None + assert deployment.spec.replicas == 1 + assert deployment.spec.selector.matchLabels == {"app": "test"} + assert deployment.spec.template.metadata is not None + assert deployment.spec.template.metadata.labels == {"app": "test"}