From 3959491fa2f981b3306262d53ce82072b587b328 Mon Sep 17 00:00:00 2001 From: Janhavi Alekar <97527096+JanhaviAlekar@users.noreply.github.com> Date: Wed, 14 Aug 2024 11:21:23 +0530 Subject: [PATCH 01/31] all repo support in chaoshub (#4748) Signed-off-by: JanhaviAlekar Co-authored-by: Namkyu Park <53862866+namkyu1999@users.noreply.github.com> Co-authored-by: Saranya Jena --- chaoscenter/graphql/server/pkg/chaoshub/ops/gitops.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/chaoscenter/graphql/server/pkg/chaoshub/ops/gitops.go b/chaoscenter/graphql/server/pkg/chaoshub/ops/gitops.go index 0f166030645..0a4950efef4 100644 --- a/chaoscenter/graphql/server/pkg/chaoshub/ops/gitops.go +++ b/chaoscenter/graphql/server/pkg/chaoshub/ops/gitops.go @@ -9,6 +9,7 @@ import ( "github.com/go-git/go-git/v5" "github.com/go-git/go-git/v5/plumbing" + "github.com/go-git/go-git/v5/plumbing/protocol/packp/capability" "github.com/go-git/go-git/v5/plumbing/transport" "github.com/go-git/go-git/v5/plumbing/transport/http" "github.com/go-git/go-git/v5/plumbing/transport/ssh" @@ -276,6 +277,10 @@ func (c ChaosHubConfig) gitPullPrivateRepo() error { // generateAuthMethod creates AuthMethod for private repos func (c ChaosHubConfig) generateAuthMethod() (transport.AuthMethod, error) { + transport.UnsupportedCapabilities = []capability.Capability{ + capability.ThinPack, + } + var auth transport.AuthMethod if c.AuthType == model.AuthTypeToken { auth = &http.BasicAuth{ From 3874a5b7587383cc70f513ea60e5d3275a241202 Mon Sep 17 00:00:00 2001 From: Ji Hoon Bae Date: Wed, 14 Aug 2024 14:51:47 +0900 Subject: [PATCH 02/31] Apply golang code review comments to `chaoscenter/graphql/server/server.go` (#4778) * feat: remove duplicate import Signed-off-by: JiHoon Bae * feat: apply import convention Signed-off-by: JiHoon Bae * feat: apply `Indent Error Flow` from code review comments Signed-off-by: JiHoon Bae * feat: apply `Indent Error Flow` from code review comments and make simple if statements Signed-off-by: JiHoon Bae --------- Signed-off-by: JiHoon Bae Co-authored-by: Saranya Jena --- chaoscenter/graphql/server/server.go | 82 ++++++++++++---------------- 1 file changed, 36 insertions(+), 46 deletions(-) diff --git a/chaoscenter/graphql/server/server.go b/chaoscenter/graphql/server/server.go index bf6a3df67f9..78e8b00ba9a 100644 --- a/chaoscenter/graphql/server/server.go +++ b/chaoscenter/graphql/server/server.go @@ -1,45 +1,38 @@ package main import ( - "regexp" - "strconv" - - "google.golang.org/grpc/credentials" - - "github.com/gin-gonic/gin" - "github.com/litmuschaos/litmus/chaoscenter/graphql/server/api/middleware" - "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/chaoshub" - handler2 "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/chaoshub/handler" - "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/database/mongodb" - dbSchemaChaosHub "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/database/mongodb/chaos_hub" - "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/projects" - "context" "fmt" "net" "net/http" + "regexp" "runtime" + "strconv" "time" - "github.com/kelseyhightower/envconfig" - - "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/authorization" - - "github.com/99designs/gqlgen/graphql/handler/extension" - - "github.com/litmuschaos/litmus/chaoscenter/graphql/server/utils" - "github.com/99designs/gqlgen/graphql/handler" + "github.com/99designs/gqlgen/graphql/handler/extension" "github.com/99designs/gqlgen/graphql/handler/transport" + "github.com/gin-gonic/gin" "github.com/gorilla/websocket" + "github.com/kelseyhightower/envconfig" + log "github.com/sirupsen/logrus" + "google.golang.org/grpc" + "google.golang.org/grpc/credentials" + + "github.com/litmuschaos/litmus/chaoscenter/graphql/server/api/middleware" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/graph" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/graph/generated" + "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/authorization" + "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/chaoshub" + handler2 "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/chaoshub/handler" + "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/database/mongodb" + dbSchemaChaosHub "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/database/mongodb/chaos_hub" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/database/mongodb/config" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/handlers" + "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/projects" pb "github.com/litmuschaos/litmus/chaoscenter/graphql/server/protos" - "github.com/sirupsen/logrus" - log "github.com/sirupsen/logrus" - "google.golang.org/grpc" + "github.com/litmuschaos/litmus/chaoscenter/graphql/server/utils" ) func init() { @@ -52,7 +45,6 @@ func init() { if err != nil { log.Fatal(err) } - } func validateVersion() error { @@ -106,15 +98,14 @@ func main() { enableHTTPSConnection, err := strconv.ParseBool(utils.Config.EnableInternalTls) if err != nil { - logrus.Errorf("unable to parse boolean value %v", err) + log.Errorf("unable to parse boolean value %v", err) } if enableHTTPSConnection { - if utils.Config.TlsCertPath != "" && utils.Config.TlsKeyPath != "" { - go startGRPCServerWithTLS(mongodbOperator) // start GRPC serve - } else { + if utils.Config.TlsCertPath == "" || utils.Config.TlsKeyPath == "" { log.Fatalf("Failure to start chaoscenter authentication REST server due to empty TLS cert file path and TLS key path") } + go startGRPCServerWithTLS(mongodbOperator) // start GRPC serve } else { go startGRPCServer(utils.Config.GrpcPort, mongodbOperator) // start GRPC serve } @@ -144,7 +135,8 @@ func main() { enableIntrospection, err := strconv.ParseBool(utils.Config.EnableGQLIntrospection) if err != nil { log.Errorf("unable to parse boolean value %v", err) - } else if err == nil && enableIntrospection == true { + } + if enableIntrospection { srv.Use(extension.Introspection{}) } @@ -170,28 +162,26 @@ func main() { go projects.ProjectEvents(projectEventChannel, mongodb.MgoClient, mongodbOperator) if enableHTTPSConnection { - if utils.Config.TlsCertPath != "" && utils.Config.TlsKeyPath != "" { - log.Infof("graphql server running at https://localhost:%s", utils.Config.RestPort) - // configuring TLS config based on provided certificates & keys - conf := utils.GetTlsConfig(utils.Config.TlsCertPath, utils.Config.TlsKeyPath, true) - - server := http.Server{ - Addr: ":" + utils.Config.RestPort, - Handler: router, - TLSConfig: conf, - } - err := server.ListenAndServeTLS("", "") - if err != nil { - log.Fatalf("Failure to start litmus-portal graphql REST server due to %v", err) - } - } else { + if utils.Config.TlsCertPath == "" || utils.Config.TlsKeyPath == "" { log.Fatalf("Failure to start chaoscenter authentication GRPC server due to empty TLS cert file path and TLS key path") } + + log.Infof("graphql server running at https://localhost:%s", utils.Config.RestPort) + // configuring TLS config based on provided certificates & keys + conf := utils.GetTlsConfig(utils.Config.TlsCertPath, utils.Config.TlsKeyPath, true) + + server := http.Server{ + Addr: ":" + utils.Config.RestPort, + Handler: router, + TLSConfig: conf, + } + if err := server.ListenAndServeTLS("", ""); err != nil { + log.Fatalf("Failure to start litmus-portal graphql REST server due to %v", err) + } } else { log.Infof("graphql server running at http://localhost:%s", utils.Config.RestPort) log.Fatal(http.ListenAndServe(":"+utils.Config.RestPort, router)) } - } // startGRPCServer initializes, registers services to and starts the gRPC server for RPC calls From fd9cb3f38aff9cf43a9149c0c28ba0c558354a12 Mon Sep 17 00:00:00 2001 From: Bruno Ledesma Date: Wed, 14 Aug 2024 02:52:05 -0300 Subject: [PATCH 03/31] Subscriber reconnect (#4776) * Force infra/subscriber disconnection when is already connected Signed-off-by: Bruno Ledesma * Force infra/subscriber disconnection when is already connected Signed-off-by: Bruno Ledesma --------- Signed-off-by: Bruno Ledesma --- .../server/graph/chaos_infrastructure.resolvers.go | 6 ++++-- chaoscenter/subscriber/pkg/requests/webhook.go | 9 ++++++++- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/chaoscenter/graphql/server/graph/chaos_infrastructure.resolvers.go b/chaoscenter/graphql/server/graph/chaos_infrastructure.resolvers.go index 4ee62af5526..7e4540509eb 100644 --- a/chaoscenter/graphql/server/graph/chaos_infrastructure.resolvers.go +++ b/chaoscenter/graphql/server/graph/chaos_infrastructure.resolvers.go @@ -270,8 +270,10 @@ func (r *subscriptionResolver) InfraConnect(ctx context.Context, request model.I return infraAction, err } data_store.Store.Mutex.Lock() - if _, ok := data_store.Store.ConnectedInfra[request.InfraID]; ok { + if infra_channel, ok := data_store.Store.ConnectedInfra[request.InfraID]; ok { data_store.Store.Mutex.Unlock() + logrus.Print("ALREADY CONNECTED, FORCED DISCONNECT: ", request.InfraID) + close(infra_channel) return infraAction, errors.New("CLUSTER ALREADY CONNECTED") } data_store.Store.ConnectedInfra[request.InfraID] = infraAction @@ -279,7 +281,7 @@ func (r *subscriptionResolver) InfraConnect(ctx context.Context, request model.I go func() { <-ctx.Done() verifiedInfra.IsActive = false - + logrus.Print("Context Done, will handle disconnection for: ", request.InfraID) newVerifiedInfra := model.Infra{} copier.Copy(&newVerifiedInfra, &verifiedInfra) diff --git a/chaoscenter/subscriber/pkg/requests/webhook.go b/chaoscenter/subscriber/pkg/requests/webhook.go index e0ee2f0e900..1407d6e44f4 100644 --- a/chaoscenter/subscriber/pkg/requests/webhook.go +++ b/chaoscenter/subscriber/pkg/requests/webhook.go @@ -69,7 +69,7 @@ func (req *subscriberRequests) AgentConnect(infraData map[string]string) { for { _, message, err := c.ReadMessage() if err != nil { - logrus.WithError(err).Fatal("Failed to read message") + logrus.WithError(err).Panic("Failed to read message") } var r types.RawData @@ -87,6 +87,7 @@ func (req *subscriberRequests) AgentConnect(infraData map[string]string) { } if r.Payload.Errors != nil { logrus.Error("Error response from the server : ", string(message)) + panicWhen("ALREADY CONNECTED", message) continue } @@ -97,6 +98,12 @@ func (req *subscriberRequests) AgentConnect(infraData map[string]string) { } } +func panicWhen(errorMessage string, message []byte) { + if strings.Contains(string(message), errorMessage) { + logrus.Panic("Server error: ", errorMessage) + } +} + func (req *subscriberRequests) RequestProcessor(infraData map[string]string, r types.RawData) error { if strings.Index("kubeobject kubeobjects", strings.ToLower(r.Payload.Data.InfraConnect.Action.RequestType)) >= 0 { KubeObjRequest := types.KubeObjRequest{ From 50a66ff6520348eeb7dbe42e01c6e442c1d2b792 Mon Sep 17 00:00:00 2001 From: Aryan Bhokare <92683836+aryan-bhokare@users.noreply.github.com> Date: Wed, 14 Aug 2024 11:49:50 +0530 Subject: [PATCH 04/31] Fixing RBACs of RunChaosExperiment function (#4822) Signed-off-by: aryan Co-authored-by: Saranya Jena --- .../graphql/server/graph/chaos_experiment_run.resolvers.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chaoscenter/graphql/server/graph/chaos_experiment_run.resolvers.go b/chaoscenter/graphql/server/graph/chaos_experiment_run.resolvers.go index d46940ff94d..62a82b0de5f 100644 --- a/chaoscenter/graphql/server/graph/chaos_experiment_run.resolvers.go +++ b/chaoscenter/graphql/server/graph/chaos_experiment_run.resolvers.go @@ -29,7 +29,7 @@ func (r *mutationResolver) RunChaosExperiment(ctx context.Context, experimentID logrus.WithFields(logFields).Info("request received to run chaos experiment") err := authorization.ValidateRole(ctx, projectID, - authorization.MutationRbacRules[authorization.CreateChaosExperiment], + authorization.MutationRbacRules[authorization.ReRunChaosExperiment], model.InvitationAccepted.String()) if err != nil { return nil, err From d827c32b1217b7c8eebc48875c5c329792dc945e Mon Sep 17 00:00:00 2001 From: Hrishav Date: Wed, 14 Aug 2024 15:32:32 +0530 Subject: [PATCH 05/31] fix: Fixed routing issues with project switcher (#4828) Signed-off-by: Hrishav --- .../ProjectDashboardCardContainer.tsx | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/chaoscenter/web/src/components/ProjectDashboardCardContainer/ProjectDashboardCardContainer.tsx b/chaoscenter/web/src/components/ProjectDashboardCardContainer/ProjectDashboardCardContainer.tsx index 1851b869388..4975608b2e6 100644 --- a/chaoscenter/web/src/components/ProjectDashboardCardContainer/ProjectDashboardCardContainer.tsx +++ b/chaoscenter/web/src/components/ProjectDashboardCardContainer/ProjectDashboardCardContainer.tsx @@ -10,7 +10,6 @@ import { useStrings } from '@strings'; import ProjectDashboardCardMenuController from '@controllers/ProjectDashboardCardMenu'; import { setUserDetails, toSentenceCase } from '@utils'; import { useAppStore } from '@context'; -import { useRouteWithBaseUrl } from '@hooks'; import css from './ProjectDashboardCardContainer.module.scss'; interface ProjectDashboardCardProps { @@ -25,16 +24,16 @@ export default function ProjectDashboardCardContainer(props: ProjectDashboardCar const [projectIdToDelete, setProjectIdToDelete] = useState(); const { getString } = useStrings(); const history = useHistory(); - const { updateAppStore } = useAppStore(); - - const paths = useRouteWithBaseUrl(); + const { updateAppStore, currentUserInfo } = useAppStore(); const handleProjectSelect = (project: Project): void => { + const projectRole = project.members?.find(member => member.userID === currentUserInfo?.ID)?.role; updateAppStore({ projectID: project.projectID, projectName: project.name }); setUserDetails({ + projectRole, projectID: project.projectID }); - history.push(paths.toRoot()); + history.replace(`/`); }; return ( From 09cbd3779388fae0757c30bcb6d22cc422d1a55e Mon Sep 17 00:00:00 2001 From: Saranya Jena Date: Wed, 14 Aug 2024 15:46:49 +0530 Subject: [PATCH 06/31] Added installation manifests for 3.10.0 (#4827) Signed-off-by: Saranya-jena --- .../docs/3.10.0/litmus-getting-started.yaml | 414 ++ mkdocs/docs/3.10.0/litmus-installation.yaml | 447 ++ mkdocs/docs/3.10.0/litmus-portal-crds.yml | 3596 +++++++++++++++++ .../docs/3.10.0/litmus-without-resources.yaml | 420 ++ 4 files changed, 4877 insertions(+) create mode 100644 mkdocs/docs/3.10.0/litmus-getting-started.yaml create mode 100644 mkdocs/docs/3.10.0/litmus-installation.yaml create mode 100644 mkdocs/docs/3.10.0/litmus-portal-crds.yml create mode 100644 mkdocs/docs/3.10.0/litmus-without-resources.yaml diff --git a/mkdocs/docs/3.10.0/litmus-getting-started.yaml b/mkdocs/docs/3.10.0/litmus-getting-started.yaml new file mode 100644 index 00000000000..bda3281748e --- /dev/null +++ b/mkdocs/docs/3.10.0/litmus-getting-started.yaml @@ -0,0 +1,414 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: litmus-portal-admin-secret +stringData: + DB_USER: "root" + DB_PASSWORD: "1234" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: litmus-portal-admin-config +data: + DB_SERVER: mongodb://my-release-mongodb-0.my-release-mongodb-headless:27017,my-release-mongodb-1.my-release-mongodb-headless:27017,my-release-mongodb-2.my-release-mongodb-headless:27017/admin + VERSION: "3.10.0" + SKIP_SSL_VERIFY: "false" + # Configurations if you are using dex for OAuth + DEX_ENABLED: "false" + OIDC_ISSUER: "http://:32000" + DEX_OAUTH_CALLBACK_URL: "http://:8080/auth/dex/callback" + DEX_OAUTH_CLIENT_ID: "LitmusPortalAuthBackend" + DEX_OAUTH_CLIENT_SECRET: "ZXhhbXBsZS1hcHAtc2VjcmV0" + OAuthJwtSecret: "litmus-oauth@123" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: litmusportal-frontend-nginx-configuration +data: + nginx.conf: | + pid /tmp/nginx.pid; + + events { + worker_connections 1024; + } + + http { + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + client_body_temp_path /tmp/client_temp; + proxy_temp_path /tmp/proxy_temp_path; + fastcgi_temp_path /tmp/fastcgi_temp; + uwsgi_temp_path /tmp/uwsgi_temp; + scgi_temp_path /tmp/scgi_temp; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + server_tokens off; + + include /etc/nginx/mime.types; + + gzip on; + gzip_disable "msie6"; + + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + + server { + listen 8185 default_server; + root /opt/chaos; + + location /health { + return 200; + } + + location / { + proxy_http_version 1.1; + add_header Cache-Control "no-cache"; + try_files $uri /index.html; + autoindex on; + } + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + location /auth/ { + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass "http://litmusportal-auth-server-service:9003/"; + } + + location /api/ { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass "http://litmusportal-server-service:9002/"; + } + } + } +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: litmusportal-frontend + labels: + component: litmusportal-frontend +spec: + replicas: 1 + selector: + matchLabels: + component: litmusportal-frontend + template: + metadata: + labels: + component: litmusportal-frontend + spec: + automountServiceAccountToken: false + containers: + - name: litmusportal-frontend + image: litmuschaos/litmusportal-frontend:3.10.0 + # securityContext: + # runAsUser: 2000 + # allowPrivilegeEscalation: false + # runAsNonRoot: true + imagePullPolicy: Always + ports: + - containerPort: 8185 + resources: + requests: + memory: "250Mi" + cpu: "125m" + ephemeral-storage: "500Mi" + limits: + memory: "512Mi" + cpu: "550m" + ephemeral-storage: "1Gi" + volumeMounts: + - name: nginx-config + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + volumes: + - name: nginx-config + configMap: + name: litmusportal-frontend-nginx-configuration +--- +apiVersion: v1 +kind: Service +metadata: + name: litmusportal-frontend-service +spec: + type: NodePort + ports: + - name: http + port: 9091 + targetPort: 8185 + selector: + component: litmusportal-frontend +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: litmusportal-server + labels: + component: litmusportal-server +spec: + replicas: 1 + selector: + matchLabels: + component: litmusportal-server + template: + metadata: + labels: + component: litmusportal-server + spec: + automountServiceAccountToken: false + volumes: + - name: gitops-storage + emptyDir: {} + - name: hub-storage + emptyDir: {} + containers: + - name: graphql-server + image: litmuschaos/litmusportal-server:3.10.0 + volumeMounts: + - mountPath: /tmp/ + name: gitops-storage + - mountPath: /tmp/version + name: hub-storage + securityContext: + runAsUser: 2000 + allowPrivilegeEscalation: false + runAsNonRoot: true + readOnlyRootFilesystem: true + envFrom: + - configMapRef: + name: litmus-portal-admin-config + - secretRef: + name: litmus-portal-admin-secret + env: + # if self-signed certificate are used pass the base64 tls certificate, to allow agents to use tls for communication + - name: TLS_CERT_B64 + value: "" + - name: ENABLE_GQL_INTROSPECTION + value: "false" + - name: INFRA_DEPLOYMENTS + value: '["app=chaos-exporter", "name=chaos-operator", "app=workflow-controller", "app=event-tracker"]' + - name: CHAOS_CENTER_UI_ENDPOINT + value: "" + - name: SUBSCRIBER_IMAGE + value: "litmuschaos/litmusportal-subscriber:3.10.0" + - name: EVENT_TRACKER_IMAGE + value: "litmuschaos/litmusportal-event-tracker:3.10.0" + - name: ARGO_WORKFLOW_CONTROLLER_IMAGE + value: "litmuschaos/workflow-controller:v3.3.1" + - name: ARGO_WORKFLOW_EXECUTOR_IMAGE + value: "litmuschaos/argoexec:v3.3.1" + - name: LITMUS_CHAOS_OPERATOR_IMAGE + value: "litmuschaos/chaos-operator:3.10.0" + - name: LITMUS_CHAOS_RUNNER_IMAGE + value: "litmuschaos/chaos-runner:3.10.0" + - name: LITMUS_CHAOS_EXPORTER_IMAGE + value: "litmuschaos/chaos-exporter:3.10.0" + - name: CONTAINER_RUNTIME_EXECUTOR + value: "k8sapi" + - name: DEFAULT_HUB_BRANCH_NAME + value: "3.10.x" + - name: LITMUS_AUTH_GRPC_ENDPOINT + value: "litmusportal-auth-server-service" + - name: LITMUS_AUTH_GRPC_PORT + value: "3030" + - name: WORKFLOW_HELPER_IMAGE_VERSION + value: "3.10.0" + - name: REMOTE_HUB_MAX_SIZE + value: "5000000" + - name: INFRA_COMPATIBLE_VERSIONS + value: '["3.10.0"]' + - name: ALLOWED_ORIGINS + value: ".*" #eg: ^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-server-service(:[0-9]+|)? + - name: ENABLE_INTERNAL_TLS + value: "false" + - name: TLS_CERT_PATH + value: "" + - name: TLS_KEY_PATH + value: "" + - name: CA_CERT_TLS_PATH + value: "" + - name: REST_PORT + value: "8080" + - name: GRPC_PORT + value: "8000" + ports: + - containerPort: 8080 + - containerPort: 8000 + imagePullPolicy: Always + resources: + requests: + memory: "250Mi" + cpu: "225m" + ephemeral-storage: "500Mi" + limits: + memory: "712Mi" + cpu: "550m" + ephemeral-storage: "1Gi" +--- +kind: NetworkPolicy +apiVersion: networking.k8s.io/v1 +metadata: + name: litmusportal-server + namespace: litmus + labels: + component: litmusportal-server +spec: + policyTypes: + - Ingress + podSelector: + matchLabels: + component: litmusportal-server + ingress: + - from: + - podSelector: + matchLabels: + component: litmusportal-frontend +--- +apiVersion: v1 +kind: Service +metadata: + name: litmusportal-server-service +spec: + type: NodePort + ports: + - name: graphql-server + port: 9002 + targetPort: 8080 + - name: graphql-rpc-server + port: 8000 + targetPort: 8000 + selector: + component: litmusportal-server +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: litmusportal-auth-server + labels: + component: litmusportal-auth-server +spec: + replicas: 1 + selector: + matchLabels: + component: litmusportal-auth-server + template: + metadata: + labels: + component: litmusportal-auth-server + spec: + automountServiceAccountToken: false + containers: + - name: auth-server + image: litmuschaos/litmusportal-auth-server:3.10.0 + securityContext: + runAsUser: 2000 + allowPrivilegeEscalation: false + runAsNonRoot: true + readOnlyRootFilesystem: true + envFrom: + - configMapRef: + name: litmus-portal-admin-config + - secretRef: + name: litmus-portal-admin-secret + env: + - name: STRICT_PASSWORD_POLICY + value: "false" + - name: ADMIN_USERNAME + value: "admin" + - name: ADMIN_PASSWORD + value: "litmus" + - name: LITMUS_GQL_GRPC_ENDPOINT + value: "litmusportal-server-service" + - name: LITMUS_GQL_GRPC_PORT + value: "8000" + - name: ALLOWED_ORIGINS + value: ".*" #eg: ^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-server-service(:[0-9]+|)? + - name: ENABLE_INTERNAL_TLS + value: "false" + - name: TLS_CERT_PATH + value: "" + - name: TLS_KEY_PATH + value: "" + - name: CA_CERT_TLS_PATH + value: "" + - name: REST_PORT + value: "3000" + - name: GRPC_PORT + value: "3030" + ports: + - containerPort: 3000 + - containerPort: 3030 + imagePullPolicy: Always + resources: + requests: + memory: "250Mi" + cpu: "125m" + ephemeral-storage: "500Mi" + limits: + memory: "712Mi" + cpu: "550m" + ephemeral-storage: "1Gi" +--- +kind: NetworkPolicy +apiVersion: networking.k8s.io/v1 +metadata: + name: litmusportal-auth-server + namespace: litmus + labels: + component: litmusportal-auth-server +spec: + policyTypes: + - Ingress + podSelector: + matchLabels: + component: litmusportal-auth-server + ingress: + - from: + - podSelector: + matchLabels: + component: litmusportal-frontend + - from: + - podSelector: + matchLabels: + component: litmusportal-server +--- +apiVersion: v1 +kind: Service +metadata: + name: litmusportal-auth-server-service +spec: + type: NodePort + ports: + - name: auth-server + port: 9003 + targetPort: 3000 + - name: auth-rpc-server + port: 3030 + targetPort: 3030 + selector: + component: litmusportal-auth-server \ No newline at end of file diff --git a/mkdocs/docs/3.10.0/litmus-installation.yaml b/mkdocs/docs/3.10.0/litmus-installation.yaml new file mode 100644 index 00000000000..656da6e5522 --- /dev/null +++ b/mkdocs/docs/3.10.0/litmus-installation.yaml @@ -0,0 +1,447 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: litmus-portal-admin-secret +stringData: + DB_USER: "root" + DB_PASSWORD: "1234" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: litmus-portal-admin-config +data: + DB_SERVER: mongodb://my-release-mongodb-0.my-release-mongodb-headless:27017,my-release-mongodb-1.my-release-mongodb-headless:27017,my-release-mongodb-2.my-release-mongodb-headless:27017/admin + VERSION: "3.10.0" + SKIP_SSL_VERIFY: "false" + # Configurations if you are using dex for OAuth + DEX_ENABLED: "false" + OIDC_ISSUER: "http://:32000" + DEX_OAUTH_CALLBACK_URL: "http://:8080/auth/dex/callback" + DEX_OAUTH_CLIENT_ID: "LitmusPortalAuthBackend" + DEX_OAUTH_CLIENT_SECRET: "ZXhhbXBsZS1hcHAtc2VjcmV0" + OAuthJwtSecret: "litmus-oauth@123" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: litmusportal-frontend-nginx-configuration +data: + nginx.conf: | + pid /tmp/nginx.pid; + + events { + worker_connections 1024; + } + + http { + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + client_body_temp_path /tmp/client_temp; + proxy_temp_path /tmp/proxy_temp_path; + fastcgi_temp_path /tmp/fastcgi_temp; + uwsgi_temp_path /tmp/uwsgi_temp; + scgi_temp_path /tmp/scgi_temp; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + server_tokens off; + + include /etc/nginx/mime.types; + + gzip on; + gzip_disable "msie6"; + + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + + server { + listen 8185 ssl; + ssl_certificate /etc/tls/tls.crt; + ssl_certificate_key /etc/tls/tls.key; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_client_certificate /etc/tls/ca.crt; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + + root /opt/chaos; + + location /health { + return 200; + } + + location / { + proxy_http_version 1.1; + add_header Cache-Control "no-cache"; + try_files $uri /index.html; + autoindex on; + } + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + location /auth/ { + proxy_ssl_verify off; + proxy_ssl_session_reuse on; + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass "https://litmusportal-auth-server-service:9005/"; + proxy_ssl_certificate /etc/tls/tls.crt; + proxy_ssl_certificate_key /etc/tls/tls.key; + } + + location /api/ { + proxy_ssl_verify off; + proxy_ssl_session_reuse on; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass "https://litmusportal-server-service:9004/"; + proxy_ssl_certificate /etc/tls/tls.crt; + proxy_ssl_certificate_key /etc/tls/tls.key; + } + } + } +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: litmusportal-frontend + labels: + component: litmusportal-frontend +spec: + replicas: 1 + selector: + matchLabels: + component: litmusportal-frontend + template: + metadata: + labels: + component: litmusportal-frontend + spec: + automountServiceAccountToken: false + containers: + - name: litmusportal-frontend + image: litmuschaos/litmusportal-frontend:3.10.0 + # securityContext: + # runAsUser: 2000 + # allowPrivilegeEscalation: false + # runAsNonRoot: true + imagePullPolicy: Always + ports: + - containerPort: 8185 + resources: + requests: + memory: "250Mi" + cpu: "125m" + ephemeral-storage: "500Mi" + limits: + memory: "512Mi" + cpu: "550m" + ephemeral-storage: "1Gi" + volumeMounts: + - name: nginx-config + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + - mountPath: /etc/tls + name: tls-secret + volumes: + - name: nginx-config + configMap: + name: litmusportal-frontend-nginx-configuration + - name: tls-secret + secret: + secretName: tls-secret +--- +apiVersion: v1 +kind: Service +metadata: + name: litmusportal-frontend-service +spec: + type: NodePort + ports: + - name: http + port: 9091 + targetPort: 8185 + selector: + component: litmusportal-frontend +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: litmusportal-server + labels: + component: litmusportal-server +spec: + replicas: 1 + selector: + matchLabels: + component: litmusportal-server + template: + metadata: + labels: + component: litmusportal-server + spec: + automountServiceAccountToken: false + volumes: + - name: gitops-storage + emptyDir: {} + - name: hub-storage + emptyDir: {} + - name: tls-secret + secret: + secretName: tls-secret + containers: + - name: graphql-server + image: litmuschaos/litmusportal-server:3.10.0 + volumeMounts: + - mountPath: /tmp/ + name: gitops-storage + - mountPath: /tmp/version + name: hub-storage + - mountPath: /etc/tls + name: tls-secret + securityContext: + runAsUser: 2000 + allowPrivilegeEscalation: false + runAsNonRoot: true + readOnlyRootFilesystem: true + envFrom: + - configMapRef: + name: litmus-portal-admin-config + - secretRef: + name: litmus-portal-admin-secret + env: + # if self-signed certificate are used pass the base64 tls certificate, to allow agents to use tls for communication + - name: TLS_CERT_B64 + value: "" + - name: ENABLE_GQL_INTROSPECTION + value: "false" + - name: INFRA_DEPLOYMENTS + value: '["app=chaos-exporter", "name=chaos-operator", "app=workflow-controller", "app=event-tracker"]' + - name: CHAOS_CENTER_UI_ENDPOINT + value: "" + - name: SUBSCRIBER_IMAGE + value: "litmuschaos/litmusportal-subscriber:3.10.0" + - name: EVENT_TRACKER_IMAGE + value: "litmuschaos/litmusportal-event-tracker:3.10.0" + - name: ARGO_WORKFLOW_CONTROLLER_IMAGE + value: "litmuschaos/workflow-controller:v3.3.1" + - name: ARGO_WORKFLOW_EXECUTOR_IMAGE + value: "litmuschaos/argoexec:v3.3.1" + - name: LITMUS_CHAOS_OPERATOR_IMAGE + value: "litmuschaos/chaos-operator:3.10.0" + - name: LITMUS_CHAOS_RUNNER_IMAGE + value: "litmuschaos/chaos-runner:3.10.0" + - name: LITMUS_CHAOS_EXPORTER_IMAGE + value: "litmuschaos/chaos-exporter:3.10.0" + - name: CONTAINER_RUNTIME_EXECUTOR + value: "k8sapi" + - name: DEFAULT_HUB_BRANCH_NAME + value: "3.10.x" + - name: LITMUS_AUTH_GRPC_ENDPOINT + value: "litmusportal-auth-server-service" + - name: LITMUS_AUTH_GRPC_PORT + value: "3030" + - name: WORKFLOW_HELPER_IMAGE_VERSION + value: "3.10.0" + - name: REMOTE_HUB_MAX_SIZE + value: "5000000" + - name: INFRA_COMPATIBLE_VERSIONS + value: '["3.10.0"]' + - name: ALLOWED_ORIGINS + value: "^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-server-service(:[0-9]+|)?" + - name: ENABLE_INTERNAL_TLS + value: "true" + - name: TLS_CERT_PATH + value: "/etc/tls/tls.crt" + - name: TLS_KEY_PATH + value: "/etc/tls/tls.key" + - name: CA_CERT_TLS_PATH + value: "/etc/tls/ca.crt" + - name: REST_PORT + value: "8081" + - name: GRPC_PORT + value: "8001" + ports: + - containerPort: 8081 + - containerPort: 8001 + imagePullPolicy: Always + resources: + requests: + memory: "250Mi" + cpu: "225m" + ephemeral-storage: "500Mi" + limits: + memory: "712Mi" + cpu: "550m" + ephemeral-storage: "1Gi" +--- +kind: NetworkPolicy +apiVersion: networking.k8s.io/v1 +metadata: + name: litmusportal-server + namespace: litmus + labels: + component: litmusportal-server +spec: + policyTypes: + - Ingress + podSelector: + matchLabels: + component: litmusportal-server + ingress: + - from: + - podSelector: + matchLabels: + component: litmusportal-frontend +--- +apiVersion: v1 +kind: Service +metadata: + name: litmusportal-server-service +spec: + type: NodePort + ports: + - name: graphql-server-https + port: 9004 + targetPort: 8081 + - name: graphql-rpc-server-https + port: 8001 + targetPort: 8001 + selector: + component: litmusportal-server +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: litmusportal-auth-server + labels: + component: litmusportal-auth-server +spec: + replicas: 1 + selector: + matchLabels: + component: litmusportal-auth-server + template: + metadata: + labels: + component: litmusportal-auth-server + spec: + volumes: + - name: tls-secret + secret: + secretName: tls-secret + automountServiceAccountToken: false + containers: + - name: auth-server + volumeMounts: + - mountPath: /etc/tls + name: tls-secret + image: litmuschaos/litmusportal-auth-server:3.10.0 + securityContext: + runAsUser: 2000 + allowPrivilegeEscalation: false + runAsNonRoot: true + readOnlyRootFilesystem: true + envFrom: + - configMapRef: + name: litmus-portal-admin-config + - secretRef: + name: litmus-portal-admin-secret + env: + - name: STRICT_PASSWORD_POLICY + value: "false" + - name: ADMIN_USERNAME + value: "admin" + - name: ADMIN_PASSWORD + value: "litmus" + - name: LITMUS_GQL_GRPC_ENDPOINT + value: "litmusportal-server-service" + - name: LITMUS_GQL_GRPC_PORT + value: "8000" + - name: ALLOWED_ORIGINS + value: "^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-server-service(:[0-9]+|)?" #ip needs to added here + - name: ENABLE_INTERNAL_TLS + value: "true" + - name: TLS_CERT_PATH + value: "/etc/tls/tls.crt" + - name: TLS_KEY_PATH + value: "/etc/tls/ctls.key" + - name: CA_CERT_TLS_PATH + value: "/etc/tls/ca.crt" + - name: REST_PORT + value: "3001" + - name: GRPC_PORT + value: "3031" + ports: + - containerPort: 3001 + - containerPort: 3031 + imagePullPolicy: Always + resources: + requests: + memory: "250Mi" + cpu: "125m" + ephemeral-storage: "500Mi" + limits: + memory: "712Mi" + cpu: "550m" + ephemeral-storage: "1Gi" +--- +kind: NetworkPolicy +apiVersion: networking.k8s.io/v1 +metadata: + name: litmusportal-auth-server + namespace: litmus + labels: + component: litmusportal-auth-server +spec: + policyTypes: + - Ingress + podSelector: + matchLabels: + component: litmusportal-auth-server + ingress: + - from: + - podSelector: + matchLabels: + component: litmusportal-frontend + - from: + - podSelector: + matchLabels: + component: litmusportal-server +--- +apiVersion: v1 +kind: Service +metadata: + name: litmusportal-auth-server-service +spec: + type: NodePort + ports: + - name: auth-server-https + port: 9005 + targetPort: 3001 + - name: auth-rpc-server-https + port: 3031 + targetPort: 3031 + selector: + component: litmusportal-auth-server diff --git a/mkdocs/docs/3.10.0/litmus-portal-crds.yml b/mkdocs/docs/3.10.0/litmus-portal-crds.yml new file mode 100644 index 00000000000..0dba567b892 --- /dev/null +++ b/mkdocs/docs/3.10.0/litmus-portal-crds.yml @@ -0,0 +1,3596 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: clusterworkflowtemplates.argoproj.io +spec: + group: argoproj.io + names: + kind: ClusterWorkflowTemplate + listKind: ClusterWorkflowTemplateList + plural: clusterworkflowtemplates + shortNames: + - clusterwftmpl + - cwft + singular: clusterworkflowtemplate + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-map-type: atomic + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: cronworkflows.argoproj.io +spec: + group: argoproj.io + names: + kind: CronWorkflow + listKind: CronWorkflowList + plural: cronworkflows + shortNames: + - cwf + - cronwf + singular: cronworkflow + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-map-type: atomic + x-kubernetes-preserve-unknown-fields: true + status: + type: object + x-kubernetes-map-type: atomic + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: workflows.argoproj.io +spec: + group: argoproj.io + names: + kind: Workflow + listKind: WorkflowList + plural: workflows + shortNames: + - wf + singular: workflow + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status of the workflow + jsonPath: .status.phase + name: Status + type: string + - description: When the workflow was started + format: date-time + jsonPath: .status.startedAt + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-map-type: atomic + x-kubernetes-preserve-unknown-fields: true + status: + type: object + x-kubernetes-map-type: atomic + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: workflowtasksets.argoproj.io +spec: + group: argoproj.io + names: + kind: WorkflowTaskSet + listKind: WorkflowTaskSetList + plural: workflowtasksets + shortNames: + - wfts + singular: workflowtaskset + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-map-type: atomic + x-kubernetes-preserve-unknown-fields: true + status: + type: object + x-kubernetes-map-type: atomic + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: workflowtemplates.argoproj.io +spec: + group: argoproj.io + names: + kind: WorkflowTemplate + listKind: WorkflowTemplateList + plural: workflowtemplates + shortNames: + - wftmpl + singular: workflowtemplate + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-map-type: atomic + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: workflowtaskresults.argoproj.io +spec: + group: argoproj.io + names: + kind: WorkflowTaskResult + listKind: WorkflowTaskResultList + plural: workflowtaskresults + singular: workflowtaskresult + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + message: + type: string + metadata: + type: object + outputs: + properties: + artifacts: + items: + properties: + archive: + properties: + none: + type: object + tar: + properties: + compressionLevel: + format: int32 + type: integer + type: object + zip: + type: object + type: object + archiveLogs: + type: boolean + artifactory: + properties: + passwordSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + url: + type: string + usernameSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + required: + - url + type: object + from: + type: string + fromExpression: + type: string + gcs: + properties: + bucket: + type: string + key: + type: string + serviceAccountKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + required: + - key + type: object + git: + properties: + depth: + format: int64 + type: integer + disableSubmodules: + type: boolean + fetch: + items: + type: string + type: array + insecureIgnoreHostKey: + type: boolean + passwordSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + repo: + type: string + revision: + type: string + sshPrivateKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + usernameSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + required: + - repo + type: object + globalName: + type: string + hdfs: + properties: + addresses: + items: + type: string + type: array + force: + type: boolean + hdfsUser: + type: string + krbCCacheSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + krbConfigConfigMap: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + krbKeytabSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + krbRealm: + type: string + krbServicePrincipalName: + type: string + krbUsername: + type: string + path: + type: string + required: + - path + type: object + http: + properties: + headers: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + url: + type: string + required: + - url + type: object + mode: + format: int32 + type: integer + name: + type: string + optional: + type: boolean + oss: + properties: + accessKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + bucket: + type: string + createBucketIfNotPresent: + type: boolean + endpoint: + type: string + key: + type: string + lifecycleRule: + properties: + markDeletionAfterDays: + format: int32 + type: integer + markInfrequentAccessAfterDays: + format: int32 + type: integer + type: object + secretKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + securityToken: + type: string + required: + - key + type: object + path: + type: string + raw: + properties: + data: + type: string + required: + - data + type: object + recurseMode: + type: boolean + s3: + properties: + accessKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + bucket: + type: string + createBucketIfNotPresent: + properties: + objectLocking: + type: boolean + type: object + encryptionOptions: + properties: + enableEncryption: + type: boolean + kmsEncryptionContext: + type: string + kmsKeyId: + type: string + serverSideCustomerKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + endpoint: + type: string + insecure: + type: boolean + key: + type: string + region: + type: string + roleARN: + type: string + secretKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + useSDKCreds: + type: boolean + type: object + subPath: + type: string + required: + - name + type: object + type: array + exitCode: + type: string + parameters: + items: + properties: + default: + type: string + description: + type: string + enum: + items: + type: string + type: array + globalName: + type: string + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + default: + type: string + event: + type: string + expression: + type: string + jqFilter: + type: string + jsonPath: + type: string + parameter: + type: string + path: + type: string + supplied: + type: object + type: object + required: + - name + type: object + type: array + result: + type: string + type: object + phase: + type: string + progress: + type: string + required: + - metadata + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: chaosengines.litmuschaos.io +spec: + group: litmuschaos.io + names: + kind: ChaosEngine + listKind: ChaosEngineList + plural: chaosengines + singular: chaosengine + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + type: object + properties: + jobCleanUpPolicy: + type: string + pattern: ^(delete|retain)$ + # alternate ways to do this in case of complex pattern matches + #oneOf: + # - pattern: '^delete$' + # - pattern: '^retain$' + defaultHealthCheck: + type: boolean + appinfo: + type: object + properties: + appkind: + type: string + pattern: ^(^$|deployment|statefulset|daemonset|deploymentconfig|rollout)$ + applabel: + type: string + appns: + type: string + selectors: + type: object + properties: + pods: + items: + properties: + names: + type: string + namespace: + type: string + required: + - names + - namespace + type: object + type: array + workloads: + items: + properties: + kind: + type: string + pattern: ^(^$|deployment|statefulset|daemonset|deploymentconfig|rollout)$ + labels: + type: string + names: + type: string + namespace: + type: string + oneOf: + - required: [ names ] + - required: [ labels ] + required: + - kind + - namespace + type: object + type: array + oneOf: + - required: [ pods ] + - required: [ workloads ] + auxiliaryAppInfo: + type: string + engineState: + type: string + pattern: ^(active|stop)$ + chaosServiceAccount: + type: string + terminationGracePeriodSeconds: + type: integer + components: + type: object + properties: + sidecar: + type: array + items: + type: object + properties: + env: + description: ENV contains ENV passed to the sidecar container + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never + be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: EnvFrom for the sidecar container + items: + description: EnvFromSource represents the source of a + set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to + each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be + defined + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + secrets: + items: + properties: + mountPath: + type: string + name: + type: string + required: + - mountPath + - name + type: object + type: array + runner: + x-kubernetes-preserve-unknown-fields: true + type: object + properties: + image: + type: string + type: + type: string + pattern: ^(go)$ + runnerAnnotations: + type: object + runnerLabels: + type: object + additionalProperties: + type: string + properties: + key: + type: string + minLength: 1 + value: + type: string + minLength: 1 + tolerations: + description: Pod's tolerations. + items: + description: The pod with this Toleration tolerates any taint matches the using the matching operator . + properties: + effect: + description: Effect to match. Empty means all effects. + type: string + key: + description: Taint key the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists. + type: string + operator: + description: Operators are Exists or Equal. Defaults to Equal. + type: string + tolerationSeconds: + description: Period of time the toleration tolerates the taint. + format: int64 + type: integer + value: + description: If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + experiments: + type: array + items: + type: object + properties: + name: + type: string + spec: + type: object + properties: + probe: + type: array + items: + type: object + required: + - name + - type + - mode + - runProperties + properties: + name: + type: string + type: + type: string + minLength: 1 + pattern: ^(k8sProbe|httpProbe|cmdProbe|promProbe|sloProbe)$ + k8sProbe/inputs: + type: object + required: + - version + - resource + - operation + properties: + group: + type: string + version: + type: string + resource: + type: string + namespace: + type: string + resourceNames: + type: string + fieldSelector: + type: string + labelSelector: + type: string + operation: + type: string + pattern: ^(present|absent|create|delete)$ + minLength: 1 + cmdProbe/inputs: + type: object + required: + - command + - comparator + properties: + command: + type: string + minLength: 1 + comparator: + type: object + required: + - type + - criteria + - value + properties: + type: + type: string + minLength: 1 + pattern: ^(int|float|string)$ + criteria: + type: string + value: + type: string + source: + description: The external pod where we have to run the + probe commands. It will run the commands inside the experiment pod itself(inline mode) if source contains a nil value + required: + - image + properties: + annotations: + additionalProperties: + type: string + description: Annotations for the source pod + type: object + args: + description: Args for the source pod + items: + type: string + type: array + command: + description: Command for the source pod + items: + type: string + type: array + env: + description: ENVList contains ENV passed to + the source pod + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined + environment variables in the container + and any service environment variables. + If a variable cannot be resolved, the + reference in the input string will be + unchanged. The $(VAR_NAME) syntax can + be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, + regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment + variable's value. Cannot be used if + value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the + pod: supports metadata.name, metadata.namespace, + metadata.labels, metadata.annotations, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in + terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified API + version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + description: Specifies the output + format of the exposed resources, + defaults to "1" + type: string + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + hostNetwork: + description: HostNetwork define the hostNetwork + of the external pod it supports boolean values + and default value is false + type: boolean + inheritInputs: + description: InheritInputs define to inherit experiment + details in probe pod it supports boolean values + and default value is false. + type: boolean + image: + description: Image for the source pod + type: string + imagePullPolicy: + description: ImagePullPolicy for the source pod + type: string + imagePullSecrets: + description: ImagePullSecrets for source pod + items: + description: LocalObjectReference contains enough information + to let you locate the referenced object inside the same + namespace. + properties: + name: + description: 'Name of the referent' + type: string + type: object + type: array + labels: + additionalProperties: + type: string + description: Labels for the source pod + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector for the source pod + type: object + privileged: + description: Privileged for the source pod + type: boolean + volumeMount: + description: VolumesMount for the source pod + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: Path within the container + at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines + how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is + used. This field is beta in 1.10. + type: string + name: + description: This must match the Name + of a Volume. + type: string + readOnly: + description: Mounted read-only if true, + read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: Path within the volume from + which the container's volume should + be mounted. Defaults to "" (volume's + root). + type: string + subPathExpr: + description: Expanded path within the + volume from which the container's volume + should be mounted. Behaves similarly + to SubPath but environment variable + references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and + SubPath are mutually exclusive. This + field is beta in 1.15. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: Volumes for the source pod + items: + description: Volume represents a named volume + in a pod that may be accessed by any container + in the pod. + properties: + awsElasticBlockStore: + description: 'AWSElasticBlockStore represents + an AWS Disk resource that is attached + to a kubelet''s host machine and then + exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'Filesystem type of the + volume that you want to mount. Tip: + Ensure that the filesystem type + is supported by the host operating + system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be + "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in + the filesystem from compromising + the machine' + type: string + partition: + description: 'The partition in the + volume that you want to mount. If + omitted, the default is to mount + by volume name. Examples: For volume + /dev/sda1, you specify the partition + as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can + leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'Specify "true" to force + and set the ReadOnly property in + VolumeMounts to "true". If omitted, + the default is "false". More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'Unique ID of the persistent + disk resource in AWS (Amazon EBS + volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: AzureDisk represents an Azure + Data Disk mount on the host and bind + mount to the pod. + properties: + cachingMode: + description: 'Host Caching mode: None, + Read Only, Read Write.' + type: string + diskName: + description: The Name of the data + disk in the blob storage + type: string + diskURI: + description: The URI the data disk + in the blob storage + type: string + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + kind: + description: 'Expected values Shared: + multiple blob disks per storage + account Dedicated: single blob + disk per storage account Managed: + azure managed data disk (only in + managed availability set). defaults + to shared' + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: AzureFile represents an Azure + File Service mount on the host and bind + mount to the pod. + properties: + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + secretName: + description: the name of secret that + contains Azure Storage Account Name + and Key + type: string + shareName: + description: Share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: CephFS represents a Ceph + FS mount on the host that shares a pod's + lifetime + properties: + monitors: + description: 'Required: Monitors is + a collection of Ceph monitors More + info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'Optional: Used as the + mounted root, rather than the full + Ceph tree, default is /' + type: string + readOnly: + description: 'Optional: Defaults to + false (read/write). ReadOnly here + will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'Optional: SecretFile + is the path to key ring for User, + default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'Optional: SecretRef + is reference to the authentication + secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + user: + description: 'Optional: User is the + rados user name, default is admin + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'Cinder represents a cinder + volume attached and mounted on kubelets + host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'Optional: Defaults to + false (read/write). ReadOnly here + will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'Optional: points to + a secret object containing parameters + used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + volumeID: + description: 'volume id used to identify + the volume in cinder. More info: + https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: ConfigMap represents a configMap + that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits + to use on created files by default. + Must be a value between 0 and 0777. + Defaults to 0644. Directories within + the path are not affected by this + setting. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the + result can be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each + key-value pair in the Data field + of the referenced ConfigMap will + be projected into the volume as + a file whose name is the key and + content is the value. If specified, + the listed keys will be projected + into the specified paths, and unlisted + keys will not be present. If a key + is specified which is not present + in the ConfigMap, the volume setup + will error unless it is marked optional. + Paths must be relative and may not + contain the '..' path or start with + '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode + bits to use on this file, + must be a value between 0 + and 0777. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: The relative path + of the file to map the key + to. May not be an absolute + path. May not contain the + path element '..'. May not + start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + csi: + description: CSI (Container Storage Interface) + represents storage that is handled by + an external CSI driver (Alpha feature). + properties: + driver: + description: Driver is the name of + the CSI driver that handles this + volume. Consult with your admin + for the correct name as registered + in the cluster. + type: string + fsType: + description: Filesystem type to mount. + Ex. "ext4", "xfs", "ntfs". If not + provided, the empty value is passed + to the associated CSI driver which + will determine the default filesystem + to apply. + type: string + nodePublishSecretRef: + description: NodePublishSecretRef + is a reference to the secret object + containing sensitive information + to pass to the CSI driver to complete + the CSI NodePublishVolume and NodeUnpublishVolume + calls. This field is optional, and may + be empty if no secret is required. + If the secret object contains more + than one secret, all secret references + are passed. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + readOnly: + description: Specifies a read-only + configuration for the volume. Defaults + to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: VolumeAttributes stores + driver-specific properties that + are passed to the CSI driver. Consult + your driver's documentation for + supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: DownwardAPI represents downward + API about the pod that should populate + this volume + properties: + defaultMode: + description: 'Optional: mode bits + to use on created files by default. + Must be a value between 0 and 0777. + Defaults to 0644. Directories within + the path are not affected by this + setting. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the + result can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward + API volume file + items: + description: DownwardAPIVolumeFile + represents information to create + the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects + a field of the pod: only annotations, + labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version of + the schema the FieldPath + is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the + field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode + bits to use on this file, + must be a value between 0 + and 0777. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path + is the relative path name + of the file to be created. + Must not be absolute or contain + the ''..'' path. Must be utf-8 + encoded. The first item of + the relative path must not + start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource + of the container: only resources + limits and requests (limits.cpu, + limits.memory, requests.cpu + and requests.memory) are currently + supported.' + properties: + containerName: + description: 'Container + name: required for volumes, + optional for env vars' + type: string + divisor: + description: Specifies the + output format of the exposed + resources, defaults to + "1" + type: string + resource: + description: 'Required: + resource to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'EmptyDir represents a temporary + directory that shares a pod''s lifetime. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'What type of storage + medium should back this directory. + The default is "" which means to + use the node''s default medium. + Must be an empty string (default) + or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + description: 'Total amount of local + storage required for this EmptyDir + volume. The size limit is also applicable + for memory medium. The maximum usage + on memory medium EmptyDir would + be the minimum value between the + SizeLimit specified here and the + sum of memory limits of all containers + in a pod. The default is nil which + means that the limit is undefined. + More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + type: string + type: object + fc: + description: FC represents a Fibre Channel + resource that is attached to a kubelet's + host machine and then exposed to the + pod. + properties: + fsType: + description: 'Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in + the filesystem from compromising + the machine' + type: string + lun: + description: 'Optional: FC target + lun number' + format: int32 + type: integer + readOnly: + description: 'Optional: Defaults to + false (read/write). ReadOnly here + will force the ReadOnly setting + in VolumeMounts.' + type: boolean + targetWWNs: + description: 'Optional: FC target + worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: 'Optional: FC volume + world wide identifiers (wwids) Either + wwids or combination of targetWWNs + and lun must be set, but not both + simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: FlexVolume represents a generic + volume resource that is provisioned/attached + using an exec based plugin. + properties: + driver: + description: Driver is the name of + the driver to use for this volume. + type: string + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". The default + filesystem depends on FlexVolume + script. + type: string + options: + additionalProperties: + type: string + description: 'Optional: Extra command + options if any.' + type: object + readOnly: + description: 'Optional: Defaults to + false (read/write). ReadOnly here + will force the ReadOnly setting + in VolumeMounts.' + type: boolean + secretRef: + description: 'Optional: SecretRef + is reference to the secret object + containing sensitive information + to pass to the plugin scripts. This + may be empty if no secret object + is specified. If the secret object + contains more than one secret, all + secrets are passed to the plugin + scripts.' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + required: + - driver + type: object + flocker: + description: Flocker represents a Flocker + volume attached to a kubelet's host + machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: Name of the dataset stored + as metadata -> name on the dataset + for Flocker should be considered + as deprecated + type: string + datasetUUID: + description: UUID of the dataset. + This is unique identifier of a Flocker + dataset + type: string + type: object + gcePersistentDisk: + description: 'GCEPersistentDisk represents + a GCE Disk resource that is attached + to a kubelet''s host machine and then + exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'Filesystem type of the + volume that you want to mount. Tip: + Ensure that the filesystem type + is supported by the host operating + system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be + "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in + the filesystem from compromising + the machine' + type: string + partition: + description: 'The partition in the + volume that you want to mount. If + omitted, the default is to mount + by volume name. Examples: For volume + /dev/sda1, you specify the partition + as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can + leave the property empty). More + info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'Unique name of the PD + resource in GCE. Used to identify + the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'ReadOnly here will force + the ReadOnly setting in VolumeMounts. + Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'GitRepo represents a git + repository at a particular revision. + DEPRECATED: GitRepo is deprecated. To + provision a container with a git repo, + mount an EmptyDir into an InitContainer + that clones the repo using git, then + mount the EmptyDir into the Pod''s container.' + properties: + directory: + description: Target directory name. + Must not contain or start with '..'. If + '.' is supplied, the volume directory + will be the git repository. Otherwise, + if specified, the volume will contain + the git repository in the subdirectory + with the given name. + type: string + repository: + description: Repository URL + type: string + revision: + description: Commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'Glusterfs represents a Glusterfs + mount on the host that shares a pod''s + lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'EndpointsName is the + endpoint name that details Glusterfs + topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'Path is the Glusterfs + volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'ReadOnly here will force + the Glusterfs volume to be mounted + with read-only permissions. Defaults + to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'HostPath represents a pre-existing + file or directory on the host machine + that is directly exposed to the container. + This is generally used for system agents + or other privileged things that are + allowed to see the host machine. Most + containers will NOT need this. More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + ### TODO(jonesdl) We need to restrict + who can use host directory mounts and + who can/can not mount host directories + as read/write.' + properties: + path: + description: 'Path of the directory + on the host. If the path is a symlink, + it will follow the link to the real + path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'Type for HostPath Volume + Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'ISCSI represents an ISCSI + Disk resource that is attached to a + kubelet''s host machine and then exposed + to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: whether support iSCSI + Discovery CHAP authentication + type: boolean + chapAuthSession: + description: whether support iSCSI + Session CHAP authentication + type: boolean + fsType: + description: 'Filesystem type of the + volume that you want to mount. Tip: + Ensure that the filesystem type + is supported by the host operating + system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be + "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in + the filesystem from compromising + the machine' + type: string + initiatorName: + description: Custom iSCSI Initiator + Name. If initiatorName is specified + with iscsiInterface simultaneously, + new iSCSI interface : will be created for the connection. + type: string + iqn: + description: Target iSCSI Qualified + Name. + type: string + iscsiInterface: + description: iSCSI Interface Name + that uses an iSCSI transport. Defaults + to 'default' (tcp). + type: string + lun: + description: iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: iSCSI Target Portal List. + The portal is either an IP or ip_addr:port + if the port is other than default + (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: ReadOnly here will force + the ReadOnly setting in VolumeMounts. + Defaults to false. + type: boolean + secretRef: + description: CHAP Secret for iSCSI + target and initiator authentication + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + targetPortal: + description: iSCSI Target Portal. + The Portal is either an IP or ip_addr:port + if the port is other than default + (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'Volume''s name. Must be + a DNS_LABEL and unique within the pod. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'NFS represents an NFS mount + on the host that shares a pod''s lifetime + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'Path that is exported + by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'ReadOnly here will force + the NFS export to be mounted with + read-only permissions. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'Server is the hostname + or IP address of the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'PersistentVolumeClaimVolumeSource + represents a reference to a PersistentVolumeClaim + in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'ClaimName is the name + of a PersistentVolumeClaim in the + same namespace as the pod using + this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: Will force the ReadOnly + setting in VolumeMounts. Default + false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: PhotonPersistentDisk represents + a PhotonController persistent disk attached + and mounted on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + pdID: + description: ID that identifies Photon + Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: PortworxVolume represents + a portworx volume attached and mounted + on kubelets host machine + properties: + fsType: + description: FSType represents the + filesystem type to mount Must be + a filesystem type supported by the + host operating system. Ex. "ext4", + "xfs". Implicitly inferred to be + "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + volumeID: + description: VolumeID uniquely identifies + a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: Items for all in one resources + secrets, configmaps, and downward API + properties: + defaultMode: + description: Mode bits to use on created + files by default. Must be a value + between 0 and 0777. Directories + within the path are not affected + by this setting. This might be in + conflict with other options that + affect the file mode, like fsGroup, + and the result can be other mode + bits set. + format: int32 + type: integer + sources: + description: list of volume projections + items: + description: Projection that may + be projected along with other + supported volume types + properties: + configMap: + description: information about + the configMap data to project + properties: + items: + description: If unspecified, + each key-value pair in + the Data field of the + referenced ConfigMap will + be projected into the + volume as a file whose + name is the key and content + is the value. If specified, + the listed keys will be + projected into the specified + paths, and unlisted keys + will not be present. If + a key is specified which + is not present in the + ConfigMap, the volume + setup will error unless + it is marked optional. + Paths must be relative + and may not contain the + '..' path or start with + '..'. + items: + description: Maps a string + key to a path within + a volume. + properties: + key: + description: The key + to project. + type: string + mode: + description: 'Optional: + mode bits to use + on this file, must + be a value between + 0 and 0777. If not + specified, the volume + defaultMode will + be used. This might + be in conflict with + other options that + affect the file + mode, like fsGroup, + and the result can + be other mode bits + set.' + format: int32 + type: integer + path: + description: The relative + path of the file + to map the key to. + May not be an absolute + path. May not contain + the path element + '..'. May not start + with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its keys + must be defined + type: boolean + type: object + downwardAPI: + description: information about + the downwardAPI data to project + properties: + items: + description: Items is a + list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile + represents information + to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: + Selects a field + of the pod: only + annotations, labels, + name and namespace + are supported.' + properties: + apiVersion: + description: Version + of the schema + the FieldPath + is written in + terms of, defaults + to "v1". + type: string + fieldPath: + description: Path + of the field + to select in + the specified + API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: + mode bits to use + on this file, must + be a value between + 0 and 0777. If not + specified, the volume + defaultMode will + be used. This might + be in conflict with + other options that + affect the file + mode, like fsGroup, + and the result can + be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: + Path is the relative + path name of the + file to be created. + Must not be absolute + or contain the ''..'' + path. Must be utf-8 + encoded. The first + item of the relative + path must not start + with ''..''' + type: string + resourceFieldRef: + description: 'Selects + a resource of the + container: only + resources limits + and requests (limits.cpu, + limits.memory, requests.cpu + and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container + name: required + for volumes, + optional for + env vars' + type: string + divisor: + description: Specifies + the output format + of the exposed + resources, defaults + to "1" + type: string + resource: + description: 'Required: + resource to + select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: information about + the secret data to project + properties: + items: + description: If unspecified, + each key-value pair in + the Data field of the + referenced Secret will + be projected into the + volume as a file whose + name is the key and content + is the value. If specified, + the listed keys will be + projected into the specified + paths, and unlisted keys + will not be present. If + a key is specified which + is not present in the + Secret, the volume setup + will error unless it is + marked optional. Paths + must be relative and may + not contain the '..' path + or start with '..'. + items: + description: Maps a string + key to a path within + a volume. + properties: + key: + description: The key + to project. + type: string + mode: + description: 'Optional: + mode bits to use + on this file, must + be a value between + 0 and 0777. If not + specified, the volume + defaultMode will + be used. This might + be in conflict with + other options that + affect the file + mode, like fsGroup, + and the result can + be other mode bits + set.' + format: int32 + type: integer + path: + description: The relative + path of the file + to map the key to. + May not be an absolute + path. May not contain + the path element + '..'. May not start + with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether + the Secret or its key + must be defined + type: boolean + type: object + serviceAccountToken: + description: information about + the serviceAccountToken data + to project + properties: + audience: + description: Audience is + the intended audience + of the token. A recipient + of a token must identify + itself with an identifier + specified in the audience + of the token, and otherwise + should reject the token. + The audience defaults + to the identifier of the + apiserver. + type: string + expirationSeconds: + description: ExpirationSeconds + is the requested duration + of validity of the service + account token. As the + token approaches expiration, + the kubelet volume plugin + will proactively rotate + the service account token. + The kubelet will start + trying to rotate the token + if the token is older + than 80 percent of its + time to live or if the + token is older than 24 + hours.Defaults to 1 hour + and must be at least 10 + minutes. + format: int64 + type: integer + path: + description: Path is the + path relative to the mount + point of the file to project + the token into. + type: string + required: + - path + type: object + type: object + type: array + required: + - sources + type: object + quobyte: + description: Quobyte represents a Quobyte + mount on the host that shares a pod's + lifetime + properties: + group: + description: Group to map volume access + to Default is no group + type: string + readOnly: + description: ReadOnly here will force + the Quobyte volume to be mounted + with read-only permissions. Defaults + to false. + type: boolean + registry: + description: Registry represents a + single or multiple Quobyte Registry + services specified as a string as + host:port pair (multiple entries + are separated with commas) which + acts as the central registry for + volumes + type: string + tenant: + description: Tenant owning the given + Quobyte volume in the Backend Used + with dynamically provisioned Quobyte + volumes, value is set by the plugin + type: string + user: + description: User to map volume access + to Defaults to serivceaccount user + type: string + volume: + description: Volume is a string that + references an already created Quobyte + volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'RBD represents a Rados Block + Device mount on the host that shares + a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'Filesystem type of the + volume that you want to mount. Tip: + Ensure that the filesystem type + is supported by the host operating + system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be + "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in + the filesystem from compromising + the machine' + type: string + image: + description: 'The rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'Keyring is the path + to key ring for RBDUser. Default + is /etc/ceph/keyring. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'A collection of Ceph + monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'The rados pool name. + Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'ReadOnly here will force + the ReadOnly setting in VolumeMounts. + Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'SecretRef is name of + the authentication secret for RBDUser. + If provided overrides keyring. Default + is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + user: + description: 'The rados user name. + Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: ScaleIO represents a ScaleIO + persistent volume attached and mounted + on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Default is + "xfs". + type: string + gateway: + description: The host address of the + ScaleIO API Gateway. + type: string + protectionDomain: + description: The name of the ScaleIO + Protection Domain for the configured + storage. + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef references + to the secret for ScaleIO user and + other sensitive information. If + this is not provided, Login operation + will fail. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + sslEnabled: + description: Flag to enable/disable + SSL communication with Gateway, + default false + type: boolean + storageMode: + description: Indicates whether the + storage for a volume should be ThickProvisioned + or ThinProvisioned. Default is ThinProvisioned. + type: string + storagePool: + description: The ScaleIO Storage Pool + associated with the protection domain. + type: string + system: + description: The name of the storage + system as configured in ScaleIO. + type: string + volumeName: + description: The name of a volume + already created in the ScaleIO system + that is associated with this volume + source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'Secret represents a secret + that should populate this volume. More + info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'Optional: mode bits + to use on created files by default. + Must be a value between 0 and 0777. + Defaults to 0644. Directories within + the path are not affected by this + setting. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the + result can be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each + key-value pair in the Data field + of the referenced Secret will be + projected into the volume as a file + whose name is the key and content + is the value. If specified, the + listed keys will be projected into + the specified paths, and unlisted + keys will not be present. If a key + is specified which is not present + in the Secret, the volume setup + will error unless it is marked optional. + Paths must be relative and may not + contain the '..' path or start with + '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode + bits to use on this file, + must be a value between 0 + and 0777. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: The relative path + of the file to map the key + to. May not be an absolute + path. May not contain the + path element '..'. May not + start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: Specify whether the Secret + or its keys must be defined + type: boolean + secretName: + description: 'Name of the secret in + the pod''s namespace to use. More + info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: StorageOS represents a StorageOS + volume attached and mounted on Kubernetes + nodes. + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef specifies the + secret to use for obtaining the + StorageOS API credentials. If not + specified, default values will be + attempted. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + volumeName: + description: VolumeName is the human-readable + name of the StorageOS volume. Volume + names are only unique within a namespace. + type: string + volumeNamespace: + description: VolumeNamespace specifies + the scope of the volume within StorageOS. If + no namespace is specified then the + Pod's namespace will be used. This + allows the Kubernetes name scoping + to be mirrored within StorageOS + for tighter integration. Set VolumeName + to any name to override the default + behaviour. Set to "default" if you + are not using namespaces within + StorageOS. Namespaces that do not + pre-exist within StorageOS will + be created. + type: string + type: object + vsphereVolume: + description: VsphereVolume represents + a vSphere volume attached and mounted + on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: Storage Policy Based + Management (SPBM) profile ID associated + with the StoragePolicyName. + type: string + storagePolicyName: + description: Storage Policy Based + Management (SPBM) profile name. + type: string + volumePath: + description: Path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + type: object + httpProbe/inputs: + type: object + required: + - url + - method + properties: + url: + type: string + minLength: 1 + insecureSkipVerify: + type: boolean + method: + type: object + minProperties: 1 + properties: + get: + type: object + required: + - criteria + - responseCode + properties: + criteria: + type: string + minLength: 1 + responseCode: + type: string + minLength: 1 + post: + type: object + required: + - criteria + - responseCode + properties: + contentType: + type: string + minLength: 1 + body: + type: string + bodyPath: + type: string + criteria: + type: string + minLength: 1 + responseCode: + type: string + minLength: 1 + promProbe/inputs: + type: object + required: + - endpoint + - comparator + properties: + endpoint: + type: string + query: + type: string + queryPath: + type: string + comparator: + type: object + required: + - criteria + - value + properties: + criteria: + type: string + value: + type: string + runProperties: + type: object + minProperties: 2 + required: + - probeTimeout + - interval + properties: + evaluationTimeout: + type: string + probeTimeout: + type: string + interval: + type: string + retry: + type: integer + attempt: + type: integer + probePollingInterval: + type: string + initialDelaySeconds: + type: integer + initialDelay: + type: string + stopOnFailure: + type: boolean + sloProbe/inputs: + description: inputs needed for the SLO probe + required: + - platformEndpoint + - sloIdentifier + - sloSourceMetadata + - comparator + properties: + comparator: + description: Comparator check for the correctness + of the probe output + required: + - criteria + - value + properties: + criteria: + description: Criteria for matching data it + supports >=, <=, ==, >, <, != for int and + float it supports equal, notEqual, contains + for string + type: string + type: + description: Type of data it can be int, float, + string + type: string + value: + description: Value contains relative value + for criteria + type: string + type: object + evaluationWindow: + description: EvaluationWindow is the time period + for which the metrics will be evaluated + properties: + evaluationEndTime: + description: End time of evaluation + type: integer + evaluationStartTime: + description: Start time of evaluation + type: integer + type: object + platformEndpoint: + description: PlatformEndpoint for the monitoring + service endpoint + type: string + insecureSkipVerify: + description: InsecureSkipVerify flag to skip certificate + checks + type: boolean + sloIdentifier: + description: SLOIdentifier for fetching the details + of the SLO + type: string + sloSourceMetadata: + description: SLOSourceMetadata consists of required + metadata details to fetch metric data + required: + - apiTokenSecret + - scope + properties: + apiTokenSecret: + description: APITokenSecret for authenticating + with the platform service + type: string + scope: + description: Scope required for fetching details + required: + - accountIdentifier + - orgIdentifier + - projectIdentifier + properties: + accountIdentifier: + description: AccountIdentifier for account + ID + type: string + orgIdentifier: + description: OrgIdentifier for organization + ID + type: string + projectIdentifier: + description: ProjectIdentifier for project + ID + type: string + type: object + type: object + type: object + mode: + type: string + pattern: ^(SOT|EOT|Edge|Continuous|OnChaos)$ + minLength: 1 + data: + type: string + components: + x-kubernetes-preserve-unknown-fields: true + type: object + properties: + statusCheckTimeouts: + type: object + properties: + delay: + type: integer + timeout: + type: integer + nodeSelector: + type: object + additionalProperties: + type: string + properties: + key: + type: string + minLength: 1 + allowEmptyValue: false + value: + type: string + minLength: 1 + allowEmptyValue: false + experimentImage: + type: string + env: + type: array + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + metadata.labels, metadata.annotations, spec.nodeName, + spec.serviceAccountName, status.hostIP, + status.podIP.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + configMaps: + type: array + items: + type: object + properties: + name: + type: string + mountPath: + type: string + secrets: + type: array + items: + type: object + properties: + name: + type: string + mountPath: + type: string + experimentAnnotations: + type: object + additionalProperties: + type: string + properties: + key: + type: string + minLength: 1 + allowEmptyValue: false + value: + type: string + minLength: 1 + allowEmptyValue: false + tolerations: + description: Pod's tolerations. + items: + description: The pod with this Toleration tolerates any taint matches the using the matching operator . + properties: + effect: + description: Effect to match. Empty means all effects. + type: string + key: + description: Taint key the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists. + type: string + operator: + description: Operators are Exists or Equal. Defaults to Equal. + type: string + tolerationSeconds: + description: Period of time the toleration tolerates the taint. + format: int64 + type: integer + value: + description: If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: {} + conversion: + strategy: None +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: chaosexperiments.litmuschaos.io +spec: + group: litmuschaos.io + names: + kind: ChaosExperiment + listKind: ChaosExperimentList + plural: chaosexperiments + singular: chaosexperiment + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + description: + type: object + additionalProperties: + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + status: + x-kubernetes-preserve-unknown-fields: true + type: object + spec: + type: object + properties: + definition: + x-kubernetes-preserve-unknown-fields: true + type: object + properties: + args: + type: array + items: + type: string + command: + type: array + items: + type: string + env: + type: array + items: + type: object + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + metadata.labels, metadata.annotations, spec.nodeName, + spec.serviceAccountName, status.hostIP, + status.podIP.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + image: + type: string + imagePullPolicy: + type: string + labels: + type: object + additionalProperties: + type: string + scope: + type: string + pattern: ^(Namespaced|Cluster)$ + permissions: + type: array + items: + type: object + minProperties: 3 + required: + - apiGroups + - resources + - verbs + properties: + apiGroups: + type: array + items: + type: string + resources: + type: array + items: + type: string + verbs: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + configMaps: + type: array + items: + type: object + minProperties: 2 + properties: + name: + type: string + allowEmptyValue: false + minLength: 1 + mountPath: + type: string + allowEmptyValue: false + minLength: 1 + secrets: + type: array + items: + type: object + minProperties: 2 + properties: + name: + type: string + allowEmptyValue: false + minLength: 1 + mountPath: + type: string + allowEmptyValue: false + minLength: 1 + hostFileVolumes: + type: array + items: + type: object + minProperties: 3 + properties: + name: + type: string + allowEmptyValue: false + minLength: 1 + mountPath: + type: string + allowEmptyValue: false + minLength: 1 + nodePath: + type: string + allowEmptyValue: false + minLength: 1 + securityContext: + x-kubernetes-preserve-unknown-fields: true + type: object + hostPID: + type: boolean + + served: true + storage: true + subresources: {} + conversion: + strategy: None +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: chaosresults.litmuschaos.io +spec: + group: litmuschaos.io + names: + kind: ChaosResult + listKind: ChaosResultList + plural: chaosresults + singular: chaosresult + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + type: object + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: {} + conversion: + strategy: None +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: eventtrackerpolicies.eventtracker.litmuschaos.io +spec: + group: eventtracker.litmuschaos.io + names: + kind: EventTrackerPolicy + listKind: EventTrackerPolicyList + plural: eventtrackerpolicies + singular: eventtrackerpolicy + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: EventTrackerPolicy is the Schema for the eventtrackerpolicies + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: EventTrackerPolicySpec defines the desired state of EventTrackerPolicy + properties: + condition_type: + type: string + conditions: + items: + properties: + key: + type: string + operator: + type: string + value: + type: string + type: object + type: array + type: object + statuses: + items: + description: EventTrackerPolicyStatus defines the observed state of + EventTrackerPolicy + properties: + is_triggered: + type: string + resource: + type: string + resource_name: + type: string + result: + type: string + time_stamp: + description: 'INSERT ADDITIONAL STATUS FIELD - define observed state + of cluster Important: Run "make" to regenerate code after modifying + this file' + type: string + workflow_id: + type: string + type: object + type: array + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] \ No newline at end of file diff --git a/mkdocs/docs/3.10.0/litmus-without-resources.yaml b/mkdocs/docs/3.10.0/litmus-without-resources.yaml new file mode 100644 index 00000000000..751c6389bc4 --- /dev/null +++ b/mkdocs/docs/3.10.0/litmus-without-resources.yaml @@ -0,0 +1,420 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: litmus-portal-admin-secret +stringData: + DB_USER: "root" + DB_PASSWORD: "1234" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: litmus-portal-admin-config +data: + DB_SERVER: mongodb://my-release-mongodb-0.my-release-mongodb-headless:27017,my-release-mongodb-1.my-release-mongodb-headless:27017,my-release-mongodb-2.my-release-mongodb-headless:27017/admin + VERSION: "3.10.0" + SKIP_SSL_VERIFY: "false" + # Configurations if you are using dex for OAuth + DEX_ENABLED: "false" + OIDC_ISSUER: "http://:32000" + DEX_OAUTH_CALLBACK_URL: "http://:8080/auth/dex/callback" + DEX_OAUTH_CLIENT_ID: "LitmusPortalAuthBackend" + DEX_OAUTH_CLIENT_SECRET: "ZXhhbXBsZS1hcHAtc2VjcmV0" + OAuthJwtSecret: "litmus-oauth@123" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: litmusportal-frontend-nginx-configuration +data: + nginx.conf: | + pid /tmp/nginx.pid; + + events { + worker_connections 1024; + } + + http { + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + client_body_temp_path /tmp/client_temp; + proxy_temp_path /tmp/proxy_temp_path; + fastcgi_temp_path /tmp/fastcgi_temp; + uwsgi_temp_path /tmp/uwsgi_temp; + scgi_temp_path /tmp/scgi_temp; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + server_tokens off; + + include /etc/nginx/mime.types; + + gzip on; + gzip_disable "msie6"; + + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + + server { + listen 8185 ssl; + ssl_certificate /etc/tls/tls.crt; + ssl_certificate_key /etc/tls/tls.key; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_client_certificate /etc/tls/ca.crt; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + + root /opt/chaos; + + location /health { + return 200; + } + + location / { + proxy_http_version 1.1; + add_header Cache-Control "no-cache"; + try_files $uri /index.html; + autoindex on; + } + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + location /auth/ { + proxy_ssl_verify off; + proxy_ssl_session_reuse on; + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass "https://litmusportal-auth-server-service:9005/"; + proxy_ssl_certificate /etc/tls/tls.crt; + proxy_ssl_certificate_key /etc/tls/tls.key; + } + + location /api/ { + proxy_ssl_verify off; + proxy_ssl_session_reuse on; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass "https://litmusportal-server-service:9004/"; + proxy_ssl_certificate /etc/tls/tls.crt; + proxy_ssl_certificate_key /etc/tls/tls.key; + } + } + } +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: litmusportal-frontend + labels: + component: litmusportal-frontend +spec: + replicas: 1 + selector: + matchLabels: + component: litmusportal-frontend + template: + metadata: + labels: + component: litmusportal-frontend + spec: + automountServiceAccountToken: false + containers: + - name: litmusportal-frontend + image: litmuschaos/litmusportal-frontend:3.10.0 + # securityContext: + # runAsUser: 2000 + # allowPrivilegeEscalation: false + # runAsNonRoot: true + imagePullPolicy: Always + ports: + - containerPort: 8185 + volumeMounts: + - name: nginx-config + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + - mountPath: /etc/tls + name: tls-secret + volumes: + - name: nginx-config + configMap: + name: litmusportal-frontend-nginx-configuration + - name: tls-secret + secret: + secretName: tls-secret +--- +apiVersion: v1 +kind: Service +metadata: + name: litmusportal-frontend-service +spec: + type: NodePort + ports: + - name: http + port: 9091 + targetPort: 8185 + selector: + component: litmusportal-frontend +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: litmusportal-server + labels: + component: litmusportal-server +spec: + replicas: 1 + selector: + matchLabels: + component: litmusportal-server + template: + metadata: + labels: + component: litmusportal-server + spec: + automountServiceAccountToken: false + volumes: + - name: gitops-storage + emptyDir: {} + - name: hub-storage + emptyDir: {} + - name: tls-secret + secret: + secretName: tls-secret + containers: + - name: graphql-server + image: litmuschaos/litmusportal-server:3.10.0 + volumeMounts: + - mountPath: /tmp/ + name: gitops-storage + - mountPath: /tmp/version + name: hub-storage + - mountPath: /etc/tls + name: tls-secret + securityContext: + runAsUser: 2000 + allowPrivilegeEscalation: false + runAsNonRoot: true + readOnlyRootFilesystem: true + envFrom: + - configMapRef: + name: litmus-portal-admin-config + - secretRef: + name: litmus-portal-admin-secret + env: + # if self-signed certificate are used pass the base64 tls certificate, to allow agents to use tls for communication + - name: TLS_CERT_B64 + value: "" + - name: ENABLE_GQL_INTROSPECTION + value: "false" + - name: INFRA_DEPLOYMENTS + value: '["app=chaos-exporter", "name=chaos-operator", "app=workflow-controller", "app=event-tracker"]' + - name: CHAOS_CENTER_UI_ENDPOINT + value: "" + - name: SUBSCRIBER_IMAGE + value: "litmuschaos/litmusportal-subscriber:3.10.0" + - name: EVENT_TRACKER_IMAGE + value: "litmuschaos/litmusportal-event-tracker:3.10.0" + - name: ARGO_WORKFLOW_CONTROLLER_IMAGE + value: "litmuschaos/workflow-controller:v3.3.1" + - name: ARGO_WORKFLOW_EXECUTOR_IMAGE + value: "litmuschaos/argoexec:v3.3.1" + - name: LITMUS_CHAOS_OPERATOR_IMAGE + value: "litmuschaos/chaos-operator:3.10.0" + - name: LITMUS_CHAOS_RUNNER_IMAGE + value: "litmuschaos/chaos-runner:3.10.0" + - name: LITMUS_CHAOS_EXPORTER_IMAGE + value: "litmuschaos/chaos-exporter:3.10.0" + - name: CONTAINER_RUNTIME_EXECUTOR + value: "k8sapi" + - name: DEFAULT_HUB_BRANCH_NAME + value: "3.10.x" + - name: LITMUS_AUTH_GRPC_ENDPOINT + value: "litmusportal-auth-server-service" + - name: LITMUS_AUTH_GRPC_PORT + value: "3030" + - name: WORKFLOW_HELPER_IMAGE_VERSION + value: "3.10.0" + - name: REMOTE_HUB_MAX_SIZE + value: "5000000" + - name: INFRA_COMPATIBLE_VERSIONS + value: '["3.10.0"]' + - name: ALLOWED_ORIGINS + value: ".*" #eg: ^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-server-service(:[0-9]+|)? + - name: ENABLE_INTERNAL_TLS + value: "true" + - name: TLS_CERT_PATH + value: "/etc/tls/tls.crt" + - name: TLS_KEY_PATH + value: "/etc/tls/tls.key" + - name: CA_CERT_TLS_PATH + value: "/etc/tls/ca.crt" + - name: REST_PORT + value: "8081" + - name: GRPC_PORT + value: "8001" + ports: + - containerPort: 8081 + - containerPort: 8001 + imagePullPolicy: Always +--- +kind: NetworkPolicy +apiVersion: networking.k8s.io/v1 +metadata: + name: litmusportal-server + namespace: litmus + labels: + component: litmusportal-server +spec: + policyTypes: + - Ingress + podSelector: + matchLabels: + component: litmusportal-server + ingress: + - from: + - podSelector: + matchLabels: + component: litmusportal-frontend +--- +apiVersion: v1 +kind: Service +metadata: + name: litmusportal-server-service +spec: + type: NodePort + ports: + - name: graphql-server-https + port: 9004 + targetPort: 8081 + - name: graphql-rpc-server-https + port: 8001 + targetPort: 8001 + selector: + component: litmusportal-server +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: litmusportal-auth-server + labels: + component: litmusportal-auth-server +spec: + replicas: 1 + selector: + matchLabels: + component: litmusportal-auth-server + template: + metadata: + labels: + component: litmusportal-auth-server + spec: + volumes: + - name: tls-secret + secret: + secretName: tls-secret + automountServiceAccountToken: false + containers: + - name: auth-server + volumeMounts: + - mountPath: /etc/tls + name: tls-secret + image: litmuschaos/litmusportal-auth-server:3.10.0 + securityContext: + runAsUser: 2000 + allowPrivilegeEscalation: false + runAsNonRoot: true + readOnlyRootFilesystem: true + envFrom: + - configMapRef: + name: litmus-portal-admin-config + - secretRef: + name: litmus-portal-admin-secret + env: + - name: STRICT_PASSWORD_POLICY + value: "false" + - name: ADMIN_USERNAME + value: "admin" + - name: ADMIN_PASSWORD + value: "litmus" + - name: LITMUS_GQL_GRPC_ENDPOINT + value: "litmusportal-server-service" + - name: LITMUS_GQL_GRPC_PORT + value: "8000" + - name: ALLOWED_ORIGINS + value: "^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-server-service(:[0-9]+|)?" #ip needs to added here + - name: ENABLE_INTERNAL_TLS + value: "true" + - name: TLS_CERT_PATH + value: "/etc/tls/tls.crt" + - name: TLS_KEY_PATH + value: "/etc/tls/ctls.key" + - name: CA_CERT_TLS_PATH + value: "/etc/tls/ca.crt" + - name: REST_PORT + value: "3001" + - name: GRPC_PORT + value: "3031" + ports: + - containerPort: 3001 + - containerPort: 3031 + imagePullPolicy: Always +--- +kind: NetworkPolicy +apiVersion: networking.k8s.io/v1 +metadata: + name: litmusportal-auth-server + namespace: litmus + labels: + component: litmusportal-auth-server +spec: + policyTypes: + - Ingress + podSelector: + matchLabels: + component: litmusportal-auth-server + ingress: + - from: + - podSelector: + matchLabels: + component: litmusportal-frontend + - from: + - podSelector: + matchLabels: + component: litmusportal-server +--- +apiVersion: v1 +kind: Service +metadata: + name: litmusportal-auth-server-service +spec: + type: NodePort + ports: + - name: auth-server-https + port: 9005 + targetPort: 3001 + - name: auth-rpc-server-https + port: 3031 + targetPort: 3031 + selector: + component: litmusportal-auth-server From a325a0ebc4de2975131b47531eb84117e1194ff3 Mon Sep 17 00:00:00 2001 From: Jongwoo Han Date: Wed, 14 Aug 2024 19:17:13 +0900 Subject: [PATCH 07/31] Fix image links in README (#4811) Signed-off-by: Jongwoo Han Co-authored-by: Namkyu Park <53862866+namkyu1999@users.noreply.github.com> --- README.md | 4 ++-- translations/README-chn.md | 4 ++-- translations/README-es.md | 4 ++-- translations/README-fr.md | 4 ++-- translations/README-ge.md | 4 ++-- translations/README-hi.md | 4 ++-- translations/README-ja.md | 4 ++-- translations/README-ko.md | 2 +- translations/README-pt-br.md | 4 ++-- translations/README-ru.md | 4 ++-- 10 files changed, 19 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index 4d6be4056d4..02b16845624 100644 --- a/README.md +++ b/README.md @@ -156,7 +156,7 @@ Litmus is licensed under the Apache License, Version 2.0. See [LICENSE](./LICENS Litmus Chaos is part of the CNCF Projects. -[![CNCF](https://github.com/cncf/artwork/blob/master/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/?selected=litmus) +[![CNCF](https://github.com/cncf/artwork/blob/main/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/?selected=litmus) ## Important Links @@ -165,5 +165,5 @@ Litmus Chaos is part of the CNCF Projects.
- CNCF Landscape Litmus on CNCF Landscape + CNCF Landscape Litmus on CNCF Landscape diff --git a/translations/README-chn.md b/translations/README-chn.md index 33d52e49058..64a94136c25 100644 --- a/translations/README-chn.md +++ b/translations/README-chn.md @@ -70,7 +70,7 @@ Check out the - CNCF Landscape Litmus on CNCF Landscape + CNCF Landscape Litmus on CNCF Landscape diff --git a/translations/README-es.md b/translations/README-es.md index 51ce4dcd4cd..9e54e713285 100644 --- a/translations/README-es.md +++ b/translations/README-es.md @@ -76,7 +76,7 @@ Litmos está licenciado bajo la Licencia Apache, versión 2.0. Ver el texto comp Litmus Chaos forma parte de los projectos CNCF. -[![CNCF](https://github.com/cncf/artwork/blob/master/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/selected=litmus) +[![CNCF](https://github.com/cncf/artwork/blob/main/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/selected=litmus) ## Communidad @@ -97,5 +97,5 @@ Recursos de la comunidad:
- CNCF Landscape Litmus on CNCF Landscape + CNCF Landscape Litmus on CNCF Landscape diff --git a/translations/README-fr.md b/translations/README-fr.md index d01095340ba..85fa48ddfca 100644 --- a/translations/README-fr.md +++ b/translations/README-fr.md @@ -75,7 +75,7 @@ Litmus est concédé sous licence Apache, version 2.0. Voir [LICENCE](./LICENSE) Litmus Chaos fait partie des projets CNCF. -[![CNCF](https://github.com/cncf/artwork/blob/master/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/selected=litmus) +[![CNCF](https://github.com/cncf/artwork/blob/main/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/selected=litmus) ## Communauté @@ -95,5 +95,5 @@ Ressources communautaires:
- Paysage CNCF Litmus on CNCF Landscape + Paysage CNCF Litmus on CNCF Landscape diff --git a/translations/README-ge.md b/translations/README-ge.md index db2f4bd48fc..6d0388edcfb 100644 --- a/translations/README-ge.md +++ b/translations/README-ge.md @@ -98,7 +98,7 @@ Bitte schaue bei den jeweiligen Projekt nach. Litmus Chaos ist Teil der CNCF Projekte. -[![CNCF](https://github.com/cncf/artwork/blob/master/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/selected=litmus) +[![CNCF](https://github.com/cncf/artwork/blob/main/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/selected=litmus) ## Gemeinschaft @@ -120,5 +120,5 @@ Kommunikationskanäle zum Austausch und für weitere Informationen:
- CNCF Landscape Litmus on CNCF Landscape + CNCF Landscape Litmus on CNCF Landscape diff --git a/translations/README-hi.md b/translations/README-hi.md index e248fcf1f29..6c1fd6f7dea 100644 --- a/translations/README-hi.md +++ b/translations/README-hi.md @@ -74,7 +74,7 @@ [![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Flitmuschaos%2Flitmus.svg?type=large)](https://app.fossa.io/projects/git%2Bgithub.com%2Flitmuschaos%2Flitmus?ref=badge_large) लिटमस कैओस सीएनसीएफ परियोजनाओं का हिस्सा है। -[![CNCF](https://github.com/cncf/artwork/blob/master/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/selected=litmus) +[![CNCF](https://github.com/cncf/artwork/blob/main/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/selected=litmus) ## समुदाय @@ -95,5 +95,5 @@
- सीएनसीएफ लैंडस्केप Litmus on CNCF Landscape + सीएनसीएफ लैंडस्केप Litmus on CNCF Landscape diff --git a/translations/README-ja.md b/translations/README-ja.md index fac31d83f66..9abf0bab16e 100644 --- a/translations/README-ja.md +++ b/translations/README-ja.md @@ -73,7 +73,7 @@ Litmus は Apache License, Version 2.0 の下でライセンスされていま Litmus Chaos はCNCFプロジェクトの一部です。 -[![CNCF](https://github.com/cncf/artwork/blob/master/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/selected=litmus) +[![CNCF](https://github.com/cncf/artwork/blob/main/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/selected=litmus) ## コミュニティ @@ -94,5 +94,5 @@ Litmusコミュニティミーティングは毎月第3水曜日の10:00PM IST/9
- CNCF Landscape Litmus on CNCF Landscape + CNCF Landscape Litmus on CNCF Landscape diff --git a/translations/README-ko.md b/translations/README-ko.md index 94a142d6bfc..c473baa882b 100644 --- a/translations/README-ko.md +++ b/translations/README-ko.md @@ -158,5 +158,5 @@ LitmusChaos는 CNCF 프로젝트의 일부입니다.
- CNCF Landscape Litmus on CNCF Landscape + CNCF Landscape CNCF Landscape의 리트머스 diff --git a/translations/README-pt-br.md b/translations/README-pt-br.md index 01c8f85748f..05c591c9110 100644 --- a/translations/README-pt-br.md +++ b/translations/README-pt-br.md @@ -72,7 +72,7 @@ Litmus é licenciado através da Apache License, Version 2.0. Veja [LICENSE](../ Litmus Chaos faz parte dos projetos CNCF. -[![CNCF](https://github.com/cncf/artwork/blob/master/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/selected=litmus) +[![CNCF](https://github.com/cncf/artwork/blob/main/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/selected=litmus) ## Comunidade @@ -95,5 +95,5 @@ Recursos da comunidade:
- CNCF Landscape Litmus on CNCF Landscape + CNCF Landscape Litmus on CNCF Landscape diff --git a/translations/README-ru.md b/translations/README-ru.md index 707af6d6aca..223f62394f1 100644 --- a/translations/README-ru.md +++ b/translations/README-ru.md @@ -70,7 +70,7 @@ Litmus находится под Apache License, Version 2.0. Полный те Litmus Chaos является частью проектов CNCF. -[![CNCF](https://github.com/cncf/artwork/blob/master/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/selected=litmus) +[![CNCF](https://github.com/cncf/artwork/blob/main/other/cncf/horizontal/color/cncf-color.png)](https://landscape.cncf.io/selected=litmus) ## Комьюнити @@ -91,5 +91,5 @@ Litmus Chaos является частью проектов CNCF.
- CNCF Landscape Litmus on CNCF Landscape + CNCF Landscape Litmus on CNCF Landscape From 87dc1c8d542bf7feeaa58285544be49688bcfbbb Mon Sep 17 00:00:00 2001 From: Jongwoo Han Date: Wed, 14 Aug 2024 19:23:45 +0900 Subject: [PATCH 08/31] Rename env to EC2_INSTANCE_TAG (#4815) Signed-off-by: Jongwoo Han --- .../categories/aws/AWS-experiments-tunables.md | 4 ++-- .../categories/aws/common/chaos-interval.yaml | 6 +++--- .../categories/aws/common/managed-nodegroup.yaml | 2 +- .../experiments/categories/aws/ec2-stop-by-tag.md | 12 ++++++------ .../instance-affected-percentage.yaml | 2 +- .../categories/aws/ec2-stop-by-tag/instance-tag.yaml | 2 +- 6 files changed, 14 insertions(+), 14 deletions(-) diff --git a/mkdocs/docs/experiments/categories/aws/AWS-experiments-tunables.md b/mkdocs/docs/experiments/categories/aws/AWS-experiments-tunables.md index cc15c760ccc..1ef80eaebf4 100644 --- a/mkdocs/docs/experiments/categories/aws/AWS-experiments-tunables.md +++ b/mkdocs/docs/experiments/categories/aws/AWS-experiments-tunables.md @@ -31,7 +31,7 @@ spec: - name: REGION value: '' # tag of the ec2 instance - - name: INSTANCE_TAG + - name: EC2_INSTANCE_TAG value: 'key:value' - name: TOTAL_CHAOS_DURATION value: '60' @@ -67,7 +67,7 @@ spec: value: '60' - name: REGION value: '' - - name: INSTANCE_TAG + - name: EC2_INSTANCE_TAG value: 'key:value' ``` diff --git a/mkdocs/docs/experiments/categories/aws/common/chaos-interval.yaml b/mkdocs/docs/experiments/categories/aws/common/chaos-interval.yaml index ea64a56c653..0d1ed988d5f 100644 --- a/mkdocs/docs/experiments/categories/aws/common/chaos-interval.yaml +++ b/mkdocs/docs/experiments/categories/aws/common/chaos-interval.yaml @@ -12,7 +12,7 @@ spec: spec: components: env: - # delay between each iteration of chaos + # delay between each iteration of chaos - name: CHAOS_INTERVAL value: '15' # time duration for the chaos execution @@ -20,6 +20,6 @@ spec: value: '60' - name: REGION value: '' - - name: INSTANCE_TAG + - name: EC2_INSTANCE_TAG value: 'key:value' - \ No newline at end of file + diff --git a/mkdocs/docs/experiments/categories/aws/common/managed-nodegroup.yaml b/mkdocs/docs/experiments/categories/aws/common/managed-nodegroup.yaml index e36984f453e..f463ffe806e 100644 --- a/mkdocs/docs/experiments/categories/aws/common/managed-nodegroup.yaml +++ b/mkdocs/docs/experiments/categories/aws/common/managed-nodegroup.yaml @@ -21,7 +21,7 @@ spec: - name: REGION value: '' # tag of the ec2 instance - - name: INSTANCE_TAG + - name: EC2_INSTANCE_TAG value: 'key:value' - name: TOTAL_CHAOS_DURATION value: '60' diff --git a/mkdocs/docs/experiments/categories/aws/ec2-stop-by-tag.md b/mkdocs/docs/experiments/categories/aws/ec2-stop-by-tag.md index a3b8b6b2154..1e7cb1aa7c6 100644 --- a/mkdocs/docs/experiments/categories/aws/ec2-stop-by-tag.md +++ b/mkdocs/docs/experiments/categories/aws/ec2-stop-by-tag.md @@ -137,9 +137,9 @@ When the MANAGED_NODEGROUP is enable then the experiment will not try to start t Notes - INSTANCE_TAG + EC2_INSTANCE_TAG Instance Tag to filter the target ec2 instance. - The INSTANCE_TAG should be provided as key:value ex: team:devops + The EC2_INSTANCE_TAG should be provided as key:value ex: team:devops REGION @@ -196,7 +196,7 @@ Refer the [common attributes](../common/common-tunables-for-all-experiments.md) ### Target single instance -It will stop a random single ec2 instance with the given `INSTANCE_TAG` tag and the `REGION` region. +It will stop a random single ec2 instance with the given `EC2_INSTANCE_TAG` tag and the `REGION` region. Use the following example to tune this: @@ -217,7 +217,7 @@ spec: components: env: # tag of the ec2 instance - - name: INSTANCE_TAG + - name: EC2_INSTANCE_TAG value: 'key:value' # region for the ec2 instance - name: REGION @@ -228,7 +228,7 @@ spec: ### Target Percent of instances -It will stop the `INSTANCE_AFFECTED_PERC` percentage of ec2 instances with the given `INSTANCE_TAG` tag and `REGION` region. +It will stop the `INSTANCE_AFFECTED_PERC` percentage of ec2 instances with the given `EC2_INSTANCE_TAG` tag and `REGION` region. Use the following example to tune this: @@ -252,7 +252,7 @@ spec: - name: INSTANCE_AFFECTED_PERC value: '100' # tag of the ec2 instance - - name: INSTANCE_TAG + - name: EC2_INSTANCE_TAG value: 'key:value' # region for the ec2 instance - name: REGION diff --git a/mkdocs/docs/experiments/categories/aws/ec2-stop-by-tag/instance-affected-percentage.yaml b/mkdocs/docs/experiments/categories/aws/ec2-stop-by-tag/instance-affected-percentage.yaml index a6b97b60b86..ae19b56954f 100644 --- a/mkdocs/docs/experiments/categories/aws/ec2-stop-by-tag/instance-affected-percentage.yaml +++ b/mkdocs/docs/experiments/categories/aws/ec2-stop-by-tag/instance-affected-percentage.yaml @@ -16,7 +16,7 @@ spec: - name: INSTANCE_AFFECTED_PERC value: '100' # tag of the ec2 instance - - name: INSTANCE_TAG + - name: EC2_INSTANCE_TAG value: 'key:value' # region for the ec2 instance - name: REGION diff --git a/mkdocs/docs/experiments/categories/aws/ec2-stop-by-tag/instance-tag.yaml b/mkdocs/docs/experiments/categories/aws/ec2-stop-by-tag/instance-tag.yaml index b862483106c..4c8772d79ed 100644 --- a/mkdocs/docs/experiments/categories/aws/ec2-stop-by-tag/instance-tag.yaml +++ b/mkdocs/docs/experiments/categories/aws/ec2-stop-by-tag/instance-tag.yaml @@ -13,7 +13,7 @@ spec: components: env: # tag of the ec2 instance - - name: INSTANCE_TAG + - name: EC2_INSTANCE_TAG value: 'key:value' # region for the ec2 instance - name: REGION From 3263df9e8ad79ba90fa20966c9162b53bd4ac4ad Mon Sep 17 00:00:00 2001 From: Shubham Chaudhary Date: Mon, 19 Aug 2024 10:22:59 +0530 Subject: [PATCH 09/31] chore(3.10.0): Adding the installation manifest for 3.10.0 (#4830) Signed-off-by: Shubham Chaudhary --- mkdocs/docs/chaos-scheduler-v3.10.0.yaml | 2750 +++++++++++++++ .../litmus-namespaced-operator.yaml | 14 +- .../litmus-namespaced-scheduler.yaml | 2 +- .../litmus-ns-experiment-rbac.yaml | 6 +- .../litmus-ns-rbac.yaml | 6 +- mkdocs/docs/litmus-operator-v3.10.0.yaml | 3004 +++++++++++++++++ 6 files changed, 5768 insertions(+), 14 deletions(-) create mode 100644 mkdocs/docs/chaos-scheduler-v3.10.0.yaml create mode 100644 mkdocs/docs/litmus-operator-v3.10.0.yaml diff --git a/mkdocs/docs/chaos-scheduler-v3.10.0.yaml b/mkdocs/docs/chaos-scheduler-v3.10.0.yaml new file mode 100644 index 00000000000..d96b32d1cd6 --- /dev/null +++ b/mkdocs/docs/chaos-scheduler-v3.10.0.yaml @@ -0,0 +1,2750 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: litmus +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: scheduler + namespace: litmus + labels: + name: scheduler +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: scheduler + labels: + name: scheduler +rules: +- apiGroups: [""] + resources: ["pods","events", "configmaps","services"] + verbs: ["create","get","list","delete","update","patch"] +- apiGroups: ["apps"] + resources: ["replicasets","deployments"] + verbs: ["get","list"] +- apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosschedules"] + verbs: ["get","create","update","patch","delete","list","watch","deletecollection"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: scheduler + labels: + name: scheduler +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: scheduler +subjects: +- kind: ServiceAccount + name: scheduler + namespace: litmus +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: chaos-scheduler + namespace: litmus +spec: + replicas: 1 + selector: + matchLabels: + name: chaos-scheduler + template: + metadata: + labels: + name: chaos-scheduler + spec: + serviceAccountName: scheduler + containers: + - name: chaos-scheduler + image: litmuschaos.docker.scarf.sh/litmuschaos/chaos-scheduler:3.10.0 + command: + - chaos-scheduler + imagePullPolicy: Always + env: + - name: WATCH_NAMESPACE + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: "chaos-scheduler" +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: chaosschedules.litmuschaos.io +spec: + group: litmuschaos.io + names: + kind: ChaosSchedule + listKind: ChaosScheduleList + plural: chaosschedules + singular: chaosschedule + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + type: object + properties: + engineTemplateSpec: + type: object + properties: + jobCleanUpPolicy: + type: string + pattern: ^(delete|retain)$ + # alternate ways to do this in case of complex pattern matches + #oneOf: + # - pattern: '^delete$' + # - pattern: '^retain$' + defaultHealthCheck: + type: boolean + appinfo: + type: object + properties: + appkind: + type: string + pattern: ^(^$|deployment|statefulset|daemonset|deploymentconfig|rollout)$ + applabel: + type: string + appns: + type: string + selectors: + type: object + properties: + pods: + items: + properties: + names: + type: string + namespace: + type: string + required: + - names + - namespace + type: object + type: array + workloads: + items: + properties: + kind: + type: string + pattern: ^(^$|deployment|statefulset|daemonset|deploymentconfig|rollout)$ + labels: + type: string + names: + type: string + namespace: + type: string + oneOf: + - required: [ names ] + - required: [ labels ] + required: + - kind + - namespace + type: object + type: array + oneOf: + - required: [ pods ] + - required: [ workloads ] + auxiliaryAppInfo: + type: string + engineState: + type: string + pattern: ^(active|stop)$ + chaosServiceAccount: + type: string + terminationGracePeriodSeconds: + type: integer + components: + type: object + properties: + sidecar: + type: array + items: + type: object + properties: + env: + description: ENV contains ENV passed to the sidecar container + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never + be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: EnvFrom for the sidecar container + items: + description: EnvFromSource represents the source of a + set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to + each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be + defined + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + secrets: + items: + properties: + mountPath: + type: string + name: + type: string + required: + - mountPath + - name + type: object + type: array + runner: + x-kubernetes-preserve-unknown-fields: true + type: object + properties: + image: + type: string + type: + type: string + pattern: ^(go)$ + runnerAnnotations: + type: object + runnerLabels: + type: object + additionalProperties: + type: string + properties: + key: + type: string + minLength: 1 + value: + type: string + minLength: 1 + tolerations: + description: Pod's tolerations. + items: + description: The pod with this Toleration tolerates any taint matches the using the matching operator . + properties: + effect: + description: Effect to match. Empty means all effects. + type: string + key: + description: Taint key the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists. + type: string + operator: + description: Operators are Exists or Equal. Defaults to Equal. + type: string + tolerationSeconds: + description: Period of time the toleration tolerates the taint. + format: int64 + type: integer + value: + description: If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + experiments: + type: array + items: + type: object + properties: + name: + type: string + spec: + type: object + properties: + probe: + type: array + items: + type: object + required: + - name + - type + - mode + - runProperties + properties: + name: + type: string + type: + type: string + minLength: 1 + pattern: ^(k8sProbe|httpProbe|cmdProbe|promProbe|sloProbe)$ + k8sProbe/inputs: + type: object + required: + - version + - resource + - operation + properties: + group: + type: string + version: + type: string + resource: + type: string + namespace: + type: string + resourceNames: + type: string + fieldSelector: + type: string + labelSelector: + type: string + operation: + type: string + pattern: ^(present|absent|create|delete)$ + minLength: 1 + cmdProbe/inputs: + type: object + required: + - command + - comparator + properties: + command: + type: string + minLength: 1 + comparator: + type: object + required: + - type + - criteria + - value + properties: + type: + type: string + minLength: 1 + pattern: ^(int|float|string)$ + criteria: + type: string + value: + type: string + source: + description: The external pod where we have to run the + probe commands. It will run the commands inside the experiment pod itself(inline mode) if source contains a nil value + required: + - image + properties: + annotations: + additionalProperties: + type: string + description: Annotations for the source pod + type: object + args: + description: Args for the source pod + items: + type: string + type: array + command: + description: Command for the source pod + items: + type: string + type: array + env: + description: ENVList contains ENV passed to + the source pod + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined + environment variables in the container + and any service environment variables. + If a variable cannot be resolved, the + reference in the input string will be + unchanged. The $(VAR_NAME) syntax can + be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, + regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment + variable's value. Cannot be used if + value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the + pod: supports metadata.name, metadata.namespace, + metadata.labels, metadata.annotations, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in + terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified API + version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + description: Specifies the output + format of the exposed resources, + defaults to "1" + type: string + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + hostNetwork: + description: HostNetwork define the hostNetwork + of the external pod it supports boolean values + and default value is false + type: boolean + inheritInputs: + description: InheritInputs define to inherit experiment + details in probe pod it supports boolean values + and default value is false. + type: boolean + image: + description: Image for the source pod + type: string + imagePullPolicy: + description: ImagePullPolicy for the source pod + type: string + imagePullSecrets: + description: ImagePullSecrets for source pod + items: + description: LocalObjectReference contains enough information + to let you locate the referenced object inside the same + namespace. + properties: + name: + description: 'Name of the referent' + type: string + type: object + type: array + labels: + additionalProperties: + type: string + description: Labels for the source pod + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector for the source pod + type: object + tolerations: + description: Tolerations for the source pod + items: + description: The pod with this Toleration tolerates any taint matches the using the matching operator . + properties: + effect: + description: Effect to match. Empty means all effects. + type: string + key: + description: Taint key the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists. + type: string + operator: + description: Operators are Exists or Equal. Defaults to Equal. + type: string + tolerationSeconds: + description: Period of time the toleration tolerates the taint. + format: int64 + type: integer + value: + description: If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + privileged: + description: Privileged for the source pod + type: boolean + volumeMount: + description: VolumesMount for the source pod + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: Path within the container + at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines + how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is + used. This field is beta in 1.10. + type: string + name: + description: This must match the Name + of a Volume. + type: string + readOnly: + description: Mounted read-only if true, + read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: Path within the volume from + which the container's volume should + be mounted. Defaults to "" (volume's + root). + type: string + subPathExpr: + description: Expanded path within the + volume from which the container's volume + should be mounted. Behaves similarly + to SubPath but environment variable + references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and + SubPath are mutually exclusive. This + field is beta in 1.15. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: Volumes for the source pod + items: + description: Volume represents a named volume + in a pod that may be accessed by any container + in the pod. + properties: + awsElasticBlockStore: + description: 'AWSElasticBlockStore represents + an AWS Disk resource that is attached + to a kubelet''s host machine and then + exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'Filesystem type of the + volume that you want to mount. Tip: + Ensure that the filesystem type + is supported by the host operating + system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be + "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in + the filesystem from compromising + the machine' + type: string + partition: + description: 'The partition in the + volume that you want to mount. If + omitted, the default is to mount + by volume name. Examples: For volume + /dev/sda1, you specify the partition + as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can + leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'Specify "true" to force + and set the ReadOnly property in + VolumeMounts to "true". If omitted, + the default is "false". More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'Unique ID of the persistent + disk resource in AWS (Amazon EBS + volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: AzureDisk represents an Azure + Data Disk mount on the host and bind + mount to the pod. + properties: + cachingMode: + description: 'Host Caching mode: None, + Read Only, Read Write.' + type: string + diskName: + description: The Name of the data + disk in the blob storage + type: string + diskURI: + description: The URI the data disk + in the blob storage + type: string + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + kind: + description: 'Expected values Shared: + multiple blob disks per storage + account Dedicated: single blob + disk per storage account Managed: + azure managed data disk (only in + managed availability set). defaults + to shared' + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: AzureFile represents an Azure + File Service mount on the host and bind + mount to the pod. + properties: + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + secretName: + description: the name of secret that + contains Azure Storage Account Name + and Key + type: string + shareName: + description: Share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: CephFS represents a Ceph + FS mount on the host that shares a pod's + lifetime + properties: + monitors: + description: 'Required: Monitors is + a collection of Ceph monitors More + info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'Optional: Used as the + mounted root, rather than the full + Ceph tree, default is /' + type: string + readOnly: + description: 'Optional: Defaults to + false (read/write). ReadOnly here + will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'Optional: SecretFile + is the path to key ring for User, + default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'Optional: SecretRef + is reference to the authentication + secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + user: + description: 'Optional: User is the + rados user name, default is admin + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'Cinder represents a cinder + volume attached and mounted on kubelets + host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'Optional: Defaults to + false (read/write). ReadOnly here + will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'Optional: points to + a secret object containing parameters + used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + volumeID: + description: 'volume id used to identify + the volume in cinder. More info: + https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: ConfigMap represents a configMap + that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits + to use on created files by default. + Must be a value between 0 and 0777. + Defaults to 0644. Directories within + the path are not affected by this + setting. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the + result can be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each + key-value pair in the Data field + of the referenced ConfigMap will + be projected into the volume as + a file whose name is the key and + content is the value. If specified, + the listed keys will be projected + into the specified paths, and unlisted + keys will not be present. If a key + is specified which is not present + in the ConfigMap, the volume setup + will error unless it is marked optional. + Paths must be relative and may not + contain the '..' path or start with + '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode + bits to use on this file, + must be a value between 0 + and 0777. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: The relative path + of the file to map the key + to. May not be an absolute + path. May not contain the + path element '..'. May not + start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + csi: + description: CSI (Container Storage Interface) + represents storage that is handled by + an external CSI driver (Alpha feature). + properties: + driver: + description: Driver is the name of + the CSI driver that handles this + volume. Consult with your admin + for the correct name as registered + in the cluster. + type: string + fsType: + description: Filesystem type to mount. + Ex. "ext4", "xfs", "ntfs". If not + provided, the empty value is passed + to the associated CSI driver which + will determine the default filesystem + to apply. + type: string + nodePublishSecretRef: + description: NodePublishSecretRef + is a reference to the secret object + containing sensitive information + to pass to the CSI driver to complete + the CSI NodePublishVolume and NodeUnpublishVolume + calls. This field is optional, and may + be empty if no secret is required. + If the secret object contains more + than one secret, all secret references + are passed. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + readOnly: + description: Specifies a read-only + configuration for the volume. Defaults + to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: VolumeAttributes stores + driver-specific properties that + are passed to the CSI driver. Consult + your driver's documentation for + supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: DownwardAPI represents downward + API about the pod that should populate + this volume + properties: + defaultMode: + description: 'Optional: mode bits + to use on created files by default. + Must be a value between 0 and 0777. + Defaults to 0644. Directories within + the path are not affected by this + setting. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the + result can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward + API volume file + items: + description: DownwardAPIVolumeFile + represents information to create + the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects + a field of the pod: only annotations, + labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version of + the schema the FieldPath + is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the + field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode + bits to use on this file, + must be a value between 0 + and 0777. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path + is the relative path name + of the file to be created. + Must not be absolute or contain + the ''..'' path. Must be utf-8 + encoded. The first item of + the relative path must not + start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource + of the container: only resources + limits and requests (limits.cpu, + limits.memory, requests.cpu + and requests.memory) are currently + supported.' + properties: + containerName: + description: 'Container + name: required for volumes, + optional for env vars' + type: string + divisor: + description: Specifies the + output format of the exposed + resources, defaults to + "1" + type: string + resource: + description: 'Required: + resource to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'EmptyDir represents a temporary + directory that shares a pod''s lifetime. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'What type of storage + medium should back this directory. + The default is "" which means to + use the node''s default medium. + Must be an empty string (default) + or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + description: 'Total amount of local + storage required for this EmptyDir + volume. The size limit is also applicable + for memory medium. The maximum usage + on memory medium EmptyDir would + be the minimum value between the + SizeLimit specified here and the + sum of memory limits of all containers + in a pod. The default is nil which + means that the limit is undefined. + More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + type: string + type: object + fc: + description: FC represents a Fibre Channel + resource that is attached to a kubelet's + host machine and then exposed to the + pod. + properties: + fsType: + description: 'Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in + the filesystem from compromising + the machine' + type: string + lun: + description: 'Optional: FC target + lun number' + format: int32 + type: integer + readOnly: + description: 'Optional: Defaults to + false (read/write). ReadOnly here + will force the ReadOnly setting + in VolumeMounts.' + type: boolean + targetWWNs: + description: 'Optional: FC target + worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: 'Optional: FC volume + world wide identifiers (wwids) Either + wwids or combination of targetWWNs + and lun must be set, but not both + simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: FlexVolume represents a generic + volume resource that is provisioned/attached + using an exec based plugin. + properties: + driver: + description: Driver is the name of + the driver to use for this volume. + type: string + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". The default + filesystem depends on FlexVolume + script. + type: string + options: + additionalProperties: + type: string + description: 'Optional: Extra command + options if any.' + type: object + readOnly: + description: 'Optional: Defaults to + false (read/write). ReadOnly here + will force the ReadOnly setting + in VolumeMounts.' + type: boolean + secretRef: + description: 'Optional: SecretRef + is reference to the secret object + containing sensitive information + to pass to the plugin scripts. This + may be empty if no secret object + is specified. If the secret object + contains more than one secret, all + secrets are passed to the plugin + scripts.' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + required: + - driver + type: object + flocker: + description: Flocker represents a Flocker + volume attached to a kubelet's host + machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: Name of the dataset stored + as metadata -> name on the dataset + for Flocker should be considered + as deprecated + type: string + datasetUUID: + description: UUID of the dataset. + This is unique identifier of a Flocker + dataset + type: string + type: object + gcePersistentDisk: + description: 'GCEPersistentDisk represents + a GCE Disk resource that is attached + to a kubelet''s host machine and then + exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'Filesystem type of the + volume that you want to mount. Tip: + Ensure that the filesystem type + is supported by the host operating + system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be + "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in + the filesystem from compromising + the machine' + type: string + partition: + description: 'The partition in the + volume that you want to mount. If + omitted, the default is to mount + by volume name. Examples: For volume + /dev/sda1, you specify the partition + as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can + leave the property empty). More + info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'Unique name of the PD + resource in GCE. Used to identify + the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'ReadOnly here will force + the ReadOnly setting in VolumeMounts. + Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'GitRepo represents a git + repository at a particular revision. + DEPRECATED: GitRepo is deprecated. To + provision a container with a git repo, + mount an EmptyDir into an InitContainer + that clones the repo using git, then + mount the EmptyDir into the Pod''s container.' + properties: + directory: + description: Target directory name. + Must not contain or start with '..'. If + '.' is supplied, the volume directory + will be the git repository. Otherwise, + if specified, the volume will contain + the git repository in the subdirectory + with the given name. + type: string + repository: + description: Repository URL + type: string + revision: + description: Commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'Glusterfs represents a Glusterfs + mount on the host that shares a pod''s + lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'EndpointsName is the + endpoint name that details Glusterfs + topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'Path is the Glusterfs + volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'ReadOnly here will force + the Glusterfs volume to be mounted + with read-only permissions. Defaults + to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'HostPath represents a pre-existing + file or directory on the host machine + that is directly exposed to the container. + This is generally used for system agents + or other privileged things that are + allowed to see the host machine. Most + containers will NOT need this. More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict + who can use host directory mounts and + who can/can not mount host directories + as read/write.' + properties: + path: + description: 'Path of the directory + on the host. If the path is a symlink, + it will follow the link to the real + path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'Type for HostPath Volume + Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'ISCSI represents an ISCSI + Disk resource that is attached to a + kubelet''s host machine and then exposed + to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: whether support iSCSI + Discovery CHAP authentication + type: boolean + chapAuthSession: + description: whether support iSCSI + Session CHAP authentication + type: boolean + fsType: + description: 'Filesystem type of the + volume that you want to mount. Tip: + Ensure that the filesystem type + is supported by the host operating + system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be + "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in + the filesystem from compromising + the machine' + type: string + initiatorName: + description: Custom iSCSI Initiator + Name. If initiatorName is specified + with iscsiInterface simultaneously, + new iSCSI interface : will be created for the connection. + type: string + iqn: + description: Target iSCSI Qualified + Name. + type: string + iscsiInterface: + description: iSCSI Interface Name + that uses an iSCSI transport. Defaults + to 'default' (tcp). + type: string + lun: + description: iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: iSCSI Target Portal List. + The portal is either an IP or ip_addr:port + if the port is other than default + (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: ReadOnly here will force + the ReadOnly setting in VolumeMounts. + Defaults to false. + type: boolean + secretRef: + description: CHAP Secret for iSCSI + target and initiator authentication + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + targetPortal: + description: iSCSI Target Portal. + The Portal is either an IP or ip_addr:port + if the port is other than default + (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'Volume''s name. Must be + a DNS_LABEL and unique within the pod. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'NFS represents an NFS mount + on the host that shares a pod''s lifetime + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'Path that is exported + by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'ReadOnly here will force + the NFS export to be mounted with + read-only permissions. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'Server is the hostname + or IP address of the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'PersistentVolumeClaimVolumeSource + represents a reference to a PersistentVolumeClaim + in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'ClaimName is the name + of a PersistentVolumeClaim in the + same namespace as the pod using + this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: Will force the ReadOnly + setting in VolumeMounts. Default + false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: PhotonPersistentDisk represents + a PhotonController persistent disk attached + and mounted on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + pdID: + description: ID that identifies Photon + Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: PortworxVolume represents + a portworx volume attached and mounted + on kubelets host machine + properties: + fsType: + description: FSType represents the + filesystem type to mount Must be + a filesystem type supported by the + host operating system. Ex. "ext4", + "xfs". Implicitly inferred to be + "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + volumeID: + description: VolumeID uniquely identifies + a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: Items for all in one resources + secrets, configmaps, and downward API + properties: + defaultMode: + description: Mode bits to use on created + files by default. Must be a value + between 0 and 0777. Directories + within the path are not affected + by this setting. This might be in + conflict with other options that + affect the file mode, like fsGroup, + and the result can be other mode + bits set. + format: int32 + type: integer + sources: + description: list of volume projections + items: + description: Projection that may + be projected along with other + supported volume types + properties: + configMap: + description: information about + the configMap data to project + properties: + items: + description: If unspecified, + each key-value pair in + the Data field of the + referenced ConfigMap will + be projected into the + volume as a file whose + name is the key and content + is the value. If specified, + the listed keys will be + projected into the specified + paths, and unlisted keys + will not be present. If + a key is specified which + is not present in the + ConfigMap, the volume + setup will error unless + it is marked optional. + Paths must be relative + and may not contain the + '..' path or start with + '..'. + items: + description: Maps a string + key to a path within + a volume. + properties: + key: + description: The key + to project. + type: string + mode: + description: 'Optional: + mode bits to use + on this file, must + be a value between + 0 and 0777. If not + specified, the volume + defaultMode will + be used. This might + be in conflict with + other options that + affect the file + mode, like fsGroup, + and the result can + be other mode bits + set.' + format: int32 + type: integer + path: + description: The relative + path of the file + to map the key to. + May not be an absolute + path. May not contain + the path element + '..'. May not start + with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its keys + must be defined + type: boolean + type: object + downwardAPI: + description: information about + the downwardAPI data to project + properties: + items: + description: Items is a + list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile + represents information + to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: + Selects a field + of the pod: only + annotations, labels, + name and namespace + are supported.' + properties: + apiVersion: + description: Version + of the schema + the FieldPath + is written in + terms of, defaults + to "v1". + type: string + fieldPath: + description: Path + of the field + to select in + the specified + API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: + mode bits to use + on this file, must + be a value between + 0 and 0777. If not + specified, the volume + defaultMode will + be used. This might + be in conflict with + other options that + affect the file + mode, like fsGroup, + and the result can + be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: + Path is the relative + path name of the + file to be created. + Must not be absolute + or contain the ''..'' + path. Must be utf-8 + encoded. The first + item of the relative + path must not start + with ''..''' + type: string + resourceFieldRef: + description: 'Selects + a resource of the + container: only + resources limits + and requests (limits.cpu, + limits.memory, requests.cpu + and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container + name: required + for volumes, + optional for + env vars' + type: string + divisor: + description: Specifies + the output format + of the exposed + resources, defaults + to "1" + type: string + resource: + description: 'Required: + resource to + select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: information about + the secret data to project + properties: + items: + description: If unspecified, + each key-value pair in + the Data field of the + referenced Secret will + be projected into the + volume as a file whose + name is the key and content + is the value. If specified, + the listed keys will be + projected into the specified + paths, and unlisted keys + will not be present. If + a key is specified which + is not present in the + Secret, the volume setup + will error unless it is + marked optional. Paths + must be relative and may + not contain the '..' path + or start with '..'. + items: + description: Maps a string + key to a path within + a volume. + properties: + key: + description: The key + to project. + type: string + mode: + description: 'Optional: + mode bits to use + on this file, must + be a value between + 0 and 0777. If not + specified, the volume + defaultMode will + be used. This might + be in conflict with + other options that + affect the file + mode, like fsGroup, + and the result can + be other mode bits + set.' + format: int32 + type: integer + path: + description: The relative + path of the file + to map the key to. + May not be an absolute + path. May not contain + the path element + '..'. May not start + with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether + the Secret or its key + must be defined + type: boolean + type: object + serviceAccountToken: + description: information about + the serviceAccountToken data + to project + properties: + audience: + description: Audience is + the intended audience + of the token. A recipient + of a token must identify + itself with an identifier + specified in the audience + of the token, and otherwise + should reject the token. + The audience defaults + to the identifier of the + apiserver. + type: string + expirationSeconds: + description: ExpirationSeconds + is the requested duration + of validity of the service + account token. As the + token approaches expiration, + the kubelet volume plugin + will proactively rotate + the service account token. + The kubelet will start + trying to rotate the token + if the token is older + than 80 percent of its + time to live or if the + token is older than 24 + hours.Defaults to 1 hour + and must be at least 10 + minutes. + format: int64 + type: integer + path: + description: Path is the + path relative to the mount + point of the file to project + the token into. + type: string + required: + - path + type: object + type: object + type: array + required: + - sources + type: object + quobyte: + description: Quobyte represents a Quobyte + mount on the host that shares a pod's + lifetime + properties: + group: + description: Group to map volume access + to Default is no group + type: string + readOnly: + description: ReadOnly here will force + the Quobyte volume to be mounted + with read-only permissions. Defaults + to false. + type: boolean + registry: + description: Registry represents a + single or multiple Quobyte Registry + services specified as a string as + host:port pair (multiple entries + are separated with commas) which + acts as the central registry for + volumes + type: string + tenant: + description: Tenant owning the given + Quobyte volume in the Backend Used + with dynamically provisioned Quobyte + volumes, value is set by the plugin + type: string + user: + description: User to map volume access + to Defaults to serivceaccount user + type: string + volume: + description: Volume is a string that + references an already created Quobyte + volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'RBD represents a Rados Block + Device mount on the host that shares + a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'Filesystem type of the + volume that you want to mount. Tip: + Ensure that the filesystem type + is supported by the host operating + system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be + "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in + the filesystem from compromising + the machine' + type: string + image: + description: 'The rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'Keyring is the path + to key ring for RBDUser. Default + is /etc/ceph/keyring. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'A collection of Ceph + monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'The rados pool name. + Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'ReadOnly here will force + the ReadOnly setting in VolumeMounts. + Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'SecretRef is name of + the authentication secret for RBDUser. + If provided overrides keyring. Default + is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + user: + description: 'The rados user name. + Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: ScaleIO represents a ScaleIO + persistent volume attached and mounted + on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Default is + "xfs". + type: string + gateway: + description: The host address of the + ScaleIO API Gateway. + type: string + protectionDomain: + description: The name of the ScaleIO + Protection Domain for the configured + storage. + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef references + to the secret for ScaleIO user and + other sensitive information. If + this is not provided, Login operation + will fail. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + sslEnabled: + description: Flag to enable/disable + SSL communication with Gateway, + default false + type: boolean + storageMode: + description: Indicates whether the + storage for a volume should be ThickProvisioned + or ThinProvisioned. Default is ThinProvisioned. + type: string + storagePool: + description: The ScaleIO Storage Pool + associated with the protection domain. + type: string + system: + description: The name of the storage + system as configured in ScaleIO. + type: string + volumeName: + description: The name of a volume + already created in the ScaleIO system + that is associated with this volume + source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'Secret represents a secret + that should populate this volume. More + info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'Optional: mode bits + to use on created files by default. + Must be a value between 0 and 0777. + Defaults to 0644. Directories within + the path are not affected by this + setting. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the + result can be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each + key-value pair in the Data field + of the referenced Secret will be + projected into the volume as a file + whose name is the key and content + is the value. If specified, the + listed keys will be projected into + the specified paths, and unlisted + keys will not be present. If a key + is specified which is not present + in the Secret, the volume setup + will error unless it is marked optional. + Paths must be relative and may not + contain the '..' path or start with + '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode + bits to use on this file, + must be a value between 0 + and 0777. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: The relative path + of the file to map the key + to. May not be an absolute + path. May not contain the + path element '..'. May not + start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: Specify whether the Secret + or its keys must be defined + type: boolean + secretName: + description: 'Name of the secret in + the pod''s namespace to use. More + info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: StorageOS represents a StorageOS + volume attached and mounted on Kubernetes + nodes. + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef specifies the + secret to use for obtaining the + StorageOS API credentials. If not + specified, default values will be + attempted. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + volumeName: + description: VolumeName is the human-readable + name of the StorageOS volume. Volume + names are only unique within a namespace. + type: string + volumeNamespace: + description: VolumeNamespace specifies + the scope of the volume within StorageOS. If + no namespace is specified then the + Pod's namespace will be used. This + allows the Kubernetes name scoping + to be mirrored within StorageOS + for tighter integration. Set VolumeName + to any name to override the default + behaviour. Set to "default" if you + are not using namespaces within + StorageOS. Namespaces that do not + pre-exist within StorageOS will + be created. + type: string + type: object + vsphereVolume: + description: VsphereVolume represents + a vSphere volume attached and mounted + on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: Storage Policy Based + Management (SPBM) profile ID associated + with the StoragePolicyName. + type: string + storagePolicyName: + description: Storage Policy Based + Management (SPBM) profile name. + type: string + volumePath: + description: Path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + type: object + httpProbe/inputs: + type: object + required: + - url + - method + properties: + url: + type: string + minLength: 1 + insecureSkipVerify: + type: boolean + method: + type: object + minProperties: 1 + properties: + get: + type: object + required: + - criteria + - responseCode + properties: + criteria: + type: string + minLength: 1 + responseCode: + type: string + minLength: 1 + post: + type: object + required: + - criteria + - responseCode + properties: + contentType: + type: string + minLength: 1 + body: + type: string + bodyPath: + type: string + criteria: + type: string + minLength: 1 + responseCode: + type: string + minLength: 1 + promProbe/inputs: + type: object + required: + - endpoint + - comparator + properties: + endpoint: + type: string + query: + type: string + queryPath: + type: string + comparator: + type: object + required: + - criteria + - value + properties: + criteria: + type: string + value: + type: string + runProperties: + type: object + minProperties: 2 + required: + - probeTimeout + - interval + properties: + evaluationTimeout: + type: string + probeTimeout: + type: string + interval: + type: string + retry: + type: integer + attempt: + type: integer + probePollingInterval: + type: string + initialDelaySeconds: + type: integer + initialDelay: + type: string + verbosity: + type: string + stopOnFailure: + type: boolean + sloProbe/inputs: + description: inputs needed for the SLO probe + required: + - platformEndpoint + - sloIdentifier + - sloSourceMetadata + - comparator + properties: + comparator: + description: Comparator check for the correctness + of the probe output + required: + - criteria + - value + properties: + criteria: + description: Criteria for matching data it + supports >=, <=, ==, >, <, != for int and + float it supports equal, notEqual, contains + for string + type: string + type: + description: Type of data it can be int, float, + string + type: string + value: + description: Value contains relative value + for criteria + type: string + type: object + evaluationWindow: + description: EvaluationWindow is the time period + for which the metrics will be evaluated + properties: + evaluationEndTime: + description: End time of evaluation + type: integer + evaluationStartTime: + description: Start time of evaluation + type: integer + type: object + platformEndpoint: + description: PlatformEndpoint for the monitoring + service endpoint + type: string + insecureSkipVerify: + description: InsecureSkipVerify flag to skip certificate + checks + type: boolean + sloIdentifier: + description: SLOIdentifier for fetching the details + of the SLO + type: string + sloSourceMetadata: + description: SLOSourceMetadata consists of required + metadata details to fetch metric data + required: + - apiTokenSecret + - scope + properties: + apiTokenSecret: + description: APITokenSecret for authenticating + with the platform service + type: string + scope: + description: Scope required for fetching details + required: + - accountIdentifier + - orgIdentifier + - projectIdentifier + properties: + accountIdentifier: + description: AccountIdentifier for account + ID + type: string + orgIdentifier: + description: OrgIdentifier for organization + ID + type: string + projectIdentifier: + description: ProjectIdentifier for project + ID + type: string + type: object + type: object + type: object + mode: + type: string + pattern: ^(SOT|EOT|Edge|Continuous|OnChaos)$ + minLength: 1 + data: + type: string + components: + x-kubernetes-preserve-unknown-fields: true + type: object + properties: + statusCheckTimeouts: + type: object + properties: + delay: + type: integer + timeout: + type: integer + nodeSelector: + type: object + additionalProperties: + type: string + properties: + key: + type: string + minLength: 1 + allowEmptyValue: false + value: + type: string + minLength: 1 + allowEmptyValue: false + experimentImage: + type: string + env: + type: array + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + metadata.labels, metadata.annotations, spec.nodeName, + spec.serviceAccountName, status.hostIP, + status.podIP.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + configMaps: + type: array + items: + type: object + properties: + name: + type: string + mountPath: + type: string + secrets: + type: array + items: + type: object + properties: + name: + type: string + mountPath: + type: string + experimentAnnotations: + type: object + additionalProperties: + type: string + properties: + key: + type: string + minLength: 1 + allowEmptyValue: false + value: + type: string + minLength: 1 + allowEmptyValue: false + tolerations: + description: Pod's tolerations. + items: + description: The pod with this Toleration tolerates any taint matches the using the matching operator . + properties: + effect: + description: Effect to match. Empty means all effects. + type: string + key: + description: Taint key the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists. + type: string + operator: + description: Operators are Exists or Equal. Defaults to Equal. + type: string + tolerationSeconds: + description: Period of time the toleration tolerates the taint. + format: int64 + type: integer + value: + description: If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + concurrencyPolicy: + type: string + scheduleState: + type: string + schedule: + oneOf: + - required: + - now + - required: + - once + - required: + - repeat + properties: + now: + type: boolean + once: + properties: + executionTime: + format: date-time + type: string + type: object + repeat: + properties: + timeRange: + properties: + endTime: + format: date-time + type: string + startTime: + format: date-time + type: string + type: object + workHours: + properties: + includedHours: + type: string + type: object + required: + - includedHours + workDays: + properties: + includedDays: + pattern: ((Mon|Tue|Wed|Thu|Fri|Sat|Sun)(,))*(Mon|Tue|Wed|Thu|Fri|Sat|Sun) + type: string + type: object + required: + - includedDays + properties: + properties: + minChaosInterval: + properties: + hour: + properties: + everyNthHour: + type: integer + minuteOfTheHour: + type: integer + type: object + minute: + properties: + everyNthMinute: + type: integer + type: object + type: object + minProperties: 1 + maxProperties: 1 + random: + type: boolean + type: object + required: + - minChaosInterval + type: object + required: + - properties + type: object + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: {} + conversion: + strategy: None diff --git a/mkdocs/docs/litmus-namespaced-scope/litmus-namespaced-operator.yaml b/mkdocs/docs/litmus-namespaced-scope/litmus-namespaced-operator.yaml index 49772fe413f..4f8cc1a5741 100644 --- a/mkdocs/docs/litmus-namespaced-scope/litmus-namespaced-operator.yaml +++ b/mkdocs/docs/litmus-namespaced-scope/litmus-namespaced-operator.yaml @@ -7,7 +7,7 @@ metadata: app.kubernetes.io/name: litmus # provide unique instance-id if applicable # app.kubernetes.io/instance: litmus-abcxzy - app.kubernetes.io/version: v3.9.0 + app.kubernetes.io/version: v3.10.0 app.kubernetes.io/component: operator-serviceaccount app.kubernetes.io/part-of: litmus app.kubernetes.io/managed-by: kubectl @@ -22,7 +22,7 @@ metadata: app.kubernetes.io/name: litmus # provide unique instance-id if applicable # app.kubernetes.io/instance: litmus-abcxzy - app.kubernetes.io/version: v3.9.0 + app.kubernetes.io/version: v3.10.0 app.kubernetes.io/component: operator-role app.kubernetes.io/part-of: litmus app.kubernetes.io/managed-by: kubectl @@ -59,7 +59,7 @@ metadata: app.kubernetes.io/name: litmus # provide unique instance-id if applicable # app.kubernetes.io/instance: litmus-abcxzy - app.kubernetes.io/version: v3.9.0 + app.kubernetes.io/version: v3.10.0 app.kubernetes.io/component: operator-rolebinding app.kubernetes.io/part-of: litmus app.kubernetes.io/managed-by: kubectl @@ -81,7 +81,7 @@ metadata: app.kubernetes.io/name: litmus # provide unique instance-id if applicable # app.kubernetes.io/instance: litmus-abcxzy - app.kubernetes.io/version: v3.9.0 + app.kubernetes.io/version: v3.10.0 app.kubernetes.io/component: operator app.kubernetes.io/part-of: litmus app.kubernetes.io/managed-by: kubectl @@ -97,7 +97,7 @@ spec: app.kubernetes.io/name: litmus # provide unique instance-id if applicable # app.kubernetes.io/instance: litmus-abcxzy - app.kubernetes.io/version: v3.9.0 + app.kubernetes.io/version: v3.10.0 app.kubernetes.io/component: operator app.kubernetes.io/part-of: litmus app.kubernetes.io/managed-by: kubectl @@ -106,13 +106,13 @@ spec: serviceAccountName: litmus containers: - name: chaos-operator - image: litmuschaos.docker.scarf.sh/litmuschaos/chaos-operator:3.9.0 + image: litmuschaos.docker.scarf.sh/litmuschaos/chaos-operator:3.10.0 command: - chaos-operator imagePullPolicy: Always env: - name: CHAOS_RUNNER_IMAGE - value: "litmuschaos.docker.scarf.sh/litmuschaos/chaos-runner:3.9.0" + value: "litmuschaos.docker.scarf.sh/litmuschaos/chaos-runner:3.10.0" - name: WATCH_NAMESPACE valueFrom: fieldRef: diff --git a/mkdocs/docs/litmus-namespaced-scope/litmus-namespaced-scheduler.yaml b/mkdocs/docs/litmus-namespaced-scope/litmus-namespaced-scheduler.yaml index 326fdfee6b5..da50ba05d7c 100644 --- a/mkdocs/docs/litmus-namespaced-scope/litmus-namespaced-scheduler.yaml +++ b/mkdocs/docs/litmus-namespaced-scope/litmus-namespaced-scheduler.yaml @@ -16,7 +16,7 @@ spec: containers: - name: chaos-scheduler # Replace this with the built image name - image: litmuschaos.docker.scarf.sh/litmuschaos/chaos-scheduler:3.9.0 + image: litmuschaos.docker.scarf.sh/litmuschaos/chaos-scheduler:3.10.0 command: - chaos-scheduler imagePullPolicy: IfNotPresent diff --git a/mkdocs/docs/litmus-namespaced-scope/litmus-ns-experiment-rbac.yaml b/mkdocs/docs/litmus-namespaced-scope/litmus-ns-experiment-rbac.yaml index 0fd357eb2aa..3ecf1121214 100644 --- a/mkdocs/docs/litmus-namespaced-scope/litmus-ns-experiment-rbac.yaml +++ b/mkdocs/docs/litmus-namespaced-scope/litmus-ns-experiment-rbac.yaml @@ -7,7 +7,7 @@ metadata: app.kubernetes.io/name: litmus # provide unique instance-id if applicable # app.kubernetes.io/instance: litmus-abcxzy - app.kubernetes.io/version: v3.9.0 + app.kubernetes.io/version: v3.10.0 app.kubernetes.io/component: operator-serviceaccount app.kubernetes.io/part-of: litmus app.kubernetes.io/managed-by: kubectl @@ -22,7 +22,7 @@ metadata: app.kubernetes.io/name: litmus # provide unique instance-id if applicable # app.kubernetes.io/instance: litmus-abcxzy - app.kubernetes.io/version: v3.9.0 + app.kubernetes.io/version: v3.10.0 app.kubernetes.io/component: operator-role app.kubernetes.io/part-of: litmus app.kubernetes.io/managed-by: kubectl @@ -59,7 +59,7 @@ metadata: app.kubernetes.io/name: litmus # provide unique instance-id if applicable # app.kubernetes.io/instance: litmus-abcxzy - app.kubernetes.io/version: v3.9.0 + app.kubernetes.io/version: v3.10.0 app.kubernetes.io/component: operator-rolebinding app.kubernetes.io/part-of: litmus app.kubernetes.io/managed-by: kubectl diff --git a/mkdocs/docs/litmus-namespaced-scope/litmus-ns-rbac.yaml b/mkdocs/docs/litmus-namespaced-scope/litmus-ns-rbac.yaml index 79959c367f7..825d538c651 100644 --- a/mkdocs/docs/litmus-namespaced-scope/litmus-ns-rbac.yaml +++ b/mkdocs/docs/litmus-namespaced-scope/litmus-ns-rbac.yaml @@ -7,7 +7,7 @@ metadata: app.kubernetes.io/name: litmus # provide unique instance-id if applicable # app.kubernetes.io/instance: litmus-abcxzy - app.kubernetes.io/version: v3.9.0 + app.kubernetes.io/version: v3.10.0 app.kubernetes.io/component: operator-serviceaccount app.kubernetes.io/part-of: litmus app.kubernetes.io/managed-by: kubectl @@ -22,7 +22,7 @@ metadata: app.kubernetes.io/name: litmus # provide unique instance-id if applicable # app.kubernetes.io/instance: litmus-abcxzy - app.kubernetes.io/version: v3.9.0 + app.kubernetes.io/version: v3.10.0 app.kubernetes.io/component: operator-role app.kubernetes.io/part-of: litmus app.kubernetes.io/managed-by: kubectl @@ -62,7 +62,7 @@ metadata: app.kubernetes.io/name: litmus # provide unique instance-id if applicable # app.kubernetes.io/instance: litmus-abcxzy - app.kubernetes.io/version: v3.9.0 + app.kubernetes.io/version: v3.10.0 app.kubernetes.io/component: operator-rolebinding app.kubernetes.io/part-of: litmus app.kubernetes.io/managed-by: kubectl diff --git a/mkdocs/docs/litmus-operator-v3.10.0.yaml b/mkdocs/docs/litmus-operator-v3.10.0.yaml new file mode 100644 index 00000000000..f939926bece --- /dev/null +++ b/mkdocs/docs/litmus-operator-v3.10.0.yaml @@ -0,0 +1,3004 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: litmus +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: litmus + namespace: litmus + labels: + app.kubernetes.io/name: litmus + # provide unique instance-id if applicable + # app.kubernetes.io/instance: litmus-abcxzy + app.kubernetes.io/version: v3.10.0 + app.kubernetes.io/component: operator-serviceaccount + app.kubernetes.io/part-of: litmus + app.kubernetes.io/managed-by: kubectl + name: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: litmus + labels: + app.kubernetes.io/name: litmus + # provide unique instance-id if applicable + # app.kubernetes.io/instance: litmus-abcxzy + app.kubernetes.io/version: v3.10.0 + app.kubernetes.io/component: operator-clusterrole + app.kubernetes.io/part-of: litmus + app.kubernetes.io/managed-by: kubectl + name: litmus +rules: + # ******************************************************************* + # Permissions needed for creation and discovery of chaos component + # ******************************************************************* + +# for checking app parent resources if they are eligible chaos candidates +- apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + +# for checking app parent resources if they are eligible chaos candidates +- apiGroups: [""] + resources: ["secrets"] + verbs: ["get","list"] + +# for checking (openshift) app parent resources if they are eligible chaos candidates +- apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["get","list"] + +# for operator to perform asset discovery of available resources on the cluster which can be picked as a target for chaos +- apiGroups: ["apps"] + resources: ["deployments", "daemonsets", "replicasets", "statefulsets"] + verbs: ["get","list"] + +# for operator to perform asset discovery of experiment jobs +- apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["get","list"] + +# for checking (argo) app parent resources if they are eligible chaos candidates +- apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["get","list"] + +# for creating and monitoring the chaos-runner pods +- apiGroups: [""] + resources: ["pods","events"] + verbs: ["get","create","update","patch","delete","list","watch","deletecollection"] + +# for operator to create or get the service for mertics +- apiGroups: [""] + resources: ["services"] + verbs: ["create","update","get","list","watch","delete"] + +# for operator to create and manage configmap to handle race condition +- apiGroups: [""] + resources: ["configmaps"] + verbs: ["create","update","get","list","watch","delete"] + +# for operator to perform removal of experiment jobs +- apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["delete","deletecollection"] + +# for creation, status polling and deletion of litmus chaos resources used within an experiment +- apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["get","create","update","patch","delete","list","watch","deletecollection"] + +# for validation of existance of chaosresult crd +- apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["list","get"] + +# for managing litmus resource deletion +- apiGroups: ["litmuschaos.io"] + resources: ["chaosengines/finalizers"] + verbs: ["update"] + +# for leader election in case of multireplica +- apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get","create","list","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: litmus + labels: + app.kubernetes.io/name: litmus + # provide unique instance-id if applicable + # app.kubernetes.io/instance: litmus-abcxzy + app.kubernetes.io/version: v3.10.0 + app.kubernetes.io/component: operator-clusterrolebinding + app.kubernetes.io/part-of: litmus + app.kubernetes.io/managed-by: kubectl + name: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: litmus +subjects: +- kind: ServiceAccount + name: litmus + namespace: litmus +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/name: litmus + # provide unique instance-id if applicable + # app.kubernetes.io/instance: litmus-abcxzy + app.kubernetes.io/version: v3.10.0 + app.kubernetes.io/component: operator + app.kubernetes.io/part-of: litmus + app.kubernetes.io/managed-by: kubectl + name: litmus + name: chaos-operator-ce + namespace: litmus +spec: + replicas: 1 + selector: + matchLabels: + name: chaos-operator + template: + metadata: + labels: + app.kubernetes.io/name: litmus + # provide unique instance-id if applicable + # app.kubernetes.io/instance: litmus-abcxzy + app.kubernetes.io/version: v3.10.0 + app.kubernetes.io/component: operator + app.kubernetes.io/part-of: litmus + app.kubernetes.io/managed-by: kubectl + name: chaos-operator + spec: + serviceAccountName: litmus + containers: + - name: chaos-operator + image: litmuschaos.docker.scarf.sh/litmuschaos/chaos-operator:3.10.0 + command: + - chaos-operator + args: + - -leader-elect=true + imagePullPolicy: Always + env: + - name: CHAOS_RUNNER_IMAGE + value: "litmuschaos.docker.scarf.sh/litmuschaos/chaos-runner:3.10.0" + - name: WATCH_NAMESPACE + value: "" + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: "chaos-operator" +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: chaosengines.litmuschaos.io +spec: + group: litmuschaos.io + names: + kind: ChaosEngine + listKind: ChaosEngineList + plural: chaosengines + singular: chaosengine + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + type: object + properties: + jobCleanUpPolicy: + type: string + pattern: ^(delete|retain)$ + # alternate ways to do this in case of complex pattern matches + #oneOf: + # - pattern: '^delete$' + # - pattern: '^retain$' + defaultHealthCheck: + type: boolean + appinfo: + type: object + properties: + appkind: + type: string + pattern: ^(^$|deployment|statefulset|daemonset|deploymentconfig|rollout)$ + applabel: + type: string + appns: + type: string + selectors: + type: object + properties: + pods: + items: + properties: + names: + type: string + namespace: + type: string + required: + - names + - namespace + type: object + type: array + workloads: + items: + properties: + kind: + type: string + pattern: ^(^$|deployment|statefulset|daemonset|deploymentconfig|rollout)$ + labels: + type: string + names: + type: string + namespace: + type: string + oneOf: + - required: [ names ] + - required: [ labels ] + required: + - kind + - namespace + type: object + type: array + oneOf: + - required: [ pods ] + - required: [ workloads ] + auxiliaryAppInfo: + type: string + engineState: + type: string + pattern: ^(active|stop)$ + chaosServiceAccount: + type: string + terminationGracePeriodSeconds: + type: integer + components: + type: object + properties: + sidecar: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + properties: + env: + description: ENV contains ENV passed to the sidecar container + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are + expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, the + reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never + be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for + volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: EnvFrom for the sidecar container + items: + description: EnvFromSource represents the source of a + set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to + each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be + defined + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + secrets: + items: + properties: + mountPath: + type: string + name: + type: string + required: + - mountPath + - name + type: object + type: array + runner: + x-kubernetes-preserve-unknown-fields: true + type: object + properties: + image: + type: string + type: + type: string + pattern: ^(go)$ + runnerAnnotations: + type: object + runnerLabels: + type: object + additionalProperties: + type: string + properties: + key: + type: string + minLength: 1 + value: + type: string + minLength: 1 + tolerations: + description: Pod's tolerations. + items: + description: The pod with this Toleration tolerates any taint matches the using the matching operator . + properties: + effect: + description: Effect to match. Empty means all effects. + type: string + key: + description: Taint key the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists. + type: string + operator: + description: Operators are Exists or Equal. Defaults to Equal. + type: string + tolerationSeconds: + description: Period of time the toleration tolerates the taint. + format: int64 + type: integer + value: + description: If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + experiments: + type: array + items: + type: object + properties: + name: + type: string + spec: + type: object + properties: + probe: + type: array + items: + type: object + required: + - name + - type + - mode + - runProperties + properties: + name: + type: string + type: + type: string + minLength: 1 + pattern: ^(k8sProbe|httpProbe|cmdProbe|promProbe)$ + k8sProbe/inputs: + type: object + required: + - version + - resource + - operation + properties: + group: + type: string + version: + type: string + resource: + type: string + namespace: + type: string + resourceNames: + type: string + fieldSelector: + type: string + labelSelector: + type: string + operation: + type: string + pattern: ^(present|absent|create|delete)$ + minLength: 1 + cmdProbe/inputs: + type: object + required: + - command + - comparator + properties: + command: + type: string + minLength: 1 + comparator: + type: object + required: + - type + - criteria + - value + properties: + type: + type: string + minLength: 1 + pattern: ^(int|float|string)$ + criteria: + type: string + value: + type: string + source: + description: The external pod where we have to run the + probe commands. It will run the commands inside the experiment pod itself(inline mode) if source contains a nil value + required: + - image + properties: + annotations: + additionalProperties: + type: string + description: Annotations for the source pod + type: object + args: + description: Args for the source pod + items: + type: string + type: array + command: + description: Command for the source pod + items: + type: string + type: array + env: + description: ENVList contains ENV passed to + the source pod + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined + environment variables in the container + and any service environment variables. + If a variable cannot be resolved, the + reference in the input string will be + unchanged. The $(VAR_NAME) syntax can + be escaped with a double $$, ie: $$(VAR_NAME). + Escaped references will never be expanded, + regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment + variable's value. Cannot be used if + value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the + pod: supports metadata.name, metadata.namespace, + metadata.labels, metadata.annotations, + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in + terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified API + version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of + the container: only resources limits + and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + description: Specifies the output + format of the exposed resources, + defaults to "1" + type: string + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + hostNetwork: + description: HostNetwork define the hostNetwork + of the external pod it supports boolean values + and default value is false + type: boolean + inheritInputs: + description: InheritInputs define to inherit experiment + details in probe pod it supports boolean values + and default value is false. + type: boolean + image: + description: Image for the source pod + type: string + imagePullPolicy: + description: ImagePullPolicy for the source pod + type: string + imagePullSecrets: + description: ImagePullSecrets for source pod + items: + description: LocalObjectReference contains enough information + to let you locate the referenced object inside the same + namespace. + properties: + name: + description: 'Name of the referent' + type: string + type: object + type: array + labels: + additionalProperties: + type: string + description: Labels for the source pod + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector for the source pod + type: object + tolerations: + description: Tolerations for the source pod + items: + description: The pod with this Toleration tolerates any taint matches the using the matching operator . + properties: + effect: + description: Effect to match. Empty means all effects. + type: string + key: + description: Taint key the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists. + type: string + operator: + description: Operators are Exists or Equal. Defaults to Equal. + type: string + tolerationSeconds: + description: Period of time the toleration tolerates the taint. + format: int64 + type: integer + value: + description: If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + privileged: + description: Privileged for the source pod + type: boolean + volumeMount: + description: VolumesMount for the source pod + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: Path within the container + at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines + how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is + used. This field is beta in 1.10. + type: string + name: + description: This must match the Name + of a Volume. + type: string + readOnly: + description: Mounted read-only if true, + read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: Path within the volume from + which the container's volume should + be mounted. Defaults to "" (volume's + root). + type: string + subPathExpr: + description: Expanded path within the + volume from which the container's volume + should be mounted. Behaves similarly + to SubPath but environment variable + references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and + SubPath are mutually exclusive. This + field is beta in 1.15. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: Volumes for the source pod + items: + description: Volume represents a named volume + in a pod that may be accessed by any container + in the pod. + properties: + awsElasticBlockStore: + description: 'AWSElasticBlockStore represents + an AWS Disk resource that is attached + to a kubelet''s host machine and then + exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'Filesystem type of the + volume that you want to mount. Tip: + Ensure that the filesystem type + is supported by the host operating + system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be + "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in + the filesystem from compromising + the machine' + type: string + partition: + description: 'The partition in the + volume that you want to mount. If + omitted, the default is to mount + by volume name. Examples: For volume + /dev/sda1, you specify the partition + as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can + leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'Specify "true" to force + and set the ReadOnly property in + VolumeMounts to "true". If omitted, + the default is "false". More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'Unique ID of the persistent + disk resource in AWS (Amazon EBS + volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: AzureDisk represents an Azure + Data Disk mount on the host and bind + mount to the pod. + properties: + cachingMode: + description: 'Host Caching mode: None, + Read Only, Read Write.' + type: string + diskName: + description: The Name of the data + disk in the blob storage + type: string + diskURI: + description: The URI the data disk + in the blob storage + type: string + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + kind: + description: 'Expected values Shared: + multiple blob disks per storage + account Dedicated: single blob + disk per storage account Managed: + azure managed data disk (only in + managed availability set). defaults + to shared' + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: AzureFile represents an Azure + File Service mount on the host and bind + mount to the pod. + properties: + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + secretName: + description: the name of secret that + contains Azure Storage Account Name + and Key + type: string + shareName: + description: Share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: CephFS represents a Ceph + FS mount on the host that shares a pod's + lifetime + properties: + monitors: + description: 'Required: Monitors is + a collection of Ceph monitors More + info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'Optional: Used as the + mounted root, rather than the full + Ceph tree, default is /' + type: string + readOnly: + description: 'Optional: Defaults to + false (read/write). ReadOnly here + will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'Optional: SecretFile + is the path to key ring for User, + default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'Optional: SecretRef + is reference to the authentication + secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + user: + description: 'Optional: User is the + rados user name, default is admin + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'Cinder represents a cinder + volume attached and mounted on kubelets + host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'Optional: Defaults to + false (read/write). ReadOnly here + will force the ReadOnly setting + in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'Optional: points to + a secret object containing parameters + used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + volumeID: + description: 'volume id used to identify + the volume in cinder. More info: + https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: ConfigMap represents a configMap + that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits + to use on created files by default. + Must be a value between 0 and 0777. + Defaults to 0644. Directories within + the path are not affected by this + setting. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the + result can be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each + key-value pair in the Data field + of the referenced ConfigMap will + be projected into the volume as + a file whose name is the key and + content is the value. If specified, + the listed keys will be projected + into the specified paths, and unlisted + keys will not be present. If a key + is specified which is not present + in the ConfigMap, the volume setup + will error unless it is marked optional. + Paths must be relative and may not + contain the '..' path or start with + '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode + bits to use on this file, + must be a value between 0 + and 0777. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: The relative path + of the file to map the key + to. May not be an absolute + path. May not contain the + path element '..'. May not + start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + csi: + description: CSI (Container Storage Interface) + represents storage that is handled by + an external CSI driver (Alpha feature). + properties: + driver: + description: Driver is the name of + the CSI driver that handles this + volume. Consult with your admin + for the correct name as registered + in the cluster. + type: string + fsType: + description: Filesystem type to mount. + Ex. "ext4", "xfs", "ntfs". If not + provided, the empty value is passed + to the associated CSI driver which + will determine the default filesystem + to apply. + type: string + nodePublishSecretRef: + description: NodePublishSecretRef + is a reference to the secret object + containing sensitive information + to pass to the CSI driver to complete + the CSI NodePublishVolume and NodeUnpublishVolume + calls. This field is optional, and may + be empty if no secret is required. + If the secret object contains more + than one secret, all secret references + are passed. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + readOnly: + description: Specifies a read-only + configuration for the volume. Defaults + to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: VolumeAttributes stores + driver-specific properties that + are passed to the CSI driver. Consult + your driver's documentation for + supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: DownwardAPI represents downward + API about the pod that should populate + this volume + properties: + defaultMode: + description: 'Optional: mode bits + to use on created files by default. + Must be a value between 0 and 0777. + Defaults to 0644. Directories within + the path are not affected by this + setting. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the + result can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward + API volume file + items: + description: DownwardAPIVolumeFile + represents information to create + the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects + a field of the pod: only annotations, + labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version of + the schema the FieldPath + is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the + field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode + bits to use on this file, + must be a value between 0 + and 0777. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path + is the relative path name + of the file to be created. + Must not be absolute or contain + the ''..'' path. Must be utf-8 + encoded. The first item of + the relative path must not + start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource + of the container: only resources + limits and requests (limits.cpu, + limits.memory, requests.cpu + and requests.memory) are currently + supported.' + properties: + containerName: + description: 'Container + name: required for volumes, + optional for env vars' + type: string + divisor: + description: Specifies the + output format of the exposed + resources, defaults to + "1" + type: string + resource: + description: 'Required: + resource to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'EmptyDir represents a temporary + directory that shares a pod''s lifetime. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'What type of storage + medium should back this directory. + The default is "" which means to + use the node''s default medium. + Must be an empty string (default) + or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + description: 'Total amount of local + storage required for this EmptyDir + volume. The size limit is also applicable + for memory medium. The maximum usage + on memory medium EmptyDir would + be the minimum value between the + SizeLimit specified here and the + sum of memory limits of all containers + in a pod. The default is nil which + means that the limit is undefined. + More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + type: string + type: object + fc: + description: FC represents a Fibre Channel + resource that is attached to a kubelet's + host machine and then exposed to the + pod. + properties: + fsType: + description: 'Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in + the filesystem from compromising + the machine' + type: string + lun: + description: 'Optional: FC target + lun number' + format: int32 + type: integer + readOnly: + description: 'Optional: Defaults to + false (read/write). ReadOnly here + will force the ReadOnly setting + in VolumeMounts.' + type: boolean + targetWWNs: + description: 'Optional: FC target + worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: 'Optional: FC volume + world wide identifiers (wwids) Either + wwids or combination of targetWWNs + and lun must be set, but not both + simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: FlexVolume represents a generic + volume resource that is provisioned/attached + using an exec based plugin. + properties: + driver: + description: Driver is the name of + the driver to use for this volume. + type: string + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". The default + filesystem depends on FlexVolume + script. + type: string + options: + additionalProperties: + type: string + description: 'Optional: Extra command + options if any.' + type: object + readOnly: + description: 'Optional: Defaults to + false (read/write). ReadOnly here + will force the ReadOnly setting + in VolumeMounts.' + type: boolean + secretRef: + description: 'Optional: SecretRef + is reference to the secret object + containing sensitive information + to pass to the plugin scripts. This + may be empty if no secret object + is specified. If the secret object + contains more than one secret, all + secrets are passed to the plugin + scripts.' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + required: + - driver + type: object + flocker: + description: Flocker represents a Flocker + volume attached to a kubelet's host + machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: Name of the dataset stored + as metadata -> name on the dataset + for Flocker should be considered + as deprecated + type: string + datasetUUID: + description: UUID of the dataset. + This is unique identifier of a Flocker + dataset + type: string + type: object + gcePersistentDisk: + description: 'GCEPersistentDisk represents + a GCE Disk resource that is attached + to a kubelet''s host machine and then + exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'Filesystem type of the + volume that you want to mount. Tip: + Ensure that the filesystem type + is supported by the host operating + system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be + "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in + the filesystem from compromising + the machine' + type: string + partition: + description: 'The partition in the + volume that you want to mount. If + omitted, the default is to mount + by volume name. Examples: For volume + /dev/sda1, you specify the partition + as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can + leave the property empty). More + info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'Unique name of the PD + resource in GCE. Used to identify + the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'ReadOnly here will force + the ReadOnly setting in VolumeMounts. + Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'GitRepo represents a git + repository at a particular revision. + DEPRECATED: GitRepo is deprecated. To + provision a container with a git repo, + mount an EmptyDir into an InitContainer + that clones the repo using git, then + mount the EmptyDir into the Pod''s container.' + properties: + directory: + description: Target directory name. + Must not contain or start with '..'. If + '.' is supplied, the volume directory + will be the git repository. Otherwise, + if specified, the volume will contain + the git repository in the subdirectory + with the given name. + type: string + repository: + description: Repository URL + type: string + revision: + description: Commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'Glusterfs represents a Glusterfs + mount on the host that shares a pod''s + lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'EndpointsName is the + endpoint name that details Glusterfs + topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'Path is the Glusterfs + volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'ReadOnly here will force + the Glusterfs volume to be mounted + with read-only permissions. Defaults + to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'HostPath represents a pre-existing + file or directory on the host machine + that is directly exposed to the container. + This is generally used for system agents + or other privileged things that are + allowed to see the host machine. Most + containers will NOT need this. More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict + who can use host directory mounts and + who can/can not mount host directories + as read/write.' + properties: + path: + description: 'Path of the directory + on the host. If the path is a symlink, + it will follow the link to the real + path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'Type for HostPath Volume + Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'ISCSI represents an ISCSI + Disk resource that is attached to a + kubelet''s host machine and then exposed + to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: whether support iSCSI + Discovery CHAP authentication + type: boolean + chapAuthSession: + description: whether support iSCSI + Session CHAP authentication + type: boolean + fsType: + description: 'Filesystem type of the + volume that you want to mount. Tip: + Ensure that the filesystem type + is supported by the host operating + system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be + "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in + the filesystem from compromising + the machine' + type: string + initiatorName: + description: Custom iSCSI Initiator + Name. If initiatorName is specified + with iscsiInterface simultaneously, + new iSCSI interface : will be created for the connection. + type: string + iqn: + description: Target iSCSI Qualified + Name. + type: string + iscsiInterface: + description: iSCSI Interface Name + that uses an iSCSI transport. Defaults + to 'default' (tcp). + type: string + lun: + description: iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: iSCSI Target Portal List. + The portal is either an IP or ip_addr:port + if the port is other than default + (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: ReadOnly here will force + the ReadOnly setting in VolumeMounts. + Defaults to false. + type: boolean + secretRef: + description: CHAP Secret for iSCSI + target and initiator authentication + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + targetPortal: + description: iSCSI Target Portal. + The Portal is either an IP or ip_addr:port + if the port is other than default + (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'Volume''s name. Must be + a DNS_LABEL and unique within the pod. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'NFS represents an NFS mount + on the host that shares a pod''s lifetime + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'Path that is exported + by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'ReadOnly here will force + the NFS export to be mounted with + read-only permissions. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'Server is the hostname + or IP address of the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'PersistentVolumeClaimVolumeSource + represents a reference to a PersistentVolumeClaim + in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'ClaimName is the name + of a PersistentVolumeClaim in the + same namespace as the pod using + this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: Will force the ReadOnly + setting in VolumeMounts. Default + false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: PhotonPersistentDisk represents + a PhotonController persistent disk attached + and mounted on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + pdID: + description: ID that identifies Photon + Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: PortworxVolume represents + a portworx volume attached and mounted + on kubelets host machine + properties: + fsType: + description: FSType represents the + filesystem type to mount Must be + a filesystem type supported by the + host operating system. Ex. "ext4", + "xfs". Implicitly inferred to be + "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + volumeID: + description: VolumeID uniquely identifies + a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: Items for all in one resources + secrets, configmaps, and downward API + properties: + defaultMode: + description: Mode bits to use on created + files by default. Must be a value + between 0 and 0777. Directories + within the path are not affected + by this setting. This might be in + conflict with other options that + affect the file mode, like fsGroup, + and the result can be other mode + bits set. + format: int32 + type: integer + sources: + description: list of volume projections + items: + description: Projection that may + be projected along with other + supported volume types + properties: + configMap: + description: information about + the configMap data to project + properties: + items: + description: If unspecified, + each key-value pair in + the Data field of the + referenced ConfigMap will + be projected into the + volume as a file whose + name is the key and content + is the value. If specified, + the listed keys will be + projected into the specified + paths, and unlisted keys + will not be present. If + a key is specified which + is not present in the + ConfigMap, the volume + setup will error unless + it is marked optional. + Paths must be relative + and may not contain the + '..' path or start with + '..'. + items: + description: Maps a string + key to a path within + a volume. + properties: + key: + description: The key + to project. + type: string + mode: + description: 'Optional: + mode bits to use + on this file, must + be a value between + 0 and 0777. If not + specified, the volume + defaultMode will + be used. This might + be in conflict with + other options that + affect the file + mode, like fsGroup, + and the result can + be other mode bits + set.' + format: int32 + type: integer + path: + description: The relative + path of the file + to map the key to. + May not be an absolute + path. May not contain + the path element + '..'. May not start + with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its keys + must be defined + type: boolean + type: object + downwardAPI: + description: information about + the downwardAPI data to project + properties: + items: + description: Items is a + list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile + represents information + to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: + Selects a field + of the pod: only + annotations, labels, + name and namespace + are supported.' + properties: + apiVersion: + description: Version + of the schema + the FieldPath + is written in + terms of, defaults + to "v1". + type: string + fieldPath: + description: Path + of the field + to select in + the specified + API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: + mode bits to use + on this file, must + be a value between + 0 and 0777. If not + specified, the volume + defaultMode will + be used. This might + be in conflict with + other options that + affect the file + mode, like fsGroup, + and the result can + be other mode bits + set.' + format: int32 + type: integer + path: + description: 'Required: + Path is the relative + path name of the + file to be created. + Must not be absolute + or contain the ''..'' + path. Must be utf-8 + encoded. The first + item of the relative + path must not start + with ''..''' + type: string + resourceFieldRef: + description: 'Selects + a resource of the + container: only + resources limits + and requests (limits.cpu, + limits.memory, requests.cpu + and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container + name: required + for volumes, + optional for + env vars' + type: string + divisor: + description: Specifies + the output format + of the exposed + resources, defaults + to "1" + type: string + resource: + description: 'Required: + resource to + select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: information about + the secret data to project + properties: + items: + description: If unspecified, + each key-value pair in + the Data field of the + referenced Secret will + be projected into the + volume as a file whose + name is the key and content + is the value. If specified, + the listed keys will be + projected into the specified + paths, and unlisted keys + will not be present. If + a key is specified which + is not present in the + Secret, the volume setup + will error unless it is + marked optional. Paths + must be relative and may + not contain the '..' path + or start with '..'. + items: + description: Maps a string + key to a path within + a volume. + properties: + key: + description: The key + to project. + type: string + mode: + description: 'Optional: + mode bits to use + on this file, must + be a value between + 0 and 0777. If not + specified, the volume + defaultMode will + be used. This might + be in conflict with + other options that + affect the file + mode, like fsGroup, + and the result can + be other mode bits + set.' + format: int32 + type: integer + path: + description: The relative + path of the file + to map the key to. + May not be an absolute + path. May not contain + the path element + '..'. May not start + with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether + the Secret or its key + must be defined + type: boolean + type: object + serviceAccountToken: + description: information about + the serviceAccountToken data + to project + properties: + audience: + description: Audience is + the intended audience + of the token. A recipient + of a token must identify + itself with an identifier + specified in the audience + of the token, and otherwise + should reject the token. + The audience defaults + to the identifier of the + apiserver. + type: string + expirationSeconds: + description: ExpirationSeconds + is the requested duration + of validity of the service + account token. As the + token approaches expiration, + the kubelet volume plugin + will proactively rotate + the service account token. + The kubelet will start + trying to rotate the token + if the token is older + than 80 percent of its + time to live or if the + token is older than 24 + hours.Defaults to 1 hour + and must be at least 10 + minutes. + format: int64 + type: integer + path: + description: Path is the + path relative to the mount + point of the file to project + the token into. + type: string + required: + - path + type: object + type: object + type: array + required: + - sources + type: object + quobyte: + description: Quobyte represents a Quobyte + mount on the host that shares a pod's + lifetime + properties: + group: + description: Group to map volume access + to Default is no group + type: string + readOnly: + description: ReadOnly here will force + the Quobyte volume to be mounted + with read-only permissions. Defaults + to false. + type: boolean + registry: + description: Registry represents a + single or multiple Quobyte Registry + services specified as a string as + host:port pair (multiple entries + are separated with commas) which + acts as the central registry for + volumes + type: string + tenant: + description: Tenant owning the given + Quobyte volume in the Backend Used + with dynamically provisioned Quobyte + volumes, value is set by the plugin + type: string + user: + description: User to map volume access + to Defaults to serivceaccount user + type: string + volume: + description: Volume is a string that + references an already created Quobyte + volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'RBD represents a Rados Block + Device mount on the host that shares + a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'Filesystem type of the + volume that you want to mount. Tip: + Ensure that the filesystem type + is supported by the host operating + system. Examples: "ext4", "xfs", + "ntfs". Implicitly inferred to be + "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in + the filesystem from compromising + the machine' + type: string + image: + description: 'The rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'Keyring is the path + to key ring for RBDUser. Default + is /etc/ceph/keyring. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'A collection of Ceph + monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'The rados pool name. + Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'ReadOnly here will force + the ReadOnly setting in VolumeMounts. + Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'SecretRef is name of + the authentication secret for RBDUser. + If provided overrides keyring. Default + is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + user: + description: 'The rados user name. + Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: ScaleIO represents a ScaleIO + persistent volume attached and mounted + on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Default is + "xfs". + type: string + gateway: + description: The host address of the + ScaleIO API Gateway. + type: string + protectionDomain: + description: The name of the ScaleIO + Protection Domain for the configured + storage. + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef references + to the secret for ScaleIO user and + other sensitive information. If + this is not provided, Login operation + will fail. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + sslEnabled: + description: Flag to enable/disable + SSL communication with Gateway, + default false + type: boolean + storageMode: + description: Indicates whether the + storage for a volume should be ThickProvisioned + or ThinProvisioned. Default is ThinProvisioned. + type: string + storagePool: + description: The ScaleIO Storage Pool + associated with the protection domain. + type: string + system: + description: The name of the storage + system as configured in ScaleIO. + type: string + volumeName: + description: The name of a volume + already created in the ScaleIO system + that is associated with this volume + source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'Secret represents a secret + that should populate this volume. More + info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'Optional: mode bits + to use on created files by default. + Must be a value between 0 and 0777. + Defaults to 0644. Directories within + the path are not affected by this + setting. This might be in conflict + with other options that affect the + file mode, like fsGroup, and the + result can be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each + key-value pair in the Data field + of the referenced Secret will be + projected into the volume as a file + whose name is the key and content + is the value. If specified, the + listed keys will be projected into + the specified paths, and unlisted + keys will not be present. If a key + is specified which is not present + in the Secret, the volume setup + will error unless it is marked optional. + Paths must be relative and may not + contain the '..' path or start with + '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode + bits to use on this file, + must be a value between 0 + and 0777. If not specified, + the volume defaultMode will + be used. This might be in + conflict with other options + that affect the file mode, + like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: The relative path + of the file to map the key + to. May not be an absolute + path. May not contain the + path element '..'. May not + start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: Specify whether the Secret + or its keys must be defined + type: boolean + secretName: + description: 'Name of the secret in + the pod''s namespace to use. More + info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: StorageOS represents a StorageOS + volume attached and mounted on Kubernetes + nodes. + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef specifies the + secret to use for obtaining the + StorageOS API credentials. If not + specified, default values will be + attempted. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + type: object + volumeName: + description: VolumeName is the human-readable + name of the StorageOS volume. Volume + names are only unique within a namespace. + type: string + volumeNamespace: + description: VolumeNamespace specifies + the scope of the volume within StorageOS. If + no namespace is specified then the + Pod's namespace will be used. This + allows the Kubernetes name scoping + to be mirrored within StorageOS + for tighter integration. Set VolumeName + to any name to override the default + behaviour. Set to "default" if you + are not using namespaces within + StorageOS. Namespaces that do not + pre-exist within StorageOS will + be created. + type: string + type: object + vsphereVolume: + description: VsphereVolume represents + a vSphere volume attached and mounted + on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: Storage Policy Based + Management (SPBM) profile ID associated + with the StoragePolicyName. + type: string + storagePolicyName: + description: Storage Policy Based + Management (SPBM) profile name. + type: string + volumePath: + description: Path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + type: object + httpProbe/inputs: + type: object + required: + - url + - method + properties: + url: + type: string + minLength: 1 + insecureSkipVerify: + type: boolean + method: + type: object + minProperties: 1 + properties: + get: + type: object + required: + - criteria + - responseCode + properties: + criteria: + type: string + minLength: 1 + responseCode: + type: string + minLength: 1 + post: + type: object + required: + - criteria + - responseCode + properties: + contentType: + type: string + minLength: 1 + body: + type: string + bodyPath: + type: string + criteria: + type: string + minLength: 1 + responseCode: + type: string + minLength: 1 + promProbe/inputs: + type: object + required: + - endpoint + - comparator + properties: + endpoint: + type: string + query: + type: string + queryPath: + type: string + comparator: + type: object + required: + - criteria + - value + properties: + criteria: + type: string + value: + type: string + runProperties: + type: object + minProperties: 2 + required: + - probeTimeout + - interval + properties: + probeTimeout: + type: string + interval: + type: string + retry: + type: integer + attempt: + type: integer + probePollingInterval: + type: string + initialDelay: + type: string + verbosity: + type: string + initialDelaySeconds: + type: integer + stopOnFailure: + type: boolean + mode: + type: string + pattern: ^(SOT|EOT|Edge|Continuous|OnChaos)$ + minLength: 1 + data: + type: string + components: + x-kubernetes-preserve-unknown-fields: true + type: object + properties: + statusCheckTimeouts: + type: object + properties: + delay: + type: integer + timeout: + type: integer + nodeSelector: + type: object + additionalProperties: + type: string + properties: + key: + type: string + minLength: 1 + allowEmptyValue: false + value: + type: string + minLength: 1 + allowEmptyValue: false + experimentImage: + type: string + env: + type: array + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + metadata.labels, metadata.annotations, spec.nodeName, + spec.serviceAccountName, status.hostIP, + status.podIP.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + configMaps: + type: array + items: + type: object + properties: + name: + type: string + mountPath: + type: string + secrets: + type: array + items: + type: object + properties: + name: + type: string + mountPath: + type: string + experimentAnnotations: + type: object + additionalProperties: + type: string + properties: + key: + type: string + minLength: 1 + allowEmptyValue: false + value: + type: string + minLength: 1 + allowEmptyValue: false + tolerations: + description: Pod's tolerations. + items: + description: The pod with this Toleration tolerates any taint matches the using the matching operator . + properties: + effect: + description: Effect to match. Empty means all effects. + type: string + key: + description: Taint key the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists. + type: string + operator: + description: Operators are Exists or Equal. Defaults to Equal. + type: string + tolerationSeconds: + description: Period of time the toleration tolerates the taint. + format: int64 + type: integer + value: + description: If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: {} + conversion: + strategy: None +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: chaosexperiments.litmuschaos.io +spec: + group: litmuschaos.io + names: + kind: ChaosExperiment + listKind: ChaosExperimentList + plural: chaosexperiments + singular: chaosexperiment + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + description: + type: object + additionalProperties: + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + status: + x-kubernetes-preserve-unknown-fields: true + type: object + spec: + type: object + properties: + definition: + x-kubernetes-preserve-unknown-fields: true + type: object + properties: + args: + type: array + items: + type: string + command: + type: array + items: + type: string + env: + type: array + items: + type: object + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) + are expanded using the previous defined environment + variables in the container and any service environment + variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. + The $(VAR_NAME) syntax can be escaped with a + double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether + the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: + supports metadata.name, metadata.namespace, + metadata.labels, metadata.annotations, spec.nodeName, + spec.serviceAccountName, status.hostIP, + status.podIP.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + image: + type: string + imagePullPolicy: + type: string + labels: + type: object + additionalProperties: + type: string + scope: + type: string + pattern: ^(Namespaced|Cluster)$ + permissions: + type: array + items: + type: object + minProperties: 3 + required: + - apiGroups + - resources + - verbs + properties: + apiGroups: + type: array + items: + type: string + resources: + type: array + items: + type: string + verbs: + type: array + items: + type: string + resourceNames: + type: array + items: + type: string + nonResourceURLs: + type: array + items: + type: string + configMaps: + type: array + items: + type: object + minProperties: 2 + properties: + name: + type: string + allowEmptyValue: false + minLength: 1 + mountPath: + type: string + allowEmptyValue: false + minLength: 1 + secrets: + type: array + items: + type: object + minProperties: 2 + properties: + name: + type: string + allowEmptyValue: false + minLength: 1 + mountPath: + type: string + allowEmptyValue: false + minLength: 1 + hostFileVolumes: + type: array + items: + type: object + minProperties: 3 + properties: + name: + type: string + allowEmptyValue: false + minLength: 1 + mountPath: + type: string + allowEmptyValue: false + minLength: 1 + nodePath: + type: string + allowEmptyValue: false + minLength: 1 + securityContext: + x-kubernetes-preserve-unknown-fields: true + type: object + hostPID: + type: boolean + + served: true + storage: true + subresources: {} + conversion: + strategy: None +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: chaosresults.litmuschaos.io +spec: + group: litmuschaos.io + names: + kind: ChaosResult + listKind: ChaosResultList + plural: chaosresults + singular: chaosresult + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + type: object + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: {} + conversion: + strategy: None \ No newline at end of file From 5545dd4bf369b40be1ded75628c3a9eafdeb628c Mon Sep 17 00:00:00 2001 From: Janhavi Alekar <97527096+JanhaviAlekar@users.noreply.github.com> Date: Fri, 23 Aug 2024 11:50:08 +0530 Subject: [PATCH 10/31] fixes #4665 Invalid version details in backend. (#4666) * fix: Invalid version details in backend. Signed-off-by: JanhaviAlekar * Checking CIVersion at start Signed-off-by: JanhaviAlekar --------- Signed-off-by: JanhaviAlekar Co-authored-by: Vedant Shrotria Co-authored-by: Amit Kumar Das Co-authored-by: Namkyu Park <53862866+namkyu1999@users.noreply.github.com> --- chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go | 3 +++ .../KubernetesChaosInfrastructureUpgrade.tsx | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go b/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go index abc3a5681c5..a795ac39bb5 100644 --- a/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go +++ b/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go @@ -932,6 +932,9 @@ func fetchLatestVersion(versions map[int]string) int { // updateVersionFormat converts string array to int by removing decimal points, 1.0.0 will be returned as 100, 0.1.0 will be returned as 10, 0.0.1 will be returned as 1 func updateVersionFormat(str string) (int, error) { + if str == CIVersion { + return 0, nil + } var versionInt int versionSlice := strings.Split(str, ".") for i, val := range versionSlice { diff --git a/chaoscenter/web/src/controllers/KubernetesChaosInfrastructureUpgrade/KubernetesChaosInfrastructureUpgrade.tsx b/chaoscenter/web/src/controllers/KubernetesChaosInfrastructureUpgrade/KubernetesChaosInfrastructureUpgrade.tsx index 310f47cd602..6c3dad53c68 100644 --- a/chaoscenter/web/src/controllers/KubernetesChaosInfrastructureUpgrade/KubernetesChaosInfrastructureUpgrade.tsx +++ b/chaoscenter/web/src/controllers/KubernetesChaosInfrastructureUpgrade/KubernetesChaosInfrastructureUpgrade.tsx @@ -22,7 +22,7 @@ export default function KubernetesChaosInfrastructureUpgradeController({ ...scope, options: { skip: !isUpgradeAvailable, - onError: err => showError(err) + onError: err => showError(err.message) } }); From 4e7eb5e9170a1e5726ee3d8fa41f969b03b68833 Mon Sep 17 00:00:00 2001 From: Prashant Andoriya <121665385+andoriyaprashant@users.noreply.github.com> Date: Fri, 23 Aug 2024 11:55:26 +0530 Subject: [PATCH 11/31] e2e.yml fixed (#4696) Signed-off-by: andoriyaprashant Co-authored-by: Namkyu Park <53862866+namkyu1999@users.noreply.github.com> --- .github/workflows/e2e.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index a5097807f53..4520229b263 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -2,6 +2,7 @@ name: Litmus-CI on: issue_comment: types: [created] + push: branches: - master @@ -16,9 +17,7 @@ jobs: - uses: octokit/request-action@v2.x id: get_PR_commits with: - route: GET /repos/:repo/pulls/:pull_number/commits - repo: ${{ github.repository }} - pull_number: ${{ github.event.issue.number }} + route: GET /repos/${{ github.repository }}/pull_number/${{ github.event.issue.number }}/commits env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -217,3 +216,4 @@ jobs: - name: Deleting KinD cluster if: always() run: kind delete cluster + \ No newline at end of file From 51786f3afea2b4427d4c91c0c44682de2d0818b3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 23 Aug 2024 11:57:57 +0530 Subject: [PATCH 12/31] chore(deps): Bump github.com/99designs/gqlgen (#4708) Bumps [github.com/99designs/gqlgen](https://github.com/99designs/gqlgen) from 0.17.47 to 0.17.49. - [Release notes](https://github.com/99designs/gqlgen/releases) - [Changelog](https://github.com/99designs/gqlgen/blob/master/CHANGELOG.md) - [Commits](https://github.com/99designs/gqlgen/compare/v0.17.47...v0.17.49) --- updated-dependencies: - dependency-name: github.com/99designs/gqlgen dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- chaoscenter/graphql/server/go.mod | 8 ++++---- chaoscenter/graphql/server/go.sum | 16 ++++++++-------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/chaoscenter/graphql/server/go.mod b/chaoscenter/graphql/server/go.mod index 47ecd58ce44..4bd5002c9c5 100644 --- a/chaoscenter/graphql/server/go.mod +++ b/chaoscenter/graphql/server/go.mod @@ -3,7 +3,7 @@ module github.com/litmuschaos/litmus/chaoscenter/graphql/server go 1.22.0 require ( - github.com/99designs/gqlgen v0.17.47 + github.com/99designs/gqlgen v0.17.49 github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 github.com/argoproj/argo-workflows/v3 v3.3.5 github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32 @@ -22,7 +22,7 @@ require ( github.com/stretchr/testify v1.9.0 github.com/tidwall/gjson v1.17.1 github.com/tidwall/sjson v1.2.5 - github.com/vektah/gqlparser/v2 v2.5.12 + github.com/vektah/gqlparser/v2 v2.5.16 go.mongodb.org/mongo-driver v1.15.0 golang.org/x/crypto v0.24.0 google.golang.org/grpc v1.64.1 @@ -100,7 +100,7 @@ require ( github.com/xdg-go/stringprep v1.0.4 // indirect github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d // indirect golang.org/x/arch v0.8.0 // indirect - golang.org/x/mod v0.17.0 // indirect + golang.org/x/mod v0.18.0 // indirect golang.org/x/net v0.26.0 // indirect golang.org/x/oauth2 v0.18.0 // indirect golang.org/x/sync v0.7.0 // indirect @@ -108,7 +108,7 @@ require ( golang.org/x/term v0.21.0 // indirect golang.org/x/text v0.16.0 // indirect golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect - golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect + golang.org/x/tools v0.22.0 // indirect google.golang.org/appengine v1.6.8 // indirect google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect gopkg.in/inf.v0 v0.9.1 // indirect diff --git a/chaoscenter/graphql/server/go.sum b/chaoscenter/graphql/server/go.sum index bd159a79a2b..7f4463dee6f 100644 --- a/chaoscenter/graphql/server/go.sum +++ b/chaoscenter/graphql/server/go.sum @@ -43,8 +43,8 @@ cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9 dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -github.com/99designs/gqlgen v0.17.47 h1:M9DTK8X3+3ATNBfZlHBwMwNngn4hhZWDxNmTiuQU5tQ= -github.com/99designs/gqlgen v0.17.47/go.mod h1:ejVkldSdtmuudqmtfaiqjwlGXWAhIv0DKXGXFY25F04= +github.com/99designs/gqlgen v0.17.49 h1:b3hNGexHd33fBSAd4NDT/c3NCcQzcAVkknhN9ym36YQ= +github.com/99designs/gqlgen v0.17.49/go.mod h1:tC8YFVZMed81x7UJ7ORUwXF4Kn6SXuucFqQBhN8+BU0= github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9vkmnHYOMsOr4WLk+Vo07yKIzd94sVoIqshQ4bU= github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8= github.com/Azure/azure-sdk-for-go v32.5.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= @@ -1148,8 +1148,8 @@ github.com/valyala/fasthttp v1.2.0/go.mod h1:4vX61m6KN+xDduDNwXrhIAVZaZaZiQ1luJk github.com/valyala/quicktemplate v1.1.1/go.mod h1:EH+4AkTd43SvgIbQHYu59/cJyxDoOVRUAfrukLPuGJ4= github.com/valyala/tcplisten v0.0.0-20161114210144-ceec8f93295a/go.mod h1:v3UYOV9WzVtRmSR+PDvWpU/qWl4Wa5LApYYX4ZtKbio= github.com/vektah/gqlparser v1.1.2/go.mod h1:1ycwN7Ij5njmMkPPAOaRFY4rET2Enx7IkVv3vaXspKw= -github.com/vektah/gqlparser/v2 v2.5.12 h1:COMhVVnql6RoaF7+aTBWiTADdpLGyZWU3K/NwW0ph98= -github.com/vektah/gqlparser/v2 v2.5.12/go.mod h1:WQQjFc+I1YIzoPvZBhUQX7waZgg3pMLi0r8KymvAE2w= +github.com/vektah/gqlparser/v2 v2.5.16 h1:1gcmLTvs3JLKXckwCwlUagVn/IlV2bwqle0vJ0vy5p8= +github.com/vektah/gqlparser/v2 v2.5.16/go.mod h1:1lz1OeCqgQbQepsGxPVywrjdBHW2T08PUS3pJqepRww= github.com/vishvananda/netlink v0.0.0-20171020171820-b2de5d10e38e/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= github.com/vishvananda/netlink v1.0.0/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= github.com/vishvananda/netns v0.0.0-20171111001504-be1fbeda1936/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI= @@ -1298,8 +1298,8 @@ golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= -golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.18.0 h1:5+9lSbEzPSdWkH32vYPBwEpX8KwDbM52Ud9xBUvNlb0= +golang.org/x/mod v0.18.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20170915142106-8351a756f30f/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180112015858-5ccada7d0a7b/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -1622,8 +1622,8 @@ golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.11/go.mod h1:SgwaegtQh8clINPpECJMqnxLv9I09HLqnW3RMqW0CA4= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= +golang.org/x/tools v0.22.0 h1:gqSGLZqv+AI9lIQzniJ0nZDRG5GBPsSi+DRNHWNz6yA= +golang.org/x/tools v0.22.0/go.mod h1:aCwcsjqvq7Yqt6TNyX7QMU2enbQ/Gt0bo6krSeEri+c= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= From 5f327fc7376554a54ff378433f872cb23cec446b Mon Sep 17 00:00:00 2001 From: Prashant Andoriya <121665385+andoriyaprashant@users.noreply.github.com> Date: Fri, 23 Aug 2024 12:04:03 +0530 Subject: [PATCH 13/31] Fix Horizontal Scroll Bar in "Enable Chaos Environments" Pop-up (#4692) Signed-off-by: andoriyaprashant Co-authored-by: Saranya Jena --- chaoscenter/web/src/views/Overview/Overview.module.scss | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/chaoscenter/web/src/views/Overview/Overview.module.scss b/chaoscenter/web/src/views/Overview/Overview.module.scss index c8af477c092..93b75b79d13 100644 --- a/chaoscenter/web/src/views/Overview/Overview.module.scss +++ b/chaoscenter/web/src/views/Overview/Overview.module.scss @@ -34,6 +34,11 @@ align-items: center; width: 50%; height: 230px; + + img { + max-width: 250px; + height: 131px; + } } } From 90a8990c2ceffe6e985269f912916ef8bdf1c144 Mon Sep 17 00:00:00 2001 From: Denish Tomar <152975472+Denish3436@users.noreply.github.com> Date: Fri, 23 Aug 2024 12:14:47 +0530 Subject: [PATCH 14/31] Improved documentation with spelling and grammar corrections (#4762) Signed-off-by: Denish Tomar Co-authored-by: Saranya Jena --- mkdocs/docs/experiments/faq/install.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/mkdocs/docs/experiments/faq/install.md b/mkdocs/docs/experiments/faq/install.md index 6b99ac13af3..6dd89eec7af 100644 --- a/mkdocs/docs/experiments/faq/install.md +++ b/mkdocs/docs/experiments/faq/install.md @@ -28,19 +28,19 @@ hide: ### I encountered the concept of namespace and cluster scope during the installation. What is meant by the scopes, and how does it affect experiments to be performed outside or inside the litmus Namespace? -The scope of control plane (portal) installation can be tuned by the env PORTAL_SCOPE in the litmusportal-server deployment. Its value can be kept as a “namespace” if you want to provide restricted access to litmus. It is useful in strictly multi-tenant environments in which users have namespace-level permissions and need to set up their own chaos-center instances. This is also the case in certain popular SaaS environments like Okteto cloud. +The scope of control plane (portal) installation can be tuned by the env 'PORTAL_SCOPE' in the 'litmusportal-server' deployment. Its value can be kept as a “namespace” if you want to provide restricted access to litmus. It is useful in strictly multi-tenant environments in which users have namespace-level permissions and need to set up their own chaos-center instances. This is also the case in certain popular SaaS environments like Okteto cloud. -This setting can be used in combination with a flag, AGENT_SCOPE in the litmus-portal-admin-config configmap to limit the purview of the corresponding self-agent (the execution plane pods on the cluster/namespace where the control plane is installed) to the current namespace, which means the user can perform chaos experiments only in chose installation namespace. By default, both are set up for cluster-wide access, by which microservices across the cluster can be subjected to chaos. +This setting can be used in combination with a flag, 'AGENT_SCOPE' in the 'litmus-portal-admin-config' ConfigMap to limit the purview of the corresponding self-agent (the execution plane pods on the cluster/namespace where the control plane is installed) to the current namespace, which means the user can perform chaos experiments only in chosen installation namespace. By default, both are set up for cluster-wide access, by which microservices across the cluster can be subjected to chaos. -In case of external-agents, i.e., the targets being connected to the chaos-center, you can choose the agent’s scope to either cluster or namespace via a litmusctl flag (when using it in non-interactive mode) or by providing the appropriate input (in interactive mode). +In case of external-agents, i.e., the targets being connected to the chaos-center, you can choose the agent’s scope to either cluster or namespace via a 'litmusctl' flag (when using it in non-interactive mode) or by providing the appropriate input (in interactive mode). ### Does Litmus 2.0 maintain backward compatibility with Kubernetes? -Yes Litmus maintains a separate CRD manifest to support backward compatibility. +Yes, Litmus maintains a separate CRD manifest to support backward compatibility. ### Can I run LitmusChaos Outside of my Kubernetes clusters? -You can run the chaos experiments outside of the k8s cluster(as a container) which is dockerized. But other components such as chaos-operator,chaos-exporter, and runner are Kubernetes native. They require k8s cluster to run on it. +You can run the chaos experiments outside of the k8s cluster as a dockerized container. However, other components such as chaos-operator,chaos-exporter, and runner are Kubernetes native. They require k8s cluster to run on it. ### What is the minimum system requirement to run Portal and agent together? @@ -48,11 +48,11 @@ To run LitmusPortal you need to have a minimum of 1 GiB memory and 1 core of CPU ### Can I use LitmusChaos in Production? -Yes, you can use Litmuschaos in production. Litmus has a wide variety of experiments and is designed as per the principles of chaos. But, if you are new to Chaos Engineering, we would recommend you to first try Litmus on your dev environment, and then after getting the confidence, you should use it in Production. +Yes, you can use Litmuschaos in production. Litmus has a wide variety of experiments and is designed according to the principles of chaos engineering. However, if you are new to Chaos Engineering, we would recommend you to first try Litmus on your dev environment, and then after getting the confidence, you should use it in Production. ### Why should I use Litmus? What is its distinctive feature? -Litmus is a toolset to do cloud-native Chaos Engineering. Litmus provides tools to orchestrate chaos on Kubernetes to help developers and SREs find weaknesses in their application deployments. Litmus can be used to run chaos experiments initially in the staging environment and eventually in production to find bugs, vulnerabilities. Fixing the weaknesses leads to increased resilience of the system. Litmus adopts a “Kubernetes-native” approach to define chaos intent in a declarative manner via custom resources. +Litmus is a toolset for performing cloud-native Chaos Engineering. Litmus provides tools to orchestrate chaos on Kubernetes to help developers and SREs find weaknesses in their application deployments. Litmus can be used to run chaos experiments initially in the staging environment and eventually in production to find bugs and vulnerabilities. Fixing the weaknesses leads to increased resilience of the system. Litmus adopts a “Kubernetes-native” approach to define chaos intent in a declarative manner via custom resources. ### What licensing model does Litmus use? @@ -60,7 +60,7 @@ Litmus is developed under Apache License 2.0 license at the project level. Some ### What are the prerequisites to get started with Litmus? -For getting started with Litmus the only prerequisites is to have Kubernetes 1.11+ cluster. While most pod/container level experiments are supported on any Kubernetes platform, some of the infrastructure chaos experiments are supported on specific platforms. To find the list of supported platforms for an experiment, view the "Platforms" section on the sidebar in the experiment page. +To get started with Litmus, the only prerequisites is to have Kubernetes 1.11+ cluster. While most pod/container level experiments are supported on any Kubernetes platform, some of the infrastructure chaos experiments are supported on specific platforms. To find the list of supported platforms for an experiment, view the "Platforms" section on the sidebar in the experiment page. ### How to Install Litmus on the Kubernetes Cluster? From 273e1a146ca2f10154bf50036e2ce9ccf3162a68 Mon Sep 17 00:00:00 2001 From: Janhavi Alekar <97527096+JanhaviAlekar@users.noreply.github.com> Date: Fri, 23 Aug 2024 12:19:16 +0530 Subject: [PATCH 15/31] improvement in pagination component (#4832) Signed-off-by: JanhaviAlekar Co-authored-by: Namkyu Park <53862866+namkyu1999@users.noreply.github.com> Co-authored-by: Sahil --- chaoscenter/web/src/controllers/Environments/Environment.tsx | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/chaoscenter/web/src/controllers/Environments/Environment.tsx b/chaoscenter/web/src/controllers/Environments/Environment.tsx index 2abb02dfd08..3303ec29d48 100644 --- a/chaoscenter/web/src/controllers/Environments/Environment.tsx +++ b/chaoscenter/web/src/controllers/Environments/Environment.tsx @@ -64,8 +64,9 @@ const EnvironmentController: React.FC = () => { itemCount: totalEnvironments ?? 0, pageCount: totalEnvironments ? Math.ceil(totalEnvironments / limit) : 1, pageIndex: page, - pageSizeOptions: [...new Set([15, 30, limit])].sort(), + pageSizeOptions: [...new Set([5, 10, 15, 30, limit])].sort(), pageSize: limit, + showPagination: true, onPageSizeChange: event => setLimit(event) } }; From 938544c7cce4a418df98f29b76ec0f31840e553c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 23 Aug 2024 12:20:07 +0530 Subject: [PATCH 16/31] chore(deps): Bump golang.org/x/crypto in /chaoscenter/authentication (#4813) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.25.0 to 0.26.0. - [Commits](https://github.com/golang/crypto/compare/v0.25.0...v0.26.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- chaoscenter/authentication/go.mod | 8 ++++---- chaoscenter/authentication/go.sum | 16 ++++++++-------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/chaoscenter/authentication/go.mod b/chaoscenter/authentication/go.mod index 93f0224f064..91323498452 100644 --- a/chaoscenter/authentication/go.mod +++ b/chaoscenter/authentication/go.mod @@ -13,7 +13,7 @@ require ( github.com/stretchr/testify v1.9.0 github.com/swaggo/swag v1.16.3 go.mongodb.org/mongo-driver v1.15.1 - golang.org/x/crypto v0.25.0 + golang.org/x/crypto v0.26.0 golang.org/x/oauth2 v0.20.0 google.golang.org/grpc v1.65.0 google.golang.org/protobuf v1.34.2 @@ -59,9 +59,9 @@ require ( github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d // indirect golang.org/x/arch v0.8.0 // indirect golang.org/x/net v0.25.0 // indirect - golang.org/x/sync v0.7.0 // indirect - golang.org/x/sys v0.22.0 // indirect - golang.org/x/text v0.16.0 // indirect + golang.org/x/sync v0.8.0 // indirect + golang.org/x/sys v0.23.0 // indirect + golang.org/x/text v0.17.0 // indirect golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240528184218-531527333157 // indirect gopkg.in/square/go-jose.v2 v2.6.0 // indirect diff --git a/chaoscenter/authentication/go.sum b/chaoscenter/authentication/go.sum index cf461a3ba2f..a4a9143f261 100644 --- a/chaoscenter/authentication/go.sum +++ b/chaoscenter/authentication/go.sum @@ -126,8 +126,8 @@ golang.org/x/arch v0.8.0 h1:3wRIsP3pM4yUptoR96otTUOXI367OS0+c9eeRi9doIc= golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30= -golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M= +golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw= +golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= @@ -145,8 +145,8 @@ golang.org/x/oauth2 v0.20.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbht golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= -golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= +golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -156,16 +156,16 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= -golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM= +golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= -golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= -golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= +golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc= +golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= From bf3039e902cdb585d939500fd616e5c214754151 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 23 Aug 2024 12:21:36 +0530 Subject: [PATCH 17/31] chore(deps): Bump go.mongodb.org/mongo-driver (#4817) Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.15.0 to 1.16.1. - [Release notes](https://github.com/mongodb/mongo-go-driver/releases) - [Commits](https://github.com/mongodb/mongo-go-driver/compare/v1.15.0...v1.16.1) --- updated-dependencies: - dependency-name: go.mongodb.org/mongo-driver dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- chaoscenter/graphql/server/go.mod | 6 +++--- chaoscenter/graphql/server/go.sum | 11 ++++++----- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/chaoscenter/graphql/server/go.mod b/chaoscenter/graphql/server/go.mod index 4bd5002c9c5..2bd2910eb44 100644 --- a/chaoscenter/graphql/server/go.mod +++ b/chaoscenter/graphql/server/go.mod @@ -23,7 +23,7 @@ require ( github.com/tidwall/gjson v1.17.1 github.com/tidwall/sjson v1.2.5 github.com/vektah/gqlparser/v2 v2.5.16 - go.mongodb.org/mongo-driver v1.15.0 + go.mongodb.org/mongo-driver v1.16.1 golang.org/x/crypto v0.24.0 google.golang.org/grpc v1.64.1 google.golang.org/protobuf v1.34.2 @@ -65,7 +65,7 @@ require ( github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.4 // indirect - github.com/golang/snappy v0.0.1 // indirect + github.com/golang/snappy v0.0.4 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/grpc-ecosystem/grpc-gateway v1.16.0 // indirect @@ -82,7 +82,7 @@ require ( github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect - github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe // indirect + github.com/montanaflynn/stats v0.7.1 // indirect github.com/pelletier/go-toml/v2 v2.2.2 // indirect github.com/pjbgf/sha1cd v0.3.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect diff --git a/chaoscenter/graphql/server/go.sum b/chaoscenter/graphql/server/go.sum index 7f4463dee6f..8aff530921c 100644 --- a/chaoscenter/graphql/server/go.sum +++ b/chaoscenter/graphql/server/go.sum @@ -544,8 +544,9 @@ github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/golang/snappy v0.0.0-20170215233205-553a64147049/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/golang/snappy v0.0.1 h1:Qgr9rKW7uDUkrbSmQeiDsGa8SjGyCOGtuasMWwvp2P4= github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= +github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golangci/check v0.0.0-20180506172741-cfe4005ccda2/go.mod h1:k9Qvh+8juN+UKMCS/3jFtGICgW8O96FVaZsaxdzDkR4= github.com/golangci/dupl v0.0.0-20180902072040-3e9179ac440a/go.mod h1:ryS0uhF+x9jgbj/N71xsEqODy9BN81/GonCZiOzirOk= github.com/golangci/errcheck v0.0.0-20181223084120-ef45e06d44b6/go.mod h1:DbHgvLiFKX1Sh2T1w8Q/h4NAI8MHIpzCdnBUDTXU3I0= @@ -873,8 +874,8 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/mohae/deepcopy v0.0.0-20170603005431-491d3605edfb/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4= -github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe h1:iruDEfMl2E6fbMZ9s0scYfZQ84/6SPL6zC8ACM2oIL0= -github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc= +github.com/montanaflynn/stats v0.7.1 h1:etflOAAHORrCC44V+aR6Ftzort912ZU+YLiSTuV8eaE= +github.com/montanaflynn/stats v0.7.1/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow= github.com/morikuni/aec v0.0.0-20170113033406-39771216ff4c/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= github.com/mozilla/tls-observatory v0.0.0-20180409132520-8791a200eb40/go.mod h1:SrKMQvPiws7F7iqYp8/TX+IhxCYhzr6N/1yb8cwHsGk= github.com/mrunalp/fileutils v0.0.0-20160930181131-4ee1cc9a8058/go.mod h1:x8F1gnqOkIEiO4rqoeEEEqQbo7HjGMTvyoq3gej4iT0= @@ -1198,8 +1199,8 @@ go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qL go.mongodb.org/mongo-driver v1.1.0/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= go.mongodb.org/mongo-driver v1.1.2/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= -go.mongodb.org/mongo-driver v1.15.0 h1:rJCKC8eEliewXjZGf0ddURtl7tTVy1TK3bfl0gkUSLc= -go.mongodb.org/mongo-driver v1.15.0/go.mod h1:Vzb0Mk/pa7e6cWw85R4F/endUC3u0U9jGcNU603k65c= +go.mongodb.org/mongo-driver v1.16.1 h1:rIVLL3q0IHM39dvE+z2ulZLp9ENZKThVfuvN/IiN4l8= +go.mongodb.org/mongo-driver v1.16.1/go.mod h1:oB6AhJQvFQL4LEHyXi6aJzQJtBiTQHiAd83l0GdFaiw= go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= From 4f91bc3761e315dc90f7e0daf7b831346995bef5 Mon Sep 17 00:00:00 2001 From: Baalekshan <69910615+Baalekshan@users.noreply.github.com> Date: Fri, 23 Aug 2024 12:24:58 +0530 Subject: [PATCH 18/31] Allow older infras to connect with chaos centre (#4823) Signed-off-by: Baalekshan --- .../graphql/server/pkg/chaos_infrastructure/service.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go b/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go index a795ac39bb5..4548e081615 100644 --- a/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go +++ b/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go @@ -1074,8 +1074,8 @@ func (in *infraService) VerifyInfra(identity model.InfraIdentity) (*dbChaosInfra } else { splitCPVersion := strings.Split(currentVersion, ".") splitSubVersion := strings.Split(identity.Version, ".") - if len(splitSubVersion) != 3 || splitSubVersion[0] != splitCPVersion[0] || splitSubVersion[1] != splitCPVersion[1] { - return nil, fmt.Errorf("ERROR: infra VERSION MISMATCH (need %v.%v.x got %v)", splitCPVersion[0], splitCPVersion[1], identity.Version) + if len(splitSubVersion) != 3 || splitSubVersion[0] != splitCPVersion[0] { + return nil, fmt.Errorf("ERROR: infra VERSION MISMATCH (need %v.x.x got %v)", splitCPVersion[0], identity.Version) } } infra, err := in.infraOperator.GetInfra(identity.InfraID) From 21054692c5f3dac05771d4b5e60b845cb8000ef2 Mon Sep 17 00:00:00 2001 From: Suyeon Jung <103499565+suyeon-jung-dev@users.noreply.github.com> Date: Fri, 23 Aug 2024 15:57:26 +0900 Subject: [PATCH 19/31] fix: Correct swagger.json file versions (#4838) Signed-off-by: Suyeon Jung --- mkdocs/docs/auth/v3.0.0/auth-api.json | 2 +- mkdocs/docs/auth/v3.9.0/auth-api.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/mkdocs/docs/auth/v3.0.0/auth-api.json b/mkdocs/docs/auth/v3.0.0/auth-api.json index 896ee957003..737a5b20613 100644 --- a/mkdocs/docs/auth/v3.0.0/auth-api.json +++ b/mkdocs/docs/auth/v3.0.0/auth-api.json @@ -4,7 +4,7 @@ "schemes": ["https", "http"], "info": { "title": "Litmus Portal Authentication API", - "version": "2.7.0", + "version": "3.0.0", "description": "Litmus Portal Authentication APIs are used to authenticate the identity of a user and to perform several user-specific tasks like:\n
  • Update Profile
  • \n
  • Change Password
  • \n
  • Reset Password
  • \n
  • Create new users etc.
  • \n" }, "paths": { diff --git a/mkdocs/docs/auth/v3.9.0/auth-api.json b/mkdocs/docs/auth/v3.9.0/auth-api.json index 792b86e92c7..272de059a13 100644 --- a/mkdocs/docs/auth/v3.9.0/auth-api.json +++ b/mkdocs/docs/auth/v3.9.0/auth-api.json @@ -7,7 +7,7 @@ ], "info": { "title": "Litmus Portal Authentication API", - "version": "2.7.0", + "version": "3.9.0", "description": "Litmus Portal Authentication APIs are used to authenticate the identity of a user and to perform several user-specific tasks like:\n
  • Update Profile
  • \n
  • Change Password
  • \n
  • Reset Password
  • \n
  • Create new users etc.
  • \n" }, "paths": { From 37fae3a4577ef80fb7d8ab26b67fd6059b75c702 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 23 Aug 2024 13:11:14 +0530 Subject: [PATCH 20/31] chore(deps): Bump go.mongodb.org/mongo-driver (#4818) Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.15.1 to 1.16.1. - [Release notes](https://github.com/mongodb/mongo-go-driver/releases) - [Commits](https://github.com/mongodb/mongo-go-driver/compare/v1.15.1...v1.16.1) --- updated-dependencies: - dependency-name: go.mongodb.org/mongo-driver dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Saranya Jena --- chaoscenter/authentication/go.mod | 6 +++--- chaoscenter/authentication/go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/chaoscenter/authentication/go.mod b/chaoscenter/authentication/go.mod index 91323498452..d7cbc1c578a 100644 --- a/chaoscenter/authentication/go.mod +++ b/chaoscenter/authentication/go.mod @@ -12,7 +12,7 @@ require ( github.com/sirupsen/logrus v1.9.3 github.com/stretchr/testify v1.9.0 github.com/swaggo/swag v1.16.3 - go.mongodb.org/mongo-driver v1.15.1 + go.mongodb.org/mongo-driver v1.16.1 golang.org/x/crypto v0.26.0 golang.org/x/oauth2 v0.20.0 google.golang.org/grpc v1.65.0 @@ -36,7 +36,7 @@ require ( github.com/go-playground/universal-translator v0.18.1 // indirect github.com/go-playground/validator/v10 v10.20.0 // indirect github.com/goccy/go-json v0.10.2 // indirect - github.com/golang/snappy v0.0.1 // indirect + github.com/golang/snappy v0.0.4 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/klauspost/compress v1.17.0 // indirect @@ -46,7 +46,7 @@ require ( github.com/mattn/go-isatty v0.0.20 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect - github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe // indirect + github.com/montanaflynn/stats v0.7.1 // indirect github.com/pelletier/go-toml/v2 v2.2.2 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/rogpeppe/go-internal v1.12.0 // indirect diff --git a/chaoscenter/authentication/go.sum b/chaoscenter/authentication/go.sum index a4a9143f261..57b860264b0 100644 --- a/chaoscenter/authentication/go.sum +++ b/chaoscenter/authentication/go.sum @@ -44,8 +44,8 @@ github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzq github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/golang/snappy v0.0.1 h1:Qgr9rKW7uDUkrbSmQeiDsGa8SjGyCOGtuasMWwvp2P4= -github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= +github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= @@ -79,8 +79,8 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= -github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe h1:iruDEfMl2E6fbMZ9s0scYfZQ84/6SPL6zC8ACM2oIL0= -github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc= +github.com/montanaflynn/stats v0.7.1 h1:etflOAAHORrCC44V+aR6Ftzort912ZU+YLiSTuV8eaE= +github.com/montanaflynn/stats v0.7.1/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow= github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM= github.com/pelletier/go-toml/v2 v2.2.2/go.mod h1:1t835xjRzz80PqgE6HHgN2JOsmgYu/h4qDAS4n929Rs= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -119,8 +119,8 @@ github.com/xdg-go/stringprep v1.0.4/go.mod h1:mPGuuIYwz7CmR2bT9j4GbQqutWS1zV24gi github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d h1:splanxYIlg+5LfHAM6xpdFEAYOk8iySO56hMFq6uLyA= github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -go.mongodb.org/mongo-driver v1.15.1 h1:l+RvoUOoMXFmADTLfYDm7On9dRm7p4T80/lEQM+r7HU= -go.mongodb.org/mongo-driver v1.15.1/go.mod h1:Vzb0Mk/pa7e6cWw85R4F/endUC3u0U9jGcNU603k65c= +go.mongodb.org/mongo-driver v1.16.1 h1:rIVLL3q0IHM39dvE+z2ulZLp9ENZKThVfuvN/IiN4l8= +go.mongodb.org/mongo-driver v1.16.1/go.mod h1:oB6AhJQvFQL4LEHyXi6aJzQJtBiTQHiAd83l0GdFaiw= golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= golang.org/x/arch v0.8.0 h1:3wRIsP3pM4yUptoR96otTUOXI367OS0+c9eeRi9doIc= golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys= From 5232f497390a0b945fcbf86bec6a598ee6efa694 Mon Sep 17 00:00:00 2001 From: hursit Date: Wed, 4 Sep 2024 09:14:45 +0300 Subject: [PATCH 21/31] Create wingie-enuygun.md (#4861) Signed-off-by: hursit --- adopters/organizations/wingie-enuygun.md | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 adopters/organizations/wingie-enuygun.md diff --git a/adopters/organizations/wingie-enuygun.md b/adopters/organizations/wingie-enuygun.md new file mode 100644 index 00000000000..7a6c1ed2f1c --- /dev/null +++ b/adopters/organizations/wingie-enuygun.md @@ -0,0 +1,11 @@ +# Wingie Enuygun Company +[Wingie Enuygun Company](https://www.wingie.com/) is a leading travel and technology company providing seamless travel solutions across various platforms. + +## Why do we use Litmus +We use Litmus to identify bottlenecks in our systems, detect issues early, and foresee potential errors. This allows us to take proactive measures and maintain the resilience and performance of our infrastructure. + +## How do we use Litmus +Litmus is integrated into our QA cycles, where it plays a crucial role in catching bugs and verifying the overall resilience of our systems. + +## Benefits in using Litmus +Litmus chaos experiments are straightforward to implement and can be easily customized or extended to meet our specific requirements, enabling us to effectively manage and optimize our systems at Wingie Enuygun. From 804a4e96bc73b88ef6becf80dbe4bb8977749098 Mon Sep 17 00:00:00 2001 From: Janhavi Alekar <97527096+JanhaviAlekar@users.noreply.github.com> Date: Fri, 6 Sep 2024 11:47:18 +0530 Subject: [PATCH 22/31] Changed schema chaoshub (#4842) Signed-off-by: JanhaviAlekar --- .../definitions/shared/chaoshub.graphqls | 24 +++ .../server/graph/generated/generated.go | 186 +++++++++++++++++- .../graphql/server/graph/model/models_gen.go | 12 ++ .../server/pkg/chaoshub/models_factory.go | 1 + .../graphql/server/pkg/chaoshub/service.go | 21 +- .../pkg/database/mongodb/chaos_hub/schema.go | 2 + 6 files changed, 238 insertions(+), 8 deletions(-) diff --git a/chaoscenter/graphql/definitions/shared/chaoshub.graphqls b/chaoscenter/graphql/definitions/shared/chaoshub.graphqls index 952ee98cf19..12f1cafb2f7 100644 --- a/chaoscenter/graphql/definitions/shared/chaoshub.graphqls +++ b/chaoscenter/graphql/definitions/shared/chaoshub.graphqls @@ -31,6 +31,10 @@ type ChaosHub implements ResourceDetails & Audit { """ repoBranch: String! """ + Connected Hub of remote repository + """ + remoteHub: String! + """ ID of the project in which the chaos hub is present """ projectID: ID! @@ -206,6 +210,10 @@ type ChaosHubStatus implements ResourceDetails & Audit { """ repoBranch: String! """ + Connected Hub of remote repository + """ + remoteHub: String! + """ Bool value indicating whether the hub is available or not. """ isAvailable: Boolean! @@ -320,6 +328,10 @@ input CreateChaosHubRequest { """ repoBranch: String! """ + Connected Hub of remote repository + """ + remoteHub: String! + """ Bool value indicating whether the hub is private or not. """ isPrivate: Boolean! @@ -382,6 +394,10 @@ input CloningInput { """ repoURL: String! """ + Connected Hub of remote repository + """ + remoteHub: String! + """ Bool value indicating whether the hub is private or not. """ isPrivate: Boolean! @@ -426,6 +442,10 @@ input CreateRemoteChaosHub { URL of the git repository """ repoURL: String! + """ + Connected Hub of remote repository + """ + remoteHub: String! } @@ -455,6 +475,10 @@ input UpdateChaosHubRequest { """ repoBranch: String! """ + Connected Hub of remote repository + """ + remoteHub: String! + """ Bool value indicating whether the hub is private or not. """ isPrivate: Boolean! diff --git a/chaoscenter/graphql/server/graph/generated/generated.go b/chaoscenter/graphql/server/graph/generated/generated.go index 932e018a654..a219cbcb630 100644 --- a/chaoscenter/graphql/server/graph/generated/generated.go +++ b/chaoscenter/graphql/server/graph/generated/generated.go @@ -91,6 +91,7 @@ type ComplexityRoot struct { Name func(childComplexity int) int Password func(childComplexity int) int ProjectID func(childComplexity int) int + RemoteHub func(childComplexity int) int RepoBranch func(childComplexity int) int RepoURL func(childComplexity int) int SSHPrivateKey func(childComplexity int) int @@ -115,6 +116,7 @@ type ComplexityRoot struct { LastSyncedAt func(childComplexity int) int Name func(childComplexity int) int Password func(childComplexity int) int + RemoteHub func(childComplexity int) int RepoBranch func(childComplexity int) int RepoURL func(childComplexity int) int SSHPrivateKey func(childComplexity int) int @@ -1031,6 +1033,13 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in return e.complexity.ChaosHub.ProjectID(childComplexity), true + case "ChaosHub.remoteHub": + if e.complexity.ChaosHub.RemoteHub == nil { + break + } + + return e.complexity.ChaosHub.RemoteHub(childComplexity), true + case "ChaosHub.repoBranch": if e.complexity.ChaosHub.RepoBranch == nil { break @@ -1178,6 +1187,13 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in return e.complexity.ChaosHubStatus.Password(childComplexity), true + case "ChaosHubStatus.remoteHub": + if e.complexity.ChaosHubStatus.RemoteHub == nil { + break + } + + return e.complexity.ChaosHubStatus.RemoteHub(childComplexity), true + case "ChaosHubStatus.repoBranch": if e.complexity.ChaosHubStatus.RepoBranch == nil { break @@ -6022,6 +6038,10 @@ type ChaosHub implements ResourceDetails & Audit { """ repoBranch: String! """ + Connected Hub of remote repository + """ + remoteHub: String! + """ ID of the project in which the chaos hub is present """ projectID: ID! @@ -6197,6 +6217,10 @@ type ChaosHubStatus implements ResourceDetails & Audit { """ repoBranch: String! """ + Connected Hub of remote repository + """ + remoteHub: String! + """ Bool value indicating whether the hub is available or not. """ isAvailable: Boolean! @@ -6311,6 +6335,10 @@ input CreateChaosHubRequest { """ repoBranch: String! """ + Connected Hub of remote repository + """ + remoteHub: String! + """ Bool value indicating whether the hub is private or not. """ isPrivate: Boolean! @@ -6373,6 +6401,10 @@ input CloningInput { """ repoURL: String! """ + Connected Hub of remote repository + """ + remoteHub: String! + """ Bool value indicating whether the hub is private or not. """ isPrivate: Boolean! @@ -6417,6 +6449,10 @@ input CreateRemoteChaosHub { URL of the git repository """ repoURL: String! + """ + Connected Hub of remote repository + """ + remoteHub: String! } @@ -6446,6 +6482,10 @@ input UpdateChaosHubRequest { """ repoBranch: String! """ + Connected Hub of remote repository + """ + remoteHub: String! + """ Bool value indicating whether the hub is private or not. """ isPrivate: Boolean! @@ -10759,6 +10799,50 @@ func (ec *executionContext) fieldContext_ChaosHub_repoBranch(ctx context.Context return fc, nil } +func (ec *executionContext) _ChaosHub_remoteHub(ctx context.Context, field graphql.CollectedField, obj *model.ChaosHub) (ret graphql.Marshaler) { + fc, err := ec.fieldContext_ChaosHub_remoteHub(ctx, field) + if err != nil { + return graphql.Null + } + ctx = graphql.WithFieldContext(ctx, fc) + defer func() { + if r := recover(); r != nil { + ec.Error(ctx, ec.Recover(ctx, r)) + ret = graphql.Null + } + }() + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + ctx = rctx // use context from middleware stack in children + return obj.RemoteHub, nil + }) + if err != nil { + ec.Error(ctx, err) + return graphql.Null + } + if resTmp == nil { + if !graphql.HasFieldError(ctx, fc) { + ec.Errorf(ctx, "must not be null") + } + return graphql.Null + } + res := resTmp.(string) + fc.Result = res + return ec.marshalNString2string(ctx, field.Selections, res) +} + +func (ec *executionContext) fieldContext_ChaosHub_remoteHub(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) { + fc = &graphql.FieldContext{ + Object: "ChaosHub", + Field: field, + IsMethod: false, + IsResolver: false, + Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) { + return nil, errors.New("field of type String does not have child fields") + }, + } + return fc, nil +} + func (ec *executionContext) _ChaosHub_projectID(ctx context.Context, field graphql.CollectedField, obj *model.ChaosHub) (ret graphql.Marshaler) { fc, err := ec.fieldContext_ChaosHub_projectID(ctx, field) if err != nil { @@ -11675,6 +11759,50 @@ func (ec *executionContext) fieldContext_ChaosHubStatus_repoBranch(ctx context.C return fc, nil } +func (ec *executionContext) _ChaosHubStatus_remoteHub(ctx context.Context, field graphql.CollectedField, obj *model.ChaosHubStatus) (ret graphql.Marshaler) { + fc, err := ec.fieldContext_ChaosHubStatus_remoteHub(ctx, field) + if err != nil { + return graphql.Null + } + ctx = graphql.WithFieldContext(ctx, fc) + defer func() { + if r := recover(); r != nil { + ec.Error(ctx, ec.Recover(ctx, r)) + ret = graphql.Null + } + }() + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + ctx = rctx // use context from middleware stack in children + return obj.RemoteHub, nil + }) + if err != nil { + ec.Error(ctx, err) + return graphql.Null + } + if resTmp == nil { + if !graphql.HasFieldError(ctx, fc) { + ec.Errorf(ctx, "must not be null") + } + return graphql.Null + } + res := resTmp.(string) + fc.Result = res + return ec.marshalNString2string(ctx, field.Selections, res) +} + +func (ec *executionContext) fieldContext_ChaosHubStatus_remoteHub(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) { + fc = &graphql.FieldContext{ + Object: "ChaosHubStatus", + Field: field, + IsMethod: false, + IsResolver: false, + Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) { + return nil, errors.New("field of type String does not have child fields") + }, + } + return fc, nil +} + func (ec *executionContext) _ChaosHubStatus_isAvailable(ctx context.Context, field graphql.CollectedField, obj *model.ChaosHubStatus) (ret graphql.Marshaler) { fc, err := ec.fieldContext_ChaosHubStatus_isAvailable(ctx, field) if err != nil { @@ -24045,6 +24173,8 @@ func (ec *executionContext) fieldContext_Mutation_addChaosHub(ctx context.Contex return ec.fieldContext_ChaosHub_repoURL(ctx, field) case "repoBranch": return ec.fieldContext_ChaosHub_repoBranch(ctx, field) + case "remoteHub": + return ec.fieldContext_ChaosHub_remoteHub(ctx, field) case "projectID": return ec.fieldContext_ChaosHub_projectID(ctx, field) case "isDefault": @@ -24164,6 +24294,8 @@ func (ec *executionContext) fieldContext_Mutation_addRemoteChaosHub(ctx context. return ec.fieldContext_ChaosHub_repoURL(ctx, field) case "repoBranch": return ec.fieldContext_ChaosHub_repoBranch(ctx, field) + case "remoteHub": + return ec.fieldContext_ChaosHub_remoteHub(ctx, field) case "projectID": return ec.fieldContext_ChaosHub_projectID(ctx, field) case "isDefault": @@ -24283,6 +24415,8 @@ func (ec *executionContext) fieldContext_Mutation_saveChaosHub(ctx context.Conte return ec.fieldContext_ChaosHub_repoURL(ctx, field) case "repoBranch": return ec.fieldContext_ChaosHub_repoBranch(ctx, field) + case "remoteHub": + return ec.fieldContext_ChaosHub_remoteHub(ctx, field) case "projectID": return ec.fieldContext_ChaosHub_projectID(ctx, field) case "isDefault": @@ -24547,6 +24681,8 @@ func (ec *executionContext) fieldContext_Mutation_updateChaosHub(ctx context.Con return ec.fieldContext_ChaosHub_repoURL(ctx, field) case "repoBranch": return ec.fieldContext_ChaosHub_repoBranch(ctx, field) + case "remoteHub": + return ec.fieldContext_ChaosHub_remoteHub(ctx, field) case "projectID": return ec.fieldContext_ChaosHub_projectID(ctx, field) case "isDefault": @@ -29227,6 +29363,8 @@ func (ec *executionContext) fieldContext_Query_listChaosHub(ctx context.Context, return ec.fieldContext_ChaosHubStatus_repoURL(ctx, field) case "repoBranch": return ec.fieldContext_ChaosHubStatus_repoBranch(ctx, field) + case "remoteHub": + return ec.fieldContext_ChaosHubStatus_remoteHub(ctx, field) case "isAvailable": return ec.fieldContext_ChaosHubStatus_isAvailable(ctx, field) case "totalFaults": @@ -29352,6 +29490,8 @@ func (ec *executionContext) fieldContext_Query_getChaosHub(ctx context.Context, return ec.fieldContext_ChaosHubStatus_repoURL(ctx, field) case "repoBranch": return ec.fieldContext_ChaosHubStatus_repoBranch(ctx, field) + case "remoteHub": + return ec.fieldContext_ChaosHubStatus_remoteHub(ctx, field) case "isAvailable": return ec.fieldContext_ChaosHubStatus_isAvailable(ctx, field) case "totalFaults": @@ -35136,7 +35276,7 @@ func (ec *executionContext) unmarshalInputCloningInput(ctx context.Context, obj asMap[k] = v } - fieldsInOrder := [...]string{"name", "repoBranch", "repoURL", "isPrivate", "authType", "token", "userName", "password", "sshPrivateKey", "isDefault"} + fieldsInOrder := [...]string{"name", "repoBranch", "repoURL", "remoteHub", "isPrivate", "authType", "token", "userName", "password", "sshPrivateKey", "isDefault"} for _, k := range fieldsInOrder { v, ok := asMap[k] if !ok { @@ -35164,6 +35304,13 @@ func (ec *executionContext) unmarshalInputCloningInput(ctx context.Context, obj return it, err } it.RepoURL = data + case "remoteHub": + ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("remoteHub")) + data, err := ec.unmarshalNString2string(ctx, v) + if err != nil { + return it, err + } + it.RemoteHub = data case "isPrivate": ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("isPrivate")) data, err := ec.unmarshalNBoolean2bool(ctx, v) @@ -35267,7 +35414,7 @@ func (ec *executionContext) unmarshalInputCreateChaosHubRequest(ctx context.Cont asMap[k] = v } - fieldsInOrder := [...]string{"name", "tags", "description", "repoURL", "repoBranch", "isPrivate", "authType", "token", "userName", "password", "sshPrivateKey", "sshPublicKey"} + fieldsInOrder := [...]string{"name", "tags", "description", "repoURL", "repoBranch", "remoteHub", "isPrivate", "authType", "token", "userName", "password", "sshPrivateKey", "sshPublicKey"} for _, k := range fieldsInOrder { v, ok := asMap[k] if !ok { @@ -35309,6 +35456,13 @@ func (ec *executionContext) unmarshalInputCreateChaosHubRequest(ctx context.Cont return it, err } it.RepoBranch = data + case "remoteHub": + ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("remoteHub")) + data, err := ec.unmarshalNString2string(ctx, v) + if err != nil { + return it, err + } + it.RemoteHub = data case "isPrivate": ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("isPrivate")) data, err := ec.unmarshalNBoolean2bool(ctx, v) @@ -35426,7 +35580,7 @@ func (ec *executionContext) unmarshalInputCreateRemoteChaosHub(ctx context.Conte asMap[k] = v } - fieldsInOrder := [...]string{"name", "tags", "description", "repoURL"} + fieldsInOrder := [...]string{"name", "tags", "description", "repoURL", "remoteHub"} for _, k := range fieldsInOrder { v, ok := asMap[k] if !ok { @@ -35461,6 +35615,13 @@ func (ec *executionContext) unmarshalInputCreateRemoteChaosHub(ctx context.Conte return it, err } it.RepoURL = data + case "remoteHub": + ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("remoteHub")) + data, err := ec.unmarshalNString2string(ctx, v) + if err != nil { + return it, err + } + it.RemoteHub = data } } @@ -37822,7 +37983,7 @@ func (ec *executionContext) unmarshalInputUpdateChaosHubRequest(ctx context.Cont asMap[k] = v } - fieldsInOrder := [...]string{"id", "name", "description", "tags", "repoURL", "repoBranch", "isPrivate", "authType", "token", "userName", "password", "sshPrivateKey", "sshPublicKey"} + fieldsInOrder := [...]string{"id", "name", "description", "tags", "repoURL", "repoBranch", "remoteHub", "isPrivate", "authType", "token", "userName", "password", "sshPrivateKey", "sshPublicKey"} for _, k := range fieldsInOrder { v, ok := asMap[k] if !ok { @@ -37871,6 +38032,13 @@ func (ec *executionContext) unmarshalInputUpdateChaosHubRequest(ctx context.Cont return it, err } it.RepoBranch = data + case "remoteHub": + ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("remoteHub")) + data, err := ec.unmarshalNString2string(ctx, v) + if err != nil { + return it, err + } + it.RemoteHub = data case "isPrivate": ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("isPrivate")) data, err := ec.unmarshalNBoolean2bool(ctx, v) @@ -38438,6 +38606,11 @@ func (ec *executionContext) _ChaosHub(ctx context.Context, sel ast.SelectionSet, if out.Values[i] == graphql.Null { out.Invalids++ } + case "remoteHub": + out.Values[i] = ec._ChaosHub_remoteHub(ctx, field, obj) + if out.Values[i] == graphql.Null { + out.Invalids++ + } case "projectID": out.Values[i] = ec._ChaosHub_projectID(ctx, field, obj) if out.Values[i] == graphql.Null { @@ -38553,6 +38726,11 @@ func (ec *executionContext) _ChaosHubStatus(ctx context.Context, sel ast.Selecti if out.Values[i] == graphql.Null { out.Invalids++ } + case "remoteHub": + out.Values[i] = ec._ChaosHubStatus_remoteHub(ctx, field, obj) + if out.Values[i] == graphql.Null { + out.Invalids++ + } case "isAvailable": out.Values[i] = ec._ChaosHubStatus_isAvailable(ctx, field, obj) if out.Values[i] == graphql.Null { diff --git a/chaoscenter/graphql/server/graph/model/models_gen.go b/chaoscenter/graphql/server/graph/model/models_gen.go index b4173ea00b2..b37057af075 100644 --- a/chaoscenter/graphql/server/graph/model/models_gen.go +++ b/chaoscenter/graphql/server/graph/model/models_gen.go @@ -138,6 +138,8 @@ type ChaosHub struct { RepoURL string `json:"repoURL"` // Branch of the git repository RepoBranch string `json:"repoBranch"` + // Connected Hub of remote repository + RemoteHub string `json:"remoteHub"` // ID of the project in which the chaos hub is present ProjectID string `json:"projectID"` // Default Hub Identifier @@ -213,6 +215,8 @@ type ChaosHubStatus struct { RepoURL string `json:"repoURL"` // Branch of the git repository RepoBranch string `json:"repoBranch"` + // Connected Hub of remote repository + RemoteHub string `json:"remoteHub"` // Bool value indicating whether the hub is available or not. IsAvailable bool `json:"isAvailable"` // Total number of experiments in the hub @@ -292,6 +296,8 @@ type CloningInput struct { RepoBranch string `json:"repoBranch"` // URL of the git repository RepoURL string `json:"repoURL"` + // Connected Hub of remote repository + RemoteHub string `json:"remoteHub"` // Bool value indicating whether the hub is private or not. IsPrivate bool `json:"isPrivate"` // Type of authentication used: BASIC, SSH, TOKEN @@ -344,6 +350,8 @@ type CreateChaosHubRequest struct { RepoURL string `json:"repoURL"` // Branch of the git repository RepoBranch string `json:"repoBranch"` + // Connected Hub of remote repository + RemoteHub string `json:"remoteHub"` // Bool value indicating whether the hub is private or not. IsPrivate bool `json:"isPrivate"` // Type of authentication used: BASIC, SSH, TOKEN @@ -377,6 +385,8 @@ type CreateRemoteChaosHub struct { Description *string `json:"description,omitempty"` // URL of the git repository RepoURL string `json:"repoURL"` + // Connected Hub of remote repository + RemoteHub string `json:"remoteHub"` } // Defines the start date and end date for the filtering the data @@ -1945,6 +1955,8 @@ type UpdateChaosHubRequest struct { RepoURL string `json:"repoURL"` // Branch of the git repository RepoBranch string `json:"repoBranch"` + // Connected Hub of remote repository + RemoteHub string `json:"remoteHub"` // Bool value indicating whether the hub is private or not. IsPrivate bool `json:"isPrivate"` // Type of authentication used: BASIC, SSH, TOKEN diff --git a/chaoscenter/graphql/server/pkg/chaoshub/models_factory.go b/chaoscenter/graphql/server/pkg/chaoshub/models_factory.go index 0034aad025e..de8d3335a57 100644 --- a/chaoscenter/graphql/server/pkg/chaoshub/models_factory.go +++ b/chaoscenter/graphql/server/pkg/chaoshub/models_factory.go @@ -6,6 +6,7 @@ func NewCloningInputFrom(chaosHub model.CreateChaosHubRequest) model.CloningInpu return model.CloningInput{ RepoBranch: chaosHub.RepoBranch, RepoURL: chaosHub.RepoURL, + RemoteHub: chaosHub.RemoteHub, Name: chaosHub.Name, IsPrivate: chaosHub.IsPrivate, UserName: chaosHub.UserName, diff --git a/chaoscenter/graphql/server/pkg/chaoshub/service.go b/chaoscenter/graphql/server/pkg/chaoshub/service.go index 2c933363179..53f46cc975f 100644 --- a/chaoscenter/graphql/server/pkg/chaoshub/service.go +++ b/chaoscenter/graphql/server/pkg/chaoshub/service.go @@ -86,6 +86,7 @@ func (c *chaosHubService) AddChaosHub(ctx context.Context, chaosHub model.Create ProjectID: projectID, RepoURL: chaosHub.RepoURL, RepoBranch: chaosHub.RepoBranch, + RemoteHub: chaosHub.RemoteHub, ResourceDetails: mongodb.ResourceDetails{ Name: chaosHub.Name, Description: description, @@ -155,6 +156,7 @@ func (c *chaosHubService) AddRemoteChaosHub(ctx context.Context, chaosHub model. ProjectID: projectID, RepoURL: chaosHub.RepoURL, RepoBranch: "", + RemoteHub: chaosHub.RemoteHub, ResourceDetails: mongodb.ResourceDetails{ Name: chaosHub.Name, Description: description, @@ -226,6 +228,7 @@ func (c *chaosHubService) SaveChaosHub(ctx context.Context, chaosHub model.Creat ProjectID: projectID, RepoURL: chaosHub.RepoURL, RepoBranch: chaosHub.RepoBranch, + RemoteHub: chaosHub.RemoteHub, ResourceDetails: mongodb.ResourceDetails{ Name: chaosHub.Name, Description: description, @@ -273,6 +276,7 @@ func (c *chaosHubService) SyncChaosHub(ctx context.Context, hubID string, projec Name: chaosHub.Name, RepoURL: chaosHub.RepoURL, RepoBranch: chaosHub.RepoBranch, + RemoteHub: chaosHub.RemoteHub, IsPrivate: chaosHub.IsPrivate, UserName: chaosHub.UserName, Password: chaosHub.Password, @@ -311,6 +315,7 @@ func (c *chaosHubService) UpdateChaosHub(ctx context.Context, chaosHub model.Upd cloneHub := model.CloningInput{ RepoBranch: chaosHub.RepoBranch, RepoURL: chaosHub.RepoURL, + RemoteHub: chaosHub.RemoteHub, Name: chaosHub.Name, IsPrivate: chaosHub.IsPrivate, UserName: chaosHub.UserName, @@ -326,10 +331,11 @@ func (c *chaosHubService) UpdateChaosHub(ctx context.Context, chaosHub model.Upd } clonePath := DefaultPath + prevChaosHub.ProjectID + "/" + prevChaosHub.Name if prevChaosHub.HubType == string(model.HubTypeRemote) { - if prevChaosHub.Name != chaosHub.Name || prevChaosHub.RepoURL != chaosHub.RepoURL { + if prevChaosHub.Name != chaosHub.Name || prevChaosHub.RepoURL != chaosHub.RepoURL || prevChaosHub.RemoteHub != chaosHub.RemoteHub { remoteHub := model.CreateRemoteChaosHub{ - Name: chaosHub.Name, - RepoURL: chaosHub.RepoURL, + Name: chaosHub.Name, + RepoURL: chaosHub.RepoURL, + RemoteHub: chaosHub.RemoteHub, } err = os.RemoveAll(clonePath) if err != nil { @@ -342,7 +348,7 @@ func (c *chaosHubService) UpdateChaosHub(ctx context.Context, chaosHub model.Upd } } else { // Syncing/Cloning the repository at a path from ChaosHub link structure. - if prevChaosHub.Name != chaosHub.Name || prevChaosHub.RepoURL != chaosHub.RepoURL || prevChaosHub.RepoBranch != chaosHub.RepoBranch || prevChaosHub.IsPrivate != chaosHub.IsPrivate || prevChaosHub.AuthType != chaosHub.AuthType.String() { + if prevChaosHub.Name != chaosHub.Name || prevChaosHub.RepoURL != chaosHub.RepoURL || prevChaosHub.RepoBranch != chaosHub.RepoBranch || prevChaosHub.IsPrivate != chaosHub.IsPrivate || prevChaosHub.AuthType != chaosHub.AuthType.String() || prevChaosHub.RemoteHub != chaosHub.RemoteHub { err = os.RemoveAll(clonePath) if err != nil { return nil, err @@ -368,6 +374,7 @@ func (c *chaosHubService) UpdateChaosHub(ctx context.Context, chaosHub model.Upd {"$set", bson.D{ {"repo_url", chaosHub.RepoURL}, {"repo_branch", chaosHub.RepoBranch}, + {"remote_hub", chaosHub.RemoteHub}, {"name", chaosHub.Name}, {"description", chaosHub.Description}, {"tags", chaosHub.Tags}, @@ -454,6 +461,7 @@ func (c *chaosHubService) ListChaosFaults(ctx context.Context, hubID string, pro Name: hub.Name, RepoURL: hub.RepoURL, RepoBranch: hub.RepoBranch, + RemoteHub: hub.RemoteHub, } ChartsPath := handler.GetChartsPath(chartsInput, projectID, hub.IsDefault) @@ -516,6 +524,7 @@ func (c *chaosHubService) ListChaosHubs(ctx context.Context, projectID string, r }, RepoURL: defaultHub.RepoURL, RepoBranch: defaultHub.RepoBranch, + RemoteHub: defaultHub.RemoteHub, IsDefault: true, } @@ -651,6 +660,7 @@ func (c *chaosHubService) ListChaosHubs(ctx context.Context, projectID string, r UpdatedAt: strconv.Itoa(int(hub.UpdatedAt)), CreatedBy: &model.UserDetails{Username: hub.CreatedBy.Username}, UpdatedBy: &model.UserDetails{Username: hub.UpdatedBy.Username}, + RemoteHub: hub.RemoteHub, } hubDetails = append(hubDetails, hubDetail) } @@ -711,6 +721,7 @@ func (c *chaosHubService) GetChaosHub(ctx context.Context, chaosHubID string, pr UpdatedAt: strconv.Itoa(int(hub.UpdatedAt)), CreatedBy: &model.UserDetails{Username: hub.CreatedBy.Username}, UpdatedBy: &model.UserDetails{Username: hub.UpdatedBy.Username}, + RemoteHub: hub.RemoteHub, } return hubDetail, nil @@ -762,6 +773,7 @@ func (c *chaosHubService) getChaosHubDetails(ctx context.Context, hubID string, ProjectID: hub.ProjectID, RepoURL: hub.RepoURL, RepoBranch: hub.RepoBranch, + RemoteHub: hub.RemoteHub, AuthType: model.AuthType(hub.AuthType), Name: hub.Name, CreatedAt: strconv.Itoa(int(hub.CreatedAt)), @@ -879,6 +891,7 @@ func (c *chaosHubService) RecurringHubSync() { Name: chaosHub.Name, RepoURL: chaosHub.RepoURL, RepoBranch: chaosHub.RepoBranch, + RemoteHub: chaosHub.RemoteHub, IsPrivate: chaosHub.IsPrivate, AuthType: chaosHub.AuthType, Token: chaosHub.Token, diff --git a/chaoscenter/graphql/server/pkg/database/mongodb/chaos_hub/schema.go b/chaoscenter/graphql/server/pkg/database/mongodb/chaos_hub/schema.go index 7e8205f1192..ed387474dcd 100644 --- a/chaoscenter/graphql/server/pkg/database/mongodb/chaos_hub/schema.go +++ b/chaoscenter/graphql/server/pkg/database/mongodb/chaos_hub/schema.go @@ -15,6 +15,7 @@ type ChaosHub struct { mongodb.Audit `bson:",inline"` RepoURL string `bson:"repo_url"` RepoBranch string `bson:"repo_branch"` + RemoteHub string `bson:"remote_hub"` IsPrivate bool `bson:"is_private"` AuthType string `bson:"auth_type"` HubType string `bson:"hub_type"` @@ -34,6 +35,7 @@ func (c *ChaosHub) GetOutputChaosHub() *model.ChaosHub { ProjectID: c.ProjectID, RepoURL: c.RepoURL, RepoBranch: c.RepoBranch, + RemoteHub: c.RemoteHub, Name: c.Name, Description: &c.Description, Tags: c.Tags, From e7c18ba842acc4bb435e27731a788aa710a2014c Mon Sep 17 00:00:00 2001 From: Janhavi Alekar <97527096+JanhaviAlekar@users.noreply.github.com> Date: Fri, 6 Sep 2024 11:47:40 +0530 Subject: [PATCH 23/31] added '#' as valid Password Character (#4833) Signed-off-by: JanhaviAlekar Co-authored-by: Namkyu Park <53862866+namkyu1999@users.noreply.github.com> --- chaoscenter/authentication/pkg/utils/sanitizers.go | 4 ++-- chaoscenter/web/src/constants/validation.ts | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/chaoscenter/authentication/pkg/utils/sanitizers.go b/chaoscenter/authentication/pkg/utils/sanitizers.go index df9c4d936a0..817ec4684a9 100644 --- a/chaoscenter/authentication/pkg/utils/sanitizers.go +++ b/chaoscenter/authentication/pkg/utils/sanitizers.go @@ -16,7 +16,7 @@ func SanitizeString(input string) string { /* ValidateStrictPassword represents and checks for the following patterns: - Input is at least 8 characters long and at most 16 characters long -- Input contains at least one special character of these @$!%*?_& +- Input contains at least one special character of these @$!%*?_&# - Input contains at least one digit - Input contains at least one uppercase alphabet - Input contains at least one lowercase alphabet @@ -33,7 +33,7 @@ func ValidateStrictPassword(input string) error { digits := `[0-9]{1}` lowerAlphabets := `[a-z]{1}` capitalAlphabets := `[A-Z]{1}` - specialCharacters := `[@$!%*?_&]{1}` + specialCharacters := `[@$!%*?_&#]{1}` if b, err := regexp.MatchString(digits, input); !b || err != nil { return fmt.Errorf("password does not contain digits") } diff --git a/chaoscenter/web/src/constants/validation.ts b/chaoscenter/web/src/constants/validation.ts index 39d68029c28..a03d51e26f5 100644 --- a/chaoscenter/web/src/constants/validation.ts +++ b/chaoscenter/web/src/constants/validation.ts @@ -6,7 +6,7 @@ export const USERNAME_REGEX = /^[a-zA-Z][a-zA-Z0-9_-]{2,15}$/; // ^(?=.*[a-z]) # At least one lowercase letter // (?=.*[A-Z]) # At least one uppercase letter // (?=.*\d) # At least one digit -// (?=.*[@$!%*?_&]) # At least one special character @$!%*?_& -// [A-Za-z\d@$!%*?_&] # Allowed characters: letters, digits, special characters @$!%*?_& +// (?=.*[@$!%*?_&#]) # At least one special character @$!%*?_&# +// [A-Za-z\d@$!%*?_&#] # Allowed characters: letters, digits, special characters @$!%*?_&# // {8,16}$ # Length between 8 to 16 characters -export const PASSWORD_REGEX = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?_&])[A-Za-z\d@$!%*?_&]{8,16}$/; +export const PASSWORD_REGEX = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?_&#])[A-Za-z\d@$!%*?_&#]{8,16}$/; From 1a037586c208e8c7f3f78cc95037a6718bc6434d Mon Sep 17 00:00:00 2001 From: Janhavi Alekar <97527096+JanhaviAlekar@users.noreply.github.com> Date: Fri, 6 Sep 2024 12:01:53 +0530 Subject: [PATCH 24/31] feat : Group chaos infra in infrastructure selection modal (#4779) * Adding environment filter in Infrastructure selection modal Signed-off-by: JanhaviAlekar * setting initialAllInfrastructureLength as 0 initially Signed-off-by: JanhaviAlekar * making InitialAllInfrastructureLength consistent Signed-off-by: JanhaviAlekar * Scroll env list and Pagination(infra) Signed-off-by: JanhaviAlekar * added preSelectedEnvironmentID Signed-off-by: JanhaviAlekar * Minor changes in code Signed-off-by: JanhaviAlekar * Refactored code Signed-off-by: JanhaviAlekar * Changing height of infralist section Signed-off-by: JanhaviAlekar * Minor improvements Signed-off-by: JanhaviAlekar --------- Signed-off-by: JanhaviAlekar Co-authored-by: Sahil Co-authored-by: Saranya Jena --- .../web/src/api/entities/environment.ts | 6 + ...netesChaosInfrastructureReferenceField.tsx | 53 +++- .../web/src/models/chaosInfrastructure.ts | 5 + chaoscenter/web/src/strings/strings.en.yaml | 1 + chaoscenter/web/src/strings/types.ts | 1 + ...osInfrastructureReferenceField.module.scss | 64 +++-- ...rastructureReferenceField.module.scss.d.ts | 6 +- .../ChaosInfrastructureReferenceField.tsx | 254 ++++++++++++------ .../views/StudioOverview/StudioOverview.tsx | 1 + 9 files changed, 290 insertions(+), 101 deletions(-) diff --git a/chaoscenter/web/src/api/entities/environment.ts b/chaoscenter/web/src/api/entities/environment.ts index 7341b84f50e..86fd89b41cf 100644 --- a/chaoscenter/web/src/api/entities/environment.ts +++ b/chaoscenter/web/src/api/entities/environment.ts @@ -23,3 +23,9 @@ export interface EnvironmentSortInput { field: SortType; ascending: boolean; } + +export interface EnvironmentDetail { + envName: string; + envID: string; + totalInfra?: number | null; +} diff --git a/chaoscenter/web/src/controllers/KubernetesChaosInfrastructureReferenceField/KubernetesChaosInfrastructureReferenceField.tsx b/chaoscenter/web/src/controllers/KubernetesChaosInfrastructureReferenceField/KubernetesChaosInfrastructureReferenceField.tsx index f7fe8c48d04..e4702f2d01f 100644 --- a/chaoscenter/web/src/controllers/KubernetesChaosInfrastructureReferenceField/KubernetesChaosInfrastructureReferenceField.tsx +++ b/chaoscenter/web/src/controllers/KubernetesChaosInfrastructureReferenceField/KubernetesChaosInfrastructureReferenceField.tsx @@ -3,31 +3,55 @@ import React from 'react'; import { listChaosInfra } from '@api/core'; import { getScope } from '@utils'; import ChaosInfrastructureReferenceFieldView from '@views/ChaosInfrastructureReferenceField'; -import type { ChaosInfrastructureReferenceFieldProps } from '@models'; +import { AllEnv, type ChaosInfrastructureReferenceFieldProps } from '@models'; import type { InfrastructureDetails } from '@views/ChaosInfrastructureReferenceField/ChaosInfrastructureReferenceField'; +import { listEnvironment } from '@api/core/environments'; function KubernetesChaosInfrastructureReferenceFieldController({ setFieldValue, - initialInfrastructureID + initialInfrastructureID, + initialEnvironmentID }: ChaosInfrastructureReferenceFieldProps): React.ReactElement { const scope = getScope(); const { showError } = useToaster(); const [searchInfrastructure, setSearchInfrastructure] = React.useState(''); - const [page, setPage] = React.useState(0); - const limit = 8; + const [limit, setLimit] = React.useState(5); + const [envID, setEnvID] = React.useState(AllEnv.AllEnv); + const [initialAllInfrastructureLength, setInitialAllInfrastructureLength] = React.useState(0); const { data: listChaosInfraData, loading: listChaosInfraLoading } = listChaosInfra({ ...scope, - filter: { name: searchInfrastructure, isActive: true }, + environmentIDs: envID === AllEnv.AllEnv ? undefined : [envID], + filter: { name: searchInfrastructure }, pagination: { page, limit }, options: { onError: error => showError(error.message) } }); + const { data: listEnvironmentData } = listEnvironment({ + ...scope, + options: { + onError: err => showError(err.message) + } + }); + + const environmentList = listEnvironmentData?.listEnvironments?.environments; + + React.useEffect(() => { + if (envID === AllEnv.AllEnv) { + setInitialAllInfrastructureLength(listChaosInfraData?.listInfras.totalNoOfInfras || 0); + } + }, [listChaosInfraData]); + + const preSelectedEnvironment = listEnvironmentData?.listEnvironments?.environments?.find( + ({ environmentID }) => environmentID === initialEnvironmentID + ); + // TODO: replace with get API as this becomes empty during edit const preSelectedInfrastructure = listChaosInfraData?.listInfras.infras.find( ({ infraID }) => infraID === initialInfrastructureID ); + const preSelectedInfrastructureDetails: InfrastructureDetails | undefined = preSelectedInfrastructure && { id: preSelectedInfrastructure?.infraID, name: preSelectedInfrastructure?.name, @@ -38,6 +62,16 @@ function KubernetesChaosInfrastructureReferenceFieldController({ environmentID: preSelectedInfrastructure?.environmentID }; + React.useEffect(() => { + setPage(0); + }, [envID]); + + React.useEffect(() => { + if (preSelectedEnvironment) { + setEnvID(preSelectedEnvironment?.environmentID); + } + }, [preSelectedEnvironment, setFieldValue]); + React.useEffect(() => { if (preSelectedInfrastructure) { setFieldValue('chaosInfrastructure.id', preSelectedInfrastructure.infraID, true); @@ -69,7 +103,10 @@ function KubernetesChaosInfrastructureReferenceFieldController({ pageSize={limit} pageCount={Math.ceil(totalNoOfInfras / limit)} pageIndex={page} - gotoPage={pageNumber => setPage(pageNumber)} + gotoPage={setPage} + showPagination={true} + pageSizeOptions={[5, 10, 15]} + onPageSizeChange={setLimit} /> ); }; @@ -87,6 +124,10 @@ function KubernetesChaosInfrastructureReferenceFieldController({ }} searchInfrastructure={searchInfrastructure} setSearchInfrastructure={setSearchInfrastructure} + allInfrastructureLength={initialAllInfrastructureLength} + environmentList={environmentList} + envID={envID} + setEnvID={setEnvID} loading={{ listChaosInfra: listChaosInfraLoading }} diff --git a/chaoscenter/web/src/models/chaosInfrastructure.ts b/chaoscenter/web/src/models/chaosInfrastructure.ts index cc9d530c7aa..ab40a98aa76 100644 --- a/chaoscenter/web/src/models/chaosInfrastructure.ts +++ b/chaoscenter/web/src/models/chaosInfrastructure.ts @@ -31,6 +31,7 @@ export function getChaosInfrastructureStatus( export interface ChaosInfrastructureReferenceFieldProps { setFieldValue: FormikHelpers['setFieldValue']; initialInfrastructureID: string | undefined; + initialEnvironmentID: string | undefined; } export enum DeploymentScopeOptions { @@ -64,6 +65,10 @@ export interface InitialValueProps { tolerationValues?: Array; } +export enum AllEnv { + AllEnv = 'All' +} + export interface DeploymentScopeItem extends CollapsableSelectOptions { type: DeploymentScopeOptions; name: string; diff --git a/chaoscenter/web/src/strings/strings.en.yaml b/chaoscenter/web/src/strings/strings.en.yaml index bfe16f64f61..081e1458e7f 100644 --- a/chaoscenter/web/src/strings/strings.en.yaml +++ b/chaoscenter/web/src/strings/strings.en.yaml @@ -486,6 +486,7 @@ infrastructureRegistered: >- Environment -> Infrastructure list. infrastructureStates: Learn more about the states of Infrastructure infrastructureType: Infrastructure type +infrastructures: Infrastructures initialDelay: Initial Delay initialDelaySeconds: Initial Delay Seconds insecureSkipVerify: Insecure skip verify diff --git a/chaoscenter/web/src/strings/types.ts b/chaoscenter/web/src/strings/types.ts index 5d0470c5945..67b32c14278 100644 --- a/chaoscenter/web/src/strings/types.ts +++ b/chaoscenter/web/src/strings/types.ts @@ -409,6 +409,7 @@ export interface StringsMap { 'infrastructureRegistered': unknown 'infrastructureStates': unknown 'infrastructureType': unknown + 'infrastructures': unknown 'initialDelay': unknown 'initialDelaySeconds': unknown 'insecureSkipVerify': unknown diff --git a/chaoscenter/web/src/views/ChaosInfrastructureReferenceField/ChaosInfrastructureReferenceField.module.scss b/chaoscenter/web/src/views/ChaosInfrastructureReferenceField/ChaosInfrastructureReferenceField.module.scss index e9ab159eed0..4e61d00ded7 100644 --- a/chaoscenter/web/src/views/ChaosInfrastructureReferenceField/ChaosInfrastructureReferenceField.module.scss +++ b/chaoscenter/web/src/views/ChaosInfrastructureReferenceField/ChaosInfrastructureReferenceField.module.scss @@ -2,7 +2,7 @@ padding: var(--spacing-xlarge) !important; &.dialog { - width: 833px; + width: 912px; height: 86vh; max-height: 989px; } @@ -60,14 +60,13 @@ background: #effbff; border: 1.5px solid #0278d5; box-shadow: 0px 0px 1px rgba(40, 41, 61, 0.04), 0px 2px 4px rgba(96, 97, 112, 0.16); - border-radius: 4px; + border-radius: 8px; } .notSelected { background: #fafbfc; - border: 1px solid rgba(40, 41, 61, 0.3); box-shadow: 0px 0px 1px rgba(40, 41, 61, 0.04), 0px 2px 4px rgba(96, 97, 112, 0.16); - border-radius: 4px; + border-radius: 8px; cursor: pointer; } @@ -78,14 +77,13 @@ .agentListInnerContainer { flex-grow: 1; - overflow: auto; gap: 1rem; - max-height: calc(100% - 48px); + overflow: auto; } .item { display: grid; - grid-template-columns: 5fr 4fr 25px; + grid-template-columns: 3fr 4fr 25px; align-items: center; gap: 0.5rem; @@ -95,7 +93,6 @@ } .iconCheck { - visibility: hidden; margin-right: var(--spacing-xsmall); margin-left: var(--spacing-xsmall); cursor: pointer; @@ -104,7 +101,15 @@ > svg { > path { stroke-width: 1; - stroke: var(--grey-500); + stroke: var(--grey-100); + } + } + } + .iconCheck:hover { + > svg { + > path { + stroke-width: 1; + stroke: var(--green-500); } } } @@ -134,7 +139,7 @@ .gitInfo { display: grid; grid-template-columns: 4fr 5fr; - padding: 6px 8px; + padding: 4px 8px; background: var(--grey-100) !important; border-radius: 8px !important; width: 100%; @@ -170,11 +175,6 @@ position: fixed; } -.gap-4 { - gap: 1rem; - overflow: auto; -} - .paginationContainer { padding-top: 8px; overflow: hidden; @@ -190,3 +190,37 @@ } } } + +.listEnvContainer { + background: var(--primary-1); + box-shadow: 0px 0px 1px rgba(40, 41, 61, 0.04), 0px 2px 4px rgba(96, 97, 112, 0.16); + border-radius: 8px; + cursor: pointer; +} + +.itemEnv { + width: 100%; + display: grid; + grid-template-columns: 1fr 25px; + align-items: center; + gap: 0.5rem; +} + +.activeEnv { + border: 1px solid var(--primary-7); +} + +.center { + display: flex; + flex-direction: column; + justify-content: center; + align-self: center; + + img { + width: 200px; + } +} + +.rounded { + border-radius: 999px; +} diff --git a/chaoscenter/web/src/views/ChaosInfrastructureReferenceField/ChaosInfrastructureReferenceField.module.scss.d.ts b/chaoscenter/web/src/views/ChaosInfrastructureReferenceField/ChaosInfrastructureReferenceField.module.scss.d.ts index db9d0abfa61..0f0a5adf7fa 100644 --- a/chaoscenter/web/src/views/ChaosInfrastructureReferenceField/ChaosInfrastructureReferenceField.module.scss.d.ts +++ b/chaoscenter/web/src/views/ChaosInfrastructureReferenceField/ChaosInfrastructureReferenceField.module.scss.d.ts @@ -1,24 +1,28 @@ declare namespace ChaosInfrastructureReferenceFieldModuleScssNamespace { export interface IChaosInfrastructureReferenceFieldModuleScss { + activeEnv: string; agentList: string; agentListInnerContainer: string; + center: string; container: string; dialog: string; editBtn: string; fixed: string; - gap4: string; gitBranchIcon: string; gitInfo: string; greenStatus: string; iconCheck: string; iconChecked: string; item: string; + itemEnv: string; leftInfo: string; + listEnvContainer: string; notSelected: string; paginationContainer: string; placeholder: string; redStatus: string; referenceSelect: string; + rounded: string; selected: string; status: string; } diff --git a/chaoscenter/web/src/views/ChaosInfrastructureReferenceField/ChaosInfrastructureReferenceField.tsx b/chaoscenter/web/src/views/ChaosInfrastructureReferenceField/ChaosInfrastructureReferenceField.tsx index 4b55ba44ecc..2a5efa9853b 100644 --- a/chaoscenter/web/src/views/ChaosInfrastructureReferenceField/ChaosInfrastructureReferenceField.tsx +++ b/chaoscenter/web/src/views/ChaosInfrastructureReferenceField/ChaosInfrastructureReferenceField.tsx @@ -8,7 +8,8 @@ import { ExpandingSearchInput, Layout, Text, - useToaster + useToaster, + useToggleOpen } from '@harnessio/uicore'; import { Icon } from '@harnessio/icons'; import cx from 'classnames'; @@ -19,6 +20,7 @@ import FallbackBox from '@images/FallbackBox.svg'; import CustomTagsPopover from '@components/CustomTagsPopover'; import Loader from '@components/Loader'; import { useRouteWithBaseUrl } from '@hooks'; +import { Environment, EnvironmentDetail } from '@api/entities'; import css from './ChaosInfrastructureReferenceField.module.scss'; export interface InfrastructureDetails { @@ -34,10 +36,14 @@ export interface InfrastructureDetails { interface ChaosInfrastructureReferenceFieldViewProps { infrastructureList: InfrastructureDetails[] | undefined; + allInfrastructureLength: number | null; + environmentList: Environment[] | undefined; preSelectedInfrastructure?: InfrastructureDetails; setInfrastructureValue: (infrastructure: InfrastructureDetails | undefined) => void; searchInfrastructure: string; setSearchInfrastructure: React.Dispatch>; + setEnvID: (id: string) => void; + envID: string | undefined; loading: { listChaosInfra: boolean; }; @@ -46,32 +52,83 @@ interface ChaosInfrastructureReferenceFieldViewProps { function ChaosInfrastructureReferenceFieldView({ infrastructureList, + environmentList, + allInfrastructureLength, preSelectedInfrastructure, setInfrastructureValue, searchInfrastructure, setSearchInfrastructure, + envID, + setEnvID, loading, pagination }: ChaosInfrastructureReferenceFieldViewProps): JSX.Element { - const [isOpen, setOpen] = React.useState(false); const paths = useRouteWithBaseUrl(); const history = useHistory(); + const [selectedInfrastructure, setSelectedInfrastructure] = React.useState( preSelectedInfrastructure ); - // const searchParams = useSearchParams(); - // const infrastructureType = - // (searchParams.get('infrastructureType') as InfrastructureType | undefined) ?? InfrastructureType.KUBERNETES; + const { isOpen, open, close } = useToggleOpen(); + const { showError } = useToaster(); const { getString } = useStrings(); - const listItem = ({ infrastructure }: { infrastructure: InfrastructureDetails }): JSX.Element => { + const EnvListItem = ({ envDetail }: { envDetail: EnvironmentDetail }): JSX.Element => { + return ( + { + setEnvID(envDetail.envID); + }} + > +
    + + + {envDetail.envName} + + + + {envDetail.totalInfra ?? 0} + +
    +
    + ); + }; + + const EnvironmentList = ({ env }: { env: Environment }): JSX.Element => { + return ( + + ); + }; + + const InfrastructureListItem = ({ infrastructure }: { infrastructure: InfrastructureDetails }): JSX.Element => { + const isSelected = + selectedInfrastructure?.id === infrastructure.id || preSelectedInfrastructure?.id === infrastructure.id; + return ( { infrastructure.isActive ? setSelectedInfrastructure(infrastructure) @@ -85,7 +142,6 @@ function ChaosInfrastructureReferenceFieldView({ size={12} name="pipeline-approval" /> - {/* */} {infrastructure.name} @@ -124,6 +180,26 @@ function ChaosInfrastructureReferenceFieldView({ ); }; + const NoInfraComponent = (): JSX.Element => { + return ( + + {getString('latestRun')} + + {searchInfrastructure === '' ? getString('newUserNoInfra.title') : getString('noFilteredActiveInfra')} + + {searchInfrastructure === '' && ( +