From e3d46f949c10c4d3b6cdc79919d0cfcfef3ec4a3 Mon Sep 17 00:00:00 2001 From: Utku Ozdemir Date: Thu, 29 Aug 2024 21:55:37 +0200 Subject: [PATCH] feat: implement compression of config fields on resources Add compression support. Signed-off-by: Utku Ozdemir --- .dockerignore | 2 +- .github/workflows/ci.yaml | 16 +- .github/workflows/e2e-backups-cron.yaml | 4 +- .github/workflows/e2e-scaling-cron.yaml | 4 +- .github/workflows/e2e-short-cron.yaml | 4 +- .github/workflows/e2e-templates-cron.yaml | 4 +- .github/workflows/e2e-upgrades-cron.yaml | 4 +- .../workflows/e2e-workload-proxy-cron.yaml | 4 +- .../api/omni/specs/cluster_machine_config.go | 102 + .../specs/cluster_machine_config_patches.go | 146 + client/api/omni/specs/compression.go | 276 + client/api/omni/specs/config_patch.go | 101 + client/api/omni/specs/control_plane_status.go | 1 - client/api/omni/specs/omni.pb.go | 1465 +- client/api/omni/specs/omni.proto | 31 + client/api/omni/specs/omni_vtproto.pb.go | 224 + client/api/omni/specs/omni_yaml.go | 27 - .../specs/redacted_cluster_machine_config.go | 101 + client/api/omni/specs/specs.go | 6 + client/go.mod | 3 +- client/go.sum | 6 +- client/pkg/client/client.go | 6 + client/pkg/compression/compression.go | 161 + .../pkg/compression/compression_bench_test.go | 110 + client/pkg/compression/compression_test.go | 99 + client/pkg/compression/data/config.1.zdict | Bin 0 -> 65536 bytes .../compression/testdata/config-large.yaml | 25760 ++++++++++++++++ .../compression/testdata/config-small.yaml | 114 + .../cluster_machine_config_patches_test.go | 11 +- .../pkg/omni/resources/omni/config_patch.go | 6 +- .../omni/resources/omni/config_patch_test.go | 2 +- .../omni/resources/omni/testdata/config.yaml | 98 + client/pkg/omnictl/root.go | 4 + client/pkg/template/internal/models/patch.go | 8 +- client/pkg/template/operations/export.go | 22 +- client/pkg/template/operations/export_test.go | 14 +- client/pkg/template/template_test.go | 14 + .../template/testdata/cluster1-resources.yaml | 6 + .../template/testdata/cluster2-resources.yaml | 5 + .../template/testdata/cluster3-resources.yaml | 1 + cmd/integration-test/pkg/tests/auth.go | 11 +- cmd/integration-test/pkg/tests/cluster.go | 15 +- .../pkg/tests/config_patch.go | 51 +- cmd/integration-test/pkg/tests/maintenance.go | 9 +- .../pkg/tests/rolling_update.go | 3 +- cmd/integration-test/root.go | 4 + cmd/omni/main.go | 9 + frontend/src/api/omni/specs/omni.pb.ts | 4 + go.mod | 2 +- go.sum | 4 +- go.work | 1 + hack/zstd-dict/.gitignore | 1 + hack/zstd-dict/.golangci.yml | 161 + hack/zstd-dict/.kresignore | 0 hack/zstd-dict/README.md | 36 + hack/zstd-dict/data/argocd-values.yaml | 38 + hack/zstd-dict/data/machineconfig.tmpl.yaml | 633 + hack/zstd-dict/go.mod | 149 + hack/zstd-dict/go.sum | 503 + hack/zstd-dict/main.go | 346 + internal/backend/grpc/grpc_test.go | 29 +- internal/backend/grpc/management.go | 2 +- .../resourcelogger/resourcelogger_test.go | 8 +- .../backend/runtime/omni/audit/hooks/hooks.go | 10 +- .../omni/cluster_machine_config.go | 11 +- .../omni/cluster_machine_config_status.go | 20 +- .../omni/cluster_machine_config_test.go | 54 +- .../omni/cluster_machine_encryption.go | 7 +- .../omni/cluster_workload_proxy.go | 22 +- .../omni/cluster_workload_proxy_test.go | 9 +- .../omni/discovery_service_config_patch.go | 15 +- .../discovery_service_config_patch_test.go | 9 +- .../omni/internal/machineset/operations.go | 105 +- .../internal/machineset/operations_test.go | 33 +- .../machineset/reconciliation_context.go | 4 +- .../omni/kubernetes_upgrade_status.go | 17 +- .../omni/machine_set_status_test.go | 81 +- .../omni/controllers/omni/omni_test.go | 6 +- .../omni/redacted_cluster_machine_config.go | 19 +- .../redacted_cluster_machine_config_test.go | 11 +- .../runtime/omni/migration/migration_test.go | 51 +- .../runtime/omni/migration/migrations.go | 48 +- .../backend/runtime/omni/state_validation.go | 31 +- .../runtime/omni/state_validation_test.go | 11 +- internal/backend/runtime/watch.go | 9 + internal/pkg/config/config.go | 13 + 86 files changed, 30627 insertions(+), 960 deletions(-) create mode 100644 client/api/omni/specs/cluster_machine_config.go create mode 100644 client/api/omni/specs/cluster_machine_config_patches.go create mode 100644 client/api/omni/specs/compression.go create mode 100644 client/api/omni/specs/config_patch.go create mode 100644 client/api/omni/specs/redacted_cluster_machine_config.go create mode 100644 client/api/omni/specs/specs.go create mode 100644 client/pkg/compression/compression.go create mode 100644 client/pkg/compression/compression_bench_test.go create mode 100644 client/pkg/compression/compression_test.go create mode 100644 client/pkg/compression/data/config.1.zdict create mode 100644 client/pkg/compression/testdata/config-large.yaml create mode 100644 client/pkg/compression/testdata/config-small.yaml create mode 100644 client/pkg/omni/resources/omni/testdata/config.yaml create mode 100644 hack/zstd-dict/.gitignore create mode 100644 hack/zstd-dict/.golangci.yml create mode 100644 hack/zstd-dict/.kresignore create mode 100644 hack/zstd-dict/README.md create mode 100644 hack/zstd-dict/data/argocd-values.yaml create mode 100644 hack/zstd-dict/data/machineconfig.tmpl.yaml create mode 100644 hack/zstd-dict/go.mod create mode 100644 hack/zstd-dict/go.sum create mode 100644 hack/zstd-dict/main.go diff --git a/.dockerignore b/.dockerignore index 68873f2e..5083a460 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-07-23T12:11:06Z by kres 6d3182c. +# Generated on 2024-09-07T21:30:27Z by kres 8be5fa7. * !frontend/src diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index f3daffee..7a4e37e6 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-08-16T15:47:13Z by kres 7be2a05. +# Generated on 2024-09-07T21:30:27Z by kres 8be5fa7. name: default concurrency: @@ -71,7 +71,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" @@ -253,7 +253,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" @@ -331,7 +331,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" @@ -409,7 +409,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" @@ -487,7 +487,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" @@ -565,7 +565,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" @@ -643,7 +643,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" diff --git a/.github/workflows/e2e-backups-cron.yaml b/.github/workflows/e2e-backups-cron.yaml index 2941ddf6..dc01ff69 100644 --- a/.github/workflows/e2e-backups-cron.yaml +++ b/.github/workflows/e2e-backups-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-07-23T13:55:08Z by kres faf91e3. +# Generated on 2024-09-06T00:35:46Z by kres 8be5fa7. name: e2e-backups-cron concurrency: @@ -54,7 +54,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" diff --git a/.github/workflows/e2e-scaling-cron.yaml b/.github/workflows/e2e-scaling-cron.yaml index ccbf787d..b937ed42 100644 --- a/.github/workflows/e2e-scaling-cron.yaml +++ b/.github/workflows/e2e-scaling-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-07-23T13:55:08Z by kres faf91e3. +# Generated on 2024-09-06T00:35:46Z by kres 8be5fa7. name: e2e-scaling-cron concurrency: @@ -54,7 +54,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" diff --git a/.github/workflows/e2e-short-cron.yaml b/.github/workflows/e2e-short-cron.yaml index 3b6012e6..84cb48c3 100644 --- a/.github/workflows/e2e-short-cron.yaml +++ b/.github/workflows/e2e-short-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-07-23T13:55:08Z by kres faf91e3. +# Generated on 2024-09-06T00:35:46Z by kres 8be5fa7. name: e2e-short-cron concurrency: @@ -54,7 +54,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" diff --git a/.github/workflows/e2e-templates-cron.yaml b/.github/workflows/e2e-templates-cron.yaml index 1faf1678..ccfdc7d8 100644 --- a/.github/workflows/e2e-templates-cron.yaml +++ b/.github/workflows/e2e-templates-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-07-23T13:55:08Z by kres faf91e3. +# Generated on 2024-09-06T00:35:46Z by kres 8be5fa7. name: e2e-templates-cron concurrency: @@ -54,7 +54,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" diff --git a/.github/workflows/e2e-upgrades-cron.yaml b/.github/workflows/e2e-upgrades-cron.yaml index c0ac1e74..759c9ba0 100644 --- a/.github/workflows/e2e-upgrades-cron.yaml +++ b/.github/workflows/e2e-upgrades-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-07-23T13:55:08Z by kres faf91e3. +# Generated on 2024-09-06T00:35:46Z by kres 8be5fa7. name: e2e-upgrades-cron concurrency: @@ -54,7 +54,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" diff --git a/.github/workflows/e2e-workload-proxy-cron.yaml b/.github/workflows/e2e-workload-proxy-cron.yaml index cbcab444..d55749eb 100644 --- a/.github/workflows/e2e-workload-proxy-cron.yaml +++ b/.github/workflows/e2e-workload-proxy-cron.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-08-15T23:44:03Z by kres 7be2a05. +# Generated on 2024-09-06T00:35:46Z by kres 8be5fa7. name: e2e-workload-proxy-cron concurrency: @@ -54,7 +54,7 @@ jobs: timeout-minutes: 10 - name: Mask secrets run: | - echo -e "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" + echo "$(sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | "::add-mask::" + .value')" - name: Set secrets for job run: | sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV" diff --git a/client/api/omni/specs/cluster_machine_config.go b/client/api/omni/specs/cluster_machine_config.go new file mode 100644 index 00000000..91736f13 --- /dev/null +++ b/client/api/omni/specs/cluster_machine_config.go @@ -0,0 +1,102 @@ +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +package specs + +import ( + "errors" + + "gopkg.in/yaml.v3" +) + +// MarshalJSON implements json.Marshaler interface. +// +// It represents compressed fields as uncompressed in the output. +func (x *ClusterMachineConfigSpec) MarshalJSON() ([]byte, error) { + obj := x.CloneVT() + + buffer, err := obj.GetUncompressedData() + if err != nil { + return nil, err + } + + defer buffer.Free() + + obj.Data = buffer.Data() + obj.CompressedData = nil + + return jsonMarshaler.Marshal(obj) +} + +// UnmarshalJSON implements json.Unmarshaler interface. +func (x *ClusterMachineConfigSpec) UnmarshalJSON(data []byte) error { + return unmarshalJSON(x, data) +} + +// MarshalYAML implements yaml.Marshaler interface. +// +// It represents compressed fields as uncompressed in the output. +func (x *ClusterMachineConfigSpec) MarshalYAML() (any, error) { + obj := x.CloneVT() + + buffer, err := obj.GetUncompressedData() + if err != nil { + return nil, err + } + + defer buffer.Free() + + obj.Data = buffer.Data() + obj.CompressedData = nil + + type alias *ClusterMachineConfigSpec // prevent recursion + + return alias(obj), nil +} + +// UnmarshalYAML implements yaml.Unmarshaler interface. +func (x *ClusterMachineConfigSpec) UnmarshalYAML(node *yaml.Node) error { + type alias ClusterMachineConfigSpec // prevent recursion + + aux := (*alias)(x) + + return unmarshalYAML(x, aux, node) +} + +// GetUncompressedData returns the config data from the ClusterMachineConfigSpec, decompressing it if necessary. +func (x *ClusterMachineConfigSpec) GetUncompressedData(opts ...CompressionOption) (Buffer, error) { + if x == nil { + return newNoOpBuffer(nil), nil + } + + if x.CompressedData == nil { + return newNoOpBuffer(x.Data), nil + } + + return doDecompress(x.CompressedData, getCompressionConfig(opts)) +} + +// SetUncompressedData sets the config data in the ClusterMachineConfigSpec, compressing it if requested. +func (x *ClusterMachineConfigSpec) SetUncompressedData(data []byte, opts ...CompressionOption) error { + if x == nil { + return errors.New("ClusterMachineConfigSpec is nil") + } + + config := getCompressionConfig(opts) + compress := config.Enabled + + if !compress { + x.Data = data + x.CompressedData = nil + + return nil + } + + compressed := doCompress(data, config) + + x.CompressedData = compressed + x.Data = nil + + return nil +} diff --git a/client/api/omni/specs/cluster_machine_config_patches.go b/client/api/omni/specs/cluster_machine_config_patches.go new file mode 100644 index 00000000..ab570bbb --- /dev/null +++ b/client/api/omni/specs/cluster_machine_config_patches.go @@ -0,0 +1,146 @@ +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +package specs + +import ( + "errors" + + "github.com/siderolabs/gen/xslices" + "gopkg.in/yaml.v3" +) + +// MarshalJSON implements json.Marshaler interface. +// +// It represents compressed fields as uncompressed in the output. +func (x *ClusterMachineConfigPatchesSpec) MarshalJSON() ([]byte, error) { + obj := x.CloneVT() + + patches, err := obj.GetUncompressedPatches() + if err != nil { + return nil, err + } + + obj.Patches = patches + obj.CompressedPatches = nil + + return jsonMarshaler.Marshal(obj) +} + +// UnmarshalJSON implements json.Unmarshaler interface. +func (x *ClusterMachineConfigPatchesSpec) UnmarshalJSON(data []byte) error { + return unmarshalJSONMultiple(x, data, GetCompressionConfig()) +} + +// MarshalYAML implements yaml.Marshaler interface. +func (x *ClusterMachineConfigPatchesSpec) MarshalYAML() (any, error) { + patches, err := x.GetUncompressedPatches() + if err != nil { + return nil, err + } + + contents := xslices.Map(patches, func(patch string) *yaml.Node { + style := yaml.FlowStyle + if len(patch) > 0 && (patch[0] == '\n' || patch[0] == ' ') { + style = yaml.SingleQuotedStyle + } + + return &yaml.Node{ + Kind: yaml.ScalarNode, + Tag: "!!str", + Style: style, + Value: patch, + } + }) + + return &yaml.Node{ + Kind: yaml.MappingNode, + Tag: "!!map", + Content: []*yaml.Node{ + {Kind: yaml.ScalarNode, Tag: "!!str", Value: "patches"}, + {Kind: yaml.SequenceNode, Tag: "!!seq", Content: contents}, + }, + }, nil +} + +// UnmarshalYAML implements yaml.Unmarshaler interface. +func (x *ClusterMachineConfigPatchesSpec) UnmarshalYAML(node *yaml.Node) error { + type alias ClusterMachineConfigPatchesSpec // prevent recursion + + aux := (*alias)(x) + + return unmarshalYAMLMultiple(x, aux, node, GetCompressionConfig()) +} + +// GetUncompressedData returns the patches from the ClusterMachineConfigPatchesSpec, decompressing them if necessary. +func (x *ClusterMachineConfigPatchesSpec) GetUncompressedData(opts ...CompressionOption) ([]Buffer, error) { + if x == nil { + return nil, nil + } + + if x.CompressedPatches == nil { + return xslices.Map(x.Patches, func(patch string) Buffer { + return newNoOpBuffer([]byte(patch)) + }), nil + } + + buffers := make([]Buffer, 0, len(x.CompressedPatches)) + config := getCompressionConfig(opts) + + for _, compressed := range x.CompressedPatches { + buffer, err := doDecompress(compressed, config) + if err != nil { + return nil, err + } + + buffers = append(buffers, buffer) + } + + return buffers, nil +} + +// SetUncompressedData sets the patches in the ClusterMachineConfigPatchesSpec, compressing them if requested. +func (x *ClusterMachineConfigPatchesSpec) SetUncompressedData(data [][]byte, opts ...CompressionOption) error { + if x == nil { + return errors.New("ClusterMachineConfigPatchesSpec is nil") + } + + config := getCompressionConfig(opts) + compress := config.Enabled + + if !compress { + x.Patches = xslices.Map(data, func(patch []byte) string { return string(patch) }) + x.CompressedPatches = nil + + return nil + } + + x.CompressedPatches = xslices.Map(data, func(patch []byte) []byte { return doCompress(patch, config) }) + x.Patches = nil + + return nil +} + +// GetUncompressedPatches returns the patches from the ClusterMachineConfigPatchesSpec, decompressing them if necessary. +func (x *ClusterMachineConfigPatchesSpec) GetUncompressedPatches(opts ...CompressionOption) ([]string, error) { + buffers, err := x.GetUncompressedData(opts...) + if err != nil { + return nil, err + } + + return xslices.Map(buffers, func(buffer Buffer) string { + return string(buffer.Data()) + }), nil +} + +// SetUncompressedPatches sets the patches in the ClusterMachineConfigPatchesSpec, compressing them if requested. +func (x *ClusterMachineConfigPatchesSpec) SetUncompressedPatches(patches []string, opts ...CompressionOption) error { + data := make([][]byte, 0, len(patches)) + + for _, patch := range patches { + data = append(data, []byte(patch)) + } + + return x.SetUncompressedData(data, opts...) +} diff --git a/client/api/omni/specs/compression.go b/client/api/omni/specs/compression.go new file mode 100644 index 00000000..16795c81 --- /dev/null +++ b/client/api/omni/specs/compression.go @@ -0,0 +1,276 @@ +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +package specs + +import ( + "fmt" + "math" + "sync" + + "github.com/klauspost/compress/zstd" + "github.com/siderolabs/gen/ensure" + "google.golang.org/protobuf/encoding/protojson" + "google.golang.org/protobuf/proto" + "gopkg.in/yaml.v3" +) + +// CompressionConfig represents the configuration for compression. +type CompressionConfig struct { + ZstdEncoder *zstd.Encoder + ZstdDecoder *zstd.Decoder + BufferPool BufferPool + Enabled bool +} + +var ( + compressionConfig = CompressionConfig{ + Enabled: true, + ZstdEncoder: ensure.Value(zstd.NewWriter( + nil, + zstd.WithEncoderConcurrency(2), + zstd.WithWindowSize(1<<18), // 256 KB + )), + ZstdDecoder: ensure.Value(zstd.NewReader(nil, zstd.WithDecoderConcurrency(0))), + BufferPool: &NoOpBufferPool{}, + } + + compressionConfigMu sync.RWMutex +) + +// SetCompressionConfig sets the default compression config to be used when an explicit config is not provided to accessor methods. +func SetCompressionConfig(config CompressionConfig) { + compressionConfigMu.Lock() + defer compressionConfigMu.Unlock() + + compressionConfig = config +} + +// GetCompressionConfig returns the current default compression config. +func GetCompressionConfig() CompressionConfig { + compressionConfigMu.RLock() + defer compressionConfigMu.RUnlock() + + return compressionConfig +} + +func getCompressionConfig(opts []CompressionOption) CompressionConfig { + var options compressionOptions + + for _, opt := range opts { + opt(&options) + } + + if options.customConfig { + return options.Config + } + + return GetCompressionConfig() +} + +type compressionOptions struct { + Config CompressionConfig + customConfig bool +} + +// CompressionOption is a functional option for configuring compression. +type CompressionOption func(*compressionOptions) + +// WithConfigCompressionOption returns a CompressionOption that sets the given config as the compression config to be used instead of the default one. +func WithConfigCompressionOption(config CompressionConfig) CompressionOption { + return func(opts *compressionOptions) { + opts.Config = config + opts.customConfig = true + } +} + +// FieldCompressor is an interface for the specs that contain a compressed field. +type FieldCompressor[T, R any] interface { + proto.Message + GetUncompressedData(...CompressionOption) (T, error) + SetUncompressedData(R, ...CompressionOption) error +} + +var jsonMarshaler = protojson.MarshalOptions{ + UseProtoNames: true, + UseEnumNumbers: true, +} + +func doCompress(data []byte, opts CompressionConfig) []byte { + return opts.ZstdEncoder.EncodeAll(data, nil) +} + +func doDecompress(data []byte, config CompressionConfig) (Buffer, error) { + if len(data) == 0 { + return newNoOpBuffer(nil), nil + } + + size, err := decompressedMaxSize(data) + if err != nil { + return Buffer{}, err + } + + buffer := config.BufferPool.Get(size) + dataRef := buffer.DataRef() + + decoded, err := config.ZstdDecoder.DecodeAll(data, *dataRef) + if err != nil { + return Buffer{}, err + } + + *dataRef = decoded + + return buffer, nil +} + +// decompressedMaxSize returns the max size of the decompressed data. +func decompressedMaxSize(src []byte) (int, error) { + if len(src) == 0 { + return 0, nil + } + + var header zstd.Header + + if err := header.Decode(src); err != nil { + return 0, err + } + + if !header.HasFCS { + // zstd does not set the frame content size in the header if the data is smaller than 256 bytes. + // assume the max size to be 256 bytes. + return 256, nil + } + + // check for overflow + if header.FrameContentSize > uint64(math.MaxInt) { + return 0, fmt.Errorf("frame content size %d is too large", header.FrameContentSize) + } + + return int(header.FrameContentSize), nil +} + +// Buffer represents a byte buffer that can be re-used to store data. +// +// It provides a read-only view of the data and a method to free the buffer. +// Free should be called when the buffer is no longer needed. +type Buffer struct { + data *[]byte + freeFunc func() +} + +// NewBuffer creates a new Buffer with the given data and free function. +func NewBuffer(data *[]byte, freeFunc func()) Buffer { + return Buffer{ + data: data, + freeFunc: freeFunc, + } +} + +// DataRef returns a reference to the data slice. +func (c *Buffer) DataRef() *[]byte { + return c.data +} + +// Data returns the data slice. +func (c *Buffer) Data() []byte { + return *c.data +} + +// Free frees the buffer. +func (c *Buffer) Free() { + c.freeFunc() +} + +// BufferPool represents a pool of buffers. +type BufferPool interface { + Get(length int) Buffer +} + +// NoOpBufferPool is a no-op implementation of BufferPool. +type NoOpBufferPool struct{} + +// Get implements BufferPool interface. +func (s *NoOpBufferPool) Get(length int) Buffer { + return newNoOpBuffer(make([]byte, 0, length)) +} + +func newNoOpBuffer(data []byte) Buffer { + return NewBuffer(&data, func() {}) +} + +func unmarshalYAML(spec FieldCompressor[Buffer, []byte], alias any, node *yaml.Node) error { + if err := node.Decode(alias); err != nil { + return err + } + + return unmarshal(spec) +} + +func unmarshalYAMLMultiple(specs FieldCompressor[[]Buffer, [][]byte], alias any, node *yaml.Node, config CompressionConfig) error { + if err := node.Decode(alias); err != nil { + return err + } + + return unmarshalMultiple(specs, config) +} + +func unmarshalJSON(spec FieldCompressor[Buffer, []byte], data []byte) error { + if err := protojson.Unmarshal(data, spec); err != nil { + return err + } + + return unmarshal(spec) +} + +func unmarshalJSONMultiple(specs FieldCompressor[[]Buffer, [][]byte], data []byte, config CompressionConfig) error { + if err := protojson.Unmarshal(data, specs); err != nil { + return err + } + + return unmarshalMultiple(specs, config) +} + +func unmarshal(spec FieldCompressor[Buffer, []byte]) error { + buffer, err := spec.GetUncompressedData() + if err != nil { + return err + } + + defer buffer.Free() + + data := buffer.Data() + + if err = spec.SetUncompressedData(data); err != nil { + return err + } + + return nil +} + +func unmarshalMultiple(specs FieldCompressor[[]Buffer, [][]byte], config CompressionConfig) error { + configOpt := WithConfigCompressionOption(config) + + buffers, err := specs.GetUncompressedData(configOpt) + if err != nil { + return err + } + + defer func() { + for _, buffer := range buffers { + buffer.Free() + } + }() + + data := make([][]byte, 0, len(buffers)) + + for _, buffer := range buffers { + data = append(data, buffer.Data()) + } + + if err = specs.SetUncompressedData(data, configOpt); err != nil { + return err + } + + return nil +} diff --git a/client/api/omni/specs/config_patch.go b/client/api/omni/specs/config_patch.go new file mode 100644 index 00000000..19889835 --- /dev/null +++ b/client/api/omni/specs/config_patch.go @@ -0,0 +1,101 @@ +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +//nolint:dupl,revive +package specs + +import ( + "errors" + + "gopkg.in/yaml.v3" +) + +// MarshalJSON marshals the ConfigPatchSpec to JSON, representing the compressed data as the regular data field. +func (x *ConfigPatchSpec) MarshalJSON() ([]byte, error) { + obj := x.CloneVT() + + buffer, err := obj.GetUncompressedData() + if err != nil { + return nil, err + } + + defer buffer.Free() + + obj.Data = string(buffer.Data()) + obj.CompressedData = nil + + return jsonMarshaler.Marshal(obj) +} + +// UnmarshalJSON unmarshals the ConfigPatchSpec from JSON. +func (x *ConfigPatchSpec) UnmarshalJSON(data []byte) error { + return unmarshalJSON(x, data) +} + +// MarshalYAML implements yaml.Marshaler interface. +func (x *ConfigPatchSpec) MarshalYAML() (any, error) { + obj := x.CloneVT() + + buffer, err := obj.GetUncompressedData() + if err != nil { + return nil, err + } + + defer buffer.Free() + + obj.Data = string(buffer.Data()) + obj.CompressedData = nil + + type alias *ConfigPatchSpec // prevent recursion + + return alias(obj), nil +} + +// UnmarshalYAML implements yaml.Unmarshaler interface. +func (x *ConfigPatchSpec) UnmarshalYAML(node *yaml.Node) error { + type alias ConfigPatchSpec // prevent recursion + + aux := (*alias)(x) + + return unmarshalYAML(x, aux, node) +} + +// GetUncompressedData returns the patch data from the ConfigPatchSpec, decompressing it if necessary. +func (x *ConfigPatchSpec) GetUncompressedData(opts ...CompressionOption) (Buffer, error) { + if x == nil { + return newNoOpBuffer(nil), nil + } + + if x.CompressedData == nil { + return newNoOpBuffer([]byte(x.Data)), nil + } + + config := getCompressionConfig(opts) + + return doDecompress(x.CompressedData, config) +} + +// SetUncompressedData sets the patch data in the ConfigPatchSpec, compressing it if requested. +func (x *ConfigPatchSpec) SetUncompressedData(data []byte, opts ...CompressionOption) error { + if x == nil { + return errors.New("ConfigPatchSpec is nil") + } + + config := getCompressionConfig(opts) + compress := config.Enabled + + if !compress { + x.Data = string(data) + x.CompressedData = nil + + return nil + } + + compressedData := doCompress(data, config) + + x.Data = "" + x.CompressedData = compressedData + + return nil +} diff --git a/client/api/omni/specs/control_plane_status.go b/client/api/omni/specs/control_plane_status.go index 3fe7f8fb..43b202a3 100644 --- a/client/api/omni/specs/control_plane_status.go +++ b/client/api/omni/specs/control_plane_status.go @@ -2,7 +2,6 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at http://mozilla.org/MPL/2.0/. -// Package specs contains all resource specs of the service. package specs // GetCondition returns condition from the list of conditions of the status if it's set. diff --git a/client/api/omni/specs/omni.pb.go b/client/api/omni/specs/omni.pb.go index 1015e8e2..f41aae80 100644 --- a/client/api/omni/specs/omni.pb.go +++ b/client/api/omni/specs/omni.pb.go @@ -2087,7 +2087,13 @@ type ClusterMachineConfigPatchesSpec struct { unknownFields protoimpl.UnknownFields // List of patches combined from all sources, as a final list of patches to apply. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedData to manage this field. Patches []string `protobuf:"bytes,1,rep,name=patches,proto3" json:"patches,omitempty"` + // List of patches combined from all sources, as a final list of patches to apply. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedData to manage this field. + CompressedPatches [][]byte `protobuf:"bytes,2,rep,name=compressed_patches,json=compressedPatches,proto3" json:"compressed_patches,omitempty"` } func (x *ClusterMachineConfigPatchesSpec) Reset() { @@ -2129,6 +2135,13 @@ func (x *ClusterMachineConfigPatchesSpec) GetPatches() []string { return nil } +func (x *ClusterMachineConfigPatchesSpec) GetCompressedPatches() [][]byte { + if x != nil { + return x.CompressedPatches + } + return nil +} + // ClusterMachineTalosVersionSpec describes a machine Talos version and schematic. type ClusterMachineTalosVersionSpec struct { state protoimpl.MessageState @@ -2191,9 +2204,16 @@ type ClusterMachineConfigSpec struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields + // Data contains the config bytes. It is only set if the config is not compressed. Otherwise, CompressedData is set instead. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedData to manage this field. Data []byte `protobuf:"bytes,1,opt,name=data,proto3" json:"data,omitempty"` ClusterMachineVersion string `protobuf:"bytes,2,opt,name=cluster_machine_version,json=clusterMachineVersion,proto3" json:"cluster_machine_version,omitempty"` GenerationError string `protobuf:"bytes,3,opt,name=generation_error,json=generationError,proto3" json:"generation_error,omitempty"` + // CompressedData contains the config bytes. It is only set if the config is not compressed. Otherwise, CompressedData is set instead. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedData to manage this field. + CompressedData []byte `protobuf:"bytes,4,opt,name=compressed_data,json=compressedData,proto3" json:"compressed_data,omitempty"` } func (x *ClusterMachineConfigSpec) Reset() { @@ -2249,13 +2269,27 @@ func (x *ClusterMachineConfigSpec) GetGenerationError() string { return "" } +func (x *ClusterMachineConfigSpec) GetCompressedData() []byte { + if x != nil { + return x.CompressedData + } + return nil +} + // ClusterMachineConfigSpec stores generated Talos node machine config. type RedactedClusterMachineConfigSpec struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields + // Data contains the config bytes. It is only set if the config is not compressed. Otherwise, CompressedData is set instead. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedData to manage this field. Data string `protobuf:"bytes,1,opt,name=data,proto3" json:"data,omitempty"` + // CompressedData contains the config bytes. It is only set if the config is not compressed. Otherwise, CompressedData is set instead. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedDataa to manage this field. + CompressedData []byte `protobuf:"bytes,2,opt,name=compressed_data,json=compressedData,proto3" json:"compressed_data,omitempty"` } func (x *RedactedClusterMachineConfigSpec) Reset() { @@ -2297,6 +2331,13 @@ func (x *RedactedClusterMachineConfigSpec) GetData() string { return "" } +func (x *RedactedClusterMachineConfigSpec) GetCompressedData() []byte { + if x != nil { + return x.CompressedData + } + return nil +} + // ClusterMachineIdentity keeps ClusterMachine related node information. type ClusterMachineIdentitySpec struct { state protoimpl.MessageState @@ -3380,7 +3421,14 @@ type ConfigPatchSpec struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields + // Data contains the config patch bytes. It is only set if the config patch is not compressed. Otherwise, CompressedData is set instead. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedData to manage this field. Data string `protobuf:"bytes,1,opt,name=data,proto3" json:"data,omitempty"` + // CompressedData contains the config patch bytes. It is only set if the config patch is not compressed. Otherwise, CompressedData is set instead. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedData to manage this field. + CompressedData []byte `protobuf:"bytes,2,opt,name=compressed_data,json=compressedData,proto3" json:"compressed_data,omitempty"` } func (x *ConfigPatchSpec) Reset() { @@ -3422,6 +3470,13 @@ func (x *ConfigPatchSpec) GetData() string { return "" } +func (x *ConfigPatchSpec) GetCompressedData() []byte { + if x != nil { + return x.CompressedData + } + return nil +} + // MachineSetSpec describes the cluster machine group. type MachineSetSpec struct { state protoimpl.MessageState @@ -7909,719 +7964,729 @@ var file_omni_specs_omni_proto_rawDesc = []byte{ 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x22, - 0x3b, 0x0a, 0x1f, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, + 0x6a, 0x0a, 0x1f, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x50, 0x61, 0x74, 0x63, 0x68, 0x65, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x18, 0x0a, 0x07, 0x70, 0x61, 0x74, 0x63, 0x68, 0x65, 0x73, 0x18, 0x01, 0x20, - 0x03, 0x28, 0x09, 0x52, 0x07, 0x70, 0x61, 0x74, 0x63, 0x68, 0x65, 0x73, 0x22, 0x68, 0x0a, 0x1e, - 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x54, 0x61, - 0x6c, 0x6f, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x53, 0x70, 0x65, 0x63, 0x12, 0x23, - 0x0a, 0x0d, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x56, 0x65, 0x72, 0x73, - 0x69, 0x6f, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, - 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x73, 0x63, 0x68, 0x65, 0x6d, - 0x61, 0x74, 0x69, 0x63, 0x49, 0x64, 0x22, 0x91, 0x01, 0x0a, 0x18, 0x43, 0x6c, 0x75, 0x73, 0x74, - 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, - 0x70, 0x65, 0x63, 0x12, 0x12, 0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x0c, 0x52, 0x04, 0x64, 0x61, 0x74, 0x61, 0x12, 0x36, 0x0a, 0x17, 0x63, 0x6c, 0x75, 0x73, 0x74, - 0x65, 0x72, 0x5f, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, - 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x15, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, - 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, - 0x29, 0x0a, 0x10, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x65, 0x72, - 0x72, 0x6f, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x67, 0x65, 0x6e, 0x65, 0x72, - 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x22, 0x36, 0x0a, 0x20, 0x52, 0x65, - 0x64, 0x61, 0x63, 0x74, 0x65, 0x64, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, - 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x70, 0x65, 0x63, 0x12, 0x12, - 0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x64, 0x61, - 0x74, 0x61, 0x22, 0x9e, 0x01, 0x0a, 0x1a, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, - 0x63, 0x68, 0x69, 0x6e, 0x65, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x53, 0x70, 0x65, - 0x63, 0x12, 0x23, 0x0a, 0x0d, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, - 0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x6e, 0x6f, 0x64, 0x65, 0x49, 0x64, - 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x12, 0x24, 0x0a, 0x0e, 0x65, 0x74, 0x63, 0x64, 0x5f, 0x6d, - 0x65, 0x6d, 0x62, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0c, - 0x65, 0x74, 0x63, 0x64, 0x4d, 0x65, 0x6d, 0x62, 0x65, 0x72, 0x49, 0x64, 0x12, 0x1a, 0x0a, 0x08, - 0x6e, 0x6f, 0x64, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, - 0x6e, 0x6f, 0x64, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x19, 0x0a, 0x08, 0x6e, 0x6f, 0x64, 0x65, - 0x5f, 0x69, 0x70, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x52, 0x07, 0x6e, 0x6f, 0x64, 0x65, - 0x49, 0x70, 0x73, 0x22, 0xa9, 0x01, 0x0a, 0x1a, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, - 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x53, 0x70, - 0x65, 0x63, 0x12, 0x23, 0x0a, 0x0d, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x5f, 0x69, 0x6d, - 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x69, 0x6e, 0x73, 0x74, 0x61, - 0x6c, 0x6c, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x12, 0x2d, 0x0a, 0x12, 0x6b, 0x75, 0x62, 0x65, 0x72, - 0x6e, 0x65, 0x74, 0x65, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x11, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x56, - 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6c, - 0x6c, 0x5f, 0x64, 0x69, 0x73, 0x6b, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x69, 0x6e, - 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x44, 0x69, 0x73, 0x6b, 0x12, 0x14, 0x0a, 0x05, 0x70, 0x61, 0x74, - 0x63, 0x68, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x70, 0x61, 0x74, 0x63, 0x68, 0x22, - 0xaa, 0x04, 0x0a, 0x18, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, - 0x6e, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x14, 0x0a, 0x05, - 0x72, 0x65, 0x61, 0x64, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x72, 0x65, 0x61, - 0x64, 0x79, 0x12, 0x3b, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, - 0x0e, 0x32, 0x25, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, - 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, - 0x65, 0x63, 0x2e, 0x53, 0x74, 0x61, 0x67, 0x65, 0x52, 0x05, 0x73, 0x74, 0x61, 0x67, 0x65, 0x12, - 0x25, 0x0a, 0x0e, 0x61, 0x70, 0x69, 0x64, 0x5f, 0x61, 0x76, 0x61, 0x69, 0x6c, 0x61, 0x62, 0x6c, - 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x61, 0x70, 0x69, 0x64, 0x41, 0x76, 0x61, - 0x69, 0x6c, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x29, 0x0a, 0x11, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x5f, 0x75, 0x70, 0x5f, 0x74, 0x6f, 0x5f, 0x64, 0x61, 0x74, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, - 0x08, 0x52, 0x0e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x55, 0x70, 0x54, 0x6f, 0x44, 0x61, 0x74, - 0x65, 0x12, 0x2a, 0x0a, 0x11, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x5f, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x6c, 0x61, - 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x2d, 0x0a, - 0x12, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x5f, 0x61, 0x64, 0x64, 0x72, - 0x65, 0x73, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x6d, 0x61, 0x6e, 0x61, 0x67, - 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x48, 0x0a, 0x13, - 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x61, 0x70, 0x70, 0x6c, 0x79, 0x5f, 0x73, 0x74, 0x61, - 0x74, 0x75, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x18, 0x2e, 0x73, 0x70, 0x65, 0x63, - 0x73, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x41, 0x70, 0x70, 0x6c, 0x79, 0x53, 0x74, 0x61, - 0x74, 0x75, 0x73, 0x52, 0x11, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x41, 0x70, 0x70, 0x6c, 0x79, - 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x1d, 0x0a, 0x0a, 0x69, 0x73, 0x5f, 0x72, 0x65, 0x6d, - 0x6f, 0x76, 0x65, 0x64, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x69, 0x73, 0x52, 0x65, - 0x6d, 0x6f, 0x76, 0x65, 0x64, 0x22, 0xa4, 0x01, 0x0a, 0x05, 0x53, 0x74, 0x61, 0x67, 0x65, 0x12, - 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, - 0x42, 0x4f, 0x4f, 0x54, 0x49, 0x4e, 0x47, 0x10, 0x01, 0x12, 0x0e, 0x0a, 0x0a, 0x49, 0x4e, 0x53, - 0x54, 0x41, 0x4c, 0x4c, 0x49, 0x4e, 0x47, 0x10, 0x02, 0x12, 0x0d, 0x0a, 0x09, 0x55, 0x50, 0x47, - 0x52, 0x41, 0x44, 0x49, 0x4e, 0x47, 0x10, 0x06, 0x12, 0x0f, 0x0a, 0x0b, 0x43, 0x4f, 0x4e, 0x46, - 0x49, 0x47, 0x55, 0x52, 0x49, 0x4e, 0x47, 0x10, 0x03, 0x12, 0x0b, 0x0a, 0x07, 0x52, 0x55, 0x4e, - 0x4e, 0x49, 0x4e, 0x47, 0x10, 0x04, 0x12, 0x0d, 0x0a, 0x09, 0x52, 0x45, 0x42, 0x4f, 0x4f, 0x54, - 0x49, 0x4e, 0x47, 0x10, 0x07, 0x12, 0x11, 0x0a, 0x0d, 0x53, 0x48, 0x55, 0x54, 0x54, 0x49, 0x4e, - 0x47, 0x5f, 0x44, 0x4f, 0x57, 0x4e, 0x10, 0x08, 0x12, 0x12, 0x0a, 0x0e, 0x42, 0x45, 0x46, 0x4f, - 0x52, 0x45, 0x5f, 0x44, 0x45, 0x53, 0x54, 0x52, 0x4f, 0x59, 0x10, 0x09, 0x12, 0x0e, 0x0a, 0x0a, - 0x44, 0x45, 0x53, 0x54, 0x52, 0x4f, 0x59, 0x49, 0x4e, 0x47, 0x10, 0x05, 0x22, 0x76, 0x0a, 0x08, - 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x6f, 0x74, 0x61, - 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x05, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x12, 0x18, - 0x0a, 0x07, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, - 0x07, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x12, 0x1c, 0x0a, 0x09, 0x63, 0x6f, 0x6e, 0x6e, - 0x65, 0x63, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x09, 0x63, 0x6f, 0x6e, - 0x6e, 0x65, 0x63, 0x74, 0x65, 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, - 0x74, 0x65, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x09, 0x72, 0x65, 0x71, 0x75, 0x65, - 0x73, 0x74, 0x65, 0x64, 0x22, 0xe3, 0x03, 0x0a, 0x11, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, - 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x1c, 0x0a, 0x09, 0x61, 0x76, - 0x61, 0x69, 0x6c, 0x61, 0x62, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x61, - 0x76, 0x61, 0x69, 0x6c, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x2b, 0x0a, 0x08, 0x6d, 0x61, 0x63, 0x68, - 0x69, 0x6e, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0f, 0x2e, 0x73, 0x70, 0x65, - 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x52, 0x08, 0x6d, 0x61, 0x63, - 0x68, 0x69, 0x6e, 0x65, 0x73, 0x12, 0x34, 0x0a, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x18, 0x03, - 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1e, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x43, 0x6c, 0x75, - 0x73, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x50, - 0x68, 0x61, 0x73, 0x65, 0x52, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x72, - 0x65, 0x61, 0x64, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x72, 0x65, 0x61, 0x64, - 0x79, 0x12, 0x2e, 0x0a, 0x12, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x41, - 0x50, 0x49, 0x52, 0x65, 0x61, 0x64, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x12, 0x6b, - 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x41, 0x50, 0x49, 0x52, 0x65, 0x61, 0x64, - 0x79, 0x12, 0x2c, 0x0a, 0x11, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x70, 0x6c, 0x61, 0x6e, - 0x65, 0x52, 0x65, 0x61, 0x64, 0x79, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x11, 0x63, 0x6f, - 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x52, 0x65, 0x61, 0x64, 0x79, 0x12, - 0x3f, 0x0a, 0x1c, 0x68, 0x61, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x65, 0x64, - 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x5f, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x73, 0x18, - 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x19, 0x68, 0x61, 0x73, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, - 0x74, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e, 0x65, 0x73, - 0x12, 0x43, 0x0a, 0x1e, 0x75, 0x73, 0x65, 0x5f, 0x65, 0x6d, 0x62, 0x65, 0x64, 0x64, 0x65, 0x64, - 0x5f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, - 0x63, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1b, 0x75, 0x73, 0x65, 0x45, 0x6d, 0x62, - 0x65, 0x64, 0x64, 0x65, 0x64, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x53, 0x65, - 0x72, 0x76, 0x69, 0x63, 0x65, 0x22, 0x53, 0x0a, 0x05, 0x50, 0x68, 0x61, 0x73, 0x65, 0x12, 0x0b, - 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x0e, 0x0a, 0x0a, 0x53, - 0x43, 0x41, 0x4c, 0x49, 0x4e, 0x47, 0x5f, 0x55, 0x50, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x53, - 0x43, 0x41, 0x4c, 0x49, 0x4e, 0x47, 0x5f, 0x44, 0x4f, 0x57, 0x4e, 0x10, 0x02, 0x12, 0x0b, 0x0a, - 0x07, 0x52, 0x55, 0x4e, 0x4e, 0x49, 0x4e, 0x47, 0x10, 0x03, 0x12, 0x0e, 0x0a, 0x0a, 0x44, 0x45, - 0x53, 0x54, 0x52, 0x4f, 0x59, 0x49, 0x4e, 0x47, 0x10, 0x04, 0x22, 0x21, 0x0a, 0x0b, 0x43, 0x6c, - 0x75, 0x73, 0x74, 0x65, 0x72, 0x55, 0x55, 0x49, 0x44, 0x12, 0x12, 0x0a, 0x04, 0x75, 0x75, 0x69, - 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x75, 0x75, 0x69, 0x64, 0x22, 0x34, 0x0a, - 0x18, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x56, 0x65, - 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x53, 0x70, 0x65, 0x63, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, - 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, - 0x69, 0x6f, 0x6e, 0x22, 0xe0, 0x02, 0x0a, 0x1e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, - 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x74, 0x61, 0x74, - 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x43, 0x0a, 0x1e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, - 0x72, 0x5f, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x1b, - 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, - 0x6e, 0x66, 0x69, 0x67, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x36, 0x0a, 0x17, 0x63, - 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x5f, 0x76, - 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x15, 0x63, 0x6c, - 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x56, 0x65, 0x72, 0x73, - 0x69, 0x6f, 0x6e, 0x12, 0x41, 0x0a, 0x1d, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x6d, - 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, 0x68, - 0x61, 0x32, 0x35, 0x36, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x1a, 0x63, 0x6c, 0x75, 0x73, - 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x53, 0x68, 0x61, 0x32, 0x35, 0x36, 0x12, 0x2a, 0x0a, 0x11, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x63, - 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, 0x06, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x0f, 0x6c, 0x61, 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45, 0x72, 0x72, - 0x6f, 0x72, 0x12, 0x23, 0x0a, 0x0d, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, - 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x74, 0x61, 0x6c, 0x6f, 0x73, - 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x63, 0x68, 0x65, 0x6d, - 0x61, 0x74, 0x69, 0x63, 0x5f, 0x69, 0x64, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x73, - 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, 0x49, 0x64, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, - 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x22, 0x40, 0x0a, 0x1a, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, - 0x72, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, - 0x53, 0x70, 0x65, 0x63, 0x12, 0x22, 0x0a, 0x0c, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, - 0x70, 0x70, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x62, 0x6f, 0x6f, 0x74, - 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x65, 0x64, 0x22, 0x28, 0x0a, 0x12, 0x43, 0x6c, 0x75, 0x73, - 0x74, 0x65, 0x72, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x12, - 0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x64, 0x61, - 0x74, 0x61, 0x22, 0x8a, 0x01, 0x0a, 0x16, 0x4c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, - 0x63, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x70, 0x65, 0x63, 0x12, 0x1b, 0x0a, - 0x09, 0x62, 0x69, 0x6e, 0x64, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x08, 0x62, 0x69, 0x6e, 0x64, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x2f, 0x0a, 0x13, 0x73, 0x69, - 0x64, 0x65, 0x72, 0x6f, 0x6c, 0x69, 0x6e, 0x6b, 0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, - 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x73, 0x69, 0x64, 0x65, 0x72, 0x6f, 0x6c, - 0x69, 0x6e, 0x6b, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x65, - 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x09, - 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x22, - 0x58, 0x0a, 0x16, 0x4c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x72, 0x53, - 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x18, 0x0a, 0x07, 0x68, 0x65, 0x61, - 0x6c, 0x74, 0x68, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x68, 0x65, 0x61, 0x6c, - 0x74, 0x68, 0x79, 0x12, 0x18, 0x0a, 0x07, 0x73, 0x74, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x18, 0x04, - 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x73, 0x74, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x4a, 0x04, 0x08, - 0x01, 0x10, 0x02, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x22, 0x31, 0x0a, 0x15, 0x4b, 0x75, 0x62, - 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x53, 0x70, + 0x03, 0x28, 0x09, 0x52, 0x07, 0x70, 0x61, 0x74, 0x63, 0x68, 0x65, 0x73, 0x12, 0x2d, 0x0a, 0x12, + 0x63, 0x6f, 0x6d, 0x70, 0x72, 0x65, 0x73, 0x73, 0x65, 0x64, 0x5f, 0x70, 0x61, 0x74, 0x63, 0x68, + 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0c, 0x52, 0x11, 0x63, 0x6f, 0x6d, 0x70, 0x72, 0x65, + 0x73, 0x73, 0x65, 0x64, 0x50, 0x61, 0x74, 0x63, 0x68, 0x65, 0x73, 0x22, 0x68, 0x0a, 0x1e, 0x43, + 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x54, 0x61, 0x6c, + 0x6f, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x53, 0x70, 0x65, 0x63, 0x12, 0x23, 0x0a, + 0x0d, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, + 0x6f, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, 0x5f, + 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, + 0x74, 0x69, 0x63, 0x49, 0x64, 0x22, 0xba, 0x01, 0x0a, 0x18, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, + 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x70, + 0x65, 0x63, 0x12, 0x12, 0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, + 0x52, 0x04, 0x64, 0x61, 0x74, 0x61, 0x12, 0x36, 0x0a, 0x17, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, + 0x72, 0x5f, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, + 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x15, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, + 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x29, + 0x0a, 0x10, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x65, 0x72, 0x72, + 0x6f, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x27, 0x0a, 0x0f, 0x63, 0x6f, 0x6d, + 0x70, 0x72, 0x65, 0x73, 0x73, 0x65, 0x64, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x0c, 0x52, 0x0e, 0x63, 0x6f, 0x6d, 0x70, 0x72, 0x65, 0x73, 0x73, 0x65, 0x64, 0x44, 0x61, + 0x74, 0x61, 0x22, 0x5f, 0x0a, 0x20, 0x52, 0x65, 0x64, 0x61, 0x63, 0x74, 0x65, 0x64, 0x43, 0x6c, + 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x53, 0x70, 0x65, 0x63, 0x12, 0x12, 0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x64, 0x61, 0x74, 0x61, 0x12, 0x27, 0x0a, 0x0f, 0x63, 0x6f, + 0x6d, 0x70, 0x72, 0x65, 0x73, 0x73, 0x65, 0x64, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x18, 0x02, 0x20, + 0x01, 0x28, 0x0c, 0x52, 0x0e, 0x63, 0x6f, 0x6d, 0x70, 0x72, 0x65, 0x73, 0x73, 0x65, 0x64, 0x44, + 0x61, 0x74, 0x61, 0x22, 0x9e, 0x01, 0x0a, 0x1a, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, + 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x53, 0x70, + 0x65, 0x63, 0x12, 0x23, 0x0a, 0x0d, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x65, 0x6e, 0x74, + 0x69, 0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x6e, 0x6f, 0x64, 0x65, 0x49, + 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x12, 0x24, 0x0a, 0x0e, 0x65, 0x74, 0x63, 0x64, 0x5f, + 0x6d, 0x65, 0x6d, 0x62, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, + 0x0c, 0x65, 0x74, 0x63, 0x64, 0x4d, 0x65, 0x6d, 0x62, 0x65, 0x72, 0x49, 0x64, 0x12, 0x1a, 0x0a, + 0x08, 0x6e, 0x6f, 0x64, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x08, 0x6e, 0x6f, 0x64, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x19, 0x0a, 0x08, 0x6e, 0x6f, 0x64, + 0x65, 0x5f, 0x69, 0x70, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x52, 0x07, 0x6e, 0x6f, 0x64, + 0x65, 0x49, 0x70, 0x73, 0x22, 0xa9, 0x01, 0x0a, 0x1a, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, + 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x53, + 0x70, 0x65, 0x63, 0x12, 0x23, 0x0a, 0x0d, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x5f, 0x69, + 0x6d, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x69, 0x6e, 0x73, 0x74, + 0x61, 0x6c, 0x6c, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x12, 0x2d, 0x0a, 0x12, 0x6b, 0x75, 0x62, 0x65, + 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, + 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x6e, 0x73, 0x74, 0x61, + 0x6c, 0x6c, 0x5f, 0x64, 0x69, 0x73, 0x6b, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x69, + 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x44, 0x69, 0x73, 0x6b, 0x12, 0x14, 0x0a, 0x05, 0x70, 0x61, + 0x74, 0x63, 0x68, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x70, 0x61, 0x74, 0x63, 0x68, + 0x22, 0xaa, 0x04, 0x0a, 0x18, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, + 0x69, 0x6e, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x14, 0x0a, + 0x05, 0x72, 0x65, 0x61, 0x64, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x72, 0x65, + 0x61, 0x64, 0x79, 0x12, 0x3b, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x0e, 0x32, 0x25, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, + 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, + 0x70, 0x65, 0x63, 0x2e, 0x53, 0x74, 0x61, 0x67, 0x65, 0x52, 0x05, 0x73, 0x74, 0x61, 0x67, 0x65, + 0x12, 0x25, 0x0a, 0x0e, 0x61, 0x70, 0x69, 0x64, 0x5f, 0x61, 0x76, 0x61, 0x69, 0x6c, 0x61, 0x62, + 0x6c, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x61, 0x70, 0x69, 0x64, 0x41, 0x76, + 0x61, 0x69, 0x6c, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x29, 0x0a, 0x11, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x5f, 0x75, 0x70, 0x5f, 0x74, 0x6f, 0x5f, 0x64, 0x61, 0x74, 0x65, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x08, 0x52, 0x0e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x55, 0x70, 0x54, 0x6f, 0x44, 0x61, + 0x74, 0x65, 0x12, 0x2a, 0x0a, 0x11, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x5f, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x6c, + 0x61, 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x2d, + 0x0a, 0x12, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x5f, 0x61, 0x64, 0x64, + 0x72, 0x65, 0x73, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x6d, 0x61, 0x6e, 0x61, + 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x48, 0x0a, + 0x13, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x61, 0x70, 0x70, 0x6c, 0x79, 0x5f, 0x73, 0x74, + 0x61, 0x74, 0x75, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x18, 0x2e, 0x73, 0x70, 0x65, + 0x63, 0x73, 0x2e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x41, 0x70, 0x70, 0x6c, 0x79, 0x53, 0x74, + 0x61, 0x74, 0x75, 0x73, 0x52, 0x11, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x41, 0x70, 0x70, 0x6c, + 0x79, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x1d, 0x0a, 0x0a, 0x69, 0x73, 0x5f, 0x72, 0x65, + 0x6d, 0x6f, 0x76, 0x65, 0x64, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x69, 0x73, 0x52, + 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x64, 0x22, 0xa4, 0x01, 0x0a, 0x05, 0x53, 0x74, 0x61, 0x67, 0x65, + 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x0b, 0x0a, + 0x07, 0x42, 0x4f, 0x4f, 0x54, 0x49, 0x4e, 0x47, 0x10, 0x01, 0x12, 0x0e, 0x0a, 0x0a, 0x49, 0x4e, + 0x53, 0x54, 0x41, 0x4c, 0x4c, 0x49, 0x4e, 0x47, 0x10, 0x02, 0x12, 0x0d, 0x0a, 0x09, 0x55, 0x50, + 0x47, 0x52, 0x41, 0x44, 0x49, 0x4e, 0x47, 0x10, 0x06, 0x12, 0x0f, 0x0a, 0x0b, 0x43, 0x4f, 0x4e, + 0x46, 0x49, 0x47, 0x55, 0x52, 0x49, 0x4e, 0x47, 0x10, 0x03, 0x12, 0x0b, 0x0a, 0x07, 0x52, 0x55, + 0x4e, 0x4e, 0x49, 0x4e, 0x47, 0x10, 0x04, 0x12, 0x0d, 0x0a, 0x09, 0x52, 0x45, 0x42, 0x4f, 0x4f, + 0x54, 0x49, 0x4e, 0x47, 0x10, 0x07, 0x12, 0x11, 0x0a, 0x0d, 0x53, 0x48, 0x55, 0x54, 0x54, 0x49, + 0x4e, 0x47, 0x5f, 0x44, 0x4f, 0x57, 0x4e, 0x10, 0x08, 0x12, 0x12, 0x0a, 0x0e, 0x42, 0x45, 0x46, + 0x4f, 0x52, 0x45, 0x5f, 0x44, 0x45, 0x53, 0x54, 0x52, 0x4f, 0x59, 0x10, 0x09, 0x12, 0x0e, 0x0a, + 0x0a, 0x44, 0x45, 0x53, 0x54, 0x52, 0x4f, 0x59, 0x49, 0x4e, 0x47, 0x10, 0x05, 0x22, 0x76, 0x0a, + 0x08, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x6f, 0x74, + 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x05, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x12, + 0x18, 0x0a, 0x07, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, + 0x52, 0x07, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x79, 0x12, 0x1c, 0x0a, 0x09, 0x63, 0x6f, 0x6e, + 0x6e, 0x65, 0x63, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x09, 0x63, 0x6f, + 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x65, 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x72, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x65, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x09, 0x72, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x65, 0x64, 0x22, 0xe3, 0x03, 0x0a, 0x11, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, + 0x72, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x1c, 0x0a, 0x09, 0x61, + 0x76, 0x61, 0x69, 0x6c, 0x61, 0x62, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, + 0x61, 0x76, 0x61, 0x69, 0x6c, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x2b, 0x0a, 0x08, 0x6d, 0x61, 0x63, + 0x68, 0x69, 0x6e, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0f, 0x2e, 0x73, 0x70, + 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x52, 0x08, 0x6d, 0x61, + 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x12, 0x34, 0x0a, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1e, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x43, 0x6c, + 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, + 0x50, 0x68, 0x61, 0x73, 0x65, 0x52, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, + 0x72, 0x65, 0x61, 0x64, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x72, 0x65, 0x61, + 0x64, 0x79, 0x12, 0x2e, 0x0a, 0x12, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, + 0x41, 0x50, 0x49, 0x52, 0x65, 0x61, 0x64, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x12, + 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x41, 0x50, 0x49, 0x52, 0x65, 0x61, + 0x64, 0x79, 0x12, 0x2c, 0x0a, 0x11, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x70, 0x6c, 0x61, + 0x6e, 0x65, 0x52, 0x65, 0x61, 0x64, 0x79, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x11, 0x63, + 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x52, 0x65, 0x61, 0x64, 0x79, + 0x12, 0x3f, 0x0a, 0x1c, 0x68, 0x61, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x65, + 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x5f, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x73, + 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x19, 0x68, 0x61, 0x73, 0x43, 0x6f, 0x6e, 0x6e, 0x65, + 0x63, 0x74, 0x65, 0x64, 0x43, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e, 0x65, + 0x73, 0x12, 0x43, 0x0a, 0x1e, 0x75, 0x73, 0x65, 0x5f, 0x65, 0x6d, 0x62, 0x65, 0x64, 0x64, 0x65, + 0x64, 0x5f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x5f, 0x73, 0x65, 0x72, 0x76, + 0x69, 0x63, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1b, 0x75, 0x73, 0x65, 0x45, 0x6d, + 0x62, 0x65, 0x64, 0x64, 0x65, 0x64, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x53, + 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x22, 0x53, 0x0a, 0x05, 0x50, 0x68, 0x61, 0x73, 0x65, 0x12, + 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x0e, 0x0a, 0x0a, + 0x53, 0x43, 0x41, 0x4c, 0x49, 0x4e, 0x47, 0x5f, 0x55, 0x50, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, + 0x53, 0x43, 0x41, 0x4c, 0x49, 0x4e, 0x47, 0x5f, 0x44, 0x4f, 0x57, 0x4e, 0x10, 0x02, 0x12, 0x0b, + 0x0a, 0x07, 0x52, 0x55, 0x4e, 0x4e, 0x49, 0x4e, 0x47, 0x10, 0x03, 0x12, 0x0e, 0x0a, 0x0a, 0x44, + 0x45, 0x53, 0x54, 0x52, 0x4f, 0x59, 0x49, 0x4e, 0x47, 0x10, 0x04, 0x22, 0x21, 0x0a, 0x0b, 0x43, + 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x55, 0x55, 0x49, 0x44, 0x12, 0x12, 0x0a, 0x04, 0x75, 0x75, + 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x75, 0x75, 0x69, 0x64, 0x22, 0x34, + 0x0a, 0x18, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x56, + 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x53, 0x70, 0x65, 0x63, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, + 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, + 0x73, 0x69, 0x6f, 0x6e, 0x22, 0xe0, 0x02, 0x0a, 0x1e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, + 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x74, 0x61, + 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x43, 0x0a, 0x1e, 0x63, 0x6c, 0x75, 0x73, 0x74, + 0x65, 0x72, 0x5f, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x1b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x36, 0x0a, 0x17, + 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x5f, + 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x15, 0x63, + 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x56, 0x65, 0x72, + 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x41, 0x0a, 0x1d, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, + 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x73, + 0x68, 0x61, 0x32, 0x35, 0x36, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x1a, 0x63, 0x6c, 0x75, + 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x53, 0x68, 0x61, 0x32, 0x35, 0x36, 0x12, 0x2a, 0x0a, 0x11, 0x6c, 0x61, 0x73, 0x74, 0x5f, + 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, 0x06, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x0f, 0x6c, 0x61, 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x45, 0x72, + 0x72, 0x6f, 0x72, 0x12, 0x23, 0x0a, 0x0d, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x5f, 0x76, 0x65, 0x72, + 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x74, 0x61, 0x6c, 0x6f, + 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x63, 0x68, 0x65, + 0x6d, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x69, 0x64, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, + 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, 0x49, 0x64, 0x4a, 0x04, 0x08, 0x01, 0x10, + 0x02, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x22, 0x40, 0x0a, 0x1a, 0x43, 0x6c, 0x75, 0x73, 0x74, + 0x65, 0x72, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x53, 0x74, 0x61, 0x74, 0x75, + 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x22, 0x0a, 0x0c, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, + 0x61, 0x70, 0x70, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x62, 0x6f, 0x6f, + 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x70, 0x65, 0x64, 0x22, 0x28, 0x0a, 0x12, 0x43, 0x6c, 0x75, + 0x73, 0x74, 0x65, 0x72, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, + 0x12, 0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x64, + 0x61, 0x74, 0x61, 0x22, 0x8a, 0x01, 0x0a, 0x16, 0x4c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, + 0x6e, 0x63, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x70, 0x65, 0x63, 0x12, 0x1b, + 0x0a, 0x09, 0x62, 0x69, 0x6e, 0x64, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x08, 0x62, 0x69, 0x6e, 0x64, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x2f, 0x0a, 0x13, 0x73, + 0x69, 0x64, 0x65, 0x72, 0x6f, 0x6c, 0x69, 0x6e, 0x6b, 0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, + 0x6e, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x73, 0x69, 0x64, 0x65, 0x72, 0x6f, + 0x6c, 0x69, 0x6e, 0x6b, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x12, 0x1c, 0x0a, 0x09, + 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, + 0x09, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x73, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, + 0x22, 0x58, 0x0a, 0x16, 0x4c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x72, + 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x18, 0x0a, 0x07, 0x68, 0x65, + 0x61, 0x6c, 0x74, 0x68, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x68, 0x65, 0x61, + 0x6c, 0x74, 0x68, 0x79, 0x12, 0x18, 0x0a, 0x07, 0x73, 0x74, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x18, + 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x73, 0x74, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x4a, 0x04, + 0x08, 0x01, 0x10, 0x02, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x22, 0x31, 0x0a, 0x15, 0x4b, 0x75, + 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x53, + 0x70, 0x65, 0x63, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x92, 0x01, + 0x0a, 0x10, 0x54, 0x61, 0x6c, 0x6f, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x53, 0x70, 0x65, 0x63, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x92, 0x01, 0x0a, - 0x10, 0x54, 0x61, 0x6c, 0x6f, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x53, 0x70, 0x65, - 0x63, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x44, 0x0a, 0x1e, 0x63, - 0x6f, 0x6d, 0x70, 0x61, 0x74, 0x69, 0x62, 0x6c, 0x65, 0x5f, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, - 0x65, 0x74, 0x65, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, - 0x03, 0x28, 0x09, 0x52, 0x1c, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x74, 0x69, 0x62, 0x6c, 0x65, 0x4b, - 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, - 0x73, 0x12, 0x1e, 0x0a, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, - 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, - 0x64, 0x22, 0xbb, 0x02, 0x0a, 0x15, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x4d, 0x65, 0x64, 0x69, 0x61, 0x53, 0x70, 0x65, 0x63, 0x12, 0x12, 0x0a, 0x04, 0x6e, - 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, - 0x22, 0x0a, 0x0c, 0x61, 0x72, 0x63, 0x68, 0x69, 0x74, 0x65, 0x63, 0x74, 0x75, 0x72, 0x65, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x72, 0x63, 0x68, 0x69, 0x74, 0x65, 0x63, 0x74, - 0x75, 0x72, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x18, 0x03, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x20, 0x0a, - 0x0b, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x18, 0x06, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x0b, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, - 0x26, 0x0a, 0x0f, 0x73, 0x72, 0x63, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x70, 0x72, 0x65, 0x66, - 0x69, 0x78, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x73, 0x72, 0x63, 0x46, 0x69, 0x6c, - 0x65, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x28, 0x0a, 0x10, 0x64, 0x65, 0x73, 0x74, 0x5f, - 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x08, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x0e, 0x64, 0x65, 0x73, 0x74, 0x46, 0x69, 0x6c, 0x65, 0x50, 0x72, 0x65, 0x66, 0x69, - 0x78, 0x12, 0x1c, 0x0a, 0x09, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x09, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x12, - 0x24, 0x0a, 0x0e, 0x6e, 0x6f, 0x5f, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x5f, 0x62, 0x6f, 0x6f, - 0x74, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x6e, 0x6f, 0x53, 0x65, 0x63, 0x75, 0x72, - 0x65, 0x42, 0x6f, 0x6f, 0x74, 0x12, 0x18, 0x0a, 0x07, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x61, 0x79, - 0x18, 0x0c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x61, 0x79, 0x22, - 0x25, 0x0a, 0x0f, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x50, 0x61, 0x74, 0x63, 0x68, 0x53, 0x70, - 0x65, 0x63, 0x12, 0x12, 0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x04, 0x64, 0x61, 0x74, 0x61, 0x22, 0x81, 0x08, 0x0a, 0x0e, 0x4d, 0x61, 0x63, 0x68, 0x69, - 0x6e, 0x65, 0x53, 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, 0x12, 0x4d, 0x0a, 0x0f, 0x75, 0x70, 0x64, - 0x61, 0x74, 0x65, 0x5f, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x0e, 0x32, 0x24, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, - 0x6e, 0x65, 0x53, 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, - 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x52, 0x0e, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, - 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x47, 0x0a, 0x0d, 0x6d, 0x61, 0x63, 0x68, - 0x69, 0x6e, 0x65, 0x5f, 0x63, 0x6c, 0x61, 0x73, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, - 0x22, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, - 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6c, - 0x61, 0x73, 0x73, 0x52, 0x0c, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6c, 0x61, 0x73, - 0x73, 0x12, 0x4a, 0x0a, 0x0e, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x5f, 0x73, - 0x70, 0x65, 0x63, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x73, 0x70, 0x65, 0x63, - 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, - 0x2e, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x53, 0x70, 0x65, 0x63, 0x52, 0x0d, - 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x53, 0x70, 0x65, 0x63, 0x12, 0x4d, 0x0a, - 0x0f, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x5f, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, - 0x18, 0x04, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x24, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, - 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x55, 0x70, - 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x52, 0x0e, 0x64, 0x65, - 0x6c, 0x65, 0x74, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x60, 0x0a, 0x16, - 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x5f, - 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x73, + 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x44, 0x0a, 0x1e, + 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x74, 0x69, 0x62, 0x6c, 0x65, 0x5f, 0x6b, 0x75, 0x62, 0x65, 0x72, + 0x6e, 0x65, 0x74, 0x65, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, + 0x20, 0x03, 0x28, 0x09, 0x52, 0x1c, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x74, 0x69, 0x62, 0x6c, 0x65, + 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, + 0x6e, 0x73, 0x12, 0x1e, 0x0a, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, + 0x65, 0x64, 0x22, 0xbb, 0x02, 0x0a, 0x15, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x4d, 0x65, 0x64, 0x69, 0x61, 0x53, 0x70, 0x65, 0x63, 0x12, 0x12, 0x0a, 0x04, + 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, + 0x12, 0x22, 0x0a, 0x0c, 0x61, 0x72, 0x63, 0x68, 0x69, 0x74, 0x65, 0x63, 0x74, 0x75, 0x72, 0x65, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x72, 0x63, 0x68, 0x69, 0x74, 0x65, 0x63, + 0x74, 0x75, 0x72, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x20, + 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x18, 0x06, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, + 0x12, 0x26, 0x0a, 0x0f, 0x73, 0x72, 0x63, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x70, 0x72, 0x65, + 0x66, 0x69, 0x78, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x73, 0x72, 0x63, 0x46, 0x69, + 0x6c, 0x65, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x28, 0x0a, 0x10, 0x64, 0x65, 0x73, 0x74, + 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x08, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x0e, 0x64, 0x65, 0x73, 0x74, 0x46, 0x69, 0x6c, 0x65, 0x50, 0x72, 0x65, 0x66, + 0x69, 0x78, 0x12, 0x1c, 0x0a, 0x09, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x18, + 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, + 0x12, 0x24, 0x0a, 0x0e, 0x6e, 0x6f, 0x5f, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x5f, 0x62, 0x6f, + 0x6f, 0x74, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x6e, 0x6f, 0x53, 0x65, 0x63, 0x75, + 0x72, 0x65, 0x42, 0x6f, 0x6f, 0x74, 0x12, 0x18, 0x0a, 0x07, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x61, + 0x79, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x61, 0x79, + 0x22, 0x4e, 0x0a, 0x0f, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x50, 0x61, 0x74, 0x63, 0x68, 0x53, + 0x70, 0x65, 0x63, 0x12, 0x12, 0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x04, 0x64, 0x61, 0x74, 0x61, 0x12, 0x27, 0x0a, 0x0f, 0x63, 0x6f, 0x6d, 0x70, 0x72, + 0x65, 0x73, 0x73, 0x65, 0x64, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, + 0x52, 0x0e, 0x63, 0x6f, 0x6d, 0x70, 0x72, 0x65, 0x73, 0x73, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, + 0x22, 0x81, 0x08, 0x0a, 0x0e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x53, + 0x70, 0x65, 0x63, 0x12, 0x4d, 0x0a, 0x0f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x73, 0x74, + 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x24, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, - 0x67, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x14, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, - 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x60, - 0x0a, 0x16, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x5f, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, - 0x79, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, - 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, - 0x74, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, 0x72, 0x61, - 0x74, 0x65, 0x67, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x14, 0x64, 0x65, 0x6c, 0x65, - 0x74, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x1a, 0xd0, 0x01, 0x0a, 0x0c, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6c, 0x61, 0x73, - 0x73, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, - 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0c, 0x6d, 0x61, - 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x5a, 0x0a, 0x0f, 0x61, 0x6c, - 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, - 0x01, 0x28, 0x0e, 0x32, 0x31, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, - 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, - 0x6e, 0x65, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x2e, 0x41, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x52, 0x0e, 0x61, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x22, 0x2b, 0x0a, 0x0e, 0x41, 0x6c, 0x6c, 0x6f, 0x63, 0x61, - 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0a, 0x0a, 0x06, 0x53, 0x74, 0x61, 0x74, - 0x69, 0x63, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x55, 0x6e, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x65, - 0x64, 0x10, 0x01, 0x1a, 0x4e, 0x0a, 0x0d, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, - 0x53, 0x70, 0x65, 0x63, 0x12, 0x21, 0x0a, 0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, - 0x75, 0x75, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63, 0x6c, 0x75, 0x73, - 0x74, 0x65, 0x72, 0x55, 0x75, 0x69, 0x64, 0x12, 0x1a, 0x0a, 0x08, 0x73, 0x6e, 0x61, 0x70, 0x73, - 0x68, 0x6f, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x73, 0x6e, 0x61, 0x70, 0x73, - 0x68, 0x6f, 0x74, 0x1a, 0x46, 0x0a, 0x1b, 0x52, 0x6f, 0x6c, 0x6c, 0x69, 0x6e, 0x67, 0x55, 0x70, + 0x67, 0x79, 0x52, 0x0e, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, + 0x67, 0x79, 0x12, 0x47, 0x0a, 0x0d, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x5f, 0x63, 0x6c, + 0x61, 0x73, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x73, 0x70, 0x65, 0x63, + 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, + 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x52, 0x0c, 0x6d, + 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x12, 0x4a, 0x0a, 0x0e, 0x62, + 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x18, 0x03, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, + 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x42, 0x6f, 0x6f, 0x74, 0x73, + 0x74, 0x72, 0x61, 0x70, 0x53, 0x70, 0x65, 0x63, 0x52, 0x0d, 0x62, 0x6f, 0x6f, 0x74, 0x73, 0x74, + 0x72, 0x61, 0x70, 0x53, 0x70, 0x65, 0x63, 0x12, 0x4d, 0x0a, 0x0f, 0x64, 0x65, 0x6c, 0x65, 0x74, + 0x65, 0x5f, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0e, + 0x32, 0x24, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, + 0x53, 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, + 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x52, 0x0e, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x53, 0x74, + 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x60, 0x0a, 0x16, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, + 0x5f, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, + 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x43, 0x6f, 0x6e, 0x66, - 0x69, 0x67, 0x12, 0x27, 0x0a, 0x0f, 0x6d, 0x61, 0x78, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6c, 0x6c, - 0x65, 0x6c, 0x69, 0x73, 0x6d, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0e, 0x6d, 0x61, 0x78, - 0x50, 0x61, 0x72, 0x61, 0x6c, 0x6c, 0x65, 0x6c, 0x69, 0x73, 0x6d, 0x1a, 0x63, 0x0a, 0x14, 0x55, - 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x43, 0x6f, 0x6e, - 0x66, 0x69, 0x67, 0x12, 0x4b, 0x0a, 0x07, 0x72, 0x6f, 0x6c, 0x6c, 0x69, 0x6e, 0x67, 0x18, 0x01, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, - 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x52, 0x6f, 0x6c, 0x6c, - 0x69, 0x6e, 0x67, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, - 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x07, 0x72, 0x6f, 0x6c, 0x6c, 0x69, 0x6e, 0x67, - 0x22, 0x28, 0x0a, 0x0e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, - 0x67, 0x79, 0x12, 0x09, 0x0a, 0x05, 0x55, 0x6e, 0x73, 0x65, 0x74, 0x10, 0x00, 0x12, 0x0b, 0x0a, - 0x07, 0x52, 0x6f, 0x6c, 0x6c, 0x69, 0x6e, 0x67, 0x10, 0x01, 0x22, 0x8e, 0x03, 0x0a, 0x16, 0x54, - 0x61, 0x6c, 0x6f, 0x73, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, - 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x39, 0x0a, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x18, 0x01, - 0x20, 0x01, 0x28, 0x0e, 0x32, 0x23, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x54, 0x61, 0x6c, - 0x6f, 0x73, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, - 0x70, 0x65, 0x63, 0x2e, 0x50, 0x68, 0x61, 0x73, 0x65, 0x52, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, - 0x12, 0x14, 0x0a, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x12, 0x0a, 0x04, 0x73, 0x74, 0x65, 0x70, 0x18, 0x03, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x73, 0x74, 0x65, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, - 0x61, 0x74, 0x75, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, - 0x75, 0x73, 0x12, 0x30, 0x0a, 0x14, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x75, 0x70, 0x67, 0x72, 0x61, - 0x64, 0x65, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x12, 0x6c, 0x61, 0x73, 0x74, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x56, 0x65, 0x72, - 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x36, 0x0a, 0x17, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x5f, - 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, - 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x15, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x55, 0x70, - 0x67, 0x72, 0x61, 0x64, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x29, 0x0a, 0x10, - 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, - 0x18, 0x07, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0f, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x56, - 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x62, 0x0a, 0x05, 0x50, 0x68, 0x61, 0x73, 0x65, - 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x10, 0x00, 0x12, 0x0d, 0x0a, - 0x09, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x69, 0x6e, 0x67, 0x10, 0x01, 0x12, 0x08, 0x0a, 0x04, - 0x44, 0x6f, 0x6e, 0x65, 0x10, 0x02, 0x12, 0x0a, 0x0a, 0x06, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, - 0x10, 0x03, 0x12, 0x0d, 0x0a, 0x09, 0x52, 0x65, 0x76, 0x65, 0x72, 0x74, 0x69, 0x6e, 0x67, 0x10, - 0x04, 0x12, 0x18, 0x0a, 0x14, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x69, 0x6e, 0x67, 0x45, - 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x10, 0x05, 0x22, 0xae, 0x02, 0x0a, 0x14, - 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, - 0x53, 0x70, 0x65, 0x63, 0x12, 0x2c, 0x0a, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x0e, 0x32, 0x16, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, - 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x50, 0x68, 0x61, 0x73, 0x65, 0x52, 0x05, 0x70, 0x68, 0x61, - 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x72, 0x65, 0x61, 0x64, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, - 0x08, 0x52, 0x05, 0x72, 0x65, 0x61, 0x64, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x72, 0x72, 0x6f, - 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x2b, - 0x0a, 0x08, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, - 0x32, 0x0f, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, - 0x73, 0x52, 0x08, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x12, 0x1f, 0x0a, 0x0b, 0x63, - 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x68, 0x61, 0x73, 0x68, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x0a, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x48, 0x61, 0x73, 0x68, 0x12, 0x47, 0x0a, 0x0d, - 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x5f, 0x63, 0x6c, 0x61, 0x73, 0x73, 0x18, 0x06, 0x20, - 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, - 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, - 0x6e, 0x65, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x52, 0x0c, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, - 0x43, 0x6c, 0x61, 0x73, 0x73, 0x12, 0x25, 0x0a, 0x0e, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x5f, - 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0d, 0x6c, - 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, 0x22, 0x62, 0x0a, 0x1e, - 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, - 0x65, 0x64, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x40, - 0x0a, 0x1c, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x5f, 0x61, 0x64, 0x64, 0x69, 0x74, - 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x5f, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x18, 0x01, - 0x20, 0x01, 0x28, 0x0d, 0x52, 0x1a, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x41, 0x64, - 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, - 0x22, 0x14, 0x0a, 0x12, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x4e, 0x6f, - 0x64, 0x65, 0x53, 0x70, 0x65, 0x63, 0x22, 0x13, 0x0a, 0x11, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, - 0x65, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x53, 0x70, 0x65, 0x63, 0x22, 0x5f, 0x0a, 0x19, 0x4d, - 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x6e, 0x61, 0x70, - 0x73, 0x68, 0x6f, 0x74, 0x53, 0x70, 0x65, 0x63, 0x12, 0x42, 0x0a, 0x0e, 0x6d, 0x61, 0x63, 0x68, - 0x69, 0x6e, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, - 0x32, 0x1b, 0x2e, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, - 0x6e, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x52, 0x0d, 0x6d, - 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0xa5, 0x03, 0x0a, - 0x16, 0x43, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e, 0x65, 0x53, 0x74, 0x61, - 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x47, 0x0a, 0x0a, 0x63, 0x6f, 0x6e, 0x64, 0x69, - 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x73, 0x70, - 0x65, 0x63, 0x73, 0x2e, 0x43, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e, 0x65, - 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x43, 0x6f, 0x6e, 0x64, 0x69, - 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0a, 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x73, - 0x1a, 0xc1, 0x02, 0x0a, 0x09, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x28, - 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x14, 0x2e, 0x73, - 0x70, 0x65, 0x63, 0x73, 0x2e, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, - 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x72, 0x65, 0x61, 0x73, - 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x72, 0x65, 0x61, 0x73, 0x6f, 0x6e, - 0x12, 0x46, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, - 0x32, 0x2e, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x43, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, - 0x50, 0x6c, 0x61, 0x6e, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, - 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, - 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x4c, 0x0a, 0x08, 0x73, 0x65, 0x76, 0x65, - 0x72, 0x69, 0x74, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x30, 0x2e, 0x73, 0x70, 0x65, + 0x69, 0x67, 0x52, 0x14, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, + 0x67, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x60, 0x0a, 0x16, 0x64, 0x65, 0x6c, 0x65, + 0x74, 0x65, 0x5f, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x5f, 0x63, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, + 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, 0x2e, + 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x43, 0x6f, + 0x6e, 0x66, 0x69, 0x67, 0x52, 0x14, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x53, 0x74, 0x72, 0x61, + 0x74, 0x65, 0x67, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0xd0, 0x01, 0x0a, 0x0c, 0x4d, + 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x6e, + 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, + 0x23, 0x0a, 0x0d, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0c, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, + 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x5a, 0x0a, 0x0f, 0x61, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x31, 0x2e, + 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, + 0x53, 0x70, 0x65, 0x63, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6c, 0x61, 0x73, + 0x73, 0x2e, 0x41, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, + 0x52, 0x0e, 0x61, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, + 0x22, 0x2b, 0x0a, 0x0e, 0x41, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, + 0x70, 0x65, 0x12, 0x0a, 0x0a, 0x06, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x10, 0x00, 0x12, 0x0d, + 0x0a, 0x09, 0x55, 0x6e, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x65, 0x64, 0x10, 0x01, 0x1a, 0x4e, 0x0a, + 0x0d, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x53, 0x70, 0x65, 0x63, 0x12, 0x21, + 0x0a, 0x0c, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x75, 0x75, 0x69, 0x64, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x55, 0x75, 0x69, + 0x64, 0x12, 0x1a, 0x0a, 0x08, 0x73, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x18, 0x02, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x08, 0x73, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x1a, 0x46, 0x0a, + 0x1b, 0x52, 0x6f, 0x6c, 0x6c, 0x69, 0x6e, 0x67, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, + 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x27, 0x0a, 0x0f, + 0x6d, 0x61, 0x78, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6c, 0x6c, 0x65, 0x6c, 0x69, 0x73, 0x6d, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0e, 0x6d, 0x61, 0x78, 0x50, 0x61, 0x72, 0x61, 0x6c, 0x6c, + 0x65, 0x6c, 0x69, 0x73, 0x6d, 0x1a, 0x63, 0x0a, 0x14, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, + 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4b, 0x0a, + 0x07, 0x72, 0x6f, 0x6c, 0x6c, 0x69, 0x6e, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31, + 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, + 0x74, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x52, 0x6f, 0x6c, 0x6c, 0x69, 0x6e, 0x67, 0x55, 0x70, 0x64, + 0x61, 0x74, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x52, 0x07, 0x72, 0x6f, 0x6c, 0x6c, 0x69, 0x6e, 0x67, 0x22, 0x28, 0x0a, 0x0e, 0x55, 0x70, + 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x09, 0x0a, 0x05, + 0x55, 0x6e, 0x73, 0x65, 0x74, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, 0x52, 0x6f, 0x6c, 0x6c, 0x69, + 0x6e, 0x67, 0x10, 0x01, 0x22, 0x8e, 0x03, 0x0a, 0x16, 0x54, 0x61, 0x6c, 0x6f, 0x73, 0x55, 0x70, + 0x67, 0x72, 0x61, 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, + 0x39, 0x0a, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x23, + 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x54, 0x61, 0x6c, 0x6f, 0x73, 0x55, 0x70, 0x67, 0x72, + 0x61, 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x50, 0x68, + 0x61, 0x73, 0x65, 0x52, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x72, + 0x72, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, + 0x12, 0x12, 0x0a, 0x04, 0x73, 0x74, 0x65, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, + 0x73, 0x74, 0x65, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x30, 0x0a, 0x14, + 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x5f, 0x76, 0x65, 0x72, + 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x6c, 0x61, 0x73, 0x74, + 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x36, + 0x0a, 0x17, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, + 0x65, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x15, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x56, + 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x29, 0x0a, 0x10, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, + 0x65, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x09, + 0x52, 0x0f, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, + 0x73, 0x22, 0x62, 0x0a, 0x05, 0x50, 0x68, 0x61, 0x73, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x6e, + 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x55, 0x70, 0x67, 0x72, 0x61, + 0x64, 0x69, 0x6e, 0x67, 0x10, 0x01, 0x12, 0x08, 0x0a, 0x04, 0x44, 0x6f, 0x6e, 0x65, 0x10, 0x02, + 0x12, 0x0a, 0x0a, 0x06, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x10, 0x03, 0x12, 0x0d, 0x0a, 0x09, + 0x52, 0x65, 0x76, 0x65, 0x72, 0x74, 0x69, 0x6e, 0x67, 0x10, 0x04, 0x12, 0x18, 0x0a, 0x14, 0x49, + 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x69, 0x6e, 0x67, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, + 0x6f, 0x6e, 0x73, 0x10, 0x05, 0x22, 0xae, 0x02, 0x0a, 0x14, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, + 0x65, 0x53, 0x65, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x2c, + 0x0a, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x16, 0x2e, + 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, + 0x50, 0x68, 0x61, 0x73, 0x65, 0x52, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, + 0x72, 0x65, 0x61, 0x64, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x72, 0x65, 0x61, + 0x64, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x2b, 0x0a, 0x08, 0x6d, 0x61, 0x63, 0x68, + 0x69, 0x6e, 0x65, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0f, 0x2e, 0x73, 0x70, 0x65, + 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x52, 0x08, 0x6d, 0x61, 0x63, + 0x68, 0x69, 0x6e, 0x65, 0x73, 0x12, 0x1f, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, + 0x68, 0x61, 0x73, 0x68, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x63, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x48, 0x61, 0x73, 0x68, 0x12, 0x47, 0x0a, 0x0d, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, + 0x65, 0x5f, 0x63, 0x6c, 0x61, 0x73, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, + 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, + 0x53, 0x70, 0x65, 0x63, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6c, 0x61, 0x73, + 0x73, 0x52, 0x0c, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x12, + 0x25, 0x0a, 0x0e, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x5f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, + 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0d, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x55, + 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, 0x22, 0x62, 0x0a, 0x1e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, + 0x65, 0x53, 0x65, 0x74, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x4d, 0x61, 0x63, 0x68, + 0x69, 0x6e, 0x65, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x40, 0x0a, 0x1c, 0x72, 0x65, 0x71, 0x75, + 0x69, 0x72, 0x65, 0x64, 0x5f, 0x61, 0x64, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x5f, + 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x1a, + 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x41, 0x64, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, + 0x61, 0x6c, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x22, 0x14, 0x0a, 0x12, 0x4d, 0x61, + 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x53, 0x70, 0x65, 0x63, + 0x22, 0x13, 0x0a, 0x11, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x4c, 0x61, 0x62, 0x65, 0x6c, + 0x73, 0x53, 0x70, 0x65, 0x63, 0x22, 0x5f, 0x0a, 0x19, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, + 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x6e, 0x61, 0x70, 0x73, 0x68, 0x6f, 0x74, 0x53, 0x70, + 0x65, 0x63, 0x12, 0x42, 0x0a, 0x0e, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x5f, 0x73, 0x74, + 0x61, 0x74, 0x75, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x6d, 0x61, 0x63, + 0x68, 0x69, 0x6e, 0x65, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x74, 0x61, 0x74, + 0x75, 0x73, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x52, 0x0d, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, + 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0xa5, 0x03, 0x0a, 0x16, 0x43, 0x6f, 0x6e, 0x74, 0x72, + 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, + 0x63, 0x12, 0x47, 0x0a, 0x0a, 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, + 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x43, 0x6f, + 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, + 0x53, 0x70, 0x65, 0x63, 0x2e, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0a, + 0x63, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0xc1, 0x02, 0x0a, 0x09, 0x43, + 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x28, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x14, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x43, + 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, + 0x70, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x72, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x06, 0x72, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x12, 0x46, 0x0a, 0x06, 0x73, 0x74, + 0x61, 0x74, 0x75, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2e, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x43, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, - 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x65, 0x76, 0x65, 0x72, 0x69, 0x74, 0x79, 0x52, 0x08, 0x73, 0x65, - 0x76, 0x65, 0x72, 0x69, 0x74, 0x79, 0x22, 0x2e, 0x0a, 0x06, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, - 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x10, 0x00, 0x12, 0x09, 0x0a, - 0x05, 0x52, 0x65, 0x61, 0x64, 0x79, 0x10, 0x01, 0x12, 0x0c, 0x0a, 0x08, 0x4e, 0x6f, 0x74, 0x52, - 0x65, 0x61, 0x64, 0x79, 0x10, 0x02, 0x22, 0x2c, 0x0a, 0x08, 0x53, 0x65, 0x76, 0x65, 0x72, 0x69, - 0x74, 0x79, 0x12, 0x08, 0x0a, 0x04, 0x49, 0x6e, 0x66, 0x6f, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, - 0x57, 0x61, 0x72, 0x6e, 0x69, 0x6e, 0x67, 0x10, 0x01, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x72, 0x72, - 0x6f, 0x72, 0x10, 0x02, 0x22, 0x48, 0x0a, 0x13, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x45, - 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x53, 0x70, 0x65, 0x63, 0x12, 0x31, 0x0a, 0x14, 0x6d, - 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, - 0x73, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x13, 0x6d, 0x61, 0x6e, 0x61, 0x67, - 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x65, 0x73, 0x22, 0xdb, - 0x03, 0x0a, 0x14, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x53, 0x74, 0x61, - 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x3c, 0x0a, 0x05, 0x6e, 0x6f, 0x64, 0x65, 0x73, - 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4b, - 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, - 0x70, 0x65, 0x63, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x05, - 0x6e, 0x6f, 0x64, 0x65, 0x73, 0x12, 0x4b, 0x0a, 0x0b, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x5f, - 0x70, 0x6f, 0x64, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x73, 0x70, 0x65, - 0x63, 0x73, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x53, 0x74, 0x61, - 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, - 0x69, 0x63, 0x50, 0x6f, 0x64, 0x73, 0x52, 0x0a, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x50, 0x6f, - 0x64, 0x73, 0x1a, 0x67, 0x0a, 0x0a, 0x4e, 0x6f, 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, - 0x12, 0x1a, 0x0a, 0x08, 0x6e, 0x6f, 0x64, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x08, 0x6e, 0x6f, 0x64, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x27, 0x0a, 0x0f, - 0x6b, 0x75, 0x62, 0x65, 0x6c, 0x65, 0x74, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x6b, 0x75, 0x62, 0x65, 0x6c, 0x65, 0x74, 0x56, 0x65, - 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x14, 0x0a, 0x05, 0x72, 0x65, 0x61, 0x64, 0x79, 0x18, 0x03, - 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x72, 0x65, 0x61, 0x64, 0x79, 0x1a, 0x53, 0x0a, 0x0f, 0x53, - 0x74, 0x61, 0x74, 0x69, 0x63, 0x50, 0x6f, 0x64, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x10, - 0x0a, 0x03, 0x61, 0x70, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x61, 0x70, 0x70, - 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x14, 0x0a, 0x05, 0x72, 0x65, - 0x61, 0x64, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x72, 0x65, 0x61, 0x64, 0x79, - 0x1a, 0x7a, 0x0a, 0x0e, 0x4e, 0x6f, 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x50, 0x6f, - 0x64, 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x6e, 0x6f, 0x64, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6e, 0x6f, 0x64, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x4c, - 0x0a, 0x0b, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x70, 0x6f, 0x64, 0x73, 0x18, 0x02, 0x20, - 0x03, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4b, 0x75, 0x62, 0x65, - 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, - 0x2e, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x50, 0x6f, 0x64, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, - 0x52, 0x0a, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x50, 0x6f, 0x64, 0x73, 0x22, 0xfe, 0x02, 0x0a, - 0x1b, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x55, 0x70, 0x67, 0x72, 0x61, - 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x3e, 0x0a, 0x05, - 0x70, 0x68, 0x61, 0x73, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x28, 0x2e, 0x73, 0x70, - 0x65, 0x63, 0x73, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x55, 0x70, - 0x67, 0x72, 0x61, 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, - 0x50, 0x68, 0x61, 0x73, 0x65, 0x52, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, - 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x65, 0x72, 0x72, - 0x6f, 0x72, 0x12, 0x12, 0x0a, 0x04, 0x73, 0x74, 0x65, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x04, 0x73, 0x74, 0x65, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, - 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x30, - 0x0a, 0x14, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x5f, 0x76, - 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x6c, 0x61, - 0x73, 0x74, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, - 0x12, 0x36, 0x0a, 0x17, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x75, 0x70, 0x67, 0x72, - 0x61, 0x64, 0x65, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x15, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, - 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x29, 0x0a, 0x10, 0x75, 0x70, 0x67, 0x72, - 0x61, 0x64, 0x65, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x06, 0x20, 0x03, - 0x28, 0x09, 0x52, 0x0f, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, - 0x6f, 0x6e, 0x73, 0x22, 0x48, 0x0a, 0x05, 0x50, 0x68, 0x61, 0x73, 0x65, 0x12, 0x0b, 0x0a, 0x07, - 0x55, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x55, 0x70, 0x67, - 0x72, 0x61, 0x64, 0x69, 0x6e, 0x67, 0x10, 0x01, 0x12, 0x08, 0x0a, 0x04, 0x44, 0x6f, 0x6e, 0x65, - 0x10, 0x02, 0x12, 0x0a, 0x0a, 0x06, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x10, 0x03, 0x12, 0x0d, - 0x0a, 0x09, 0x52, 0x65, 0x76, 0x65, 0x72, 0x74, 0x69, 0x6e, 0x67, 0x10, 0x04, 0x22, 0x6f, 0x0a, - 0x23, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x55, 0x70, 0x67, 0x72, 0x61, - 0x64, 0x65, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, - 0x53, 0x70, 0x65, 0x63, 0x12, 0x1e, 0x0a, 0x0b, 0x6f, 0x75, 0x74, 0x5f, 0x6f, 0x66, 0x5f, 0x73, - 0x79, 0x6e, 0x63, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x09, 0x6f, 0x75, 0x74, 0x4f, 0x66, - 0x53, 0x79, 0x6e, 0x63, 0x12, 0x28, 0x0a, 0x10, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x66, 0x61, 0x74, - 0x61, 0x6c, 0x5f, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, - 0x6c, 0x61, 0x73, 0x74, 0x46, 0x61, 0x74, 0x61, 0x6c, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x22, 0x29, - 0x0a, 0x11, 0x44, 0x65, 0x73, 0x74, 0x72, 0x6f, 0x79, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, - 0x70, 0x65, 0x63, 0x12, 0x14, 0x0a, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x22, 0x83, 0x02, 0x0a, 0x0f, 0x4f, 0x6e, - 0x67, 0x6f, 0x69, 0x6e, 0x67, 0x54, 0x61, 0x73, 0x6b, 0x53, 0x70, 0x65, 0x63, 0x12, 0x14, 0x0a, - 0x05, 0x74, 0x69, 0x74, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x69, - 0x74, 0x6c, 0x65, 0x12, 0x44, 0x0a, 0x0d, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x5f, 0x75, 0x70, 0x67, - 0x72, 0x61, 0x64, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x73, 0x70, 0x65, - 0x63, 0x73, 0x2e, 0x54, 0x61, 0x6c, 0x6f, 0x73, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x53, - 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x48, 0x00, 0x52, 0x0c, 0x74, 0x61, 0x6c, - 0x6f, 0x73, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x12, 0x53, 0x0a, 0x12, 0x6b, 0x75, 0x62, - 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x5f, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x18, - 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4b, 0x75, + 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, + 0x75, 0x73, 0x12, 0x4c, 0x0a, 0x08, 0x73, 0x65, 0x76, 0x65, 0x72, 0x69, 0x74, 0x79, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x0e, 0x32, 0x30, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x43, 0x6f, 0x6e, + 0x74, 0x72, 0x6f, 0x6c, 0x50, 0x6c, 0x61, 0x6e, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, + 0x70, 0x65, 0x63, 0x2e, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x65, + 0x76, 0x65, 0x72, 0x69, 0x74, 0x79, 0x52, 0x08, 0x73, 0x65, 0x76, 0x65, 0x72, 0x69, 0x74, 0x79, + 0x22, 0x2e, 0x0a, 0x06, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x6e, + 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x52, 0x65, 0x61, 0x64, 0x79, + 0x10, 0x01, 0x12, 0x0c, 0x0a, 0x08, 0x4e, 0x6f, 0x74, 0x52, 0x65, 0x61, 0x64, 0x79, 0x10, 0x02, + 0x22, 0x2c, 0x0a, 0x08, 0x53, 0x65, 0x76, 0x65, 0x72, 0x69, 0x74, 0x79, 0x12, 0x08, 0x0a, 0x04, + 0x49, 0x6e, 0x66, 0x6f, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, 0x57, 0x61, 0x72, 0x6e, 0x69, 0x6e, + 0x67, 0x10, 0x01, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x10, 0x02, 0x22, 0x48, + 0x0a, 0x13, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, + 0x74, 0x53, 0x70, 0x65, 0x63, 0x12, 0x31, 0x0a, 0x14, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, + 0x65, 0x6e, 0x74, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x65, 0x73, 0x18, 0x01, 0x20, + 0x03, 0x28, 0x09, 0x52, 0x13, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x41, + 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x65, 0x73, 0x22, 0xdb, 0x03, 0x0a, 0x14, 0x4b, 0x75, 0x62, + 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, + 0x63, 0x12, 0x3c, 0x0a, 0x05, 0x6e, 0x6f, 0x64, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, + 0x32, 0x26, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, + 0x74, 0x65, 0x73, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x4e, 0x6f, + 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x05, 0x6e, 0x6f, 0x64, 0x65, 0x73, 0x12, + 0x4b, 0x0a, 0x0b, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x70, 0x6f, 0x64, 0x73, 0x18, 0x02, + 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4b, 0x75, 0x62, + 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, + 0x63, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x50, 0x6f, 0x64, 0x73, + 0x52, 0x0a, 0x73, 0x74, 0x61, 0x74, 0x69, 0x63, 0x50, 0x6f, 0x64, 0x73, 0x1a, 0x67, 0x0a, 0x0a, + 0x4e, 0x6f, 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x6e, 0x6f, + 0x64, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6e, 0x6f, + 0x64, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x27, 0x0a, 0x0f, 0x6b, 0x75, 0x62, 0x65, 0x6c, 0x65, + 0x74, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0e, 0x6b, 0x75, 0x62, 0x65, 0x6c, 0x65, 0x74, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, + 0x14, 0x0a, 0x05, 0x72, 0x65, 0x61, 0x64, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, + 0x72, 0x65, 0x61, 0x64, 0x79, 0x1a, 0x53, 0x0a, 0x0f, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x50, + 0x6f, 0x64, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x10, 0x0a, 0x03, 0x61, 0x70, 0x70, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x61, 0x70, 0x70, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, + 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, + 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x14, 0x0a, 0x05, 0x72, 0x65, 0x61, 0x64, 0x79, 0x18, 0x03, 0x20, + 0x01, 0x28, 0x08, 0x52, 0x05, 0x72, 0x65, 0x61, 0x64, 0x79, 0x1a, 0x7a, 0x0a, 0x0e, 0x4e, 0x6f, + 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x69, 0x63, 0x50, 0x6f, 0x64, 0x73, 0x12, 0x1a, 0x0a, 0x08, + 0x6e, 0x6f, 0x64, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, + 0x6e, 0x6f, 0x64, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x4c, 0x0a, 0x0b, 0x73, 0x74, 0x61, 0x74, + 0x69, 0x63, 0x5f, 0x70, 0x6f, 0x64, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2b, 0x2e, + 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, + 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x69, + 0x63, 0x50, 0x6f, 0x64, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0a, 0x73, 0x74, 0x61, 0x74, + 0x69, 0x63, 0x50, 0x6f, 0x64, 0x73, 0x22, 0xfe, 0x02, 0x0a, 0x1b, 0x4b, 0x75, 0x62, 0x65, 0x72, + 0x6e, 0x65, 0x74, 0x65, 0x73, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, + 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x3e, 0x0a, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x28, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x53, - 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x48, 0x00, 0x52, 0x11, 0x6b, 0x75, 0x62, - 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x12, 0x34, - 0x0a, 0x07, 0x64, 0x65, 0x73, 0x74, 0x72, 0x6f, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, - 0x18, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x44, 0x65, 0x73, 0x74, 0x72, 0x6f, 0x79, 0x53, - 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x48, 0x00, 0x52, 0x07, 0x64, 0x65, 0x73, - 0x74, 0x72, 0x6f, 0x79, 0x42, 0x09, 0x0a, 0x07, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x22, - 0x35, 0x0a, 0x1f, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, - 0x65, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x4b, 0x65, 0x79, 0x53, 0x70, - 0x65, 0x63, 0x12, 0x12, 0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, - 0x52, 0x04, 0x64, 0x61, 0x74, 0x61, 0x22, 0x71, 0x0a, 0x12, 0x45, 0x78, 0x70, 0x6f, 0x73, 0x65, - 0x64, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x53, 0x70, 0x65, 0x63, 0x12, 0x12, 0x0a, 0x04, - 0x70, 0x6f, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x04, 0x70, 0x6f, 0x72, 0x74, - 0x12, 0x14, 0x0a, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x1f, 0x0a, 0x0b, 0x69, 0x63, 0x6f, 0x6e, 0x5f, 0x62, - 0x61, 0x73, 0x65, 0x36, 0x34, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x69, 0x63, 0x6f, - 0x6e, 0x42, 0x61, 0x73, 0x65, 0x36, 0x34, 0x12, 0x10, 0x0a, 0x03, 0x75, 0x72, 0x6c, 0x18, 0x04, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x75, 0x72, 0x6c, 0x22, 0x52, 0x0a, 0x1e, 0x43, 0x6c, 0x75, - 0x73, 0x74, 0x65, 0x72, 0x57, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x50, 0x72, 0x6f, 0x78, - 0x79, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x30, 0x0a, 0x14, 0x6e, - 0x75, 0x6d, 0x5f, 0x65, 0x78, 0x70, 0x6f, 0x73, 0x65, 0x64, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, - 0x63, 0x65, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x12, 0x6e, 0x75, 0x6d, 0x45, 0x78, - 0x70, 0x6f, 0x73, 0x65, 0x64, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x22, 0x85, 0x02, - 0x0a, 0x12, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x53, 0x70, 0x65, 0x63, 0x12, 0x38, 0x0a, 0x18, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x77, - 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x69, 0x6e, 0x67, - 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x16, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x57, 0x6f, - 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x69, 0x6e, 0x67, 0x12, 0x4b, - 0x0a, 0x14, 0x65, 0x74, 0x63, 0x64, 0x5f, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x5f, 0x73, 0x65, - 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, - 0x70, 0x65, 0x63, 0x73, 0x2e, 0x45, 0x74, 0x63, 0x64, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x53, - 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x52, 0x12, 0x65, 0x74, 0x63, 0x64, 0x42, 0x61, 0x63, - 0x6b, 0x75, 0x70, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x3c, 0x0a, 0x1a, 0x65, - 0x6d, 0x62, 0x65, 0x64, 0x64, 0x65, 0x64, 0x5f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, - 0x79, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, - 0x18, 0x65, 0x6d, 0x62, 0x65, 0x64, 0x64, 0x65, 0x64, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, - 0x72, 0x79, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x2a, 0x0a, 0x11, 0x61, 0x75, 0x64, - 0x69, 0x74, 0x5f, 0x6c, 0x6f, 0x67, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x04, - 0x20, 0x01, 0x28, 0x08, 0x52, 0x0f, 0x61, 0x75, 0x64, 0x69, 0x74, 0x4c, 0x6f, 0x67, 0x45, 0x6e, - 0x61, 0x62, 0x6c, 0x65, 0x64, 0x22, 0xd6, 0x01, 0x0a, 0x12, 0x45, 0x74, 0x63, 0x64, 0x42, 0x61, - 0x63, 0x6b, 0x75, 0x70, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x3e, 0x0a, 0x0d, - 0x74, 0x69, 0x63, 0x6b, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0c, - 0x74, 0x69, 0x63, 0x6b, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x3c, 0x0a, 0x0c, - 0x6d, 0x69, 0x6e, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01, - 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0b, 0x6d, - 0x69, 0x6e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x3c, 0x0a, 0x0c, 0x6d, 0x61, - 0x78, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, - 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, - 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0b, 0x6d, 0x61, 0x78, - 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x4a, 0x04, 0x08, 0x04, 0x10, 0x05, 0x22, 0x35, - 0x0a, 0x10, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x53, 0x70, - 0x65, 0x63, 0x12, 0x21, 0x0a, 0x0c, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x61, 0x62, 0x65, - 0x6c, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0b, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x4c, - 0x61, 0x62, 0x65, 0x6c, 0x73, 0x22, 0x5a, 0x0a, 0x16, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, - 0x43, 0x6c, 0x61, 0x73, 0x73, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, - 0x40, 0x0a, 0x1c, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x5f, 0x61, 0x64, 0x64, 0x69, - 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x5f, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x1a, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x41, - 0x64, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, - 0x73, 0x22, 0x98, 0x03, 0x0a, 0x1b, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, 0x6e, - 0x66, 0x69, 0x67, 0x47, 0x65, 0x6e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x53, 0x70, 0x65, - 0x63, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x5f, 0x64, 0x69, 0x73, - 0x6b, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, - 0x44, 0x69, 0x73, 0x6b, 0x12, 0x54, 0x0a, 0x0d, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x5f, - 0x69, 0x6d, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x73, 0x70, - 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, - 0x67, 0x47, 0x65, 0x6e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, - 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x52, 0x0c, 0x69, 0x6e, - 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x1a, 0xff, 0x01, 0x0a, 0x0c, 0x49, - 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x74, - 0x61, 0x6c, 0x6f, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x0c, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, + 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x50, 0x68, 0x61, 0x73, 0x65, 0x52, + 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x12, 0x0a, 0x04, + 0x73, 0x74, 0x65, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x73, 0x74, 0x65, 0x70, + 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x30, 0x0a, 0x14, 0x6c, 0x61, 0x73, 0x74, + 0x5f, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, + 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x6c, 0x61, 0x73, 0x74, 0x55, 0x70, 0x67, 0x72, + 0x61, 0x64, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x36, 0x0a, 0x17, 0x63, 0x75, + 0x72, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x5f, 0x76, 0x65, + 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x15, 0x63, 0x75, 0x72, + 0x72, 0x65, 0x6e, 0x74, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, + 0x6f, 0x6e, 0x12, 0x29, 0x0a, 0x10, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x5f, 0x76, 0x65, + 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0f, 0x75, 0x70, + 0x67, 0x72, 0x61, 0x64, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x48, 0x0a, + 0x05, 0x50, 0x68, 0x61, 0x73, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, + 0x6e, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x69, 0x6e, 0x67, + 0x10, 0x01, 0x12, 0x08, 0x0a, 0x04, 0x44, 0x6f, 0x6e, 0x65, 0x10, 0x02, 0x12, 0x0a, 0x0a, 0x06, + 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x10, 0x03, 0x12, 0x0d, 0x0a, 0x09, 0x52, 0x65, 0x76, 0x65, + 0x72, 0x74, 0x69, 0x6e, 0x67, 0x10, 0x04, 0x22, 0x6f, 0x0a, 0x23, 0x4b, 0x75, 0x62, 0x65, 0x72, + 0x6e, 0x65, 0x74, 0x65, 0x73, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x4d, 0x61, 0x6e, 0x69, + 0x66, 0x65, 0x73, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x1e, + 0x0a, 0x0b, 0x6f, 0x75, 0x74, 0x5f, 0x6f, 0x66, 0x5f, 0x73, 0x79, 0x6e, 0x63, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x05, 0x52, 0x09, 0x6f, 0x75, 0x74, 0x4f, 0x66, 0x53, 0x79, 0x6e, 0x63, 0x12, 0x28, + 0x0a, 0x10, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x66, 0x61, 0x74, 0x61, 0x6c, 0x5f, 0x65, 0x72, 0x72, + 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x6c, 0x61, 0x73, 0x74, 0x46, 0x61, + 0x74, 0x61, 0x6c, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x22, 0x29, 0x0a, 0x11, 0x44, 0x65, 0x73, 0x74, + 0x72, 0x6f, 0x79, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x14, 0x0a, + 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x70, 0x68, + 0x61, 0x73, 0x65, 0x22, 0x83, 0x02, 0x0a, 0x0f, 0x4f, 0x6e, 0x67, 0x6f, 0x69, 0x6e, 0x67, 0x54, + 0x61, 0x73, 0x6b, 0x53, 0x70, 0x65, 0x63, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x69, 0x74, 0x6c, 0x65, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x69, 0x74, 0x6c, 0x65, 0x12, 0x44, 0x0a, + 0x0d, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x5f, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x54, 0x61, 0x6c, + 0x6f, 0x73, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, + 0x70, 0x65, 0x63, 0x48, 0x00, 0x52, 0x0c, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x55, 0x70, 0x67, 0x72, + 0x61, 0x64, 0x65, 0x12, 0x53, 0x0a, 0x12, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, + 0x73, 0x5f, 0x75, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x22, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, + 0x65, 0x73, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, + 0x70, 0x65, 0x63, 0x48, 0x00, 0x52, 0x11, 0x6b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, + 0x73, 0x55, 0x70, 0x67, 0x72, 0x61, 0x64, 0x65, 0x12, 0x34, 0x0a, 0x07, 0x64, 0x65, 0x73, 0x74, + 0x72, 0x6f, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x73, 0x70, 0x65, 0x63, + 0x73, 0x2e, 0x44, 0x65, 0x73, 0x74, 0x72, 0x6f, 0x79, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, + 0x70, 0x65, 0x63, 0x48, 0x00, 0x52, 0x07, 0x64, 0x65, 0x73, 0x74, 0x72, 0x6f, 0x79, 0x42, 0x09, + 0x0a, 0x07, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x22, 0x35, 0x0a, 0x1f, 0x43, 0x6c, 0x75, + 0x73, 0x74, 0x65, 0x72, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x45, 0x6e, 0x63, 0x72, 0x79, + 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x4b, 0x65, 0x79, 0x53, 0x70, 0x65, 0x63, 0x12, 0x12, 0x0a, 0x04, + 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x64, 0x61, 0x74, 0x61, + 0x22, 0x71, 0x0a, 0x12, 0x45, 0x78, 0x70, 0x6f, 0x73, 0x65, 0x64, 0x53, 0x65, 0x72, 0x76, 0x69, + 0x63, 0x65, 0x53, 0x70, 0x65, 0x63, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x0d, 0x52, 0x04, 0x70, 0x6f, 0x72, 0x74, 0x12, 0x14, 0x0a, 0x05, 0x6c, 0x61, + 0x62, 0x65, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, + 0x12, 0x1f, 0x0a, 0x0b, 0x69, 0x63, 0x6f, 0x6e, 0x5f, 0x62, 0x61, 0x73, 0x65, 0x36, 0x34, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x69, 0x63, 0x6f, 0x6e, 0x42, 0x61, 0x73, 0x65, 0x36, + 0x34, 0x12, 0x10, 0x0a, 0x03, 0x75, 0x72, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, + 0x75, 0x72, 0x6c, 0x22, 0x52, 0x0a, 0x1e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x57, 0x6f, + 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x53, 0x74, 0x61, 0x74, 0x75, + 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x30, 0x0a, 0x14, 0x6e, 0x75, 0x6d, 0x5f, 0x65, 0x78, 0x70, + 0x6f, 0x73, 0x65, 0x64, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x0d, 0x52, 0x12, 0x6e, 0x75, 0x6d, 0x45, 0x78, 0x70, 0x6f, 0x73, 0x65, 0x64, 0x53, + 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x22, 0x85, 0x02, 0x0a, 0x12, 0x46, 0x65, 0x61, 0x74, + 0x75, 0x72, 0x65, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x70, 0x65, 0x63, 0x12, 0x38, + 0x0a, 0x18, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x77, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, + 0x64, 0x5f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x69, 0x6e, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, + 0x52, 0x16, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x57, 0x6f, 0x72, 0x6b, 0x6c, 0x6f, 0x61, 0x64, + 0x50, 0x72, 0x6f, 0x78, 0x79, 0x69, 0x6e, 0x67, 0x12, 0x4b, 0x0a, 0x14, 0x65, 0x74, 0x63, 0x64, + 0x5f, 0x62, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x45, + 0x74, 0x63, 0x64, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, + 0x73, 0x52, 0x12, 0x65, 0x74, 0x63, 0x64, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x53, 0x65, 0x74, + 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x3c, 0x0a, 0x1a, 0x65, 0x6d, 0x62, 0x65, 0x64, 0x64, 0x65, + 0x64, 0x5f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x5f, 0x73, 0x65, 0x72, 0x76, + 0x69, 0x63, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x18, 0x65, 0x6d, 0x62, 0x65, 0x64, + 0x64, 0x65, 0x64, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x53, 0x65, 0x72, 0x76, + 0x69, 0x63, 0x65, 0x12, 0x2a, 0x0a, 0x11, 0x61, 0x75, 0x64, 0x69, 0x74, 0x5f, 0x6c, 0x6f, 0x67, + 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0f, + 0x61, 0x75, 0x64, 0x69, 0x74, 0x4c, 0x6f, 0x67, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x22, + 0xd6, 0x01, 0x0a, 0x12, 0x45, 0x74, 0x63, 0x64, 0x42, 0x61, 0x63, 0x6b, 0x75, 0x70, 0x53, 0x65, + 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x3e, 0x0a, 0x0d, 0x74, 0x69, 0x63, 0x6b, 0x5f, 0x69, + 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, + 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, + 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0c, 0x74, 0x69, 0x63, 0x6b, 0x49, 0x6e, + 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x12, 0x3c, 0x0a, 0x0c, 0x6d, 0x69, 0x6e, 0x5f, 0x69, 0x6e, + 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, + 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, + 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0b, 0x6d, 0x69, 0x6e, 0x49, 0x6e, 0x74, 0x65, + 0x72, 0x76, 0x61, 0x6c, 0x12, 0x3c, 0x0a, 0x0c, 0x6d, 0x61, 0x78, 0x5f, 0x69, 0x6e, 0x74, 0x65, + 0x72, 0x76, 0x61, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, + 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0b, 0x6d, 0x61, 0x78, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, + 0x61, 0x6c, 0x4a, 0x04, 0x08, 0x04, 0x10, 0x05, 0x22, 0x35, 0x0a, 0x10, 0x4d, 0x61, 0x63, 0x68, + 0x69, 0x6e, 0x65, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x21, 0x0a, 0x0c, + 0x6d, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x18, 0x01, 0x20, 0x03, + 0x28, 0x09, 0x52, 0x0b, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x73, 0x22, + 0x5a, 0x0a, 0x16, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x53, + 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x40, 0x0a, 0x1c, 0x72, 0x65, 0x71, + 0x75, 0x69, 0x72, 0x65, 0x64, 0x5f, 0x61, 0x64, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, + 0x5f, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, + 0x1a, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x41, 0x64, 0x64, 0x69, 0x74, 0x69, 0x6f, + 0x6e, 0x61, 0x6c, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x22, 0x98, 0x03, 0x0a, 0x1b, + 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x47, 0x65, 0x6e, + 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x21, 0x0a, 0x0c, 0x69, + 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x5f, 0x64, 0x69, 0x73, 0x6b, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x0b, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x44, 0x69, 0x73, 0x6b, 0x12, 0x54, + 0x0a, 0x0d, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x5f, 0x69, 0x6d, 0x61, 0x67, 0x65, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, + 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x47, 0x65, 0x6e, 0x4f, 0x70, + 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6c, + 0x6c, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x52, 0x0c, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x49, + 0x6d, 0x61, 0x67, 0x65, 0x1a, 0xff, 0x01, 0x0a, 0x0c, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, + 0x49, 0x6d, 0x61, 0x67, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x5f, 0x76, + 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x74, 0x61, + 0x6c, 0x6f, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x63, + 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x0b, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, 0x49, 0x64, 0x12, 0x33, 0x0a, + 0x15, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x69, 0x6e, 0x69, 0x74, 0x69, + 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x14, 0x73, 0x63, + 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, 0x49, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x69, 0x7a, + 0x65, 0x64, 0x12, 0x2b, 0x0a, 0x11, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, 0x5f, + 0x69, 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x10, 0x73, + 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, 0x49, 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x12, + 0x45, 0x0a, 0x12, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x5f, 0x62, 0x6f, 0x6f, 0x74, 0x5f, 0x73, + 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x73, 0x70, + 0x65, 0x63, 0x73, 0x2e, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, 0x42, 0x6f, 0x6f, 0x74, 0x53, 0x74, + 0x61, 0x74, 0x75, 0x73, 0x52, 0x10, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x42, 0x6f, 0x6f, 0x74, + 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0x3d, 0x0a, 0x13, 0x45, 0x74, 0x63, 0x64, 0x41, 0x75, + 0x64, 0x69, 0x74, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x53, 0x70, 0x65, 0x63, 0x12, 0x26, 0x0a, + 0x0f, 0x65, 0x74, 0x63, 0x64, 0x5f, 0x6d, 0x65, 0x6d, 0x62, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x73, + 0x18, 0x01, 0x20, 0x03, 0x28, 0x04, 0x52, 0x0d, 0x65, 0x74, 0x63, 0x64, 0x4d, 0x65, 0x6d, 0x62, + 0x65, 0x72, 0x49, 0x64, 0x73, 0x22, 0x24, 0x0a, 0x0e, 0x4b, 0x75, 0x62, 0x65, 0x63, 0x6f, 0x6e, + 0x66, 0x69, 0x67, 0x53, 0x70, 0x65, 0x63, 0x12, 0x12, 0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x64, 0x61, 0x74, 0x61, 0x22, 0x8b, 0x03, 0x0a, 0x13, + 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x55, 0x73, 0x61, 0x67, 0x65, 0x53, + 0x70, 0x65, 0x63, 0x12, 0x35, 0x0a, 0x03, 0x63, 0x70, 0x75, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x23, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, + 0x74, 0x65, 0x73, 0x55, 0x73, 0x61, 0x67, 0x65, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x51, 0x75, 0x61, + 0x6e, 0x74, 0x69, 0x74, 0x79, 0x52, 0x03, 0x63, 0x70, 0x75, 0x12, 0x35, 0x0a, 0x03, 0x6d, 0x65, + 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, + 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x55, 0x73, 0x61, 0x67, 0x65, 0x53, + 0x70, 0x65, 0x63, 0x2e, 0x51, 0x75, 0x61, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x52, 0x03, 0x6d, 0x65, + 0x6d, 0x12, 0x3d, 0x0a, 0x07, 0x73, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x72, + 0x6e, 0x65, 0x74, 0x65, 0x73, 0x55, 0x73, 0x61, 0x67, 0x65, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x51, + 0x75, 0x61, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x52, 0x07, 0x73, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, + 0x12, 0x32, 0x0a, 0x04, 0x70, 0x6f, 0x64, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, + 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, + 0x73, 0x55, 0x73, 0x61, 0x67, 0x65, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x50, 0x6f, 0x64, 0x52, 0x04, + 0x70, 0x6f, 0x64, 0x73, 0x1a, 0x5a, 0x0a, 0x08, 0x51, 0x75, 0x61, 0x6e, 0x74, 0x69, 0x74, 0x79, + 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x01, 0x52, 0x08, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x16, 0x0a, 0x06, + 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x06, 0x6c, 0x69, + 0x6d, 0x69, 0x74, 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x63, 0x61, 0x70, 0x61, 0x63, 0x69, 0x74, 0x79, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x01, 0x52, 0x08, 0x63, 0x61, 0x70, 0x61, 0x63, 0x69, 0x74, 0x79, + 0x1a, 0x37, 0x0a, 0x03, 0x50, 0x6f, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x75, 0x6e, 0x74, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x1a, 0x0a, + 0x08, 0x63, 0x61, 0x70, 0x61, 0x63, 0x69, 0x74, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, + 0x08, 0x63, 0x61, 0x70, 0x61, 0x63, 0x69, 0x74, 0x79, 0x22, 0xa6, 0x01, 0x0a, 0x14, 0x49, 0x6d, + 0x61, 0x67, 0x65, 0x50, 0x75, 0x6c, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x53, 0x70, + 0x65, 0x63, 0x12, 0x51, 0x0a, 0x0f, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x6d, 0x61, 0x67, 0x65, + 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x73, 0x70, + 0x65, 0x63, 0x73, 0x2e, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x50, 0x75, 0x6c, 0x6c, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x4e, 0x6f, 0x64, 0x65, 0x49, 0x6d, 0x61, + 0x67, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x52, 0x0d, 0x6e, 0x6f, 0x64, 0x65, 0x49, 0x6d, 0x61, 0x67, + 0x65, 0x4c, 0x69, 0x73, 0x74, 0x1a, 0x3b, 0x0a, 0x0d, 0x4e, 0x6f, 0x64, 0x65, 0x49, 0x6d, 0x61, + 0x67, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x6f, 0x64, 0x65, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x6f, 0x64, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x69, 0x6d, + 0x61, 0x67, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x06, 0x69, 0x6d, 0x61, 0x67, + 0x65, 0x73, 0x22, 0x9c, 0x02, 0x0a, 0x13, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x50, 0x75, 0x6c, 0x6c, + 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x2e, 0x0a, 0x13, 0x6c, 0x61, + 0x73, 0x74, 0x5f, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x65, 0x64, 0x5f, 0x6e, 0x6f, 0x64, + 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x6c, 0x61, 0x73, 0x74, 0x50, 0x72, 0x6f, + 0x63, 0x65, 0x73, 0x73, 0x65, 0x64, 0x4e, 0x6f, 0x64, 0x65, 0x12, 0x30, 0x0a, 0x14, 0x6c, 0x61, + 0x73, 0x74, 0x5f, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x65, 0x64, 0x5f, 0x69, 0x6d, 0x61, + 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x6c, 0x61, 0x73, 0x74, 0x50, 0x72, + 0x6f, 0x63, 0x65, 0x73, 0x73, 0x65, 0x64, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x12, 0x30, 0x0a, 0x14, + 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x65, 0x64, 0x5f, 0x65, + 0x72, 0x72, 0x6f, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x6c, 0x61, 0x73, 0x74, + 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x65, 0x64, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x27, + 0x0a, 0x0f, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x75, 0x6e, + 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0e, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, + 0x65, 0x64, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x74, 0x6f, 0x74, 0x61, 0x6c, + 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0a, 0x74, 0x6f, + 0x74, 0x61, 0x6c, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x27, 0x0a, 0x0f, 0x72, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x0e, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, + 0x6e, 0x22, 0x15, 0x0a, 0x0d, 0x53, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, 0x53, 0x70, + 0x65, 0x63, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x22, 0xe7, 0x01, 0x0a, 0x13, 0x54, 0x61, 0x6c, + 0x6f, 0x73, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x53, 0x70, 0x65, 0x63, + 0x12, 0x35, 0x0a, 0x05, 0x69, 0x74, 0x65, 0x6d, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, + 0x1f, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x54, 0x61, 0x6c, 0x6f, 0x73, 0x45, 0x78, 0x74, + 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x49, 0x6e, 0x66, 0x6f, + 0x52, 0x05, 0x69, 0x74, 0x65, 0x6d, 0x73, 0x1a, 0x98, 0x01, 0x0a, 0x04, 0x49, 0x6e, 0x66, 0x6f, + 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, + 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x12, 0x18, 0x0a, 0x07, + 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, + 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, + 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, + 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x10, 0x0a, 0x03, 0x72, 0x65, 0x66, 0x18, + 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x72, 0x65, 0x66, 0x12, 0x16, 0x0a, 0x06, 0x64, 0x69, + 0x67, 0x65, 0x73, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x64, 0x69, 0x67, 0x65, + 0x73, 0x74, 0x22, 0x64, 0x0a, 0x1a, 0x53, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, 0x43, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x70, 0x65, 0x63, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x69, 0x64, - 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, - 0x63, 0x49, 0x64, 0x12, 0x33, 0x0a, 0x15, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, - 0x5f, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, - 0x28, 0x08, 0x52, 0x14, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, 0x49, 0x6e, 0x69, - 0x74, 0x69, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x64, 0x12, 0x2b, 0x0a, 0x11, 0x73, 0x63, 0x68, 0x65, - 0x6d, 0x61, 0x74, 0x69, 0x63, 0x5f, 0x69, 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x18, 0x04, 0x20, - 0x01, 0x28, 0x08, 0x52, 0x10, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, 0x49, 0x6e, - 0x76, 0x61, 0x6c, 0x69, 0x64, 0x12, 0x45, 0x0a, 0x12, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x5f, - 0x62, 0x6f, 0x6f, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, - 0x0b, 0x32, 0x17, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x53, 0x65, 0x63, 0x75, 0x72, 0x65, - 0x42, 0x6f, 0x6f, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x10, 0x73, 0x65, 0x63, 0x75, - 0x72, 0x65, 0x42, 0x6f, 0x6f, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0x3d, 0x0a, 0x13, - 0x45, 0x74, 0x63, 0x64, 0x41, 0x75, 0x64, 0x69, 0x74, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x53, - 0x70, 0x65, 0x63, 0x12, 0x26, 0x0a, 0x0f, 0x65, 0x74, 0x63, 0x64, 0x5f, 0x6d, 0x65, 0x6d, 0x62, - 0x65, 0x72, 0x5f, 0x69, 0x64, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x04, 0x52, 0x0d, 0x65, 0x74, - 0x63, 0x64, 0x4d, 0x65, 0x6d, 0x62, 0x65, 0x72, 0x49, 0x64, 0x73, 0x22, 0x24, 0x0a, 0x0e, 0x4b, - 0x75, 0x62, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x53, 0x70, 0x65, 0x63, 0x12, 0x12, 0x0a, - 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x64, 0x61, 0x74, - 0x61, 0x22, 0x8b, 0x03, 0x0a, 0x13, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, - 0x55, 0x73, 0x61, 0x67, 0x65, 0x53, 0x70, 0x65, 0x63, 0x12, 0x35, 0x0a, 0x03, 0x63, 0x70, 0x75, - 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4b, - 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x55, 0x73, 0x61, 0x67, 0x65, 0x53, 0x70, - 0x65, 0x63, 0x2e, 0x51, 0x75, 0x61, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x52, 0x03, 0x63, 0x70, 0x75, - 0x12, 0x35, 0x0a, 0x03, 0x6d, 0x65, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, - 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, - 0x55, 0x73, 0x61, 0x67, 0x65, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x51, 0x75, 0x61, 0x6e, 0x74, 0x69, - 0x74, 0x79, 0x52, 0x03, 0x6d, 0x65, 0x6d, 0x12, 0x3d, 0x0a, 0x07, 0x73, 0x74, 0x6f, 0x72, 0x61, - 0x67, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, - 0x2e, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x55, 0x73, 0x61, 0x67, 0x65, - 0x53, 0x70, 0x65, 0x63, 0x2e, 0x51, 0x75, 0x61, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x52, 0x07, 0x73, - 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x12, 0x32, 0x0a, 0x04, 0x70, 0x6f, 0x64, 0x73, 0x18, 0x04, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4b, 0x75, 0x62, - 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x55, 0x73, 0x61, 0x67, 0x65, 0x53, 0x70, 0x65, 0x63, - 0x2e, 0x50, 0x6f, 0x64, 0x52, 0x04, 0x70, 0x6f, 0x64, 0x73, 0x1a, 0x5a, 0x0a, 0x08, 0x51, 0x75, - 0x61, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, - 0x74, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01, 0x52, 0x08, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, - 0x74, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x73, 0x18, 0x02, 0x20, 0x01, - 0x28, 0x01, 0x52, 0x06, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x63, 0x61, - 0x70, 0x61, 0x63, 0x69, 0x74, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x01, 0x52, 0x08, 0x63, 0x61, - 0x70, 0x61, 0x63, 0x69, 0x74, 0x79, 0x1a, 0x37, 0x0a, 0x03, 0x50, 0x6f, 0x64, 0x12, 0x14, 0x0a, - 0x05, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x63, 0x6f, - 0x75, 0x6e, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x63, 0x61, 0x70, 0x61, 0x63, 0x69, 0x74, 0x79, 0x18, - 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x08, 0x63, 0x61, 0x70, 0x61, 0x63, 0x69, 0x74, 0x79, 0x22, - 0xa6, 0x01, 0x0a, 0x14, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x50, 0x75, 0x6c, 0x6c, 0x52, 0x65, 0x71, - 0x75, 0x65, 0x73, 0x74, 0x53, 0x70, 0x65, 0x63, 0x12, 0x51, 0x0a, 0x0f, 0x6e, 0x6f, 0x64, 0x65, - 0x5f, 0x69, 0x6d, 0x61, 0x67, 0x65, 0x5f, 0x6c, 0x69, 0x73, 0x74, 0x18, 0x01, 0x20, 0x03, 0x28, - 0x0b, 0x32, 0x29, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x50, - 0x75, 0x6c, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x4e, - 0x6f, 0x64, 0x65, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x52, 0x0d, 0x6e, 0x6f, - 0x64, 0x65, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x1a, 0x3b, 0x0a, 0x0d, 0x4e, - 0x6f, 0x64, 0x65, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x12, 0x0a, 0x04, - 0x6e, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x6f, 0x64, 0x65, - 0x12, 0x16, 0x0a, 0x06, 0x69, 0x6d, 0x61, 0x67, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, - 0x52, 0x06, 0x69, 0x6d, 0x61, 0x67, 0x65, 0x73, 0x22, 0x9c, 0x02, 0x0a, 0x13, 0x49, 0x6d, 0x61, - 0x67, 0x65, 0x50, 0x75, 0x6c, 0x6c, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, - 0x12, 0x2e, 0x0a, 0x13, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, - 0x65, 0x64, 0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x6c, - 0x61, 0x73, 0x74, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x65, 0x64, 0x4e, 0x6f, 0x64, 0x65, - 0x12, 0x30, 0x0a, 0x14, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, - 0x65, 0x64, 0x5f, 0x69, 0x6d, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, - 0x6c, 0x61, 0x73, 0x74, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x65, 0x64, 0x49, 0x6d, 0x61, - 0x67, 0x65, 0x12, 0x30, 0x0a, 0x14, 0x6c, 0x61, 0x73, 0x74, 0x5f, 0x70, 0x72, 0x6f, 0x63, 0x65, - 0x73, 0x73, 0x65, 0x64, 0x5f, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x12, 0x6c, 0x61, 0x73, 0x74, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x65, 0x64, 0x45, - 0x72, 0x72, 0x6f, 0x72, 0x12, 0x27, 0x0a, 0x0f, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x65, - 0x64, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0e, 0x70, - 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x65, 0x64, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x1f, 0x0a, - 0x0b, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x05, 0x20, 0x01, - 0x28, 0x0d, 0x52, 0x0a, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x27, - 0x0a, 0x0f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, - 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, - 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x15, 0x0a, 0x0d, 0x53, 0x63, 0x68, 0x65, 0x6d, - 0x61, 0x74, 0x69, 0x63, 0x53, 0x70, 0x65, 0x63, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x22, 0xe7, - 0x01, 0x0a, 0x13, 0x54, 0x61, 0x6c, 0x6f, 0x73, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, - 0x6e, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x35, 0x0a, 0x05, 0x69, 0x74, 0x65, 0x6d, 0x73, 0x18, - 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x54, 0x61, - 0x6c, 0x6f, 0x73, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x53, 0x70, 0x65, - 0x63, 0x2e, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x05, 0x69, 0x74, 0x65, 0x6d, 0x73, 0x1a, 0x98, 0x01, - 0x0a, 0x04, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x61, 0x75, - 0x74, 0x68, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x61, 0x75, 0x74, 0x68, - 0x6f, 0x72, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x20, 0x0a, 0x0b, - 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x10, - 0x0a, 0x03, 0x72, 0x65, 0x66, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x72, 0x65, 0x66, - 0x12, 0x16, 0x0a, 0x06, 0x64, 0x69, 0x67, 0x65, 0x73, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x06, 0x64, 0x69, 0x67, 0x65, 0x73, 0x74, 0x22, 0x64, 0x0a, 0x1a, 0x53, 0x63, 0x68, 0x65, - 0x6d, 0x61, 0x74, 0x69, 0x63, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x53, 0x70, 0x65, 0x63, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, - 0x74, 0x69, 0x63, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x73, 0x63, - 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, 0x63, 0x49, 0x64, 0x12, 0x23, 0x0a, 0x0d, 0x74, 0x61, 0x6c, - 0x6f, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x0c, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x3d, - 0x0a, 0x1b, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x43, 0x6f, 0x6e, 0x66, - 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x70, 0x65, 0x63, 0x12, 0x1e, 0x0a, - 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, - 0x09, 0x52, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xcc, 0x01, - 0x0a, 0x21, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x43, 0x6f, 0x6e, 0x66, - 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, - 0x70, 0x65, 0x63, 0x12, 0x44, 0x0a, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x0e, 0x32, 0x2e, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x45, 0x78, 0x74, 0x65, 0x6e, - 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x50, 0x68, 0x61, - 0x73, 0x65, 0x52, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x72, 0x72, - 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x12, - 0x1e, 0x0a, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x74, 0x69, + 0x63, 0x49, 0x64, 0x12, 0x23, 0x0a, 0x0d, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x5f, 0x76, 0x65, 0x72, + 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x74, 0x61, 0x6c, 0x6f, + 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x3d, 0x0a, 0x1b, 0x45, 0x78, 0x74, 0x65, + 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x53, 0x70, 0x65, 0x63, 0x12, 0x1e, 0x0a, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, + 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x65, 0x78, 0x74, + 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xcc, 0x01, 0x0a, 0x21, 0x45, 0x78, 0x74, 0x65, + 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x44, 0x0a, + 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2e, 0x2e, 0x73, + 0x70, 0x65, 0x63, 0x73, 0x2e, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x43, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, + 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x50, 0x68, 0x61, 0x73, 0x65, 0x52, 0x05, 0x70, 0x68, + 0x61, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x1e, 0x0a, 0x0a, 0x65, 0x78, 0x74, + 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x65, + 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x2b, 0x0a, 0x05, 0x50, 0x68, 0x61, + 0x73, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x10, 0x00, 0x12, + 0x09, 0x0a, 0x05, 0x52, 0x65, 0x61, 0x64, 0x79, 0x10, 0x01, 0x12, 0x0a, 0x0a, 0x06, 0x46, 0x61, + 0x69, 0x6c, 0x65, 0x64, 0x10, 0x02, 0x22, 0x37, 0x0a, 0x15, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, + 0x65, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, + 0x1e, 0x0a, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x22, - 0x2b, 0x0a, 0x05, 0x50, 0x68, 0x61, 0x73, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x6e, 0x6b, 0x6e, - 0x6f, 0x77, 0x6e, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x52, 0x65, 0x61, 0x64, 0x79, 0x10, 0x01, - 0x12, 0x0a, 0x0a, 0x06, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x10, 0x02, 0x22, 0x37, 0x0a, 0x15, + 0xc1, 0x02, 0x0a, 0x1b, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x45, 0x78, 0x74, 0x65, 0x6e, + 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, + 0x47, 0x0a, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, + 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, + 0x69, 0x6e, 0x65, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x53, 0x74, 0x61, + 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x49, 0x74, 0x65, 0x6d, 0x52, 0x0a, 0x65, 0x78, + 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x23, 0x0a, 0x0d, 0x74, 0x61, 0x6c, 0x6f, + 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0c, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x1a, 0xb3, 0x01, + 0x0a, 0x04, 0x49, 0x74, 0x65, 0x6d, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x69, 0x6d, + 0x6d, 0x75, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x69, + 0x6d, 0x6d, 0x75, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x43, 0x0a, 0x05, 0x70, 0x68, 0x61, 0x73, + 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2d, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, - 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x1e, 0x0a, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, - 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, - 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xc1, 0x02, 0x0a, 0x1b, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, - 0x65, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x53, 0x74, 0x61, 0x74, 0x75, - 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x47, 0x0a, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, - 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x73, 0x70, 0x65, 0x63, - 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, - 0x6f, 0x6e, 0x73, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x49, 0x74, - 0x65, 0x6d, 0x52, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x23, - 0x0a, 0x0d, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x56, 0x65, 0x72, 0x73, - 0x69, 0x6f, 0x6e, 0x1a, 0xb3, 0x01, 0x0a, 0x04, 0x49, 0x74, 0x65, 0x6d, 0x12, 0x12, 0x0a, 0x04, - 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, - 0x12, 0x1c, 0x0a, 0x09, 0x69, 0x6d, 0x6d, 0x75, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x18, 0x02, 0x20, - 0x01, 0x28, 0x08, 0x52, 0x09, 0x69, 0x6d, 0x6d, 0x75, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x43, - 0x0a, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2d, 0x2e, - 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x45, 0x78, 0x74, - 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, - 0x63, 0x2e, 0x49, 0x74, 0x65, 0x6d, 0x2e, 0x50, 0x68, 0x61, 0x73, 0x65, 0x52, 0x05, 0x70, 0x68, - 0x61, 0x73, 0x65, 0x22, 0x34, 0x0a, 0x05, 0x50, 0x68, 0x61, 0x73, 0x65, 0x12, 0x0d, 0x0a, 0x09, - 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x65, 0x64, 0x10, 0x00, 0x12, 0x0e, 0x0a, 0x0a, 0x49, - 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x69, 0x6e, 0x67, 0x10, 0x01, 0x12, 0x0c, 0x0a, 0x08, 0x52, - 0x65, 0x6d, 0x6f, 0x76, 0x69, 0x6e, 0x67, 0x10, 0x02, 0x22, 0xca, 0x01, 0x0a, 0x18, 0x4d, 0x61, - 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x4d, 0x65, 0x74, 0x72, 0x69, - 0x63, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x3a, 0x0a, 0x19, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, - 0x65, 0x72, 0x65, 0x64, 0x5f, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x5f, 0x63, 0x6f, - 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x17, 0x72, 0x65, 0x67, 0x69, 0x73, - 0x74, 0x65, 0x72, 0x65, 0x64, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x43, 0x6f, 0x75, - 0x6e, 0x74, 0x12, 0x38, 0x0a, 0x18, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x65, 0x64, 0x5f, - 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x02, - 0x20, 0x01, 0x28, 0x0d, 0x52, 0x16, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x65, 0x64, 0x4d, + 0x73, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x49, 0x74, 0x65, 0x6d, + 0x2e, 0x50, 0x68, 0x61, 0x73, 0x65, 0x52, 0x05, 0x70, 0x68, 0x61, 0x73, 0x65, 0x22, 0x34, 0x0a, + 0x05, 0x50, 0x68, 0x61, 0x73, 0x65, 0x12, 0x0d, 0x0a, 0x09, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6c, + 0x6c, 0x65, 0x64, 0x10, 0x00, 0x12, 0x0e, 0x0a, 0x0a, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, + 0x69, 0x6e, 0x67, 0x10, 0x01, 0x12, 0x0c, 0x0a, 0x08, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x69, 0x6e, + 0x67, 0x10, 0x02, 0x22, 0xca, 0x01, 0x0a, 0x18, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, + 0x74, 0x61, 0x74, 0x75, 0x73, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x53, 0x70, 0x65, 0x63, + 0x12, 0x3a, 0x0a, 0x19, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x65, 0x64, 0x5f, 0x6d, + 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x0d, 0x52, 0x17, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x65, 0x64, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x38, 0x0a, 0x18, - 0x61, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, - 0x65, 0x73, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x16, - 0x61, 0x6c, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x65, 0x64, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, - 0x73, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x22, 0xc2, 0x01, 0x0a, 0x18, 0x43, 0x6c, 0x75, 0x73, 0x74, - 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x53, - 0x70, 0x65, 0x63, 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x6f, 0x74, 0x5f, 0x72, 0x65, 0x61, 0x64, 0x79, - 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0d, 0x6e, 0x6f, - 0x74, 0x52, 0x65, 0x61, 0x64, 0x79, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x43, 0x0a, 0x06, 0x70, - 0x68, 0x61, 0x73, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x73, 0x70, - 0x65, 0x63, 0x73, 0x2e, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x75, - 0x73, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x50, 0x68, 0x61, - 0x73, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x06, 0x70, 0x68, 0x61, 0x73, 0x65, 0x73, - 0x1a, 0x39, 0x0a, 0x0b, 0x50, 0x68, 0x61, 0x73, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, - 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x6b, 0x65, - 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, - 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x32, 0x0a, 0x1a, 0x43, - 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, - 0x4e, 0x6f, 0x64, 0x65, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x14, 0x0a, 0x05, 0x6e, 0x6f, 0x64, - 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, 0x6e, 0x6f, 0x64, 0x65, 0x73, 0x22, - 0x44, 0x0a, 0x1d, 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x4e, 0x6f, 0x64, - 0x65, 0x41, 0x75, 0x64, 0x69, 0x74, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x53, 0x70, 0x65, 0x63, - 0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6e, 0x6f, 0x64, 0x65, - 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x64, - 0x4e, 0x6f, 0x64, 0x65, 0x73, 0x22, 0xa0, 0x02, 0x0a, 0x15, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, - 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x53, 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, 0x12, - 0x1f, 0x0a, 0x0b, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x01, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x49, 0x64, - 0x12, 0x23, 0x0a, 0x0d, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, - 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0c, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, - 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x23, 0x0a, 0x0d, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x5f, 0x76, - 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x74, 0x61, - 0x6c, 0x6f, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x28, 0x0a, 0x07, 0x6f, 0x76, - 0x65, 0x72, 0x6c, 0x61, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0e, 0x2e, 0x73, 0x70, - 0x65, 0x63, 0x73, 0x2e, 0x4f, 0x76, 0x65, 0x72, 0x6c, 0x61, 0x79, 0x52, 0x07, 0x6f, 0x76, 0x65, - 0x72, 0x6c, 0x61, 0x79, 0x12, 0x1e, 0x0a, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, - 0x6e, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, - 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x1f, 0x0a, 0x0b, 0x6b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x5f, 0x61, - 0x72, 0x67, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x6b, 0x65, 0x72, 0x6e, 0x65, - 0x6c, 0x41, 0x72, 0x67, 0x73, 0x12, 0x31, 0x0a, 0x0b, 0x6d, 0x65, 0x74, 0x61, 0x5f, 0x76, 0x61, - 0x6c, 0x75, 0x65, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x73, 0x70, 0x65, - 0x63, 0x73, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0a, 0x6d, 0x65, - 0x74, 0x61, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x22, 0x1d, 0x0a, 0x1b, 0x4d, 0x61, 0x63, 0x68, - 0x69, 0x6e, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x53, 0x65, 0x74, 0x53, 0x74, 0x61, - 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2a, 0x46, 0x0a, 0x11, 0x43, 0x6f, 0x6e, 0x66, 0x69, - 0x67, 0x41, 0x70, 0x70, 0x6c, 0x79, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x0b, 0x0a, 0x07, - 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, 0x50, 0x45, 0x4e, - 0x44, 0x49, 0x4e, 0x47, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x41, 0x50, 0x50, 0x4c, 0x49, 0x45, - 0x44, 0x10, 0x02, 0x12, 0x0a, 0x0a, 0x06, 0x46, 0x41, 0x49, 0x4c, 0x45, 0x44, 0x10, 0x03, 0x2a, - 0x7a, 0x0a, 0x0f, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x50, 0x68, 0x61, - 0x73, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x10, 0x00, 0x12, - 0x0d, 0x0a, 0x09, 0x53, 0x63, 0x61, 0x6c, 0x69, 0x6e, 0x67, 0x55, 0x70, 0x10, 0x01, 0x12, 0x0f, - 0x0a, 0x0b, 0x53, 0x63, 0x61, 0x6c, 0x69, 0x6e, 0x67, 0x44, 0x6f, 0x77, 0x6e, 0x10, 0x02, 0x12, - 0x0b, 0x0a, 0x07, 0x52, 0x75, 0x6e, 0x6e, 0x69, 0x6e, 0x67, 0x10, 0x03, 0x12, 0x0e, 0x0a, 0x0a, - 0x44, 0x65, 0x73, 0x74, 0x72, 0x6f, 0x79, 0x69, 0x6e, 0x67, 0x10, 0x04, 0x12, 0x0a, 0x0a, 0x06, - 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x10, 0x05, 0x12, 0x11, 0x0a, 0x0d, 0x52, 0x65, 0x63, 0x6f, - 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x69, 0x6e, 0x67, 0x10, 0x06, 0x2a, 0x48, 0x0a, 0x0d, 0x43, - 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x10, - 0x55, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, - 0x10, 0x00, 0x12, 0x08, 0x0a, 0x04, 0x45, 0x74, 0x63, 0x64, 0x10, 0x01, 0x12, 0x17, 0x0a, 0x13, - 0x57, 0x69, 0x72, 0x65, 0x67, 0x75, 0x61, 0x72, 0x64, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, - 0x69, 0x6f, 0x6e, 0x10, 0x02, 0x42, 0x32, 0x5a, 0x30, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, - 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x69, 0x64, 0x65, 0x72, 0x6f, 0x6c, 0x61, 0x62, 0x73, 0x2f, 0x6f, - 0x6d, 0x6e, 0x69, 0x2f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x6f, - 0x6d, 0x6e, 0x69, 0x2f, 0x73, 0x70, 0x65, 0x63, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x33, + 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x65, 0x64, 0x5f, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, + 0x65, 0x73, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x16, + 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x65, 0x64, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, + 0x73, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x38, 0x0a, 0x18, 0x61, 0x6c, 0x6c, 0x6f, 0x63, 0x61, + 0x74, 0x65, 0x64, 0x5f, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x5f, 0x63, 0x6f, 0x75, + 0x6e, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x16, 0x61, 0x6c, 0x6c, 0x6f, 0x63, 0x61, + 0x74, 0x65, 0x64, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x73, 0x43, 0x6f, 0x75, 0x6e, 0x74, + 0x22, 0xc2, 0x01, 0x0a, 0x18, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, + 0x75, 0x73, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x53, 0x70, 0x65, 0x63, 0x12, 0x26, 0x0a, + 0x0f, 0x6e, 0x6f, 0x74, 0x5f, 0x72, 0x65, 0x61, 0x64, 0x79, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0d, 0x6e, 0x6f, 0x74, 0x52, 0x65, 0x61, 0x64, 0x79, + 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x43, 0x0a, 0x06, 0x70, 0x68, 0x61, 0x73, 0x65, 0x73, 0x18, + 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2b, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x43, 0x6c, + 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x4d, 0x65, 0x74, 0x72, 0x69, + 0x63, 0x73, 0x53, 0x70, 0x65, 0x63, 0x2e, 0x50, 0x68, 0x61, 0x73, 0x65, 0x73, 0x45, 0x6e, 0x74, + 0x72, 0x79, 0x52, 0x06, 0x70, 0x68, 0x61, 0x73, 0x65, 0x73, 0x1a, 0x39, 0x0a, 0x0b, 0x50, 0x68, + 0x61, 0x73, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, + 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, + 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x32, 0x0a, 0x1a, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, + 0x4b, 0x75, 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x4e, 0x6f, 0x64, 0x65, 0x73, 0x53, + 0x70, 0x65, 0x63, 0x12, 0x14, 0x0a, 0x05, 0x6e, 0x6f, 0x64, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, + 0x28, 0x09, 0x52, 0x05, 0x6e, 0x6f, 0x64, 0x65, 0x73, 0x22, 0x44, 0x0a, 0x1d, 0x4b, 0x75, 0x62, + 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x4e, 0x6f, 0x64, 0x65, 0x41, 0x75, 0x64, 0x69, 0x74, + 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x53, 0x70, 0x65, 0x63, 0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65, + 0x6c, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, + 0x09, 0x52, 0x0c, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x64, 0x4e, 0x6f, 0x64, 0x65, 0x73, 0x22, + 0xa0, 0x02, 0x0a, 0x15, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x53, 0x65, 0x74, 0x53, 0x70, 0x65, 0x63, 0x12, 0x1f, 0x0a, 0x0b, 0x70, 0x72, 0x6f, + 0x76, 0x69, 0x64, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, + 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x49, 0x64, 0x12, 0x23, 0x0a, 0x0d, 0x6d, 0x61, + 0x63, 0x68, 0x69, 0x6e, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, + 0x05, 0x52, 0x0c, 0x6d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, + 0x23, 0x0a, 0x0d, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x74, 0x61, 0x6c, 0x6f, 0x73, 0x56, 0x65, 0x72, + 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x28, 0x0a, 0x07, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x61, 0x79, 0x18, + 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0e, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4f, 0x76, + 0x65, 0x72, 0x6c, 0x61, 0x79, 0x52, 0x07, 0x6f, 0x76, 0x65, 0x72, 0x6c, 0x61, 0x79, 0x12, 0x1e, + 0x0a, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x05, 0x20, 0x03, + 0x28, 0x09, 0x52, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x1f, + 0x0a, 0x0b, 0x6b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x5f, 0x61, 0x72, 0x67, 0x73, 0x18, 0x06, 0x20, + 0x03, 0x28, 0x09, 0x52, 0x0a, 0x6b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x41, 0x72, 0x67, 0x73, 0x12, + 0x31, 0x0a, 0x0b, 0x6d, 0x65, 0x74, 0x61, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18, 0x07, + 0x20, 0x03, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2e, 0x4d, 0x65, 0x74, + 0x61, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0a, 0x6d, 0x65, 0x74, 0x61, 0x56, 0x61, 0x6c, 0x75, + 0x65, 0x73, 0x22, 0x1d, 0x0a, 0x1b, 0x4d, 0x61, 0x63, 0x68, 0x69, 0x6e, 0x65, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x53, 0x65, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x53, 0x70, 0x65, + 0x63, 0x2a, 0x46, 0x0a, 0x11, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x41, 0x70, 0x70, 0x6c, 0x79, + 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, + 0x4e, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, 0x50, 0x45, 0x4e, 0x44, 0x49, 0x4e, 0x47, 0x10, 0x01, + 0x12, 0x0b, 0x0a, 0x07, 0x41, 0x50, 0x50, 0x4c, 0x49, 0x45, 0x44, 0x10, 0x02, 0x12, 0x0a, 0x0a, + 0x06, 0x46, 0x41, 0x49, 0x4c, 0x45, 0x44, 0x10, 0x03, 0x2a, 0x7a, 0x0a, 0x0f, 0x4d, 0x61, 0x63, + 0x68, 0x69, 0x6e, 0x65, 0x53, 0x65, 0x74, 0x50, 0x68, 0x61, 0x73, 0x65, 0x12, 0x0b, 0x0a, 0x07, + 0x55, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, 0x6e, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x53, 0x63, 0x61, + 0x6c, 0x69, 0x6e, 0x67, 0x55, 0x70, 0x10, 0x01, 0x12, 0x0f, 0x0a, 0x0b, 0x53, 0x63, 0x61, 0x6c, + 0x69, 0x6e, 0x67, 0x44, 0x6f, 0x77, 0x6e, 0x10, 0x02, 0x12, 0x0b, 0x0a, 0x07, 0x52, 0x75, 0x6e, + 0x6e, 0x69, 0x6e, 0x67, 0x10, 0x03, 0x12, 0x0e, 0x0a, 0x0a, 0x44, 0x65, 0x73, 0x74, 0x72, 0x6f, + 0x79, 0x69, 0x6e, 0x67, 0x10, 0x04, 0x12, 0x0a, 0x0a, 0x06, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, + 0x10, 0x05, 0x12, 0x11, 0x0a, 0x0d, 0x52, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, + 0x69, 0x6e, 0x67, 0x10, 0x06, 0x2a, 0x48, 0x0a, 0x0d, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, + 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x10, 0x55, 0x6e, 0x6b, 0x6e, 0x6f, 0x77, + 0x6e, 0x43, 0x6f, 0x6e, 0x64, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x10, 0x00, 0x12, 0x08, 0x0a, 0x04, + 0x45, 0x74, 0x63, 0x64, 0x10, 0x01, 0x12, 0x17, 0x0a, 0x13, 0x57, 0x69, 0x72, 0x65, 0x67, 0x75, + 0x61, 0x72, 0x64, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x10, 0x02, 0x42, + 0x32, 0x5a, 0x30, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x69, + 0x64, 0x65, 0x72, 0x6f, 0x6c, 0x61, 0x62, 0x73, 0x2f, 0x6f, 0x6d, 0x6e, 0x69, 0x2f, 0x63, 0x6c, + 0x69, 0x65, 0x6e, 0x74, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x6f, 0x6d, 0x6e, 0x69, 0x2f, 0x73, 0x70, + 0x65, 0x63, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/client/api/omni/specs/omni.proto b/client/api/omni/specs/omni.proto index 0dd67e11..3009f7be 100644 --- a/client/api/omni/specs/omni.proto +++ b/client/api/omni/specs/omni.proto @@ -384,7 +384,14 @@ message ClusterMachineSpec { // ClusterMachineConfigPatchesSpec keeps the list of config patches to be applied on the machine. message ClusterMachineConfigPatchesSpec { // List of patches combined from all sources, as a final list of patches to apply. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedData to manage this field. repeated string patches = 1; + + // List of patches combined from all sources, as a final list of patches to apply. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedData to manage this field. + repeated bytes compressed_patches = 2; } // ClusterMachineTalosVersionSpec describes a machine Talos version and schematic. @@ -395,14 +402,30 @@ message ClusterMachineTalosVersionSpec { // ClusterMachineConfigSpec stores generated Talos node machine config. message ClusterMachineConfigSpec { + // Data contains the config bytes. It is only set if the config is not compressed. Otherwise, CompressedData is set instead. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedData to manage this field. bytes data = 1; string cluster_machine_version = 2; string generation_error = 3; + + // CompressedData contains the config bytes. It is only set if the config is not compressed. Otherwise, CompressedData is set instead. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedData to manage this field. + bytes compressed_data = 4; } // ClusterMachineConfigSpec stores generated Talos node machine config. message RedactedClusterMachineConfigSpec { + // Data contains the config bytes. It is only set if the config is not compressed. Otherwise, CompressedData is set instead. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedData to manage this field. string data = 1; + + // CompressedData contains the config bytes. It is only set if the config is not compressed. Otherwise, CompressedData is set instead. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedDataa to manage this field. + bytes compressed_data = 2; } // ClusterMachineIdentity keeps ClusterMachine related node information. @@ -599,7 +622,15 @@ message InstallationMediaSpec { // ConfigPatchSpec represents the machine config patch. message ConfigPatchSpec { + // Data contains the config patch bytes. It is only set if the config patch is not compressed. Otherwise, CompressedData is set instead. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedData to manage this field. string data = 1; + + // CompressedData contains the config patch bytes. It is only set if the config patch is not compressed. Otherwise, CompressedData is set instead. + // + // Deprecated: use accessor methods GetUncompressedData/SetUncompressedData to manage this field. + bytes compressed_data = 2; } // MachineSetPhaseSpec is machine set phase. diff --git a/client/api/omni/specs/omni_vtproto.pb.go b/client/api/omni/specs/omni_vtproto.pb.go index dbabcc14..5b5cdbb8 100644 --- a/client/api/omni/specs/omni_vtproto.pb.go +++ b/client/api/omni/specs/omni_vtproto.pb.go @@ -654,6 +654,15 @@ func (m *ClusterMachineConfigPatchesSpec) CloneVT() *ClusterMachineConfigPatches copy(tmpContainer, rhs) r.Patches = tmpContainer } + if rhs := m.CompressedPatches; rhs != nil { + tmpContainer := make([][]byte, len(rhs)) + for k, v := range rhs { + tmpBytes := make([]byte, len(v)) + copy(tmpBytes, v) + tmpContainer[k] = tmpBytes + } + r.CompressedPatches = tmpContainer + } if len(m.unknownFields) > 0 { r.unknownFields = make([]byte, len(m.unknownFields)) copy(r.unknownFields, m.unknownFields) @@ -695,6 +704,11 @@ func (m *ClusterMachineConfigSpec) CloneVT() *ClusterMachineConfigSpec { copy(tmpBytes, rhs) r.Data = tmpBytes } + if rhs := m.CompressedData; rhs != nil { + tmpBytes := make([]byte, len(rhs)) + copy(tmpBytes, rhs) + r.CompressedData = tmpBytes + } if len(m.unknownFields) > 0 { r.unknownFields = make([]byte, len(m.unknownFields)) copy(r.unknownFields, m.unknownFields) @@ -712,6 +726,11 @@ func (m *RedactedClusterMachineConfigSpec) CloneVT() *RedactedClusterMachineConf } r := new(RedactedClusterMachineConfigSpec) r.Data = m.Data + if rhs := m.CompressedData; rhs != nil { + tmpBytes := make([]byte, len(rhs)) + copy(tmpBytes, rhs) + r.CompressedData = tmpBytes + } if len(m.unknownFields) > 0 { r.unknownFields = make([]byte, len(m.unknownFields)) copy(r.unknownFields, m.unknownFields) @@ -1041,6 +1060,11 @@ func (m *ConfigPatchSpec) CloneVT() *ConfigPatchSpec { } r := new(ConfigPatchSpec) r.Data = m.Data + if rhs := m.CompressedData; rhs != nil { + tmpBytes := make([]byte, len(rhs)) + copy(tmpBytes, rhs) + r.CompressedData = tmpBytes + } if len(m.unknownFields) > 0 { r.unknownFields = make([]byte, len(m.unknownFields)) copy(r.unknownFields, m.unknownFields) @@ -3094,6 +3118,15 @@ func (this *ClusterMachineConfigPatchesSpec) EqualVT(that *ClusterMachineConfigP return false } } + if len(this.CompressedPatches) != len(that.CompressedPatches) { + return false + } + for i, vx := range this.CompressedPatches { + vy := that.CompressedPatches[i] + if string(vx) != string(vy) { + return false + } + } return string(this.unknownFields) == string(that.unknownFields) } @@ -3141,6 +3174,9 @@ func (this *ClusterMachineConfigSpec) EqualVT(that *ClusterMachineConfigSpec) bo if this.GenerationError != that.GenerationError { return false } + if string(this.CompressedData) != string(that.CompressedData) { + return false + } return string(this.unknownFields) == string(that.unknownFields) } @@ -3160,6 +3196,9 @@ func (this *RedactedClusterMachineConfigSpec) EqualVT(that *RedactedClusterMachi if this.Data != that.Data { return false } + if string(this.CompressedData) != string(that.CompressedData) { + return false + } return string(this.unknownFields) == string(that.unknownFields) } @@ -3605,6 +3644,9 @@ func (this *ConfigPatchSpec) EqualVT(that *ConfigPatchSpec) bool { if this.Data != that.Data { return false } + if string(this.CompressedData) != string(that.CompressedData) { + return false + } return string(this.unknownFields) == string(that.unknownFields) } @@ -6992,6 +7034,15 @@ func (m *ClusterMachineConfigPatchesSpec) MarshalToSizedBufferVT(dAtA []byte) (i i -= len(m.unknownFields) copy(dAtA[i:], m.unknownFields) } + if len(m.CompressedPatches) > 0 { + for iNdEx := len(m.CompressedPatches) - 1; iNdEx >= 0; iNdEx-- { + i -= len(m.CompressedPatches[iNdEx]) + copy(dAtA[i:], m.CompressedPatches[iNdEx]) + i = protohelpers.EncodeVarint(dAtA, i, uint64(len(m.CompressedPatches[iNdEx]))) + i-- + dAtA[i] = 0x12 + } + } if len(m.Patches) > 0 { for iNdEx := len(m.Patches) - 1; iNdEx >= 0; iNdEx-- { i -= len(m.Patches[iNdEx]) @@ -7081,6 +7132,13 @@ func (m *ClusterMachineConfigSpec) MarshalToSizedBufferVT(dAtA []byte) (int, err i -= len(m.unknownFields) copy(dAtA[i:], m.unknownFields) } + if len(m.CompressedData) > 0 { + i -= len(m.CompressedData) + copy(dAtA[i:], m.CompressedData) + i = protohelpers.EncodeVarint(dAtA, i, uint64(len(m.CompressedData))) + i-- + dAtA[i] = 0x22 + } if len(m.GenerationError) > 0 { i -= len(m.GenerationError) copy(dAtA[i:], m.GenerationError) @@ -7135,6 +7193,13 @@ func (m *RedactedClusterMachineConfigSpec) MarshalToSizedBufferVT(dAtA []byte) ( i -= len(m.unknownFields) copy(dAtA[i:], m.unknownFields) } + if len(m.CompressedData) > 0 { + i -= len(m.CompressedData) + copy(dAtA[i:], m.CompressedData) + i = protohelpers.EncodeVarint(dAtA, i, uint64(len(m.CompressedData))) + i-- + dAtA[i] = 0x12 + } if len(m.Data) > 0 { i -= len(m.Data) copy(dAtA[i:], m.Data) @@ -8100,6 +8165,13 @@ func (m *ConfigPatchSpec) MarshalToSizedBufferVT(dAtA []byte) (int, error) { i -= len(m.unknownFields) copy(dAtA[i:], m.unknownFields) } + if len(m.CompressedData) > 0 { + i -= len(m.CompressedData) + copy(dAtA[i:], m.CompressedData) + i = protohelpers.EncodeVarint(dAtA, i, uint64(len(m.CompressedData))) + i-- + dAtA[i] = 0x12 + } if len(m.Data) > 0 { i -= len(m.Data) copy(dAtA[i:], m.Data) @@ -11723,6 +11795,12 @@ func (m *ClusterMachineConfigPatchesSpec) SizeVT() (n int) { n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) } } + if len(m.CompressedPatches) > 0 { + for _, b := range m.CompressedPatches { + l = len(b) + n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) + } + } n += len(m.unknownFields) return n } @@ -11763,6 +11841,10 @@ func (m *ClusterMachineConfigSpec) SizeVT() (n int) { if l > 0 { n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) } + l = len(m.CompressedData) + if l > 0 { + n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) + } n += len(m.unknownFields) return n } @@ -11777,6 +11859,10 @@ func (m *RedactedClusterMachineConfigSpec) SizeVT() (n int) { if l > 0 { n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) } + l = len(m.CompressedData) + if l > 0 { + n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) + } n += len(m.unknownFields) return n } @@ -12148,6 +12234,10 @@ func (m *ConfigPatchSpec) SizeVT() (n int) { if l > 0 { n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) } + l = len(m.CompressedData) + if l > 0 { + n += 1 + l + protohelpers.SizeOfVarint(uint64(l)) + } n += len(m.unknownFields) return n } @@ -18115,6 +18205,38 @@ func (m *ClusterMachineConfigPatchesSpec) UnmarshalVT(dAtA []byte) error { } m.Patches = append(m.Patches, string(dAtA[iNdEx:postIndex])) iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field CompressedPatches", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return protohelpers.ErrInvalidLength + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return protohelpers.ErrInvalidLength + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.CompressedPatches = append(m.CompressedPatches, make([]byte, postIndex-iNdEx)) + copy(m.CompressedPatches[len(m.CompressedPatches)-1], dAtA[iNdEx:postIndex]) + iNdEx = postIndex default: iNdEx = preIndex skippy, err := protohelpers.Skip(dAtA[iNdEx:]) @@ -18379,6 +18501,40 @@ func (m *ClusterMachineConfigSpec) UnmarshalVT(dAtA []byte) error { } m.GenerationError = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex + case 4: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field CompressedData", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return protohelpers.ErrInvalidLength + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return protohelpers.ErrInvalidLength + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.CompressedData = append(m.CompressedData[:0], dAtA[iNdEx:postIndex]...) + if m.CompressedData == nil { + m.CompressedData = []byte{} + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := protohelpers.Skip(dAtA[iNdEx:]) @@ -18462,6 +18618,40 @@ func (m *RedactedClusterMachineConfigSpec) UnmarshalVT(dAtA []byte) error { } m.Data = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field CompressedData", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return protohelpers.ErrInvalidLength + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return protohelpers.ErrInvalidLength + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.CompressedData = append(m.CompressedData[:0], dAtA[iNdEx:postIndex]...) + if m.CompressedData == nil { + m.CompressedData = []byte{} + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := protohelpers.Skip(dAtA[iNdEx:]) @@ -20824,6 +21014,40 @@ func (m *ConfigPatchSpec) UnmarshalVT(dAtA []byte) error { } m.Data = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field CompressedData", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protohelpers.ErrIntOverflow + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return protohelpers.ErrInvalidLength + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return protohelpers.ErrInvalidLength + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.CompressedData = append(m.CompressedData[:0], dAtA[iNdEx:postIndex]...) + if m.CompressedData == nil { + m.CompressedData = []byte{} + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := protohelpers.Skip(dAtA[iNdEx:]) diff --git a/client/api/omni/specs/omni_yaml.go b/client/api/omni/specs/omni_yaml.go index 95678672..4b6060dd 100644 --- a/client/api/omni/specs/omni_yaml.go +++ b/client/api/omni/specs/omni_yaml.go @@ -5,7 +5,6 @@ package specs import ( - "github.com/siderolabs/gen/xslices" "gopkg.in/yaml.v3" ) @@ -20,29 +19,3 @@ func (c *ClusterMachineSpec) MarshalYAML() (any, error) { }, }, nil } - -// MarshalYAML implements yaml.Marshaler interface. -func (c *ClusterMachineConfigPatchesSpec) MarshalYAML() (any, error) { - contents := xslices.Map(c.Patches, func(patch string) *yaml.Node { - style := yaml.FlowStyle - if len(patch) > 0 && (patch[0] == '\n' || patch[0] == ' ') { - style = yaml.SingleQuotedStyle - } - - return &yaml.Node{ - Kind: yaml.ScalarNode, - Tag: "!!str", - Style: style, - Value: patch, - } - }) - - return &yaml.Node{ - Kind: yaml.MappingNode, - Tag: "!!map", - Content: []*yaml.Node{ - {Kind: yaml.ScalarNode, Tag: "!!str", Value: "patches"}, - {Kind: yaml.SequenceNode, Tag: "!!seq", Content: contents}, - }, - }, nil -} diff --git a/client/api/omni/specs/redacted_cluster_machine_config.go b/client/api/omni/specs/redacted_cluster_machine_config.go new file mode 100644 index 00000000..7a8e004e --- /dev/null +++ b/client/api/omni/specs/redacted_cluster_machine_config.go @@ -0,0 +1,101 @@ +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +//nolint:dupl,revive +package specs + +import ( + "errors" + + "gopkg.in/yaml.v3" +) + +// MarshalJSON implements json.Marshaler interface. +func (x *RedactedClusterMachineConfigSpec) MarshalJSON() ([]byte, error) { + obj := x.CloneVT() + + buffer, err := obj.GetUncompressedData() + if err != nil { + return nil, err + } + + defer buffer.Free() + + obj.Data = string(buffer.Data()) + obj.CompressedData = nil + + return jsonMarshaler.Marshal(obj) +} + +// UnmarshalJSON implements json.Unmarshaler interface. +func (x *RedactedClusterMachineConfigSpec) UnmarshalJSON(data []byte) error { + return unmarshalJSON(x, data) +} + +// MarshalYAML implements yaml.Marshaler interface. +func (x *RedactedClusterMachineConfigSpec) MarshalYAML() (any, error) { + obj := x.CloneVT() + + buffer, err := obj.GetUncompressedData() + if err != nil { + return nil, err + } + + defer buffer.Free() + + obj.Data = string(buffer.Data()) + obj.CompressedData = nil + + type alias *RedactedClusterMachineConfigSpec // prevent recursion + + return alias(obj), nil +} + +// UnmarshalYAML implements yaml.Unmarshaler interface. +func (x *RedactedClusterMachineConfigSpec) UnmarshalYAML(node *yaml.Node) error { + type alias RedactedClusterMachineConfigSpec // prevent recursion + + aux := (*alias)(x) + + return unmarshalYAML(x, aux, node) +} + +// GetUncompressedData returns the config data from the RedactedClusterMachineConfigSpec, decompressing it if necessary. +func (x *RedactedClusterMachineConfigSpec) GetUncompressedData(opts ...CompressionOption) (Buffer, error) { + if x == nil { + return newNoOpBuffer(nil), nil + } + + if x.CompressedData == nil { + return newNoOpBuffer([]byte(x.Data)), nil + } + + config := getCompressionConfig(opts) + + return doDecompress(x.CompressedData, config) +} + +// SetUncompressedData sets the config data in the RedactedClusterMachineConfigSpec, compressing it if requested. +func (x *RedactedClusterMachineConfigSpec) SetUncompressedData(data []byte, opts ...CompressionOption) error { + if x == nil { + return errors.New("RedactedClusterMachineConfigSpec is nil") + } + + config := getCompressionConfig(opts) + compress := config.Enabled + + if !compress { + x.Data = string(data) + x.CompressedData = nil + + return nil + } + + compressed := doCompress(data, config) + + x.Data = "" + x.CompressedData = compressed + + return nil +} diff --git a/client/api/omni/specs/specs.go b/client/api/omni/specs/specs.go new file mode 100644 index 00000000..0521df9b --- /dev/null +++ b/client/api/omni/specs/specs.go @@ -0,0 +1,6 @@ +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +// Package specs contains all resource specs of the service. +package specs diff --git a/client/go.mod b/client/go.mod index c76d6807..9d5b3037 100644 --- a/client/go.mod +++ b/client/go.mod @@ -13,7 +13,7 @@ replace ( require ( github.com/adrg/xdg v0.5.0 github.com/blang/semver v3.5.1+incompatible - github.com/cosi-project/runtime v0.6.1 + github.com/cosi-project/runtime v0.6.2 github.com/fatih/color v1.17.0 github.com/gertd/go-pluralize v0.2.1 github.com/google/uuid v1.6.0 @@ -21,6 +21,7 @@ require ( github.com/grpc-ecosystem/grpc-gateway/v2 v2.22.0 github.com/hashicorp/go-multierror v1.1.1 github.com/hexops/gotextdiff v1.0.3 + github.com/klauspost/compress v1.17.9 github.com/mattn/go-isatty v0.0.20 github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 github.com/sergi/go-diff v1.3.1 diff --git a/client/go.sum b/client/go.sum index 406c7515..a0cb5ec2 100644 --- a/client/go.sum +++ b/client/go.sum @@ -25,8 +25,8 @@ github.com/containerd/go-cni v1.1.10 h1:c2U73nld7spSWfiJwSh/8W9DK+/qQwYM2rngIhCy github.com/containerd/go-cni v1.1.10/go.mod h1:/Y/sL8yqYQn1ZG1om1OncJB1W4zN3YmjfP/ShCzG/OY= github.com/containernetworking/cni v1.2.3 h1:hhOcjNVUQTnzdRJ6alC5XF+wd9mfGIUaj8FuJbEslXM= github.com/containernetworking/cni v1.2.3/go.mod h1:DuLgF+aPd3DzcTQTtp/Nvl1Kim23oFKdm2okJzBQA5M= -github.com/cosi-project/runtime v0.6.1 h1:mKNACtmdO9rBdI83zpVDuDRap7w4kCyE40gYn7oricM= -github.com/cosi-project/runtime v0.6.1/go.mod h1:2iQ2Wu57UNm89ZksFLoMLGEZnPzUkk5g64+AlWHopo4= +github.com/cosi-project/runtime v0.6.2 h1:GHp/GoJlqAfmVXq69r7CeSIXj31glMNz8z2RM3ugpRU= +github.com/cosi-project/runtime v0.6.2/go.mod h1:2iQ2Wu57UNm89ZksFLoMLGEZnPzUkk5g64+AlWHopo4= github.com/cpuguy83/go-md2man/v2 v2.0.4 h1:wfIWP927BUkWJb2NmU/kNDYIBTh/ziUX91+lVfRxZq4= github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -100,6 +100,8 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA= +github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= diff --git a/client/pkg/client/client.go b/client/pkg/client/client.go index b1c5ffb9..39018c13 100644 --- a/client/pkg/client/client.go +++ b/client/pkg/client/client.go @@ -7,6 +7,7 @@ package client import ( "crypto/tls" + "fmt" "net" "net/url" "slices" @@ -21,6 +22,7 @@ import ( "github.com/siderolabs/omni/client/pkg/client/oidc" "github.com/siderolabs/omni/client/pkg/client/omni" "github.com/siderolabs/omni/client/pkg/client/talos" + "github.com/siderolabs/omni/client/pkg/compression" "github.com/siderolabs/omni/client/pkg/constants" ) @@ -33,6 +35,10 @@ type Client struct { // New creates a new Omni API client. func New(endpoint string, opts ...Option) (*Client, error) { + if err := compression.InitConfig(true); err != nil { + return nil, fmt.Errorf("failed to initialize compression config: %w", err) + } + u, err := url.Parse(endpoint) if err != nil { return nil, err diff --git a/client/pkg/compression/compression.go b/client/pkg/compression/compression.go new file mode 100644 index 00000000..f12209a4 --- /dev/null +++ b/client/pkg/compression/compression.go @@ -0,0 +1,161 @@ +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +// Package compression provides a buffer pool for resource decompression. +// It also initializes the default buffer pool and zstd encoder/decoder with a dictionary for the specs. +package compression + +import ( + _ "embed" + "fmt" + "sort" + "sync" + + "github.com/klauspost/compress/zstd" + + "github.com/siderolabs/omni/client/api/omni/specs" +) + +var ( + //go:embed data/config.1.zdict + dict1 []byte + + noOpBufferPool = &specs.NoOpBufferPool{} +) + +// InitConfig initializes the compression configuration for the resource specs. +func InitConfig(enabled bool) error { + compressionConfig, err := BuildConfig(enabled, true, false) + if err != nil { + return fmt.Errorf("failed to build compression config: %w", err) + } + + specs.SetCompressionConfig(compressionConfig) + + return nil +} + +// BuildConfig creates a new CompressionConfig with the given options. +func BuildConfig(enabled, useDict, usePool bool) (specs.CompressionConfig, error) { + encoderOpts := []zstd.EOption{ + zstd.WithEncoderConcurrency(2), + zstd.WithWindowSize(1 << 18), // 256KB + } + + decoderOpts := []zstd.DOption{ + zstd.WithDecoderConcurrency(0), + } + + if useDict { + encoderOpts = append(encoderOpts, zstd.WithEncoderDict(dict1)) + decoderOpts = append(decoderOpts, zstd.WithDecoderDicts(dict1)) + } + + encoder, err := zstd.NewWriter(nil, encoderOpts...) + if err != nil { + return specs.CompressionConfig{}, err + } + + decoder, err := zstd.NewReader(nil, decoderOpts...) + if err != nil { + return specs.CompressionConfig{}, err + } + + var pool specs.BufferPool = noOpBufferPool + if usePool { + pool = NewTieredBufferPool( + 1024, // 1KB + []int{ + 32 * 1024, // 32KB + 128 * 1024, // 128KB + 512 * 1024, // 512KB + 2 * 1024 * 1024, // 2MB + }) + } + + return specs.CompressionConfig{ + Enabled: enabled, + ZstdEncoder: encoder, + ZstdDecoder: decoder, + BufferPool: pool, + }, nil +} + +// TieredBufferPool is a buffer pool that uses multiple sized buffer pools. +type TieredBufferPool struct { + sizedPools []*sizedBufferPool + minSize int +} + +// NewTieredBufferPool creates a new TieredBufferPool with the given minimum size and pool sizes. +func NewTieredBufferPool(minSize int, poolSizes []int) *TieredBufferPool { + sort.Ints(poolSizes) + + pools := make([]*sizedBufferPool, 0, len(poolSizes)) + for _, s := range poolSizes { + pools = append(pools, newSizedBufferPool(s)) + } + + return &TieredBufferPool{ + minSize: minSize, + sizedPools: pools, + } +} + +func (t *TieredBufferPool) getPool(size int) specs.BufferPool { + if size < t.minSize { // no need to pool too small buffers + return nil + } + + poolIdx := sort.Search(len(t.sizedPools), func(i int) bool { + return t.sizedPools[i].defaultSize >= size + }) + + if poolIdx == len(t.sizedPools) { + return nil + } + + return t.sizedPools[poolIdx] +} + +// Get implements the specs.BufferPool interface. +func (t *TieredBufferPool) Get(length int) specs.Buffer { + pool := t.getPool(length) + if pool == nil { + pool = noOpBufferPool + } + + return pool.Get(length) +} + +type sizedBufferPool struct { + pool sync.Pool + defaultSize int +} + +func (p *sizedBufferPool) Get(int) specs.Buffer { + buf := p.pool.Get().(*[]byte) //nolint:errcheck,forcetypeassert + b := *buf + + clear(b[:cap(b)]) + + *buf = b[:0] + + return specs.NewBuffer(buf, func() { + p.pool.Put(buf) + }) +} + +func newSizedBufferPool(size int) *sizedBufferPool { + return &sizedBufferPool{ + pool: sync.Pool{ + New: func() any { + buf := make([]byte, 0, size) + + return &buf + }, + }, + defaultSize: size, + } +} diff --git a/client/pkg/compression/compression_bench_test.go b/client/pkg/compression/compression_bench_test.go new file mode 100644 index 00000000..94a8d433 --- /dev/null +++ b/client/pkg/compression/compression_bench_test.go @@ -0,0 +1,110 @@ +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +package compression_test + +import ( + _ "embed" + "testing" + + "github.com/dustin/go-humanize" + "github.com/stretchr/testify/require" + + "github.com/siderolabs/omni/client/api/omni/specs" + "github.com/siderolabs/omni/client/pkg/compression" + "github.com/siderolabs/omni/client/pkg/omni/resources" + "github.com/siderolabs/omni/client/pkg/omni/resources/omni" +) + +var ( + //go:embed testdata/config-small.yaml + testConfigSmall []byte + + //go:embed testdata/config-large.yaml + testConfigLarge []byte +) + +func BenchmarkAccess(b *testing.B) { + b.Run("small_no-compression_no-pool_no-dict", func(b *testing.B) { + benchmark(b, false, false, false, false) + }) + + b.Run("large_no-compression_no-pool_no-dict", func(b *testing.B) { + benchmark(b, true, false, false, false) + }) + + b.Run("small_with-compression_no-pool_no-dict", func(b *testing.B) { + benchmark(b, false, true, false, false) + }) + + b.Run("large_with-compression_no-pool_no-dict", func(b *testing.B) { + benchmark(b, true, true, false, false) + }) + + b.Run("small_with-compression_with-pool_no-dict", func(b *testing.B) { + benchmark(b, false, true, true, false) + }) + + b.Run("large_with-compression_with-pool_no-dict", func(b *testing.B) { + benchmark(b, true, true, true, false) + }) + + // The dictionary is expected to make a big difference, as it works better on smaller inputs. + b.Run("small_with-compression_with-pool_with-dict", func(b *testing.B) { + benchmark(b, false, true, true, true) + }) + + // The dictionary is expected to make a small difference, as it works better on smaller inputs. + b.Run("large_with-compression_with-pool_with-dict", func(b *testing.B) { + benchmark(b, true, true, true, true) + }) +} + +func TestDictionaryCompressionSize(t *testing.T) { + noDictCompressionConfig, err := compression.BuildConfig(true, false, false) + require.NoError(t, err) + + withDictCompressionConfig, err := compression.BuildConfig(true, true, false) + require.NoError(t, err) + + smallInputNoDict := buildConfig(t, false, noDictCompressionConfig) + smallInputWithDict := buildConfig(t, false, withDictCompressionConfig) + largeInputNoDict := buildConfig(t, true, noDictCompressionConfig) + largeInputWithDict := buildConfig(t, true, withDictCompressionConfig) + + t.Logf("small input no dict: %s", humanize.IBytes(uint64(len(smallInputNoDict.TypedSpec().Value.GetCompressedData())))) + t.Logf("small input with dict: %s", humanize.IBytes(uint64(len(smallInputWithDict.TypedSpec().Value.GetCompressedData())))) + t.Logf("large input no dict: %s", humanize.IBytes(uint64(len(largeInputNoDict.TypedSpec().Value.GetCompressedData())))) + t.Logf("large input with dict: %s", humanize.IBytes(uint64(len(largeInputWithDict.TypedSpec().Value.GetCompressedData())))) +} + +func buildConfig(tb testing.TB, large bool, compressionConfig specs.CompressionConfig) *omni.ClusterMachineConfig { + config := omni.NewClusterMachineConfig(resources.DefaultNamespace, "test") + + configData := testConfigSmall + if large { + configData = testConfigLarge + } + + require.NoError(tb, config.TypedSpec().Value.SetUncompressedData(configData, specs.WithConfigCompressionOption(compressionConfig))) + + return config +} + +func benchmark(b *testing.B, large, compress, pool, dict bool) { + compressionConfig, configErr := compression.BuildConfig(compress, dict, pool) + require.NoError(b, configErr) + + config := buildConfig(b, large, compressionConfig) + + b.ReportAllocs() + b.ResetTimer() + + for i := 0; i < b.N; i++ { + buffer, err := config.TypedSpec().Value.GetUncompressedData(specs.WithConfigCompressionOption(compressionConfig)) + require.NoError(b, err) + + buffer.Free() + } +} diff --git a/client/pkg/compression/compression_test.go b/client/pkg/compression/compression_test.go new file mode 100644 index 00000000..2424efcd --- /dev/null +++ b/client/pkg/compression/compression_test.go @@ -0,0 +1,99 @@ +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +//nolint:staticcheck // we are ok with accesssing the deprecated fields in these tests. +package compression_test + +import ( + "encoding/json" + "testing" + + "github.com/stretchr/testify/require" + "gopkg.in/yaml.v3" + + "github.com/siderolabs/omni/client/api/omni/specs" + "github.com/siderolabs/omni/client/pkg/omni/resources/omni" +) + +func TestClusterMachineConfigPatchesYAML(t *testing.T) { + res := omni.NewClusterMachineConfigPatches("test", "test") + + // set some patches + + err := res.TypedSpec().Value.SetUncompressedPatches([]string{"aaaa", "bbbb"}) + require.NoError(t, err) + + // assert that the patches are compressed + + require.Empty(t, res.TypedSpec().Value.Patches) + require.NotEmpty(t, res.TypedSpec().Value.CompressedPatches) + + // marshal the spec to yaml + + spec := res.TypedSpec().Value + + specYAML, err := yaml.Marshal(spec) + require.NoError(t, err) + + // assert that the patches are in the YAML in uncompressed form, and do not contain the compressed form + + require.Contains(t, string(specYAML), "aaaa") + require.Contains(t, string(specYAML), "bbbb") + require.NotContains(t, string(specYAML), "compressed") + + t.Logf("yaml:\n%s", string(specYAML)) + + // unmarshal the spec from the yaml + + var newSpec specs.ClusterMachineConfigPatchesSpec + + err = yaml.Unmarshal(specYAML, &newSpec) + require.NoError(t, err) + + // assert that the patches got compressed again + + require.Empty(t, newSpec.Patches) + require.NotEmpty(t, newSpec.CompressedPatches) +} + +func TestClusterMachineConfigPatchesJSON(t *testing.T) { + res := omni.NewClusterMachineConfigPatches("test", "test") + + // set some patches + + err := res.TypedSpec().Value.SetUncompressedPatches([]string{"aaaa", "bbbb"}) + require.NoError(t, err) + + // assert that the patches are compressed + + require.Empty(t, res.TypedSpec().Value.Patches) + require.NotEmpty(t, res.TypedSpec().Value.CompressedPatches) + + // marshal the spec to json + + spec := res.TypedSpec().Value + + specJSON, err := json.Marshal(spec) + require.NoError(t, err) + + // assert that the patches are in the JSON in uncompressed form, and do not contain the compressed form + + require.Contains(t, string(specJSON), "aaaa") + require.Contains(t, string(specJSON), "bbbb") + require.NotContains(t, string(specJSON), "compressed") + + t.Logf("json:\n%s", string(specJSON)) + + // unmarshal the spec from the json + + var newSpec *specs.ClusterMachineConfigPatchesSpec + + err = json.Unmarshal(specJSON, &newSpec) + require.NoError(t, err) + + // assert that the patches got compressed again + + require.Empty(t, newSpec.Patches) + require.NotEmpty(t, newSpec.CompressedPatches) +} diff --git a/client/pkg/compression/data/config.1.zdict b/client/pkg/compression/data/config.1.zdict new file mode 100644 index 0000000000000000000000000000000000000000..17a6cd01b86860f975bd6a8c3379a8ca37a53fa2 GIT binary patch literal 65536 zcmeFaNw4$BmLT@Js>?9aZJ_O)cS0u6?^Wq>)_Bpfi=t*x10|9g3I!!cks?J>93)Ym zdMdcxdoS8vwc#JofPX>5fMM^wGQ9A{JO6_A#wSQk_kQ<&Q@*P9kT>(Yx*{V^oH!A2 z;>4Mv`rncN=imCxZ+?UQ-G4dz-~Sf*cm9X#|Nk`nFaG4;7ytZ^{?-5S$N%|1|5rc$ zd;k0&{BQs6zy6c|?C<`|KlzJ)DYX9kKPvp@H-GY1KmGVG{{G+luWJ9--~RJ|^iTfT zU;Wqr?BDq>|LMQ=SO54Q|M5Tm*~DQ;jX z)DMpB=`V%$(eUEA?Kzz9nfCSv!_x!b_TrbqZ~wy772~Bu8Ksv>sjj}%8IpNJOEU;wzoyK5xs#Dk?$J#4*_Z$h+T-o!~p!Kp?|bd|MrSz*`85| z0zSi+x~#OjAU6PTB$jz&#t5LbBv1rT(F~@ zKtOoqjz08v2QxEkV>;~LFwmZx%jab1`*A@t!Wi`yC|^*L*z!X=PH&Zs%p147{kDESx?Y>;l80i@ZB{zUWhRj(zdmhG^mf*z&wL}^ zGPqodS$x^-m_vHBT;tV``@*rAq8s%@Ns}GsbL&n-@-8HY_2XZx-#;=ETdnJE2QKT;tE$5}S=S zl~W@P2J7m&I#?Yi+)|($RJ0MjYD*j&{XR1+_Qx|@Sl2c*y=0<9(Ji8@YqRs>9IB@Y zKRh+q38@_fyi|<4ZAM*>i~edc<2#Z*3CZ&=!3A}Gy71$3xLk0YVRnwf0=zyyIK7U#=%=32c2-7FQO@k{yyK=vckf8c z>2xl%PLmYhu6toOt^~{W1UChKY_Hux$4IBC)tayM+Fnwr`Jy}gYK0kJXJP>4HcR&XhX0{r=D( zOCr0q4(Y^b>?{2q##$Rr^}EF$l?YMX?<%G}EwE`-ka;uFsb#_yX913TP zE8+}0WXrWM;V(r;YW0sbwYIA$47*KAhts6v9$V|Q(X9)WrN&UsFr4iSs=6bY(dy8{ zn+{v+w4!dMJ)5surr&JWx8)H>5p*{w#hPkZ`_Svt{ixGOdY4YqYViKI__KO^o`bATSPYuX@x=>!D%kb9YMZ4$`V>yG?zVB&vN`gyG7f5B@@I02$8xR^#ZX?X$UC zHs-PcM!|(7SEzw6AhKTNv_`;(~4iy35MxRmUbiV)Tm=T8m-#gc6pu_ zr%RP(jic9{%?Rl@F}9oWT3-O;7uI z;DsVD;1p}xWp%MO28N$lTY|JS4pU=qNYkz1!J3a5%ZiI5qDk(W~DY(ua@Yemhly|qdP|WQuy)5>^qVN=Il6n?Dtr~K3B8~ z?vyPJ>+&XSOGDmOD~1?XH|ti?p>RLkW|d7tiIdQHstj_h&RK@$w9oO-NTo>Gg1nT8 zUZ`dCquY@qz>-krNq{8aH?NUo+#1gx_@FvQChLJ*{tA+lsKzw3qy5(uMqu*hs-;r- zPK!`gv^QX*7zvg=z#|v7?`_&1ymH+~Yp5$P1wuED#8Fr7FztQTYg5r;KTL6`<3~6u zbOm6980-~5I29x^!Xx4iXP$iOG?BWSw#T0MdCw2a$J6X!&d#%#a{9@6L`~M5z^*rR zX?kdnFCM{n9tDsF{?UJwsG-VPCoz&<#^b+<2CFvAs9uhNk)Z z0K{U`c8y%9eoJWRCnCv6@oW=L15wKkjjV5PD0l7n*3v>8W_AQ}Hb}*a8WA@n09S^@ zsSFp-h>;-uKnxX%0>yhgd4KFfV+#^}Xv4%S{Kx-k1}l@0UkbwotzNoG^_Xn@as{_n zoY5Xo!DhLSH`E|B^0Ju>57K@N$OW$A8P`JsP9C()z9i76#RfNO$|#ug`|42NmltNk zERLqj(zx1ZR`{{knEKUPtun#L(PFwgQe^4O)OWRg16znYds!REGP7p9&@OuG9a~a5 zc*q--Bj0nZi7WG4>_R6Bd6-m9iZ3^NiK*+H$EDbr)O2-Tb8Dp`E^o?mnOT*T$L|0got+TipmX=Z7T5U8eB^P?pH%kL&?hgDB+0o@aEz!h%iZH^tl|pm zX*d-$jK`&F>=qY`VUJRVi}S2qbkZY326It~)=FZGn*BLl*~ZoVt}a?hxmP-BMKw6C zjKz-B1-H|h)LK=U>K+fmj+(O!(Y8WK8f!_DF;8dtqR47nY!9UAs^YhmQ?<(~TD#lU z=bnKFCQ)bot>VaF&3Tk_Hz?UXK`^6`AHua(*yzg&#jC^0BJOfp!%^1?p= zFYHLZUmTkxQ6=J;)S_Bys3MNJPR}`Nt-8!4BVFhW(<1C3!LoQ!scEewf$F4lngzS^u2S7D?9w!f z^`UiM^h%qdDsqXzgo0U7wr`{(hs#Jy{n#PwR%s*mZnW; zW6qiB;-2Yw#?(o)8CNdGRs4uCj9|y7c66*w?Ammg60=m_reRF&2J(0jl6|RUl;^?8 zIkHnmJ@&ZST3^&Cxhuf;T5NIH#;apcSznJ9!|1fJNqV**)jmm%x`wnpiJp4tNTvBG zJYlNVIS`FvgE?=_F>Hcn)z&9nwKQr*{K7ib$>q-12aTg&-LDNdyjaf4n_&j4)aZ(! zvX|~*w-TaaY1HqGR_pf3URE_$4)=4iS#%lm2qLNM%jAJ&I@)Bb7dIVqaS+8`9F|u~ z97|S-^QsI(bczkXxhyAgag)rNM?P2+`^moUR9e&$kc zM9rsN?pT@eX}>4b2s*YeT0Cov0(RHMlvYP&i2>7It}dk{u(-W&>}}`Wc27CmeYerq zw;Pd~a9GkC4A-m8R-W2}>iN{`RW2J>lJ;SUiM4t+pyLkKolvr%vu7jd^Tl$tRXMNu zl&Ot%#T!n98CRSLisQg_~TM*NQ=|%&e&ZJ%rc<%RPktO%SE)4X1@yiNC<_W zKZvlu;lp^$&MM>nFd6%m-C(1)8{95Z(q6gOG0Vx4*(tGeo@2_gy^nT_)S#{5{K(J7 zTZ*0Hzix0a64wom!{-gJ-wY3u73;@+8!O99yVMl=u02ud-BpkFq_F>m8{AxPXCb=*HYcrcMJhJ>LvLbh^H$lc z=>sPiz?ptg^@pqws-rU5^M;ba(WmBiBQKokAy}`2O*d5q!N9qSWDwfP#iLR!XnMV< zJ7)b6wwv@p*QA;FcE;%|ygVK|$6|Gc4Q+WbX^LSo*HUdqR?JaMZe@Q`=Vcx1Zqx2| zb}S1s%ijB7F`KlVH7WI|0Wsug$6Ict=6Fn|pl$2R8TnB#U44kvh% zY1cQSjy{{wGU-PYJ*szG%_N$~mnws;2SOV^R!yH6R&Br1;_+HcS32!cb?EPhaIgSP z(_tr9$&{yiWOZeEv304cnnkP!y^>9E6hCm=u|k`@qrDy$*REyj9d%QmZZ2&(rTTbd zRp+^r>S=S6T9d_ww@k;}W{WHBL+ezrIEq~jIj$Uz1gpqvs;4UZrqfci2pb&Dc&u3E za{WT_i%xUA=$r`>>$N)2@l>Qu3J8tJAs zANM=uo?6GuWwX|itTDsH`|@iBg$a9RLMV1=9P&)pVD}Ts7@SD zVvCU)R-9dA&h~o(?;De8yFBLh_~hKui3K~~P@Hpdyg^)vn1r_n^JCFw8e&5XV!BN@ zMS0W*9jV_HiOX0F&C$Z2?`W?lH|V6TirSiOvl^rB*2j7+-32jd$mJzROgKF$&WPE_ zV%%oY!yI?v#1oBfdDF?Jxt^a#+A?uA(tJ7bhMn@6?v$wd(j2R^@S`sM6U2h5Tj})V<--JA+MRb6#8)f=TO=R!&7fi3jeaXXb~sD+fuY zayi+J&GDr@IjL69)bwMz#ZPrDsBDxP_buA>9UP6PSP^3uCB9YP`$t1mE^Vi~b2XVd zcNyL*m7G0DdAPFe+deOi^clvp;&Qtfj%ug&N<8$ob}{ma1$}UK)FB3$kRQ`dvKRL9 zu_ctIVs%t+k11olO0Ye-#rZ_R^y%CxgS6e?!U|4FTdt`F=V)?~=7J!P@gdkvdlm0<_H+q8{>CwQ@L)VnSV=u=B8P*r)lh)hhbi9l6|Gd={H{X$zND zU0FEyfmaQC%V25I znS+G|Rc^;tJQ-xpfN!+j=};HPqPSCuVjH;8DXjVW0yF)1x$2&Yw!+cYr51^^+Bx*h z1)TSto<$f&i7Rt>S)cLTNVr(lV?9-7yW_@!>CW^H#5833qiRZuk=v?TaVPX}SzK&M zL+CX(gtiFV&YmB3N2#};ELZN@J?dw1wdRkDRc{{;uq~yG^}WcLI0%GeTwH38d{Pk%ih>KOM9Mg2N;oAFP2jjG8ExGD> z-V6FIvK!dUEU2&s5v?2D)A+=?;WDeIC zfsRf~PKqVb7TR*j^VIITSleP%>3~_CSuIsqJJm^XYbd9tzg#nlNn92uVx&=3P@+57 z#VFQ9C)iw)c*dF5c}TK^wA-suQ-%p%AEi5NzaEr9E$plPr`Gk_F#E5)T{rQR3LBvtp=WJfeM>Q@WgCAl?h;)hwwIVY9vC0Vrx8(yDmJA=z8 z-YS(}1@27T{sjUz;nA1DMieURo<745BY(U-G>?;2YjSWkcf3*e+gO^_i1S_#X%aL| z+io(Gk0YU8)GqZ&()v}(en{CZ#p}>vXWif%liJ8`_RRrkQYQY27uY7dsD8T|34DmI zBmBt+R=_Y79I!CW*2AdrOCSl0zgN2|wHljwQ zRAPQlk#w2-eVK$G4E@gS5jnVL2P?2gfTbop+M0nG=K$P{!mPWWST1xgYWaJ`2A`gr z4S=a8z$cj#>0-d?&F^%6Yc-;y!;)rD{j6Y^_TWh(*h zjbQKTc~uH84ai0ylvjsCS)EF&*?s}`EO~E-W2sh@b%RZJQ9AQeVZHSe5O&5XHX*BZ zuEyZn++c()+X(tjurH0rv-zyYwX7X^kXPHqemv7gD;-ZaL#il_Os>sb`g8}5AE%PU zZuuh^w8=gp*d9--dbw9SxU1ua>dGzJlVfQfEXD^e9XB<8%8%y9!6X8&L8V(=kn2WW zs$i7vL>Dn>w`+|FI4er6He)5}#Yp%P2)h34vZQvjKKIvxOw|{`bkZyO0j0VNL*w@$ zRu`JeWG}F>FlT#KJ0-Bj*)<}5y$SFHEAr}K=(HQcetl5D9gM@=Q&dWZlU=Ye$Cl<* zHbadtcm<;ev+?;%cViwe1~z{_)f$f5O!SpkF3s(3s)y6TY`Ls&OBmzq^v0lAw4=nI zH^A3mdWORVY~s~PrBdwbr{PxVV{%hJuR2Y3)@)21f8sE;`ni~_WG!~r8)7j$VZ!+6 zvc6TM1`0Os_3^$i-ODYq*0EyQUpu9Z$+MP1vMZurT&n zcO?(2m{$}h!&&LH-kg1=vaED$sX^D7u0O@k+kW6HQG?*vY0BaFUf^Yev8Tq|KauB^ zs+THbVbl=_Rw9nGgj2SBWnZl>+uo)(Fr3OzoBL_73Dkann#Lrn)?BJqs?isP;G5NT z=d$lN)MnEN(%Mw6*2-JTs-8ESlfRm2tTx_N0-Y;H;CvN9oLQ$K|Fz=xchfL#%_n+-&worRdByfSSk3 z>Ex;=J_KL8-BM7Qr8P{%@~&~Vno_UtFXdBxTpk}Q&3#carUr=it&xcf^mf;p;dGc3 zF_V-I>C&w+O?#FEJYE)rNw@9pk8bby+MI_{)ybS{lJd`i}xYWNmv>?vi zbUNv*_~=|+rI&HI->OV{vw34SZ|P<6_)N8EbNi z8uVe(Faw%ykV0g-rS*7u=~;BOvuO~NaU8cAm2z8ICuicUHCkG+j2YYUpixq&cGyk8 z^>hbXg}tskTn*2B)QVT;&#wKH|&6trpsiiN|w2x+ONH)ZexT^pK&9 zes{;Oxdun9;#gL@;50Xz)b!ojBbL;PW#-4O-X3=~K;d}u&Sh$dUu-Pm#^?ETthAd{ zP~4Zd{(O22#U8t%wV<(Phj=pymjad^cjI&)2gG_!3Egtd-LW2VkuA|1!f#UEqAs>tOByZbi39#b=bl7 zR7Ft6{(e>}V(}!{VNS=lU{drnzAJe1HAj2+xqikyp7p>@5i2jbblz47rPR8x0dI_g zA?7w^@BoKHjN6{HhfGsG#rt)Yukz~(eh9{WOY*$xYHg*WN}s_6H^C&~%nljmM8~zD zxLVm8bFeBMrmZu0?>lO57qmjPSsYU9c-t;1k=Gc4<`h&Cg1kTX87lNAi(Oh7cPG>B z#%y=M8QkIa#fG(Wlm*if7n|;7;#9rzkUw!gxsJzp&*4G9DEFIS?mR89p~wZnpsVPk z>7*{UStSbEVC8sUBFKHRrpPDj;RJSzrGa>fI1ZxEg|blSNSA?zGoS`K*f4#DgPhpj z`nEkelihJbdn|HB3t_`~_HMlHy=e1&4-|TRJ-9tuz14Z$i_die;)s|G6&rB9tj--~ ze3&?`8qf1f+3azW;+%(PXWx`bOrPxrw(8@~)L9L;OI_+>DbYNeolQlti=Z0I0eLQj zsodT79>`&6qszi;UJCySmiM2;-#=TLJJPaSvRS?`yLC%+gidIcPCG2_*r4q%3f0XIIB(syV|im z7ejwONLPcwgp2rMxMGEl6deq2qR9cio|Y6tt569wX_>3)?z}C=q0v6h4AD*2++-pj z-R@y~Y*$(Q0y0Z|EUXUWQam(=>hRJqNk$jDVAT>peO+@7>uMU*gR?Pr8N5?(SHQ!8 z8g{}{Yf3AVN}p;M<#I4MxW@X@k~pcl0uO6FNF-qc;S=-*{Q2ZSIH&9B#ueo`c0QH; z&QcFHvThB6#wa%S4pp@KL!#C485=t%i`72vjrnlOg1Wmrt{v&2PElI1&-G+4Yz#V- z!13*AFpN!=G3GW|J9McX-U&ziN%AgL$;Ogqw^x#<(!BSGL z54CeZ@GPd+BYCPBAHm*<%pl_HmF`e`d6up=ICx|2|E&SZvd zrSlZu8Aes^t%ydo-1W*UyH>=&zttw2RIjn=63IbqQq6Emlsb#4L=U9~rj8jl?1f5a zRhF0W(vCt_aT5hAKZK_aGgNwDn0*PgSBzo$S)U;%E4{kB!PjhUe%w zQb)^J?C-r;Fjr0CI5RQ5(T8I+TMSkQsX?vC5>wvKYwM`o58Pl95OG|gR&saFF4bsq zoR7`RK!Bj3q+MzlqjJqEAJ@fVeOFg}C#W#BsC5Qcou*vx&G#2v7z%=WE^g`G+1Yv4 z?zknr>XyHZ4{i0rcb8Q8yrvrg4dOg;wuOZ45l4}5F58swW?<&UG-gWNq{dWL5pEyBdnBNTAhFeYtwhbv9|DPex*8@kmHu$txtmu!F0xx zWnG-Po7&F7XusD8M?Ji?ky~PCpBgeI9%zZgxiVN9nXPqHlhbg~9JE5cV`^n?<4lc8 zn~4IqGq`i@FP$xi%xP8ksBP!C4803|zO2}xJT1mYB9s@W?Ft<)GGM>Da(<^PCsEsu z#|M7V6H1oO@GYK=C$b7|aKjVNa@fHq$W^1^98A^iicEjvVeP?g(=!(PXp^=(v+l2o zcMun@#%XNb*4^=fRIp)3U3Z!oyIvg4L8^uNWl;6=5QgV?)OX!mGVvoX<*Pe5(%zTL zO)$BAf=hoAMo)6r?Zx90!e&7_&jMp#3bVZYEq)fFU{96-p|=q4>=z z*eU{^w`?B`H_hUu_qRBM&(zAh1OXJTp*)1i2de0=FLv89+&8f!4*;+F+Jk}x%Xjst zfa=`(tlgr7KR`4HeF#5}QJ}&HB?<);bum>!2;zq5;Lnr;d)PDeJFlu0l+ef^6@oh` zGz=&b8X^2)>lvAhJw!poxq$W{!1G@=h!>y5?G1K_Uav4jvCGOE3;{bO{%!PG+#qI0 ziLOE68RY?y4B3L7gectmHdhMUJT4t#wm%E-YlbB6d1eUuEG$&+)u4<~C_eNQksVdP z#Z@D6JVxe=F!OnfB3!&Y&gyw6UjH2^vGwuXx|Mx}^J~stS>i= zK%;IR6&Lh@_cRB8T|NEcQqH@Y7gNGeNk62rz4iRi7}*gdW7x_FeKb=)JG)=eum67i zLJ(#-9VKA=SRqJM*VaDMJG21vLVtiM3K?Xm z8jW(&{DCIwH3tk#>7ii+iVLD0F)`PpC*{&K{lAKrA{8W&xG9(0W$B_I6ZKaU`=Dn++hP1Y@2<~FcHGj|Z zib3++wb)x!u|f^c{(D0JaP9$y3;#V+<~k$twv2NeDjBPVGr|>n;FNh1B!t}0gb`~5 z@?wg9&cx@ZCbG&XOuY@P`qddDXIv1-k7##igP&-_~_F+T+iI4@YvNe*pCqc0UhOMg4G5BaH3^Nn6h!X z2G3`E#ucM41ms_P3)*@oPn?8yns>mU&V5_VKC$5zeQtAfRSgndY`|q+xgmWe;|BvFkeu^d>*G?3?c{c`4iH|D1=4; za)9zAEqq+|(>GrsJbzm0_T=ji?zbABeri7Cym)Z$PYZnMiQ=Ub^Opd?u1YB+OKh*+ zq+e?E{r5LWznF=fv4^P>1H3RF(vxJmhd0?h-pAwPr@xdp{Q*{8XdDud@%8T=GGrfx zDf6A|1Iv^^-&y(J@Jjzhobwlr+%M?(*J;Dv&e&goZQv%5bn zeG=sL6J#{Y|AeGDp{*t;gSTrtMqv-CYxnn%;{0O3ZzHrpX^1Q^KA<1IQXwIQ%p7tO zq7;G;cAIOEQ1zEWsoRA9w2nZ5?(n7w%yUgPoDVgTk9qiD#04NG7}P+Y2QH#WuFU6Wrl`D5 zEtLE{_5-9&L^h0qh>*#Pz3D^_;T`-xP8zudX%=P(B$ua23JnJa=_4WGGLU`#E@pX? z4_)HTD3WKAzbbWq8zH@Q3|4M1n`DiH7@8%NObZa>7y7r!`s5jWOEZa#Mh}}rUi!5b zJX2K~kXrr$G}EKrbz?UiuTACSnGe%7Z|3tO#OZ!2@K-bG%~BT?eg}t)=ufl8-Xf3G z$dE_>*3OMr-s`>vj|yOS*XkQI90oYcQJRTEIes@#kJ7hHpGTU=XVz;1iTu3q_p&te z?+~dciqrY)0RScT4efmBo^kyIv*(uxwOnhB+PsbXvwhLH56G>FTX*8yR{gq{Hv-HZ zJCK2$nPA#OQBG(Iz@q|cC^rbaN~#YB=RChYS}(st7JP7T0%J7L|8Cj)=^dgX%H`Qt z3;QIqxS$45iheL#p?v)a9=cB;;}v&eybDQlZK%}OQO%nu|GIPew=A_kKPTgUTV4qg zC5UZlE0FSBZoA#NG;Yf99ld|I6-2+x=khItIVrFE92xUMqmkEqQy=ve*&$Hx-W@Ek zt$ozPpR!t?jy=K#rhS-co$h}@Llf{<1H)>VW`1ke!GD7gs*EPkPle%Vj@$*1OpVO3 z*IKBbZ>P;UbfjmQ^jAsML$15;RXGWLn#`BmeKNYkL^h-f8 zBJ2zfy|B;NUZr$f?Rigg(mh{>@dO*#2<-Du`}i~XY^$EK4F(K7}Q)}9p(6L3UABY3ynzk%~K_F36ySUG-ksX1TG z#rCMt_z{xi{`mXCuss{MA*IxhA!0#c>(Ag>cQ%oxjUP)T_(H$Q~g>fd+~BJ zif7+s#wbwrQfcWEhD2f+EFznid&~*P8F3C}uF9DRwQCy||;8ealdM z8T)g%mz($Hx?_2A6`3j~_Ch@Df@0Mw znf!D{rsJYA-0LDH#C0)TOq)W~W^8VPcO00KUDsD{ygVmAL~XoIBmYq{mg|JhJrDAE z4DOV}dz@bZt{uohqJ@~xe#qNWh_b{jnbX?i^|vN;$-yCc5sstpgS@`{nw&4$q|C9* z0dwPi)}sf4uyuQOKGu0b^g9=hG`NWh98VuthoRcfr-nxbI7`7n1IcJ;TA{Q5&6o0N zpF(aGXrlr!&+Q{9aR1mRM?UoYafE=o$|4+?35rbs#~fSpQH}>f3E_6Gqd^=Qxaowr zH%dTU0ZjQ++2^@+uCWrfaHuWHVvR^^@+EE+<5_1OjBuJuA!2sG9Im7J7wCu$YC$D{ z?!uK?fBCyxMCro>iY_idI1!;?!e--v@<7ova9zZZwCZKQFT@=XmH~>0KfN=?`)yp; z>7SD%AEwuSeudB6$d$3#SJN|x^GVw6a$NSYM3UB3NnMhFl|KAy0> zO2E*;bkvFaUbQqnrCVLw5WL{m*$ z2U$G_7;|t|kehqFU#NX*HmS~r*nut)m&v8O*-GhtvOT+Y{!I|Fiy&KA^wPI&(n)EnMJ+S=Nj}*@RvgfeTNY7B$5tV+HyAC!`d1(mJ9q+ z4;v;#9HtevWmOgjdBhKw+TOY7mwvh3b@bkOS0OC^psu2+L-v*3vS$wEI=L2jDXoW_ zq9Io5WH?+VT6mcgrJlC5wksmF2^I%epz%Dp5O}9^Xr@U;YM3)jmP4FAs9v~=;R+;a zwO|_jfGN2gS+1lTdr}X!HHhhU8Natkf+jF0Y`8yGT%u7frsC9Tr(zrH_8Y}fYqv{y zX(jHI;c8$Xy^Yr8)x$-t;4JTPGqGxSLZ#YT)z@1cACIadlCBKKgzU~~!m5?sOI&qD zWmEI%3$tx2^Wg@c*r#+Ui1x*~ocNQi4!dQ%8O$LBxY{YM+nv#HIhTC)a&X)ZT!!Yc zMt@?eqxw=w8OJdke12YF^ETZx-i?e%tD-!pIz5vF>lc2kC&`px2cVc<4iOeBw{n{`Oc$?8oUU#OSX zh7(WebdiEbg|kx}rrGAj9%h}!QqoRwVYH!Ip0n3_JjA@tmLj!S5`#lqIGb*HWt}9I zBh1UpI&G~wOruF#Ycv`s1z&~j(`Ip~blu&4$Y1VTL3R|s-s zN5UP`JiTKJNkdBhl?VkNg}n-i9`f3>w-F zzWkFL6Ta252#sh42ih0kdzR0>+#D+LeNAQ>#iu>*%WZv!TU3tPHygO}YTsu6c9C4W z0KF4r(EU_t|K;9&9~F_HGKC%3K0l`A*S7VIWI;{M6Z3DXsmx0I*WM|xMu6b{*F6nE zYy*YN=i?jSAGPc4s^3C~9MHo$G5zkw5v1>%mbcF2wZF??pN-77_d9R#8>e=TF0xGh zjW(ED%D%nH@1IVnqsrX_;d|KBZDemV0!4-3$4?oE4r}}M{J{z= z&p&kzDQhR53u!q0IE$Ce41%9{tb#ug8;yMr75n7nYjxP`_HvS3@5lqqHo7tI-n`*m zwYaDsH_aI(YZepy#&(mW#@yB4sZy6B8 zGY2ac7!Tko=%)g}{cXr>dwZ3qEkfYX@F0!q|KkutxqzRx#oOS$rS?_fVT5pv6-=B8 zWTm`!`&I`m?V%0#LLiX$mvCS9&A6Obty53wg&_pePe3Gn!k}=oEhDlWeHSinA0eOP zry{ookzdzSLwi(gikN$WNTQI)VubT}Aq80J`4Iwr1CWPsVG+1TTvMH(Mv*T10SQ(N zVZEvE!nKcZ9f}l0pb)cr+i*=cQkKRUs3Uc8Yqz^n0d3Y0^3)P6>$qLjzBw=tx;sA zxteAnnhbnR0yxTor8mwMRFK{h49A&6F0$xE#F6?TW75bHcP;q?^4GXI?0rIqciTZk zL04D0S^NO1lgpG4=6PdN8Ara32#Ws3Ba6@=eh;Sdjl@;FjOX`O18Vqd{nsl-^tzL; z8wYOxN#)El1k`3Pg~xzqqxWf1WVG--pckO^ij-e&sS_^4s4#*%Stve zU)d?H^X_UQ2di!tIQd0O0BRZ(()W2g$}H^Hb(&jCu5Lhgv%gb|kSZ2U%%|Ca<>MZr z06Mrx7R3l7BNc)S`suqvPo`mjK=Vvxac}jG^-Z08Q_be+wXtQ;+sztCZcyt3{=NZXR+F2I4{x!19x!Ls1{0~rnGwyw*ErwE@I3oM!wHUI{fsfgv<}+@fq59m=ysU_txr z6uvbEkWt>7jwI8wpSiB%|!`jQ%FandU ztb0O)ys;d>&zkZxvaKRwe8xC)4W6D3ulBAS#LYC5e?vUwd;P02IseOERj3K*`DZ6T z>hF!fsQ8DYneAV2Ov8{1FzEW=hIn)}Mt;-AD;g;}?3b|(5%pJ7<;{qHV^GM41qgUG z%w~); z&tZSS-%v@gCll9CwCzyv|8>6ooYlH@ALb1tJwr)nLlnS%-88O38F23m(#<#a&hTOM zkkgtA?AK2+9~Kn;{wATvjYKedSz!*9onD=`p4t8fs{6d&;6&oidE;xiN=kS$bZNIF zO?tj+pT|*^8c3Z{y;ydRt%Fs9C8yw>`Q+4ysj?24=Mu2ssb!KlDm9Jm!v)RiifE0r zF5Dh_nlP!bk{!mBD3W2tg}?>-Zd9pwhV2Q9dhC$Hb1kfF*&`>_@o^<$E9L5N6_xn) z+TdB+6_;_?*d00&+#g`ihWq8*hs?$EWjA27!P0B=ck9l&zt`s@`m|z~UnVc3z$O2c~j@+sw;@?vg0!3v)ec zoa#q=2^oxMr?s0do2T_atoC~goL>|N^>deNCTUDCbFzN4SjeZm9}B|}?kx6tl1o>d znb_9j3K$3pVpwYO_NnN&0+sX*gRzU70SQ+f59_mKt7J@FyguSu2#euxx&!)(^)8gRL$0t%% zNEb5S1Q|+a-HC6PNM3i=2i02k*$vUUR5laEpLRUUUbJ+)2)D#}%()t>vuRRp@1k(n zA?Nb>By@*lh3ZA?onZ<>=oa^wov`XivwN!%=U0!0=@%>HOiF`N=XA7$ZsjPbG2LHR zDrFf9cS^k$?#`#<<=j;nTRkqRo@n@0?vPBXN6qYyY@r#Nu8@cae8X@1-5%sio-UkG zT~_8*kxM(Ug2d)Aw1Sy%uJGr&)n_}E3T~TLAfzWj4(ja@8JE|@a%FL0w4zqbwpgX> z?S1JqZLLIQ6=4s(%WESb@D@lfq9JY#0wmf3!CZ_SEg;Y@VfjUHaB@4pRZ8r9(S-rc6RL@yuYf{ak^XruhKG;OAqDc z+!Nl}Q4*;2&a5?E1)N2%`}~!#&q&_Ey~QzGrJ4KUM@Zx+`9O4mcYt{AW`TajL5BLFrVS*{4BCTOc;zGD*5`*`P{jCktcR= zBlG5(mf=7>TB)&nr7AgD=LIE=+=kKqlAQY|VL0Fvz zrdv4UKsP^VBv)^v{Al#;e06gU>2&EITjQk-0#nxaL6k{ zyLmfTd)AXK`7ujT(R=J50)w#S`oAwo^Co%$%mTSCKp151n;rpk1%)8O8(jKMwySH9 zbnv~lk&iYCjC_MNcq893C_X^_{AVvF`J$*l!@i{#em+8?HrxLhB1N*$LLDq{uOkWb z4t{O_KwGSzz>l7VHT6>X?X|7nLQh*+NM+$x;D*?D^cG>1M#UYU(7v7MJ_el#` zz7Ip6A%LG!5%tcGUXU&KDOJ@oZEv_eHFLK|Mb}_pgz*(6BnBQK-7%6_pHx42U(xR? zJ`Zr?n|130^c?6PmPaK$v_V(J2;#bk>B6b!N&ko}7zK!8gU2_~IFGHoPqMpehRZDn z)2whNC1n{ZZlN6c#JQU_vSK+AZzQ?`07D(1f?^8M=cg!rs@1=NMl=B|uT~cj@)3;Z zHc)}<5daPy@2dJA^>4^TTR~~g4dHumO2~di@wPY*~9?@ZEnDNj-i2sPUoBa z32Wv?Ahdj*dxn9@@?qWu%Pty<+se+Zyin!U)7QqhTiIJwhKCw{RUS>-=O$4LXf!iR z*DGYu8}tJyKld<2UJ9QA%L}}2>{B9xxip*Ozek(|gqBRS$lL?2rw){$1za?!&)DRo%eon$dn5s?qY@HuuMd%(;Q+UL1pN-{ z+Qh4|Lm-h5D?&k(!UFZ_UIC6p;7|+PKuysp19-NT0E5W9W-{IgR%bZKfR!U-O?aVi z7Jkk$V`K+6AFR&6?0=v2@eULn=}?(01lZTKB*+(nnYj6g-3Kfu;tj*zXPbVfQyC&~ zEFcS`<~y%pKLgzWEUerG3ii>wo395VZ~X?U%2Z2`^7$TCd{2>r=$s#SVMu|5FcrY^ zma}uT-Jxj5d%qxBGM|WnDyiUfe0Medn5+@U?~kFUoE!F=GF z@A0`F3dKQWNtR&@p7-8dH3|&pnnN0n|M?QjI&;0LX5F^`vth zRuHVu*L08hL;uD>pGF zXRp5|(zq%-o`m#Y6KUiIaImoFR?IK%f!A`mgozSqtXYwo_eXnD-w+zyy}K^aZN*$) z^rAV!B%F==)5$sxMzSl#!!781{fghz${yS*!I zY9mRa-~B7JcEs8{;nsx!qX=SG2pO=s1^Aeqz&aX%K?gcG9Q)(rG9%uYGiP9NWtY6~ab!P)xN`{DQY*QL^4>u7mnpKW;0#$9d12+t~dMP)fT1eaS+qgy->HsgX z4b{5h;6^Y(GM4rxaswUTOV*x<&ZZ63+9ZV&;3)qupi`bR3O#2Ok~>Z!RjxET(WolS zS9;URiGT{xC@F86HC#1RY?S&(T4d(|;MBMNg*;`2&fz}3p`!d3JUe?B7$dsxTzHG6EVQ1)f2${54j zQs0U}P&x+5-w4SY!Ja9_%@PLxb-ehtrK@lJ^J?89^Tj ztp*dEL;VXRRRpj%nfOrc?#89g_z)PY`v7>nw3t!_0uBw}@w#7ZVfPy816)3W4>m4) zG~)+Utiq#D5XLNDn0j-#Rw{dLS+IG+V!mluzwvhTDQK7IPoydLIYdqlw0_MpWBg!N z_!!&@!&xcVH9#~=$GXVAx`%8_XH0c(OeT9?pkQ@QV z%?pG`%UBTfq%?Wd(DW?IGdEvson#eL%LM^Ab#3x%SI|=fBf&HiGtx1(AzFzRRq5TU zn70>;L=i6Rg`X+oc%->#W?~?y4;?$iW0LWQ#P-2&4$GdsfV?2dI=lYVs zx8>P;X0SVE_~0gR#(=oN!)Sv&(b>G+V%mvk?-{vLXqJBVp82c1XShx6M{!tYMq1M1 zvmuSzY@ZK*Cj!Ws2oez8qz@an->An8BA+`$0Ib_@r~g)>=%zSJCP@VznPsq; zmqe&u3M?@L!5m7WnPi11(qtCWSs^L;tP|cr!HB5y83(~Ci3h?;7oA_z56uox?j;$| zJk!P@fm=MO`T67d<kaS1Q zY=6zQ!)?>^=7h9k#+%9&pc(W~fBX2~bDoz! zv4-=GZV2ZX-RdTCQDi%qGbmS1h;&yWN7>RS22mUEc~xt6>DO-4EqG6k5YQ3!sds@` z3NNa*M1QJ~k&#$>f}BV!eNek4_7Z@^kwQxRs}Oz_b(NuP?hwU)O`o7BP$D@3Xae9F zV;xii*p&cS3q&cUO13lwFz572SalU;#a~roS6!NvXlQn7G4uV}j*TSs=hoq{-`?J) zt=BGR(>9VDpPHwuZv5?duOUu50<>#Qn3E6^k8@a8suJco>hC^g6X{jQFPI?{j z3RAToB4zKhqzGo&m}Zvz?fy2N4dGQ6eWy39c|6{utw4 zr>t8~ES+#>6CffYpZQ*5kwc<7gb}u=-`z$8Au7YH$g;-sKs~LmFz!R;dF=*gjcKLXY_Xh=L?$t>h1FA zWb|p_NB!jE)|Z3Pk4ob{9F{i2FFRp(@j8!)^P9`k$yxcVTBa%65tX8Q95NR0Kwu{5 zV2eM~FP<1x1t5yUsvDFw$-*Ugs+E_6u+GA^yxerMW!WISu@PtqAJW&NZ{Dd-Nl3Cm+J@g>!D-hGn8(L2k!ylbjpML;P}(#$wqGR zasI@AIuGZ7sBZw|?9idU(~{&f;>54(;5R<~Z|ycIkB;~W94T-niCD5Z*s=LV7xBTa zLRsBuC7BPMsrhC_>&_>&XpeJAEOSaLbN8qf6Epu>Eg9oayHpuYO?WW?Qa90N)9#XP z>^{QZU|ix0Bgw9rYc2;!h*|F20J-T$)PFMHsAPvEz8dB@u5-=9d@`YoX^tI{@Q7(Q zdlKc6d`BccBzJ+c`al#zI9vZF3`U*HPWQGGNIp5sbo$%kvA->6kwD0wV;Qwdg7IET zJ}oA(oRP43UIk#BArzJ(ko!dY#fH$;uJ(;`m&^fU+Tgq31+qaJN_87>RkA#Uu7<%4 zAGUiL)=3ZVhK5by6U%t8O80L|AdC zRCWOD3#Bgl-3~z@Ax$FBIBeq(aw6%dGU>Tmfn)L8kzf?TxvT8IakyVb$|t4_Jgrtv zDu-J~Urx92$F`9cIk<;KQE+Xq>Xm)Dvf@jfqQE%C(j(eJ(k+8auT~CGt+>B;c$6{p zCm;qugWbM2;SYKkpo?Slv0K`y6!%Nj>ZiTK^?yCx>4S#Q&idX?X>0f2Pc#=T!toOh zGa}_e#UawRzj$}Gb`MOo$~GgjTj-V`>JmUM0qLP_NL-t42zRMfQU21 z?l%-@LOzJuwn`+#8HV0=p{uSQBH~z5O#R2}QNx+csq~dd>?iGrrv&U(BiQbdMcmA* zilA!ZTUEwjeZcfUGZJc4v-r;o^>opOqKGoNN>bvvf}FFR2Hd*gfB>N#G7<*MZZKtV z^oCc2H{DMy6Qbc7$dB#S*wILcsy>(;WNT{ab*OWps5EI!zNlg?u9@y24Ub4~I$*R& z1Nj&5lf6?cIzj;9((^KgLW&|86j=f$XXgwEW#`#6Jgzfl`A+$WY9B9|?F@rFn><9M zV4WC6i~*j-mKvh~pzI)x2LRwsH+m!f%kl@3dtIlQ1p{kw+9EtCBpvuE0bq+E_E-;h zb(zUES%bx$h7!8XLLEC4c3*0j>u`^$L?!*12M8UqL$`79!b8Re%X_WbcDTPoThecU z4{&XXDz%up8eI;kKyaN!4=Ih~QjZRhqulR<&Bdi?SB@IOfv08@_a8#7Gm;xp+PTAH zU^D!%#yGY7K9Eiz*FlE|jR5`b5$s?zcsMQ8MMgk(a-@!rx7MY@eLG8n;66?}8wZR6 zG!|RyMVq|A9e8~_xMIE$0$+VZKm1>+Gm`Xcyvn9ztM<-;w!)uO{63wO9GZ^V(Xwpg zmT3L0TiANhdhA8K7%Tsk$VJ-zuR||le?J|Aij69Q_`59P>fw+^?LERrugJ+K!-Cfzk_g=`_;sIAl%rvW2HWou!+wzRxlXyg}N78W-qr5w|% z)1afDM&e-TWgdyQ!FI+S&;a{^*JnRPSVhsbAN9kK(M6JIJoTn}wEqvr_n3O-J*gD& zr=H&!@3FpF-cJpXP7nFCEzkfiPJ6ej9yFTCN#kgqL&dA=`ic8Nd$5>CkL(6Eq)xI^ zkGnwoA)XtM0x>AS9uofuL<1Od+^mWu2$MwE2!T7-1e_biCW|K1VvWU@_ z8ViZ@oOR=yifA}tXJ33g7jyWG^`N&dq%bW=er??I)9xePO+I-ReybN^i^k}~(FL3> z^GnDdkbcOYOxjFrmG!6Y02T;Ry-^)d0FO)-xlAo2vn3`991J!+ty{LtBiA&bI~L6n zsXbz|#HMX26*f)7_;!fUnhC3~P4g$NP+H5v=GH#&aU#yT76Ax}q=_BtqV1sEha6nq zT0g{VULkl4PczeiOoQle+SaqwIY`o+4@nwN(8|KbhaSmOU6cG?y`YWLt#z~~4>s`g zntPZL*cD)uCI4#_Q>l4j30{xW2wn@7t+)-Ak@is{K>=VRnrC+Hlsj>f_{@q@dP#vw zaHoQ6L`$im){=2=2j{IL+rUA@5ofaWXk3_m1^@J&2`G256h_t?4bEj0JwhINgr{nC zN>Db4)C}0|8}?_~c{mum^CF@BG1D41E{x0S=U_>*Eog^)r`v;j(IKdczgE`lZj=*R zV9az+a&4Ho+6FPLz?PAT2*SG_EM$zL^=*Z=U4PKHF~rygL6+RI?S(gqd{5gYJoLrz z;Ma@e+KBrE11s=8_@S3~98`ql@}m~yvf9KBVL6NKCvf*s9xN@dKUG$oI?Pxb9x{n* zLV(&f@E+?Cu;t}Tg=}%pdAe*?Has`eIG9k5#z$!b$k{L7re1Ot`TLgOu4CnCarXO& z+tg!^jAdPy4}S4X#uh8^Gp0s?-%O$~o?VNY=o9%E(ep3!8iQ#%t)D(58eb=5QN&Ek zY9kPxjy;ohW{i}lHl~Hln{5jkfc>$1n&5>4Coz&p`h;|A{)jNji3#pzTT$3_05CM9(ey z0P-Usxg=6Rh{_(yMCegTgyI=mCoGJ!0ba=ZFH9m#XVzHnaJ2E}IJyUxxZ|x{v)oJm zptP=WMOTo;IN_RdajY#ZuY?=d7oqxL%Qof@?=1}PjFEA8f89f$tizlt3z-LQg)JA) zlUv6qqCMw7=xZ9v$CRPg$Nglqk| zv|X>kaoYJJ3;Rdg)ivmT@e)VM%?C20@iie^hK=aV(-3e)-8Va_k!3qBhxkhbbP!|x zjyFF}xc{m&M+8c9x;i9)qVnBY*yUe|AADR1Wi^#3sd&4h4x?ca5ZeI4&09i@@maestiKhcEQkoN9j}1^s zc)U)!(V3+h?6keXT>Xs(!Ns5(zy)C#D&19)seTGD6dP zI86^f!M|`54yC9*q2VEzVl|q2SBY(rzX9nkMtItwDtC}z#*>V*5Dq~MWt!jlpC_fy z36!zE!9s_uyiZn_3WbHY$lean1~*?>QD&g57Ubsbbj3TDI8^Sft|1HWZZ zxR|6mh2VKe%fmn3*l-NqQ>xKnl1{iH4>H3VBK0%k8BgUWZe$htGp1R@Hw-J zrTU=v;mh!7EwfmC|M}hb<^A)*htGFA`Ol+K;byS5zq9&3G#$EH_3quznvo;y2%=Oh z6>#IyQ5$d-trnDWHRuX`JP05QixLR9&9a@~vdnwf==*5*guS(c-ANaiSVcdsLXL_= zyF{IoONapx(MH)xthx70UkdtKn3xlG_5{i/device/model`. + # busPath: /pci0000:00/0000:00:17.0/ata1/host0/target0:0:0/0:0:0:0 # Disk bus path. + + # # Allows for supplying extra kernel args via the bootloader. + # extraKernelArgs: + # - talos.platform=metal + # - reboot=k + + # # Allows for supplying additional system extension images to install on top of base Talos image. + # extensions: + # - image: ghcr.io/siderolabs/gvisor:20220117.0-v1.0.0 # System extension image. + # Used to configure the machine's container image registry mirrors. + registries: {} + # # Specifies mirror configuration for each registry host namespace. + # mirrors: + # ghcr.io: + # # List of endpoints (URLs) for registry mirrors to use. + # endpoints: + # - https://registry.insecure + # - https://ghcr.io/v2/ + + # # Specifies TLS & auth configuration for HTTPS image registries. + # config: + # registry.insecure: + # # The TLS configuration for the registry. + # tls: + # insecureSkipVerify: true # Skip TLS server certificate verification (not recommended). + # + # # # Enable mutual TLS authentication with the registry. + # # clientIdentity: + # # crt: LS0tIEVYQU1QTEUgQ0VSVElGSUNBVEUgLS0t + # # key: LS0tIEVYQU1QTEUgS0VZIC0tLQ== + # + # # # The auth configuration for this registry. + # # auth: + # # username: username # Optional registry authentication. + # # password: password # Optional registry authentication. + + # Features describe individual Talos features that can be switched on or off. + features: + rbac: true # Enable role-based access control (RBAC). + stableHostname: true # Enable stable default hostname. + apidCheckExtKeyUsage: true # Enable checks for extended key usage of client certificates in apid. + diskQuotaSupport: true # Enable XFS project quota support for EPHEMERAL partition and user disks. + # KubePrism - local proxy/load balancer on defined port that will distribute + kubePrism: + enabled: true # Enable KubePrism support - will start local load balancing proxy. + port: 7445 # KubePrism port. + # Configures host DNS caching resolver. + hostDNS: + enabled: true # Enable host DNS caching resolver. + + # # Configure Talos API access from Kubernetes pods. + # kubernetesTalosAPIAccess: + # enabled: true # Enable Talos API access from Kubernetes pods. + # # The list of Talos API roles which can be granted for access from Kubernetes pods. + # allowedRoles: + # - os:reader + # # The list of Kubernetes namespaces Talos API access is available from. + # allowedKubernetesNamespaces: + # - kube-system + + # # Provides machine specific control plane configuration options. + + # # ControlPlane definition example. + # controlPlane: + # # Controller manager machine specific configuration options. + # controllerManager: + # disabled: false # Disable kube-controller-manager on the node. + # # Scheduler machine specific configuration options. + # scheduler: + # disabled: true # Disable kube-scheduler on the node. + + # # Used to provide static pod definitions to be run by the kubelet directly bypassing the kube-apiserver. + + # # nginx static pod. + # pods: + # - apiVersion: v1 + # kind: pod + # metadata: + # name: nginx + # spec: + # containers: + # - image: nginx + # name: nginx + + # # Used to partition, format and mount additional disks. + + # # MachineDisks list example. + # disks: + # - device: /dev/sdb # The name of the disk to use. + # # A list of partitions to create on the disk. + # partitions: + # - mountpoint: /var/mnt/extra # Where to mount the partition. + # + # # # The size of partition: either bytes or human readable representation. If `size:` is omitted, the partition is sized to occupy the full disk. + + # # # Human readable representation. + # # size: 100 MB + # # # Precise value in bytes. + # # size: 1073741824 + + # # Allows the addition of user specified files. + + # # MachineFiles usage example. + # files: + # - content: '...' # The contents of the file. + # permissions: 0o666 # The file's permissions in octal. + # path: /tmp/file.txt # The path of the file. + # op: append # The operation to use + + # # The `env` field allows for the addition of environment variables. + + # # Environment variables definition examples. + # env: + # GRPC_GO_LOG_SEVERITY_LEVEL: info + # GRPC_GO_LOG_VERBOSITY_LEVEL: "99" + # https_proxy: http://SERVER:PORT/ + # env: + # GRPC_GO_LOG_SEVERITY_LEVEL: error + # https_proxy: https://USERNAME:PASSWORD@SERVER:PORT/ + # env: + # https_proxy: http://DOMAIN\USERNAME:PASSWORD@SERVER:PORT/ + + # # Used to configure the machine's time settings. + + # # Example configuration for cloudflare ntp server. + # time: + # disabled: false # Indicates if the time service is disabled for the machine. + # # description: | + # servers: + # - time.cloudflare.com + # bootTimeout: 2m0s # Specifies the timeout when the node time is considered to be in sync unlocking the boot sequence. + + # # Used to configure the machine's sysctls. + + # # MachineSysctls usage example. + # sysctls: + # kernel.domainname: talos.dev + # net.ipv4.ip_forward: "0" + # net/ipv6/conf/eth0.100/disable_ipv6: "1" + + # # Used to configure the machine's sysfs. + + # # MachineSysfs usage example. + # sysfs: + # devices.system.cpu.cpu0.cpufreq.scaling_governor: performance + + # # Machine system disk encryption configuration. + # systemDiskEncryption: + # # Ephemeral partition encryption. + # ephemeral: + # provider: luks2 # Encryption provider to use for the encryption. + # # Defines the encryption keys generation and storage method. + # keys: + # - # Deterministically generated key from the node UUID and PartitionLabel. + # nodeID: {} + # slot: 0 # Key slot number for LUKS2 encryption. + # + # # # KMS managed encryption key. + # # kms: + # # endpoint: https://192.168.88.21:4443 # KMS endpoint to Seal/Unseal the key. + # + # # # Cipher kind to use for the encryption. Depends on the encryption provider. + # # cipher: aes-xts-plain64 + + # # # Defines the encryption sector size. + # # blockSize: 4096 + + # # # Additional --perf parameters for the LUKS2 encryption. + # # options: + # # - no_read_workqueue + # # - no_write_workqueue + + # # Configures the udev system. + # udev: + # # List of udev rules to apply to the udev system + # rules: + # - SUBSYSTEM=="drm", KERNEL=="renderD*", GROUP="44", MODE="0660" + + # # Configures the logging system. + # logging: + # # Logging destination. + # destinations: + # - endpoint: tcp://1.2.3.4:12345 # Where to send logs. Supported protocols are "tcp" and "udp". + # format: json_lines # Logs format. + + # # Configures the kernel. + # kernel: + # # Kernel modules to load. + # modules: + # - name: brtfs # Module name. + + # # Configures the seccomp profiles for the machine. + # seccompProfiles: + # - name: audit.json # The `name` field is used to provide the file name of the seccomp profile. + # # The `value` field is used to provide the seccomp profile. + # value: + # defaultAction: SCMP_ACT_LOG + + # # Configures the node labels for the machine. + + # # node labels example. + # nodeLabels: + # exampleLabel: exampleLabelValue + + # # Configures the node taints for the machine. Effect is optional. + + # # node taints example. + # nodeTaints: + # exampleTaint: exampleTaintValue:NoSchedule +# Provides cluster specific configuration options. +cluster: + id: nLpDbKmyPzb.SKDnaYJzPah30BfF9xoOIhlGC.wtlf=5=S+dGfJ/XxwUcf_NCVsy # Globally unique identifier for this cluster (base64 encoded random 32 bytes). + secret: /DnmpetItUj4NVQ1SBlQHJeEuVIS+aNhZiv.ko+Os1pdI77id6p+1PySn=ojT.l7 # Shared secret of cluster (base64 encoded random 32 bytes). + # Provides control plane specific configuration options. + controlPlane: + endpoint: https://[fdae:41e4:649b:9303::1]:10000 # Endpoint is the canonical controlplane endpoint, which can be an IP address or a DNS hostname. + # Provides cluster specific network configuration options. + network: + dnsDomain: cluster.local # The domain used by Kubernetes DNS. + # The pod subnet CIDR. + podSubnets: + - 10.244.0.0/16 + # The service subnet CIDR. + serviceSubnets: + - 10.96.0.0/12 + + # # The CNI used. + # cni: + # name: custom # Name of CNI to use. + # # URLs containing manifests to apply for the CNI. + # urls: + # - https://docs.projectcalico.org/archive/v3.20/manifests/canal.yaml + token: s.-MIIs5AB4dyaarWp6Z6DjRk_JYeDmI # The [bootstrap token](https://kubernetes.io/docs/reference/access-authn-authz/bootstrap-tokens/) used to join the cluster. + # The base64 encoded root certificate authority used by Kubernetes. + ca: + crt: Q2V1jZ2/b310fjq4Vk3yz+Z.H9SNCH8khCCgx1y7qWdQq6=g0yhrDbX5/f4c5Vrff1Nyqj7x2Rlyf31LiMns_VCgnLAZ_tQ+l=MXxlbaqSgREx.taUiG5_/G11/G7/EeFo-G_ZPJb_X50V1P4uavT7X=UFL_NvzH=qGSCPZ/=+undvPmcMOPf1DUNlGHvtEmQBlpHbwGCV68=XciO1=VR=2o_LM-2df2BUukvWC.3We0L6+2qWSC0Sd3_r3vyV-5XVrSqvZ+9D.2u._-8Z-JwM9il1KkxMnivWDyBABvYcRuHKLa/7ppf0cad9V96oxh+oX34himACP0UFdlGG6gKKdEkVF4lJrK5t8FH_0_IcJd=pQpfm6D2ocXvRuGvvgqLVny1IvCj.vi9hWTcQmgDoYNOmF1SODZgAb=-tzOTuG1+iAP=/gGkpUjMylT=rNvhk/8Kli=8vqKprKu-j1kpaimSwD58hVIYciBQ-hA6kaxYV=PT=p5Po=ef1olKo8F4v7iU_dBmS6._XDKRrI0GGZe0BQd.9rZsxWMod=QCdX-VLVa4J6vXQhijVRe=w60z7xWU_XdEE7CL91dpfKwPa/YEXw6WsmdJgWNfpxKqCx9HaG=.UgKMZKA7_Fa+rI-l.+e-MlvS.J4u.8TV//IMNS8geISjevrn6x9U0MGZ2HM7zubQEI-pGnIvBxzUNP-hbsd3vNrKl/EbJNixJY42rU-/n-D-QE8t/2srGjnSbnvbm_CrLkzPvGwfhA5bupETy/gsZpxiEJ0qg.O5.2l-L2VGno-YdbUsOx_Sn0CDQLztONjn3M_mR_QqPAY6p-gOY24fTgWBKlTaLPi3xu-3ENVVCf9=RX_eW9QVc3wu7f-kdc9/1hMSo0HCg+i0dv5OC1iLR1Cja2crRHsgzTxcHDL3VJEXMrFkITZNDDE/EcQUSu3/ERyJfQ-0uG56=oWiUDzkEbzMq.JnX8UxP1YLOX-uDM.ivfMJum2uzdTsOJMpExxifzMEKUXY-LX-.Ax + key: "" + # Configures cluster member discovery. + discovery: + enabled: true # Enable the cluster membership discovery feature. + # Configure registries used for cluster member discovery. + registries: + # Kubernetes registry uses Kubernetes API server to discover cluster members and stores additional information + kubernetes: + disabled: true # Disable Kubernetes discovery registry. + # Service registry is using an external service to push and pull information about cluster members. + service: + endpoint: http://[fdae:41e4:649b:9303::1]:8093 # External service endpoint. + # A list of inline Kubernetes manifests. + inlineManifests: + - name: argo-cd + contents: |- + --- + # Source: argo-cd/charts/redis-ha/templates/redis-ha-serviceaccount.yaml + apiVersion: v1 + kind: ServiceAccount + metadata: + name: my-argo-cd-redis-ha + namespace: "default" + labels: + heritage: Helm + release: my-argo-cd + chart: redis-ha-4.27.6 + app: my-argo-cd-redis-ha + secrets: + - name: argocd-redis + --- + # Source: argo-cd/charts/redis-ha/templates/redis-haproxy-serviceaccount.yaml + apiVersion: v1 + kind: ServiceAccount + metadata: + name: my-argo-cd-redis-ha-haproxy + namespace: "default" + labels: + heritage: Helm + release: my-argo-cd + chart: redis-ha-4.27.6 + app: my-argo-cd-redis-ha + --- + # Source: argo-cd/templates/argocd-application-controller/serviceaccount.yaml + apiVersion: v1 + kind: ServiceAccount + automountServiceAccountToken: true + metadata: + name: argocd-application-controller + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: application-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + --- + # Source: argo-cd/templates/argocd-applicationset/serviceaccount.yaml + apiVersion: v1 + kind: ServiceAccount + automountServiceAccountToken: true + metadata: + name: argocd-applicationset-controller + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: applicationset-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + --- + # Source: argo-cd/templates/argocd-notifications/serviceaccount.yaml + apiVersion: v1 + kind: ServiceAccount + automountServiceAccountToken: true + metadata: + name: argocd-notifications-controller + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + --- + # Source: argo-cd/templates/argocd-repo-server/serviceaccount.yaml + apiVersion: v1 + kind: ServiceAccount + automountServiceAccountToken: true + metadata: + name: my-argo-cd-argocd-repo-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: repo-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + --- + # Source: argo-cd/templates/argocd-server/serviceaccount.yaml + apiVersion: v1 + kind: ServiceAccount + automountServiceAccountToken: true + metadata: + name: argocd-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + --- + # Source: argo-cd/templates/dex/serviceaccount.yaml + apiVersion: v1 + kind: ServiceAccount + automountServiceAccountToken: true + metadata: + name: argocd-dex-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: dex-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + --- + # Source: argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml + apiVersion: v1 + kind: Secret + metadata: + name: argocd-notifications-secret + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + type: Opaque + stringData: + --- + # Source: argo-cd/templates/argocd-configs/argocd-secret.yaml + apiVersion: v1 + kind: Secret + metadata: + name: argocd-secret + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-secret + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + type: Opaque + --- + # Source: argo-cd/charts/redis-ha/templates/redis-ha-configmap.yaml + apiVersion: v1 + kind: ConfigMap + metadata: + name: my-argo-cd-redis-ha-configmap + namespace: "default" + labels: + heritage: Helm + release: my-argo-cd + chart: redis-ha-4.27.6 + app: my-argo-cd-redis-ha + data: + redis.conf: | + dir "/data" + port 6379 + rename-command FLUSHDB "" + rename-command FLUSHALL "" + maxmemory 0 + maxmemory-policy volatile-lru + min-replicas-max-lag 5 + min-replicas-to-write 1 + rdbchecksum yes + rdbcompression yes + repl-diskless-sync yes + save "" + requirepass replace-default-auth + masterauth replace-default-auth + + sentinel.conf: | + dir "/data" + port 26379 + sentinel down-after-milliseconds argocd 10000 + sentinel failover-timeout argocd 180000 + maxclients 10000 + sentinel parallel-syncs argocd 5 + sentinel auth-pass argocd replace-default-auth + + init.sh: | + echo "$(date) Start..." + HOSTNAME="$(hostname)" + INDEX="${HOSTNAME##*-}" + SENTINEL_PORT=26379 + ANNOUNCE_IP='' + MASTER='' + MASTER_GROUP="argocd" + QUORUM="2" + REDIS_CONF=/data/conf/redis.conf + REDIS_PORT=6379 + REDIS_TLS_PORT= + SENTINEL_CONF=/data/conf/sentinel.conf + SENTINEL_TLS_PORT= + SERVICE=my-argo-cd-redis-ha + SENTINEL_TLS_REPLICATION_ENABLED=false + REDIS_TLS_REPLICATION_ENABLED=false + + set -eu + sentinel_get_master() { + set +e + if [ "$SENTINEL_PORT" -eq 0 ]; then + redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel get-master-addr-by-name "${MASTER_GROUP}" |\ + grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))' + else + redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel get-master-addr-by-name "${MASTER_GROUP}" |\ + grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))' + fi + set -e + } + + sentinel_get_master_retry() { + master='' + retry=${1} + sleep=3 + for i in $(seq 1 "${retry}"); do + master=$(sentinel_get_master) + if [ -n "${master}" ]; then + break + fi + sleep $((sleep + i)) + done + echo "${master}" + } + + identify_master() { + echo "Identifying redis master (get-master-addr-by-name).." + echo " using sentinel (my-argo-cd-redis-ha), sentinel group name (argocd)" + MASTER="$(sentinel_get_master_retry 3)" + if [ -n "${MASTER}" ]; then + echo " $(date) Found redis master (${MASTER})" + else + echo " $(date) Did not find redis master (${MASTER})" + fi + } + + sentinel_update() { + echo "Updating sentinel config.." + echo " evaluating sentinel id (\${SENTINEL_ID_${INDEX}})" + eval MY_SENTINEL_ID="\$SENTINEL_ID_${INDEX}" + echo " sentinel id (${MY_SENTINEL_ID}), sentinel grp (${MASTER_GROUP}), quorum (${QUORUM})" + sed -i "1s/^/sentinel myid ${MY_SENTINEL_ID}\\n/" "${SENTINEL_CONF}" + if [ "$SENTINEL_TLS_REPLICATION_ENABLED" = true ]; then + echo " redis master (${1}:${REDIS_TLS_PORT})" + sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_TLS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}" + else + echo " redis master (${1}:${REDIS_PORT})" + sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}" + fi + echo "sentinel announce-ip ${ANNOUNCE_IP}" >> ${SENTINEL_CONF} + if [ "$SENTINEL_PORT" -eq 0 ]; then + echo " announce (${ANNOUNCE_IP}:${SENTINEL_TLS_PORT})" + echo "sentinel announce-port ${SENTINEL_TLS_PORT}" >> ${SENTINEL_CONF} + else + echo " announce (${ANNOUNCE_IP}:${SENTINEL_PORT})" + echo "sentinel announce-port ${SENTINEL_PORT}" >> ${SENTINEL_CONF} + fi + } + + redis_update() { + echo "Updating redis config.." + if [ "$REDIS_TLS_REPLICATION_ENABLED" = true ]; then + echo " we are slave of redis master (${1}:${REDIS_TLS_PORT})" + echo "slaveof ${1} ${REDIS_TLS_PORT}" >> "${REDIS_CONF}" + echo "slave-announce-port ${REDIS_TLS_PORT}" >> ${REDIS_CONF} + else + echo " we are slave of redis master (${1}:${REDIS_PORT})" + echo "slaveof ${1} ${REDIS_PORT}" >> "${REDIS_CONF}" + echo "slave-announce-port ${REDIS_PORT}" >> ${REDIS_CONF} + fi + echo "slave-announce-ip ${ANNOUNCE_IP}" >> ${REDIS_CONF} + } + + copy_config() { + echo "Copying default redis config.." + echo " to '${REDIS_CONF}'" + cp /readonly-config/redis.conf "${REDIS_CONF}" + echo "Copying default sentinel config.." + echo " to '${SENTINEL_CONF}'" + cp /readonly-config/sentinel.conf "${SENTINEL_CONF}" + } + + setup_defaults() { + echo "Setting up defaults.." + echo " using statefulset index (${INDEX})" + if [ "${INDEX}" = "0" ]; then + echo "Setting this pod as master for redis and sentinel.." + echo " using announce (${ANNOUNCE_IP})" + redis_update "${ANNOUNCE_IP}" + sentinel_update "${ANNOUNCE_IP}" + echo " make sure ${ANNOUNCE_IP} is not a slave (slaveof no one)" + sed -i "s/^.*slaveof.*//" "${REDIS_CONF}" + else + echo "Getting redis master ip.." + echo " blindly assuming (${SERVICE}-announce-0) or (${SERVICE}-server-0) are master" + DEFAULT_MASTER="$(getent_hosts 0 | awk '{ print $1 }')" + if [ -z "${DEFAULT_MASTER}" ]; then + echo "Error: Unable to resolve redis master (getent hosts)." + exit 1 + fi + echo " identified redis (may be redis master) ip (${DEFAULT_MASTER})" + echo "Setting default slave config for redis and sentinel.." + echo " using master ip (${DEFAULT_MASTER})" + redis_update "${DEFAULT_MASTER}" + sentinel_update "${DEFAULT_MASTER}" + fi + } + + redis_ping() { + set +e + if [ "$REDIS_PORT" -eq 0 ]; then + redis-cli -h "${MASTER}" -a "${AUTH}" --no-auth-warning -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key ping + else + redis-cli -h "${MASTER}" -a "${AUTH}" --no-auth-warning -p "${REDIS_PORT}" ping + fi + set -e + } + + redis_ping_retry() { + ping='' + retry=${1} + sleep=3 + for i in $(seq 1 "${retry}"); do + if [ "$(redis_ping)" = "PONG" ]; then + ping='PONG' + break + fi + sleep $((sleep + i)) + MASTER=$(sentinel_get_master) + done + echo "${ping}" + } + + find_master() { + echo "Verifying redis master.." + if [ "$REDIS_PORT" -eq 0 ]; then + echo " ping (${MASTER}:${REDIS_TLS_PORT})" + else + echo " ping (${MASTER}:${REDIS_PORT})" + fi + if [ "$(redis_ping_retry 3)" != "PONG" ]; then + echo " $(date) Can't ping redis master (${MASTER})" + echo "Attempting to force failover (sentinel failover).." + + if [ "$SENTINEL_PORT" -eq 0 ]; then + echo " on sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})" + if redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then + echo " $(date) Failover returned with 'NOGOODSLAVE'" + echo "Setting defaults for this pod.." + setup_defaults + return 0 + fi + else + echo " on sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})" + if redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then + echo " $(date) Failover returned with 'NOGOODSLAVE'" + echo "Setting defaults for this pod.." + setup_defaults + return 0 + fi + fi + + echo "Hold on for 10sec" + sleep 10 + echo "We should get redis master's ip now. Asking (get-master-addr-by-name).." + if [ "$SENTINEL_PORT" -eq 0 ]; then + echo " sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})" + else + echo " sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})" + fi + MASTER="$(sentinel_get_master)" + if [ "${MASTER}" ]; then + echo " $(date) Found redis master (${MASTER})" + echo "Updating redis and sentinel config.." + sentinel_update "${MASTER}" + redis_update "${MASTER}" + else + echo "$(date) Error: Could not failover, exiting..." + exit 1 + fi + else + echo " $(date) Found reachable redis master (${MASTER})" + echo "Updating redis and sentinel config.." + sentinel_update "${MASTER}" + redis_update "${MASTER}" + fi + } + + redis_ro_update() { + echo "Updating read-only redis config.." + echo " redis.conf set 'replica-priority 0'" + echo "replica-priority 0" >> ${REDIS_CONF} + } + + getent_hosts() { + index=${1:-${INDEX}} + service="${SERVICE}-announce-${index}" + host=$(getent hosts "${service}") + echo "${host}" + } + + identify_announce_ip() { + echo "Identify announce ip for this pod.." + echo " using (${SERVICE}-announce-${INDEX}) or (${SERVICE}-server-${INDEX})" + ANNOUNCE_IP=$(getent_hosts | awk '{ print $1 }') + echo " identified announce (${ANNOUNCE_IP})" + } + + mkdir -p /data/conf/ + + echo "Initializing config.." + copy_config + + # where is redis master + identify_master + + identify_announce_ip + + if [ -z "${ANNOUNCE_IP}" ]; then + "Error: Could not resolve the announce ip for this pod." + exit 1 + elif [ "${MASTER}" ]; then + find_master + else + setup_defaults + fi + + if [ "${AUTH:-}" ]; then + echo "Setting redis auth values.." + ESCAPED_AUTH=$(echo "${AUTH}" | sed -e 's/[\/&]/\\&/g'); + sed -i "s/replace-default-auth/${ESCAPED_AUTH}/" "${REDIS_CONF}" "${SENTINEL_CONF}" + fi + + if [ "${SENTINELAUTH:-}" ]; then + echo "Setting sentinel auth values" + ESCAPED_AUTH_SENTINEL=$(echo "$SENTINELAUTH" | sed -e 's/[\/&]/\\&/g'); + sed -i "s/replace-default-sentinel-auth/${ESCAPED_AUTH_SENTINEL}/" "$SENTINEL_CONF" + fi + + echo "$(date) Ready..." + + fix-split-brain.sh: | + HOSTNAME="$(hostname)" + INDEX="${HOSTNAME##*-}" + SENTINEL_PORT=26379 + ANNOUNCE_IP='' + MASTER='' + MASTER_GROUP="argocd" + QUORUM="2" + REDIS_CONF=/data/conf/redis.conf + REDIS_PORT=6379 + REDIS_TLS_PORT= + SENTINEL_CONF=/data/conf/sentinel.conf + SENTINEL_TLS_PORT= + SERVICE=my-argo-cd-redis-ha + SENTINEL_TLS_REPLICATION_ENABLED=false + REDIS_TLS_REPLICATION_ENABLED=false + + ROLE='' + REDIS_MASTER='' + + set -eu + sentinel_get_master() { + set +e + if [ "$SENTINEL_PORT" -eq 0 ]; then + redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel get-master-addr-by-name "${MASTER_GROUP}" |\ + grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))' + else + redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel get-master-addr-by-name "${MASTER_GROUP}" |\ + grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))' + fi + set -e + } + + sentinel_get_master_retry() { + master='' + retry=${1} + sleep=3 + for i in $(seq 1 "${retry}"); do + master=$(sentinel_get_master) + if [ -n "${master}" ]; then + break + fi + sleep $((sleep + i)) + done + echo "${master}" + } + + identify_master() { + echo "Identifying redis master (get-master-addr-by-name).." + echo " using sentinel (my-argo-cd-redis-ha), sentinel group name (argocd)" + MASTER="$(sentinel_get_master_retry 3)" + if [ -n "${MASTER}" ]; then + echo " $(date) Found redis master (${MASTER})" + else + echo " $(date) Did not find redis master (${MASTER})" + fi + } + + sentinel_update() { + echo "Updating sentinel config.." + echo " evaluating sentinel id (\${SENTINEL_ID_${INDEX}})" + eval MY_SENTINEL_ID="\$SENTINEL_ID_${INDEX}" + echo " sentinel id (${MY_SENTINEL_ID}), sentinel grp (${MASTER_GROUP}), quorum (${QUORUM})" + sed -i "1s/^/sentinel myid ${MY_SENTINEL_ID}\\n/" "${SENTINEL_CONF}" + if [ "$SENTINEL_TLS_REPLICATION_ENABLED" = true ]; then + echo " redis master (${1}:${REDIS_TLS_PORT})" + sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_TLS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}" + else + echo " redis master (${1}:${REDIS_PORT})" + sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}" + fi + echo "sentinel announce-ip ${ANNOUNCE_IP}" >> ${SENTINEL_CONF} + if [ "$SENTINEL_PORT" -eq 0 ]; then + echo " announce (${ANNOUNCE_IP}:${SENTINEL_TLS_PORT})" + echo "sentinel announce-port ${SENTINEL_TLS_PORT}" >> ${SENTINEL_CONF} + else + echo " announce (${ANNOUNCE_IP}:${SENTINEL_PORT})" + echo "sentinel announce-port ${SENTINEL_PORT}" >> ${SENTINEL_CONF} + fi + } + + redis_update() { + echo "Updating redis config.." + if [ "$REDIS_TLS_REPLICATION_ENABLED" = true ]; then + echo " we are slave of redis master (${1}:${REDIS_TLS_PORT})" + echo "slaveof ${1} ${REDIS_TLS_PORT}" >> "${REDIS_CONF}" + echo "slave-announce-port ${REDIS_TLS_PORT}" >> ${REDIS_CONF} + else + echo " we are slave of redis master (${1}:${REDIS_PORT})" + echo "slaveof ${1} ${REDIS_PORT}" >> "${REDIS_CONF}" + echo "slave-announce-port ${REDIS_PORT}" >> ${REDIS_CONF} + fi + echo "slave-announce-ip ${ANNOUNCE_IP}" >> ${REDIS_CONF} + } + + copy_config() { + echo "Copying default redis config.." + echo " to '${REDIS_CONF}'" + cp /readonly-config/redis.conf "${REDIS_CONF}" + echo "Copying default sentinel config.." + echo " to '${SENTINEL_CONF}'" + cp /readonly-config/sentinel.conf "${SENTINEL_CONF}" + } + + setup_defaults() { + echo "Setting up defaults.." + echo " using statefulset index (${INDEX})" + if [ "${INDEX}" = "0" ]; then + echo "Setting this pod as master for redis and sentinel.." + echo " using announce (${ANNOUNCE_IP})" + redis_update "${ANNOUNCE_IP}" + sentinel_update "${ANNOUNCE_IP}" + echo " make sure ${ANNOUNCE_IP} is not a slave (slaveof no one)" + sed -i "s/^.*slaveof.*//" "${REDIS_CONF}" + else + echo "Getting redis master ip.." + echo " blindly assuming (${SERVICE}-announce-0) or (${SERVICE}-server-0) are master" + DEFAULT_MASTER="$(getent_hosts 0 | awk '{ print $1 }')" + if [ -z "${DEFAULT_MASTER}" ]; then + echo "Error: Unable to resolve redis master (getent hosts)." + exit 1 + fi + echo " identified redis (may be redis master) ip (${DEFAULT_MASTER})" + echo "Setting default slave config for redis and sentinel.." + echo " using master ip (${DEFAULT_MASTER})" + redis_update "${DEFAULT_MASTER}" + sentinel_update "${DEFAULT_MASTER}" + fi + } + + redis_ping() { + set +e + if [ "$REDIS_PORT" -eq 0 ]; then + redis-cli -h "${MASTER}" -a "${AUTH}" --no-auth-warning -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key ping + else + redis-cli -h "${MASTER}" -a "${AUTH}" --no-auth-warning -p "${REDIS_PORT}" ping + fi + set -e + } + + redis_ping_retry() { + ping='' + retry=${1} + sleep=3 + for i in $(seq 1 "${retry}"); do + if [ "$(redis_ping)" = "PONG" ]; then + ping='PONG' + break + fi + sleep $((sleep + i)) + MASTER=$(sentinel_get_master) + done + echo "${ping}" + } + + find_master() { + echo "Verifying redis master.." + if [ "$REDIS_PORT" -eq 0 ]; then + echo " ping (${MASTER}:${REDIS_TLS_PORT})" + else + echo " ping (${MASTER}:${REDIS_PORT})" + fi + if [ "$(redis_ping_retry 3)" != "PONG" ]; then + echo " $(date) Can't ping redis master (${MASTER})" + echo "Attempting to force failover (sentinel failover).." + + if [ "$SENTINEL_PORT" -eq 0 ]; then + echo " on sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})" + if redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then + echo " $(date) Failover returned with 'NOGOODSLAVE'" + echo "Setting defaults for this pod.." + setup_defaults + return 0 + fi + else + echo " on sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})" + if redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then + echo " $(date) Failover returned with 'NOGOODSLAVE'" + echo "Setting defaults for this pod.." + setup_defaults + return 0 + fi + fi + + echo "Hold on for 10sec" + sleep 10 + echo "We should get redis master's ip now. Asking (get-master-addr-by-name).." + if [ "$SENTINEL_PORT" -eq 0 ]; then + echo " sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})" + else + echo " sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})" + fi + MASTER="$(sentinel_get_master)" + if [ "${MASTER}" ]; then + echo " $(date) Found redis master (${MASTER})" + echo "Updating redis and sentinel config.." + sentinel_update "${MASTER}" + redis_update "${MASTER}" + else + echo "$(date) Error: Could not failover, exiting..." + exit 1 + fi + else + echo " $(date) Found reachable redis master (${MASTER})" + echo "Updating redis and sentinel config.." + sentinel_update "${MASTER}" + redis_update "${MASTER}" + fi + } + + redis_ro_update() { + echo "Updating read-only redis config.." + echo " redis.conf set 'replica-priority 0'" + echo "replica-priority 0" >> ${REDIS_CONF} + } + + getent_hosts() { + index=${1:-${INDEX}} + service="${SERVICE}-announce-${index}" + host=$(getent hosts "${service}") + echo "${host}" + } + + identify_announce_ip() { + echo "Identify announce ip for this pod.." + echo " using (${SERVICE}-announce-${INDEX}) or (${SERVICE}-server-${INDEX})" + ANNOUNCE_IP=$(getent_hosts | awk '{ print $1 }') + echo " identified announce (${ANNOUNCE_IP})" + } + + redis_role() { + set +e + if [ "$REDIS_PORT" -eq 0 ]; then + ROLE=$(redis-cli -a "${AUTH}" --no-auth-warning -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key info | grep role | sed 's/role://' | sed 's/\r//') + else + ROLE=$(redis-cli -a "${AUTH}" --no-auth-warning -p "${REDIS_PORT}" info | grep role | sed 's/role://' | sed 's/\r//') + fi + set -e + } + + identify_redis_master() { + set +e + if [ "$REDIS_PORT" -eq 0 ]; then + REDIS_MASTER=$(redis-cli -a "${AUTH}" --no-auth-warning -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key info | grep master_host | sed 's/master_host://' | sed 's/\r//') + else + REDIS_MASTER=$(redis-cli -a "${AUTH}" --no-auth-warning -p "${REDIS_PORT}" info | grep master_host | sed 's/master_host://' | sed 's/\r//') + fi + set -e + } + + reinit() { + set +e + sh /readonly-config/init.sh + + if [ "$REDIS_PORT" -eq 0 ]; then + echo "shutdown" | redis-cli -a "${AUTH}" --no-auth-warning -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key + else + echo "shutdown" | redis-cli -a "${AUTH}" --no-auth-warning -p "${REDIS_PORT}" + fi + set -e + } + + identify_announce_ip + + while [ -z "${ANNOUNCE_IP}" ]; do + echo "Error: Could not resolve the announce ip for this pod." + sleep 30 + identify_announce_ip + done + + trap "exit 0" TERM + while true; do + sleep 60 + + # where is redis master + identify_master + + if [ "$MASTER" = "$ANNOUNCE_IP" ]; then + redis_role + if [ "$ROLE" != "master" ]; then + reinit + fi + elif [ "${MASTER}" ]; then + identify_redis_master + if [ "$REDIS_MASTER" != "$MASTER" ]; then + reinit + fi + fi + done + + + haproxy.cfg: | + defaults REDIS + mode tcp + timeout connect 4s + timeout server 330s + timeout client 330s + timeout check 2s + + listen health_check_http_url + bind [::]:8888 v4v6 + mode http + monitor-uri /healthz + option dontlognull + # Check Sentinel and whether they are nominated master + backend check_if_redis_is_master_0 + mode tcp + option tcp-check + tcp-check connect + tcp-check send PING\r\n + tcp-check expect string +PONG + tcp-check send SENTINEL\ get-master-addr-by-name\ argocd\r\n + tcp-check expect string REPLACE_ANNOUNCE0 + tcp-check send QUIT\r\n + server R0 my-argo-cd-redis-ha-announce-0:26379 check inter 1s + server R1 my-argo-cd-redis-ha-announce-1:26379 check inter 1s + server R2 my-argo-cd-redis-ha-announce-2:26379 check inter 1s + # Check Sentinel and whether they are nominated master + backend check_if_redis_is_master_1 + mode tcp + option tcp-check + tcp-check connect + tcp-check send PING\r\n + tcp-check expect string +PONG + tcp-check send SENTINEL\ get-master-addr-by-name\ argocd\r\n + tcp-check expect string REPLACE_ANNOUNCE1 + tcp-check send QUIT\r\n + server R0 my-argo-cd-redis-ha-announce-0:26379 check inter 1s + server R1 my-argo-cd-redis-ha-announce-1:26379 check inter 1s + server R2 my-argo-cd-redis-ha-announce-2:26379 check inter 1s + # Check Sentinel and whether they are nominated master + backend check_if_redis_is_master_2 + mode tcp + option tcp-check + tcp-check connect + tcp-check send PING\r\n + tcp-check expect string +PONG + tcp-check send SENTINEL\ get-master-addr-by-name\ argocd\r\n + tcp-check expect string REPLACE_ANNOUNCE2 + tcp-check send QUIT\r\n + server R0 my-argo-cd-redis-ha-announce-0:26379 check inter 1s + server R1 my-argo-cd-redis-ha-announce-1:26379 check inter 1s + server R2 my-argo-cd-redis-ha-announce-2:26379 check inter 1s + + # decide redis backend to use + #master + frontend ft_redis_master + bind [::]:6379 v4v6 + use_backend bk_redis_master + # Check all redis servers to see if they think they are master + backend bk_redis_master + mode tcp + option tcp-check + tcp-check connect + tcp-check send "AUTH ${AUTH}"\r\n + tcp-check expect string +OK + tcp-check send PING\r\n + tcp-check expect string +PONG + tcp-check send info\ replication\r\n + tcp-check expect string role:master + tcp-check send QUIT\r\n + tcp-check expect string +OK + use-server R0 if { srv_is_up(R0) } { nbsrv(check_if_redis_is_master_0) ge 2 } + server R0 my-argo-cd-redis-ha-announce-0:6379 check inter 1s fall 1 rise 1 + use-server R1 if { srv_is_up(R1) } { nbsrv(check_if_redis_is_master_1) ge 2 } + server R1 my-argo-cd-redis-ha-announce-1:6379 check inter 1s fall 1 rise 1 + use-server R2 if { srv_is_up(R2) } { nbsrv(check_if_redis_is_master_2) ge 2 } + server R2 my-argo-cd-redis-ha-announce-2:6379 check inter 1s fall 1 rise 1 + frontend stats + mode http + bind [::]:9101 v4v6 + http-request use-service prometheus-exporter if { path /metrics } + stats enable + stats uri /stats + stats refresh 10s + haproxy_init.sh: | + HAPROXY_CONF=/data/haproxy.cfg + cp /readonly/haproxy.cfg "$HAPROXY_CONF" + for loop in $(seq 1 10); do + getent hosts my-argo-cd-redis-ha-announce-0 && break + echo "Waiting for service my-argo-cd-redis-ha-announce-0 to be ready ($loop) ..." && sleep 1 + done + ANNOUNCE_IP0=$(getent hosts "my-argo-cd-redis-ha-announce-0" | awk '{ print $1 }') + if [ -z "$ANNOUNCE_IP0" ]; then + echo "Could not resolve the announce ip for my-argo-cd-redis-ha-announce-0" + exit 1 + fi + sed -i "s/REPLACE_ANNOUNCE0/$ANNOUNCE_IP0/" "$HAPROXY_CONF" + for loop in $(seq 1 10); do + getent hosts my-argo-cd-redis-ha-announce-1 && break + echo "Waiting for service my-argo-cd-redis-ha-announce-1 to be ready ($loop) ..." && sleep 1 + done + ANNOUNCE_IP1=$(getent hosts "my-argo-cd-redis-ha-announce-1" | awk '{ print $1 }') + if [ -z "$ANNOUNCE_IP1" ]; then + echo "Could not resolve the announce ip for my-argo-cd-redis-ha-announce-1" + exit 1 + fi + sed -i "s/REPLACE_ANNOUNCE1/$ANNOUNCE_IP1/" "$HAPROXY_CONF" + for loop in $(seq 1 10); do + getent hosts my-argo-cd-redis-ha-announce-2 && break + echo "Waiting for service my-argo-cd-redis-ha-announce-2 to be ready ($loop) ..." && sleep 1 + done + ANNOUNCE_IP2=$(getent hosts "my-argo-cd-redis-ha-announce-2" | awk '{ print $1 }') + if [ -z "$ANNOUNCE_IP2" ]; then + echo "Could not resolve the announce ip for my-argo-cd-redis-ha-announce-2" + exit 1 + fi + sed -i "s/REPLACE_ANNOUNCE2/$ANNOUNCE_IP2/" "$HAPROXY_CONF" + trigger-failover-if-master.sh: | + get_redis_role() { + is_master=$( + redis-cli \ + -a "${AUTH}" --no-auth-warning \ + -h localhost \ + -p 6379 \ + info | grep -c 'role:master' || true + ) + } + get_redis_role + if [[ "$is_master" -eq 1 ]]; then + echo "This node is currently master, we trigger a failover." + response=$( + redis-cli \ + -h localhost \ + -p 26379 \ + SENTINEL failover argocd + ) + if [[ "$response" != "OK" ]] ; then + echo "$response" + exit 1 + fi + timeout=30 + while [[ "$is_master" -eq 1 && $timeout -gt 0 ]]; do + sleep 1 + get_redis_role + timeout=$((timeout - 1)) + done + echo "Failover successful" + fi + --- + # Source: argo-cd/charts/redis-ha/templates/redis-ha-health-configmap.yaml + apiVersion: v1 + kind: ConfigMap + metadata: + name: my-argo-cd-redis-ha-health-configmap + namespace: "default" + labels: + heritage: Helm + release: my-argo-cd + chart: redis-ha-4.27.6 + app: my-argo-cd-redis-ha + data: + redis_liveness.sh: | + response=$( + redis-cli \ + -a "${AUTH}" --no-auth-warning \ + -h localhost \ + -p 6379 \ + ping + ) + echo "response=$response" + case $response in + PONG|LOADING*) ;; + *) exit 1 ;; + esac + exit 0 + redis_readiness.sh: | + response=$( + redis-cli \ + -a "${AUTH}" --no-auth-warning \ + -h localhost \ + -p 6379 \ + ping + ) + if [ "$response" != "PONG" ] ; then + echo "$response" + exit 1 + fi + echo "response=$response" + sentinel_liveness.sh: | + response=$( + redis-cli \ + -h localhost \ + -p 26379 \ + ping + ) + if [ "$response" != "PONG" ]; then + echo "$response" + exit 1 + fi + echo "response=$response" + --- + # Source: argo-cd/templates/argocd-configs/argocd-cm.yaml + apiVersion: v1 + kind: ConfigMap + metadata: + name: argocd-cm + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-cm + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + data: + admin.enabled: "true" + application.instanceLabelKey: argocd.argoproj.io/instance + exec.enabled: "false" + server.rbac.log.enforce.enable: "false" + statusbadge.enabled: "false" + timeout.hard.reconciliation: 0s + timeout.reconciliation: 180s + url: https://argocd.example.com + --- + # Source: argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml + apiVersion: v1 + kind: ConfigMap + metadata: + name: argocd-cmd-params-cm + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-cmd-params-cm + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + data: + application.namespaces: "" + applicationsetcontroller.enable.leader.election: "true" + applicationsetcontroller.enable.progressive.syncs: "false" + applicationsetcontroller.log.format: text + applicationsetcontroller.log.level: info + applicationsetcontroller.policy: sync + controller.ignore.normalizer.jq.timeout: 1s + controller.log.format: text + controller.log.level: info + controller.operation.processors: "10" + controller.repo.server.timeout.seconds: "60" + controller.self.heal.timeout.seconds: "5" + controller.status.processors: "20" + otlp.address: "" + redis.server: my-argo-cd-redis-ha-haproxy:6379 + repo.server: my-argo-cd-argocd-repo-server:8081 + reposerver.log.format: text + reposerver.log.level: info + reposerver.parallelism.limit: "0" + server.basehref: / + server.dex.server: https://my-argo-cd-argocd-dex-server:5556 + server.dex.server.strict.tls: "false" + server.disable.auth: "false" + server.enable.gzip: "true" + server.insecure: "false" + server.log.format: text + server.log.level: info + server.repo.server.strict.tls: "false" + server.rootpath: "" + server.staticassets: /shared/app + server.x.frame.options: sameorigin + --- + # Source: argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml + apiVersion: v1 + kind: ConfigMap + metadata: + name: argocd-gpg-keys-cm + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-gpg-keys-cm + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + --- + # Source: argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml + apiVersion: v1 + kind: ConfigMap + metadata: + name: argocd-notifications-cm + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + data: + context: | + argocdUrl: https://argocd.example.com + --- + # Source: argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml + apiVersion: v1 + kind: ConfigMap + metadata: + name: argocd-rbac-cm + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-rbac-cm + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + data: + policy.csv: "" + policy.default: "" + policy.matchMode: glob + scopes: '[groups]' + --- + # Source: argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml + apiVersion: v1 + kind: ConfigMap + metadata: + name: argocd-ssh-known-hosts-cm + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-ssh-known-hosts-cm + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + data: + ssh_known_hosts: | + [ssh.github.com]:443 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= + [ssh.github.com]:443 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl + [ssh.github.com]:443 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= + bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= + bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO + bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQeJzhupRu0u0cdegZIa8e86EG2qOCsIsD1Xw0xSeiPDlCr7kq97NLmMbpKTX6Esc30NuoqEEHCuc7yWtwp8dI76EEEB1VqY9QJq6vk+aySyboD5QF61I/1WeTwu+deCbgKMGbUijeXhtfbxSxm6JwGrXrhBdofTsbKRUsrN1WoNgUa8uqN1Vx6WAJw1JHPhglEGGHea6QICwJOAr/6mrui/oB7pkaWKHj3z7d1IC4KWLtY47elvjbaTlkN04Kc/5LFEirorGYVbt15kAUlqGM65pk6ZBxtaO3+30LVlORZkxOh+LKL/BvbZ/iRNhItLqNyieoQj/uh/7Iv4uyH/cV/0b4WDSd3DptigWq84lJubb9t/DnZlrJazxyDCulTmKdOR7vs9gMTo+uoIrPSb8ScTtvw65+odKAlBj59dhnVp9zd7QUojOpXlL62Aw56U4oO+FALuevvMjiWeavKhJqlR7i5n9srYcrNV7ttmDw7kf/97P5zauIhxcjX+xHv4M= + github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= + github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl + github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= + gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= + gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf + gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 + ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + --- + # Source: argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml + apiVersion: v1 + kind: ConfigMap + metadata: + name: argocd-tls-certs-cm + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-tls-certs-cm + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + --- + # Source: argo-cd/templates/crds/crd-application.yaml + apiVersion: apiextensions.k8s.io/v1 + kind: CustomResourceDefinition + metadata: + annotations: + "helm.sh/resource-policy": keep + labels: + app.kubernetes.io/name: applications.argoproj.io + app.kubernetes.io/part-of: argocd + name: applications.argoproj.io + spec: + group: argoproj.io + names: + kind: Application + listKind: ApplicationList + plural: applications + shortNames: + - app + - apps + singular: application + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.sync.status + name: Sync Status + type: string + - jsonPath: .status.health.status + name: Health Status + type: string + - jsonPath: .status.sync.revision + name: Revision + priority: 10 + type: string + - jsonPath: .spec.project + name: Project + priority: 10 + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Application is a definition of Application resource. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + operation: + description: Operation contains information about a requested or running + operation + properties: + info: + description: Info is a list of informational items for this operation + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + initiatedBy: + description: InitiatedBy contains information about who initiated + the operations + properties: + automated: + description: Automated is set to true if operation was initiated + automatically by the application controller. + type: boolean + username: + description: Username contains the name of a user who started + operation + type: string + type: object + retry: + description: Retry controls the strategy to apply if a sync fails + properties: + backoff: + description: Backoff controls how to backoff on subsequent retries + of failed syncs + properties: + duration: + description: Duration is the amount to back off. Default unit + is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed + for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts for retrying + a failed sync. If set to 0, no retries will be performed. + format: int64 + type: integer + type: object + sync: + description: Sync contains parameters for the operation + properties: + dryRun: + description: DryRun specifies to perform a `kubectl apply --dry-run` + without actually performing the sync + type: boolean + manifests: + description: Manifests is an optional field that overrides sync + source with a local directory for development + items: + type: string + type: array + prune: + description: Prune specifies to delete resources from the cluster + that are no longer tracked in git + type: boolean + resources: + description: Resources describes which resources shall be part + of the sync + items: + description: SyncOperationResource contains resources to sync. + properties: + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + type: array + revision: + description: |- + Revision is the revision (Git) or chart version (Helm) which to sync the application to + If omitted, will use the revision specified in app spec. + type: string + revisions: + description: |- + Revisions is the list of revision (Git) or chart version (Helm) which to sync each source in sources field for the application to + If omitted, will use the revision specified in app spec. + items: + type: string + type: array + source: + description: |- + Source overrides the source definition set in the application. + This is typically set in a Rollback operation and is nil during a Sync operation + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded from + being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included during + manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable to + be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to + be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by + not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest + generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all domains + (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. + If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating + ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources for + Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force + applying common labels to resources for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to + apply common labels to resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, usually + expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type + parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: |- + Sources overrides the source definition set in the application. + This is typically set in a Rollback operation and is nil during a Sync operation + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded from + being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included during + manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally + by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to + tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to + use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + syncOptions: + description: SyncOptions provide per-sync sync-options, e.g. Validate=false + items: + type: string + type: array + syncStrategy: + description: SyncStrategy describes how to perform the sync + properties: + apply: + description: Apply will perform a `kubectl apply` to perform + the sync. + properties: + force: + description: |- + Force indicates whether or not to supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, when PATCH encounters conflict and has + retried for 5 times. + type: boolean + type: object + hook: + description: Hook will submit any referenced resources to + perform the sync. This is the default strategy + properties: + force: + description: |- + Force indicates whether or not to supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, when PATCH encounters conflict and has + retried for 5 times. + type: boolean + type: object + type: object + type: object + type: object + spec: + description: ApplicationSpec represents desired application state. Contains + link to repository with application definition and additional parameters + link definition revision. + properties: + destination: + description: Destination is a reference to the target Kubernetes server + and namespace + properties: + name: + description: Name is an alternate way of specifying the target + cluster by its symbolic name. This must be set if Server is + not set. + type: string + namespace: + description: |- + Namespace specifies the target namespace for the application's resources. + The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster's + Kubernetes control plane API. This must be set if Name is not + set. + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list of resources and their fields + which should be ignored during comparison + items: + description: ResourceIgnoreDifferences contains resource filter + and list of json paths which should be ignored during comparison + with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + description: |- + ManagedFieldsManagers is a list of trusted managers. Fields mutated by those managers will take precedence over the + desired state defined in the SCM and won't be displayed in diffs + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information (URLs, email addresses, + and plain text) that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: |- + Project is a reference to the project this application belongs to. + The empty string means that application belongs to the 'default' project. + type: string + revisionHistoryLimit: + description: |- + RevisionHistoryLimit limits the number of items kept in the application's revision history, which is used for informational purposes as well as for rollbacks to previous versions. + This should only be changed in exceptional circumstances. + Setting to zero will store no history. This will reduce storage used. + Increasing will increase the space used to store the history, so we do not recommend increasing it. + Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location of the application's + manifests or chart + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths + against that should be explicitly excluded from being used + during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths + against that should be explicitly included during manifest + generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm + template + items: + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by not + appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all domains + (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. + If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation + step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed to + helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed + to helm template, defined as a map. This takes precedence + over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating + ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional annotations + to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to + apply env variables substitution for annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels to + add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize components + to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force + applying common annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force + applying common labels to resources for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply + common labels to resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize adds + to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas override + specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize to + use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, usually + expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) + that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: Sources is a reference to the location of the application's + manifests or chart + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths + against that should be explicitly excluded from being + used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths + against that should be explicitly included during manifest + generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm + template + items: + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by not + appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest + generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all domains + (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. + If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation + step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed to + helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed + to helm template, defined as a map. This takes precedence + over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating + ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional annotations + to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize components + to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to + force applying common annotations to resources for Kustomize + apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force + applying common labels to resources for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply + common labels to resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas override + specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, usually + expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type + parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) + that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + description: SyncPolicy controls when and how a sync will be performed + properties: + automated: + description: Automated will keep an application synced to the + target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have zero live resources + (default: false)' + type: boolean + prune: + description: 'Prune specifies whether to delete resources + from the cluster that are not found in the sources anymore + as part of automated sync (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal specifies whether to revert resources + back to their desired state upon modification in the cluster + (default: false)' + type: boolean + type: object + managedNamespaceMetadata: + description: ManagedNamespaceMetadata controls metadata in the + given namespace (if CreateNamespace=true) + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff controls how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the amount to back off. Default + unit is seconds, but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time + allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts for retrying + a failed sync. If set to 0, no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + status: + description: ApplicationStatus contains status information for the application + properties: + conditions: + description: Conditions is a list of currently observed application + conditions + items: + description: ApplicationCondition contains details about an application + condition, which is usually an error or warning + properties: + lastTransitionTime: + description: LastTransitionTime is the time the condition was + last observed + format: date-time + type: string + message: + description: Message contains human-readable message indicating + details about condition + type: string + type: + description: Type is an application condition type + type: string + required: + - message + - type + type: object + type: array + controllerNamespace: + description: ControllerNamespace indicates the namespace in which + the application controller is located + type: string + health: + description: Health contains information about the application's current + health status + properties: + message: + description: Message is a human-readable informational message + describing the health status + type: string + status: + description: Status holds the status code of the application or + resource + type: string + type: object + history: + description: History contains information about the application's + sync history + items: + description: RevisionHistory contains history information about + a previous sync + properties: + deployStartedAt: + description: DeployStartedAt holds the time the sync operation + started + format: date-time + type: string + deployedAt: + description: DeployedAt holds the time the sync operation completed + format: date-time + type: string + id: + description: ID is an auto incrementing identifier of the RevisionHistory + format: int64 + type: integer + initiatedBy: + description: InitiatedBy contains information about who initiated + the operations + properties: + automated: + description: Automated is set to true if operation was initiated + automatically by the application controller. + type: boolean + username: + description: Username contains the name of a user who started + operation + type: string + type: object + revision: + description: Revision holds the revision the sync was performed + against + type: string + revisions: + description: Revisions holds the revision of each source in + sources field the sync was performed against + items: + type: string + type: array + source: + description: Source is a reference to the application source + used for the sync operation + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded from + being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included during + manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally + by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to + tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to + use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: Sources is a reference to the application sources + used for the sync operation + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to + the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or + not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + required: + - deployedAt + - id + type: object + type: array + observedAt: + description: |- + ObservedAt indicates when the application state was updated without querying latest git state + Deprecated: controller no longer updates ObservedAt field + format: date-time + type: string + operationState: + description: OperationState contains information about any ongoing + operations, such as a sync + properties: + finishedAt: + description: FinishedAt contains time of operation completion + format: date-time + type: string + message: + description: Message holds any pertinent messages when attempting + to perform operation (typically errors). + type: string + operation: + description: Operation is the original requested operation + properties: + info: + description: Info is a list of informational items for this + operation + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + initiatedBy: + description: InitiatedBy contains information about who initiated + the operations + properties: + automated: + description: Automated is set to true if operation was + initiated automatically by the application controller. + type: boolean + username: + description: Username contains the name of a user who + started operation + type: string + type: object + retry: + description: Retry controls the strategy to apply if a sync + fails + properties: + backoff: + description: Backoff controls how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the amount to back off. Default + unit is seconds, but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base + duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of + time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts for + retrying a failed sync. If set to 0, no retries will + be performed. + format: int64 + type: integer + type: object + sync: + description: Sync contains parameters for the operation + properties: + dryRun: + description: DryRun specifies to perform a `kubectl apply + --dry-run` without actually performing the sync + type: boolean + manifests: + description: Manifests is an optional field that overrides + sync source with a local directory for development + items: + type: string + type: array + prune: + description: Prune specifies to delete resources from + the cluster that are no longer tracked in git + type: boolean + resources: + description: Resources describes which resources shall + be part of the sync + items: + description: SyncOperationResource contains resources + to sync. + properties: + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + type: array + revision: + description: |- + Revision is the revision (Git) or chart version (Helm) which to sync the application to + If omitted, will use the revision specified in app spec. + type: string + revisions: + description: |- + Revisions is the list of revision (Git) or chart version (Helm) which to sync each source in sources field for the application to + If omitted, will use the revision specified in app spec. + items: + type: string + type: array + source: + description: |- + Source overrides the source definition set in the application. + This is typically set in a Rollback operation and is nil during a Sync operation + properties: + chart: + description: Chart is a Helm chart name, and must + be specified for applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to + Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan + a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents + helm template from failing when valueFiles do + not exist locally by not appending them to helm + template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and + numbers as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the + Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials + to all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block. ValuesObject takes precedence over + Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a + map. This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use + for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution + for annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before + building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources + for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors + or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to + resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to + resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that + Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of + Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. + type: string + plugin: + description: Plugin holds config management plugin + specific options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in + the application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: |- + Sources overrides the source definition set in the application. + This is typically set in a Rollback operation and is nil during a Sync operation + items: + description: ApplicationSource contains all required + information about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must + be specified for applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern + to match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific + to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan + a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents + helm template from failing when valueFiles + do not exist locally by not appending them + to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter + that's passed to helm template during manifest + generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and + numbers as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the + Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials + to all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release + name to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource + definition installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to + be passed to helm template, typically defined + as a block. ValuesObject takes precedence + over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as + a map. This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to + use for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of + additional annotations to add to rendered + manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution + for annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + components: + description: Components specifies a list of + kustomize components to add to the kustomization + before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources + for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies + whether to apply common labels to resource + selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended + to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that + Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize + patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize + Replicas override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version + of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the + Git repository, and is only valid for applications + sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin + specific options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry + in the application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the + variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an + array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map + type parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a + string type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source + within sources field. This field will not be used + if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + syncOptions: + description: SyncOptions provide per-sync sync-options, + e.g. Validate=false + items: + type: string + type: array + syncStrategy: + description: SyncStrategy describes how to perform the + sync + properties: + apply: + description: Apply will perform a `kubectl apply` + to perform the sync. + properties: + force: + description: |- + Force indicates whether or not to supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, when PATCH encounters conflict and has + retried for 5 times. + type: boolean + type: object + hook: + description: Hook will submit any referenced resources + to perform the sync. This is the default strategy + properties: + force: + description: |- + Force indicates whether or not to supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, when PATCH encounters conflict and has + retried for 5 times. + type: boolean + type: object + type: object + type: object + type: object + phase: + description: Phase is the current phase of the operation + type: string + retryCount: + description: RetryCount contains time of operation retries + format: int64 + type: integer + startedAt: + description: StartedAt contains time of operation start + format: date-time + type: string + syncResult: + description: SyncResult is the result of a Sync operation + properties: + managedNamespaceMetadata: + description: ManagedNamespaceMetadata contains the current + sync state of managed namespace metadata + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + resources: + description: Resources contains a list of sync result items + for each individual resource in a sync operation + items: + description: ResourceResult holds the operation result details + of a specific resource + properties: + group: + description: Group specifies the API group of the resource + type: string + hookPhase: + description: |- + HookPhase contains the state of any operation associated with this resource OR hook + This can also contain values for non-hook resources. + type: string + hookType: + description: HookType specifies the type of the hook. + Empty for non-hook resources + type: string + kind: + description: Kind specifies the API kind of the resource + type: string + message: + description: Message contains an informational or error + message for the last sync OR operation + type: string + name: + description: Name specifies the name of the resource + type: string + namespace: + description: Namespace specifies the target namespace + of the resource + type: string + status: + description: Status holds the final result of the sync. + Will be empty if the resources is yet to be applied/pruned + and is always zero-value for hooks + type: string + syncPhase: + description: SyncPhase indicates the particular phase + of the sync that this result was acquired in + type: string + version: + description: Version specifies the API version of the + resource + type: string + required: + - group + - kind + - name + - namespace + - version + type: object + type: array + revision: + description: Revision holds the revision this sync operation + was performed to + type: string + revisions: + description: Revisions holds the revision this sync operation + was performed for respective indexed source in sources field + items: + type: string + type: array + source: + description: Source records the application source information + of the sync, used for comparing auto-sync + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to + the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or + not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: Source records the application source information + of the sync, used for comparing auto-sync + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be + specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a + directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template + --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to + all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block. ValuesObject takes precedence over Values, + so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a map. + This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use + for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution for + annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before + building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or + not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to + resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to + resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + required: + - revision + type: object + required: + - operation + - phase + - startedAt + type: object + reconciledAt: + description: ReconciledAt indicates when the application state was + reconciled using the latest git version + format: date-time + type: string + resourceHealthSource: + description: 'ResourceHealthSource indicates where the resource health + status is stored: inline if not set or appTree' + type: string + resources: + description: Resources is a list of Kubernetes resources managed by + this application + items: + description: |- + ResourceStatus holds the current sync and health status of a resource + TODO: describe members of this type + properties: + group: + type: string + health: + description: HealthStatus contains information about the currently + observed health state of an application or resource + properties: + message: + description: Message is a human-readable informational message + describing the health status + type: string + status: + description: Status holds the status code of the application + or resource + type: string + type: object + hook: + type: boolean + kind: + type: string + name: + type: string + namespace: + type: string + requiresPruning: + type: boolean + status: + description: SyncStatusCode is a type which represents possible + comparison results + type: string + syncWave: + format: int64 + type: integer + version: + type: string + type: object + type: array + sourceType: + description: SourceType specifies the type of this application + type: string + sourceTypes: + description: SourceTypes specifies the type of the sources included + in the application + items: + description: ApplicationSourceType specifies the type of the application's + source + type: string + type: array + summary: + description: Summary contains a list of URLs and container images + used by this application + properties: + externalURLs: + description: ExternalURLs holds all external URLs of application + child resources. + items: + type: string + type: array + images: + description: Images holds all images of application child resources. + items: + type: string + type: array + type: object + sync: + description: Sync contains information about the application's current + sync status + properties: + comparedTo: + description: ComparedTo contains information about what has been + compared + properties: + destination: + description: Destination is a reference to the application's + destination used for comparison + properties: + name: + description: Name is an alternate way of specifying the + target cluster by its symbolic name. This must be set + if Server is not set. + type: string + namespace: + description: |- + Namespace specifies the target namespace for the application's resources. + The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster's + Kubernetes control plane API. This must be set if Name + is not set. + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a reference to the application's + ignored differences used for comparison + items: + description: ResourceIgnoreDifferences contains resource + filter and list of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + description: |- + ManagedFieldsManagers is a list of trusted managers. Fields mutated by those managers will take precedence over the + desired state defined in the SCM and won't be displayed in diffs + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + source: + description: Source is a reference to the application's source + used for comparison + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to + the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or + not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: Sources is a reference to the application's multiple + sources used for comparison + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be + specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a + directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template + --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to + all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block. ValuesObject takes precedence over Values, + so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a map. + This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use + for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution for + annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before + building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or + not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to + resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to + resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + required: + - destination + type: object + revision: + description: Revision contains information about the revision + the comparison has been performed to + type: string + revisions: + description: Revisions contains information about the revisions + of multiple sources the comparison has been performed to + items: + type: string + type: array + status: + description: Status is the sync state of the comparison + type: string + required: + - status + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: {} + --- + # Source: argo-cd/templates/crds/crd-applicationset.yaml + apiVersion: apiextensions.k8s.io/v1 + kind: CustomResourceDefinition + metadata: + annotations: + "helm.sh/resource-policy": keep + labels: + app.kubernetes.io/name: applicationsets.argoproj.io + app.kubernetes.io/part-of: argocd + name: applicationsets.argoproj.io + spec: + group: argoproj.io + names: + kind: ApplicationSet + listKind: ApplicationSetList + plural: applicationsets + shortNames: + - appset + - appsets + singular: applicationset + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + applyNestedSelectors: + type: boolean + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + elementsYaml: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + matrix: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + elementsYaml: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + matrix: + x-kubernetes-preserve-unknown-fields: true + merge: + x-kubernetes-preserve-unknown-fields: true + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + pullRequest: + properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object + bitbucketServer: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + repo: + type: string + required: + - api + - project + - repo + type: object + filters: + items: + properties: + branchMatch: + type: string + targetBranchMatch: + type: string + type: object + type: array + gitea: + properties: + api: + type: string + insecure: + type: boolean + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + - repo + type: object + github: + properties: + api: + type: string + appSecretName: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + gitlab: + properties: + api: + type: string + insecure: + type: boolean + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - project + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + required: + - api + - project + type: object + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsDoNotExist: + items: + type: string + type: array + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + gitea: + properties: + allBranches: + type: boolean + api: + type: string + insecure: + type: boolean + owner: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: + properties: + allBranches: + type: boolean + api: + type: string + appSecretName: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSharedProjects: + type: boolean + includeSubgroups: + type: boolean + insecure: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + topic: + type: string + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + type: object + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + type: object + merge: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + elementsYaml: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + matrix: + x-kubernetes-preserve-unknown-fields: true + merge: + x-kubernetes-preserve-unknown-fields: true + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + pullRequest: + properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object + bitbucketServer: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + repo: + type: string + required: + - api + - project + - repo + type: object + filters: + items: + properties: + branchMatch: + type: string + targetBranchMatch: + type: string + type: object + type: array + gitea: + properties: + api: + type: string + insecure: + type: boolean + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + - repo + type: object + github: + properties: + api: + type: string + appSecretName: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + gitlab: + properties: + api: + type: string + insecure: + type: boolean + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - project + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + required: + - api + - project + type: object + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsDoNotExist: + items: + type: string + type: array + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + gitea: + properties: + allBranches: + type: boolean + api: + type: string + insecure: + type: boolean + owner: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: + properties: + allBranches: + type: boolean + api: + type: string + appSecretName: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSharedProjects: + type: boolean + includeSubgroups: + type: boolean + insecure: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + topic: + type: string + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + type: object + type: array + mergeKeys: + items: + type: string + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + - mergeKeys + type: object + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + pullRequest: + properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object + bitbucketServer: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + repo: + type: string + required: + - api + - project + - repo + type: object + filters: + items: + properties: + branchMatch: + type: string + targetBranchMatch: + type: string + type: object + type: array + gitea: + properties: + api: + type: string + insecure: + type: boolean + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + - repo + type: object + github: + properties: + api: + type: string + appSecretName: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + gitlab: + properties: + api: + type: string + insecure: + type: boolean + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - project + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + required: + - api + - project + type: object + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsDoNotExist: + items: + type: string + type: array + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + gitea: + properties: + allBranches: + type: boolean + api: + type: string + insecure: + type: boolean + owner: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: + properties: + allBranches: + type: boolean + api: + type: string + appSecretName: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSharedProjects: + type: boolean + includeSubgroups: + type: boolean + insecure: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + topic: + type: string + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + type: object + type: array + goTemplate: + type: boolean + goTemplateOptions: + items: + type: string + type: array + ignoreApplicationDifferences: + items: + properties: + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + name: + type: string + type: object + type: array + preservedFields: + properties: + annotations: + items: + type: string + type: array + labels: + items: + type: string + type: array + type: object + strategy: + properties: + rollingSync: + properties: + steps: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + maxUpdate: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + type: object + type: array + type: object + type: + type: string + type: object + syncPolicy: + properties: + applicationsSync: + enum: + - create-only + - create-update + - create-delete + - sync + type: string + preserveResourcesOnDeletion: + type: boolean + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + templatePatch: + type: string + required: + - generators + - template + type: object + status: + properties: + applicationStatus: + items: + properties: + application: + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + status: + type: string + step: + type: string + targetRevisions: + items: + type: string + type: array + required: + - application + - message + - status + - step + - targetRevisions + type: object + type: array + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - message + - reason + - status + - type + type: object + type: array + resources: + items: + properties: + group: + type: string + health: + properties: + message: + type: string + status: + type: string + type: object + hook: + type: boolean + kind: + type: string + name: + type: string + namespace: + type: string + requiresPruning: + type: boolean + status: + type: string + syncWave: + format: int64 + type: integer + version: + type: string + type: object + type: array + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} + --- + # Source: argo-cd/templates/crds/crd-project.yaml + apiVersion: apiextensions.k8s.io/v1 + kind: CustomResourceDefinition + metadata: + annotations: + "helm.sh/resource-policy": keep + labels: + app.kubernetes.io/name: appprojects.argoproj.io + app.kubernetes.io/part-of: argocd + name: appprojects.argoproj.io + spec: + group: argoproj.io + names: + kind: AppProject + listKind: AppProjectList + plural: appprojects + shortNames: + - appproj + - appprojs + singular: appproject + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: |- + AppProject provides a logical grouping of applications, providing controls for: + * where the apps may deploy to (cluster whitelist) + * what may be deployed (repository whitelist, resource whitelist/blacklist) + * who can access these applications (roles, OIDC group claims bindings) + * and what they can do (RBAC policies) + * automation access to these roles (JWT tokens) + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: AppProjectSpec is the specification of an AppProject + properties: + clusterResourceBlacklist: + description: ClusterResourceBlacklist contains list of blacklisted + cluster level resources + items: + description: |- + GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying + concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + clusterResourceWhitelist: + description: ClusterResourceWhitelist contains list of whitelisted + cluster level resources + items: + description: |- + GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying + concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + description: + description: Description contains optional project description + type: string + destinations: + description: Destinations contains list of destinations available + for deployment + items: + description: ApplicationDestination holds information about the + application's destination + properties: + name: + description: Name is an alternate way of specifying the target + cluster by its symbolic name. This must be set if Server is + not set. + type: string + namespace: + description: |- + Namespace specifies the target namespace for the application's resources. + The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster's + Kubernetes control plane API. This must be set if Name is + not set. + type: string + type: object + type: array + namespaceResourceBlacklist: + description: NamespaceResourceBlacklist contains list of blacklisted + namespace level resources + items: + description: |- + GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying + concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + namespaceResourceWhitelist: + description: NamespaceResourceWhitelist contains list of whitelisted + namespace level resources + items: + description: |- + GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying + concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + orphanedResources: + description: OrphanedResources specifies if controller should monitor + orphaned resources of apps in this project + properties: + ignore: + description: Ignore contains a list of resources that are to be + excluded from orphaned resources monitoring + items: + description: OrphanedResourceKey is a reference to a resource + to be ignored from + properties: + group: + type: string + kind: + type: string + name: + type: string + type: object + type: array + warn: + description: Warn indicates if warning condition should be created + for apps which have orphaned resources + type: boolean + type: object + permitOnlyProjectScopedClusters: + description: PermitOnlyProjectScopedClusters determines whether destinations + can only reference clusters which are project-scoped + type: boolean + roles: + description: Roles are user defined RBAC roles associated with this + project + items: + description: ProjectRole represents a role that has access to a + project + properties: + description: + description: Description is a description of the role + type: string + groups: + description: Groups are a list of OIDC group claims bound to + this role + items: + type: string + type: array + jwtTokens: + description: JWTTokens are a list of generated JWT tokens bound + to this role + items: + description: JWTToken holds the issuedAt and expiresAt values + of a token + properties: + exp: + format: int64 + type: integer + iat: + format: int64 + type: integer + id: + type: string + required: + - iat + type: object + type: array + name: + description: Name is a name for this role + type: string + policies: + description: Policies Stores a list of casbin formatted strings + that define access policies for the role in the project + items: + type: string + type: array + required: + - name + type: object + type: array + signatureKeys: + description: SignatureKeys contains a list of PGP key IDs that commits + in Git must be signed with in order to be allowed for sync + items: + description: SignatureKey is the specification of a key required + to verify commit signatures with + properties: + keyID: + description: The ID of the key in hexadecimal notation + type: string + required: + - keyID + type: object + type: array + sourceNamespaces: + description: SourceNamespaces defines the namespaces application resources + are allowed to be created in + items: + type: string + type: array + sourceRepos: + description: SourceRepos contains list of repository URLs which can + be used for deployment + items: + type: string + type: array + syncWindows: + description: SyncWindows controls when syncs can be run for apps in + this project + items: + description: SyncWindow contains the kind, time, duration and attributes + that are used to assign the syncWindows to apps + properties: + applications: + description: Applications contains a list of applications that + the window will apply to + items: + type: string + type: array + clusters: + description: Clusters contains a list of clusters that the window + will apply to + items: + type: string + type: array + duration: + description: Duration is the amount of time the sync window + will be open + type: string + kind: + description: Kind defines if the window allows or blocks syncs + type: string + manualSync: + description: ManualSync enables manual syncs when they would + otherwise be blocked + type: boolean + namespaces: + description: Namespaces contains a list of namespaces that the + window will apply to + items: + type: string + type: array + schedule: + description: Schedule is the time the window will begin, specified + in cron format + type: string + timeZone: + description: TimeZone of the sync that will be applied to the + schedule + type: string + type: object + type: array + type: object + status: + description: AppProjectStatus contains status information for AppProject + CRs + properties: + jwtTokensByRole: + additionalProperties: + description: JWTTokens represents a list of JWT tokens + properties: + items: + items: + description: JWTToken holds the issuedAt and expiresAt values + of a token + properties: + exp: + format: int64 + type: integer + iat: + format: int64 + type: integer + id: + type: string + required: + - iat + type: object + type: array + type: object + description: JWTTokensByRole contains a list of JWT tokens issued + for a given role + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + --- + # Source: argo-cd/templates/argocd-application-controller/clusterrole.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRole + metadata: + name: my-argo-cd-argocd-application-controller + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: application-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + rules: + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + - nonResourceURLs: + - '*' + verbs: + - '*' + --- + # Source: argo-cd/templates/argocd-notifications/clusterrole.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRole + metadata: + name: my-argo-cd-argocd-notifications-controller + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + rules: + - apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - get + - list + - watch + - update + - patch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - list + - watch + - apiGroups: + - "" + resourceNames: + - argocd-notifications-cm + resources: + - configmaps + verbs: + - get + - apiGroups: + - "" + resourceNames: + - argocd-notifications-secret + resources: + - secrets + verbs: + - get + --- + # Source: argo-cd/templates/argocd-server/clusterrole.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRole + metadata: + name: my-argo-cd-argocd-server + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + rules: + - apiGroups: + - '*' + resources: + - '*' + verbs: + - delete + - get + - patch + - apiGroups: + - "" + resources: + - events + verbs: + - list + - apiGroups: + - "" + resources: + - pods + - pods/log + verbs: + - get + - apiGroups: + - argoproj.io + resources: + - applications + - applicationsets + verbs: + - get + - list + - update + - watch + - apiGroups: + - batch + resources: + + - jobs + verbs: + - create + - apiGroups: + - argoproj.io + resources: + - workflows + verbs: + + - create + --- + # Source: argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + metadata: + name: my-argo-cd-argocd-application-controller + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: application-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: my-argo-cd-argocd-application-controller + subjects: + - kind: ServiceAccount + name: argocd-application-controller + namespace: default + --- + # Source: argo-cd/templates/argocd-notifications/clusterrolebinding.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + metadata: + name: my-argo-cd-argocd-notifications-controller + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: my-argo-cd-argocd-notifications-controller + subjects: + - kind: ServiceAccount + name: argocd-notifications-controller + namespace: default + --- + # Source: argo-cd/templates/argocd-server/clusterrolebinding.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + metadata: + name: my-argo-cd-argocd-server + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: my-argo-cd-argocd-server + subjects: + - kind: ServiceAccount + name: argocd-server + namespace: default + --- + # Source: argo-cd/charts/redis-ha/templates/redis-ha-role.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + name: my-argo-cd-redis-ha + namespace: "default" + labels: + app: redis-ha + heritage: "Helm" + release: "my-argo-cd" + chart: redis-ha-4.27.6 + rules: + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + --- + # Source: argo-cd/charts/redis-ha/templates/redis-haproxy-role.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + name: my-argo-cd-redis-ha-haproxy + namespace: "default" + labels: + app: redis-ha + heritage: "Helm" + release: "my-argo-cd" + chart: redis-ha-4.27.6 + component: my-argo-cd-redis-ha-haproxy + rules: + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + --- + # Source: argo-cd/templates/argocd-application-controller/role.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + name: my-argo-cd-argocd-application-controller + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: application-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + rules: + - apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - create + - get + - list + - watch + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - list + - apiGroups: + - apps + resources: + - deployments + verbs: + - get + - list + - watch + --- + # Source: argo-cd/templates/argocd-applicationset/role.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + name: my-argo-cd-argocd-applicationset-controller + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: applicationset-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + rules: + - apiGroups: + - argoproj.io + resources: + - applications + - applicationsets + - applicationsets/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - argoproj.io + resources: + - applicationsets/status + verbs: + - get + - patch + - update + - apiGroups: + - argoproj.io + resources: + - appprojects + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - update + - delete + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - deployments + verbs: + - get + - list + - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + --- + # Source: argo-cd/templates/argocd-notifications/role.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + name: my-argo-cd-argocd-notifications-controller + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + rules: + - apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - get + - list + - watch + - update + - patch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - list + - watch + - apiGroups: + - "" + resourceNames: + - argocd-notifications-cm + resources: + - configmaps + verbs: + - get + - apiGroups: + - "" + resourceNames: + - argocd-notifications-secret + resources: + - secrets + verbs: + - get + --- + # Source: argo-cd/templates/argocd-repo-server/role.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + name: my-argo-cd-argocd-repo-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: repo-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + rules: + --- + # Source: argo-cd/templates/argocd-server/role.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + name: my-argo-cd-argocd-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + rules: + - apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - create + - get + - list + - watch + - update + - patch + - delete + - apiGroups: + - argoproj.io + resources: + - applications + - applicationsets + - appprojects + verbs: + - create + - get + - list + - watch + - update + - delete + - patch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - list + --- + # Source: argo-cd/templates/dex/role.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + name: my-argo-cd-argocd-dex-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: dex-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + rules: + - apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch + --- + # Source: argo-cd/charts/redis-ha/templates/redis-ha-rolebinding.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + name: my-argo-cd-redis-ha + namespace: "default" + labels: + app: redis-ha + heritage: "Helm" + release: "my-argo-cd" + chart: redis-ha-4.27.6 + subjects: + - kind: ServiceAccount + name: my-argo-cd-redis-ha + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: my-argo-cd-redis-ha + --- + # Source: argo-cd/charts/redis-ha/templates/redis-haproxy-rolebinding.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + name: my-argo-cd-redis-ha-haproxy + namespace: "default" + labels: + app: redis-ha + heritage: "Helm" + release: "my-argo-cd" + chart: redis-ha-4.27.6 + component: my-argo-cd-redis-ha-haproxy + subjects: + - kind: ServiceAccount + name: my-argo-cd-redis-ha-haproxy + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: my-argo-cd-redis-ha-haproxy + --- + # Source: argo-cd/templates/argocd-application-controller/rolebinding.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + name: my-argo-cd-argocd-application-controller + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: application-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: my-argo-cd-argocd-application-controller + subjects: + - kind: ServiceAccount + name: argocd-application-controller + namespace: default + --- + # Source: argo-cd/templates/argocd-applicationset/rolebinding.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + name: my-argo-cd-argocd-applicationset-controller + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: applicationset-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: my-argo-cd-argocd-applicationset-controller + subjects: + - kind: ServiceAccount + name: argocd-applicationset-controller + namespace: default + --- + # Source: argo-cd/templates/argocd-notifications/rolebinding.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + name: my-argo-cd-argocd-notifications-controller + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: my-argo-cd-argocd-notifications-controller + subjects: + - kind: ServiceAccount + name: argocd-notifications-controller + namespace: default + --- + # Source: argo-cd/templates/argocd-repo-server/rolebinding.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + name: my-argo-cd-argocd-repo-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: repo-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: my-argo-cd-argocd-repo-server + subjects: + - kind: ServiceAccount + name: my-argo-cd-argocd-repo-server + namespace: default + --- + # Source: argo-cd/templates/argocd-server/rolebinding.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + name: my-argo-cd-argocd-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: my-argo-cd-argocd-server + subjects: + - kind: ServiceAccount + name: argocd-server + namespace: default + --- + # Source: argo-cd/templates/dex/rolebinding.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + name: my-argo-cd-argocd-dex-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: dex-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: my-argo-cd-argocd-dex-server + subjects: + - kind: ServiceAccount + name: argocd-dex-server + namespace: default + --- + # Source: argo-cd/charts/redis-ha/templates/redis-ha-announce-service.yaml + apiVersion: v1 + kind: Service + metadata: + name: my-argo-cd-redis-ha-announce-0 + namespace: "default" + labels: + app: redis-ha + heritage: "Helm" + release: "my-argo-cd" + chart: redis-ha-4.27.6 + annotations: + spec: + publishNotReadyAddresses: true + type: ClusterIP + ports: + - name: tcp-server + port: 6379 + protocol: TCP + targetPort: redis + - name: tcp-sentinel + port: 26379 + protocol: TCP + targetPort: sentinel + selector: + release: my-argo-cd + app: redis-ha + "statefulset.kubernetes.io/pod-name": my-argo-cd-redis-ha-server-0 + --- + # Source: argo-cd/charts/redis-ha/templates/redis-ha-announce-service.yaml + apiVersion: v1 + kind: Service + metadata: + name: my-argo-cd-redis-ha-announce-1 + namespace: "default" + labels: + app: redis-ha + heritage: "Helm" + release: "my-argo-cd" + chart: redis-ha-4.27.6 + annotations: + spec: + publishNotReadyAddresses: true + type: ClusterIP + ports: + - name: tcp-server + port: 6379 + protocol: TCP + targetPort: redis + - name: tcp-sentinel + port: 26379 + protocol: TCP + targetPort: sentinel + selector: + release: my-argo-cd + app: redis-ha + "statefulset.kubernetes.io/pod-name": my-argo-cd-redis-ha-server-1 + --- + # Source: argo-cd/charts/redis-ha/templates/redis-ha-announce-service.yaml + apiVersion: v1 + kind: Service + metadata: + name: my-argo-cd-redis-ha-announce-2 + namespace: "default" + labels: + app: redis-ha + heritage: "Helm" + release: "my-argo-cd" + chart: redis-ha-4.27.6 + annotations: + spec: + publishNotReadyAddresses: true + type: ClusterIP + ports: + - name: tcp-server + port: 6379 + protocol: TCP + targetPort: redis + - name: tcp-sentinel + port: 26379 + protocol: TCP + targetPort: sentinel + selector: + release: my-argo-cd + app: redis-ha + "statefulset.kubernetes.io/pod-name": my-argo-cd-redis-ha-server-2 + --- + # Source: argo-cd/charts/redis-ha/templates/redis-ha-service.yaml + apiVersion: v1 + kind: Service + metadata: + name: my-argo-cd-redis-ha + namespace: "default" + labels: + app: redis-ha + heritage: "Helm" + release: "my-argo-cd" + chart: redis-ha-4.27.6 + annotations: + spec: + type: ClusterIP + clusterIP: None + ports: + - name: tcp-server + port: 6379 + protocol: TCP + targetPort: redis + - name: tcp-sentinel + port: 26379 + protocol: TCP + targetPort: sentinel + selector: + release: my-argo-cd + app: redis-ha + --- + # Source: argo-cd/charts/redis-ha/templates/redis-haproxy-service.yaml + apiVersion: v1 + kind: Service + metadata: + name: my-argo-cd-redis-ha-haproxy + namespace: "default" + labels: + app: redis-ha + heritage: "Helm" + release: "my-argo-cd" + chart: redis-ha-4.27.6 + component: my-argo-cd-redis-ha-haproxy + annotations: + spec: + type: ClusterIP + ports: + - name: tcp-haproxy + port: 6379 + protocol: TCP + targetPort: redis + - name: http-exporter-port + port: 9101 + protocol: TCP + targetPort: metrics-port + selector: + release: my-argo-cd + app: redis-ha-haproxy + --- + # Source: argo-cd/templates/argocd-applicationset/service.yaml + apiVersion: v1 + kind: Service + metadata: + name: my-argo-cd-argocd-applicationset-controller + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: applicationset-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + type: ClusterIP + ports: + - name: http-webhook + port: 7000 + targetPort: webhook + selector: + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: my-argo-cd + --- + # Source: argo-cd/templates/argocd-repo-server/service.yaml + apiVersion: v1 + kind: Service + metadata: + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: repo-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + name: my-argo-cd-argocd-repo-server + namespace: default + spec: + ports: + - name: tcp-repo-server + protocol: TCP + port: 8081 + targetPort: repo-server + selector: + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: my-argo-cd + --- + # Source: argo-cd/templates/argocd-server/service.yaml + apiVersion: v1 + kind: Service + metadata: + name: my-argo-cd-argocd-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + type: ClusterIP + sessionAffinity: None + ports: + - name: http + protocol: TCP + port: 80 + targetPort: 8080 + - name: https + protocol: TCP + port: 443 + targetPort: 8080 + selector: + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: my-argo-cd + --- + # Source: argo-cd/templates/dex/service.yaml + apiVersion: v1 + kind: Service + metadata: + name: my-argo-cd-argocd-dex-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: dex-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + ports: + - name: http + protocol: TCP + port: 5556 + targetPort: http + - name: grpc + protocol: TCP + port: 5557 + targetPort: grpc + selector: + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: my-argo-cd + --- + # Source: argo-cd/charts/redis-ha/templates/redis-haproxy-deployment.yaml + kind: Deployment + apiVersion: apps/v1 + metadata: + name: my-argo-cd-redis-ha-haproxy + namespace: "default" + labels: + app: redis-ha + heritage: "Helm" + release: "my-argo-cd" + chart: redis-ha-4.27.6 + spec: + strategy: + type: RollingUpdate + revisionHistoryLimit: 1 + replicas: 3 + selector: + matchLabels: + app: redis-ha-haproxy + release: my-argo-cd + template: + metadata: + name: my-argo-cd-redis-ha-haproxy + labels: + app: redis-ha-haproxy + release: my-argo-cd + app.kubernetes.io/name: argocd-redis-ha-haproxy + annotations: + prometheus.io/port: "9101" + prometheus.io/scrape: "true" + prometheus.io/path: "/metrics" + checksum/config: a09d406980458edb5643c4876acee959c3ee6561c5ce83ea5b1526f4b15956dc + spec: + # Needed when using unmodified rbac-setup.yml + + serviceAccountName: my-argo-cd-redis-ha-haproxy + automountServiceAccountToken: false + securityContext: + fsGroup: 99 + runAsNonRoot: true + runAsUser: 99 + nodeSelector: + {} + tolerations: + [] + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app: redis-ha-haproxy + release: my-argo-cd + topologyKey: kubernetes.io/hostname + initContainers: + - name: config-init + image: public.ecr.aws/docker/library/haproxy:2.9.4-alpine + imagePullPolicy: IfNotPresent + resources: + {} + command: + - sh + args: + - /readonly/haproxy_init.sh + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - name: config-volume + mountPath: /readonly + readOnly: true + - name: data + mountPath: /data + containers: + - name: haproxy + image: public.ecr.aws/docker/library/haproxy:2.9.4-alpine + imagePullPolicy: IfNotPresent + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + env: + - name: AUTH + valueFrom: + secretKeyRef: + name: argocd-redis + key: auth + livenessProbe: + httpGet: + path: /healthz + port: 8888 + initialDelaySeconds: 5 + periodSeconds: 3 + readinessProbe: + httpGet: + path: /healthz + port: 8888 + initialDelaySeconds: 5 + periodSeconds: 3 + ports: + - name: redis + containerPort: 6379 + - name: metrics-port + containerPort: 9101 + resources: + {} + volumeMounts: + - name: data + mountPath: /usr/local/etc/haproxy + - name: shared-socket + mountPath: /run/haproxy + lifecycle: + {} + volumes: + - name: config-volume + configMap: + name: my-argo-cd-redis-ha-configmap + - name: shared-socket + emptyDir: + {} + - name: data + emptyDir: + {} + --- + # Source: argo-cd/templates/argocd-applicationset/deployment.yaml + apiVersion: apps/v1 + kind: Deployment + metadata: + name: my-argo-cd-argocd-applicationset-controller + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: applicationset-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + replicas: 2 + revisionHistoryLimit: 3 + selector: + matchLabels: + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: my-argo-cd + template: + metadata: + annotations: + checksum/cmd-params: 2d5aa9cd735d9e8a6889949480d070a8def6398371c3085772addc9395b87e0f + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: applicationset-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + terminationGracePeriodSeconds: 30 + serviceAccountName: argocd-applicationset-controller + automountServiceAccountToken: true + containers: + - name: applicationset-controller + image: quay.io/argoproj/argocd:v2.12.3 + imagePullPolicy: IfNotPresent + args: + - /usr/local/bin/argocd-applicationset-controller + - --metrics-addr=:8080 + - --probe-addr=:8081 + - --webhook-addr=:7000 + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.global.preserved.annotations + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_LABELS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.global.preserved.labels + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.leader.election + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER + valueFrom: + configMapKeyRef: + key: repo.server + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.policy + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.policy.override + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.debug + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.format + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.level + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.dryrun + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_GIT_MODULES_ENABLED + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.git.submodule + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.progressive.syncs + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.new.git.file.globbing + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.plaintext + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.strict.tls + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.timeout.seconds + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.concurrent.reconciliations.max + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.namespaces + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.scm.root.ca.path + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.allowed.scm.providers + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_SCM_PROVIDERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.enable.scm.providers + optional: true + ports: + - name: metrics + containerPort: 8080 + protocol: TCP + - name: probe + containerPort: 8081 + protocol: TCP + - name: webhook + containerPort: 7000 + protocol: TCP + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /app/config/ssh + name: ssh-known-hosts + - mountPath: /app/config/tls + name: tls-certs + - mountPath: /app/config/gpg/source + name: gpg-keys + - mountPath: /app/config/gpg/keys + name: gpg-keyring + - mountPath: /app/config/reposerver/tls + name: argocd-repo-server-tls + - mountPath: /tmp + name: tmp + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: argocd-applicationset-controller + topologyKey: kubernetes.io/hostname + volumes: + - name: ssh-known-hosts + configMap: + name: argocd-ssh-known-hosts-cm + - name: tls-certs + configMap: + name: argocd-tls-certs-cm + - name: gpg-keys + configMap: + name: argocd-gpg-keys-cm + - name: gpg-keyring + emptyDir: {} + - name: tmp + emptyDir: {} + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + dnsPolicy: ClusterFirst + --- + # Source: argo-cd/templates/argocd-notifications/deployment.yaml + apiVersion: apps/v1 + kind: Deployment + metadata: + name: my-argo-cd-argocd-notifications-controller + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + replicas: 1 + revisionHistoryLimit: 3 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: my-argo-cd + template: + metadata: + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + terminationGracePeriodSeconds: 30 + serviceAccountName: argocd-notifications-controller + automountServiceAccountToken: true + containers: + - name: notifications-controller + image: quay.io/argoproj/argocd:v2.12.3 + imagePullPolicy: IfNotPresent + args: + - /usr/local/bin/argocd-notifications + - --metrics-port=9001 + - --loglevel=info + - --logformat=text + - --namespace=default + - --argocd-repo-server=my-argo-cd-argocd-repo-server:8081 + - --secret-name=argocd-notifications-secret + env: + - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + key: notificationscontroller.log.level + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + key: notificationscontroller.log.format + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATION_NAMESPACES + valueFrom: + configMapKeyRef: + key: application.namespaces + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_NOTIFICATION_CONTROLLER_SELF_SERVICE_NOTIFICATION_ENABLED + valueFrom: + configMapKeyRef: + key: notificationscontroller.selfservice.enabled + name: argocd-cmd-params-cm + optional: true + ports: + - name: metrics + containerPort: 9001 + protocol: TCP + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + workingDir: /app + volumeMounts: + - name: tls-certs + mountPath: /app/config/tls + - name: argocd-repo-server-tls + mountPath: /app/config/reposerver/tls + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: argocd-notifications-controller + topologyKey: kubernetes.io/hostname + volumes: + - name: tls-certs + configMap: + name: argocd-tls-certs-cm + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + dnsPolicy: ClusterFirst + --- + # Source: argo-cd/templates/argocd-repo-server/deployment.yaml + apiVersion: apps/v1 + kind: Deployment + metadata: + name: my-argo-cd-argocd-repo-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: repo-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + revisionHistoryLimit: 3 + selector: + matchLabels: + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: my-argo-cd + template: + metadata: + annotations: + checksum/cmd-params: 2d5aa9cd735d9e8a6889949480d070a8def6398371c3085772addc9395b87e0f + checksum/cm: 74925b77a3f491de9e0cf0b0185e1f46af90f039f9d755be3cb72bb1668ae9a5 + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: repo-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + terminationGracePeriodSeconds: 30 + serviceAccountName: my-argo-cd-argocd-repo-server + automountServiceAccountToken: true + containers: + - name: repo-server + image: quay.io/argoproj/argocd:v2.12.3 + imagePullPolicy: IfNotPresent + args: + - /usr/local/bin/argocd-repo-server + - --port=8081 + - --metrics-port=8084 + env: + - name: ARGOCD_REPO_SERVER_NAME + value: my-argo-cd-argocd-repo-server + - name: ARGOCD_RECONCILIATION_TIMEOUT + valueFrom: + configMapKeyRef: + name: argocd-cm + key: timeout.reconciliation + optional: true + - name: ARGOCD_REPO_SERVER_LOGFORMAT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.log.format + optional: true + - name: ARGOCD_REPO_SERVER_LOGLEVEL + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.log.level + optional: true + - name: ARGOCD_REPO_SERVER_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.parallelism.limit + optional: true + - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.listen.address + optional: true + - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.metrics.listen.address + optional: true + - name: ARGOCD_REPO_SERVER_DISABLE_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.disable.tls + optional: true + - name: ARGOCD_TLS_MIN_VERSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.tls.minversion + optional: true + - name: ARGOCD_TLS_MAX_VERSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.tls.maxversion + optional: true + - name: ARGOCD_TLS_CIPHERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.tls.ciphers + optional: true + - name: ARGOCD_REPO_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.repo.cache.expiration + optional: true + - name: REDIS_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.server + optional: true + - name: REDIS_COMPRESSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.compression + optional: true + - name: REDISDB + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.db + optional: true + - name: REDIS_USERNAME + valueFrom: + secretKeyRef: + name: argocd-redis + key: redis-username + optional: true + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: argocd-redis + key: auth + - name: REDIS_SENTINEL_USERNAME + valueFrom: + secretKeyRef: + name: my-argo-cd-redis-ha-haproxy + key: redis-sentinel-username + optional: true + - name: REDIS_SENTINEL_PASSWORD + valueFrom: + secretKeyRef: + name: my-argo-cd-redis-ha-haproxy + key: redis-sentinel-password + optional: true + - name: ARGOCD_DEFAULT_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.default.cache.expiration + optional: true + - name: ARGOCD_REPO_SERVER_OTLP_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.address + optional: true + - name: ARGOCD_REPO_SERVER_OTLP_INSECURE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.insecure + optional: true + - name: ARGOCD_REPO_SERVER_OTLP_HEADERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.headers + optional: true + - name: ARGOCD_REPO_SERVER_MAX_COMBINED_DIRECTORY_MANIFESTS_SIZE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.max.combined.directory.manifests.size + optional: true + - name: ARGOCD_REPO_SERVER_PLUGIN_TAR_EXCLUSIONS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.plugin.tar.exclusions + optional: true + - name: ARGOCD_REPO_SERVER_ALLOW_OUT_OF_BOUNDS_SYMLINKS + valueFrom: + configMapKeyRef: + key: reposerver.allow.oob.symlinks + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_TAR_SIZE + valueFrom: + configMapKeyRef: + key: reposerver.streamed.manifest.max.tar.size + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_EXTRACTED_SIZE + valueFrom: + configMapKeyRef: + key: reposerver.streamed.manifest.max.extracted.size + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_HELM_MANIFEST_MAX_EXTRACTED_SIZE + valueFrom: + configMapKeyRef: + key: reposerver.helm.manifest.max.extracted.size + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_DISABLE_HELM_MANIFEST_MAX_EXTRACTED_SIZE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.disable.helm.manifest.max.extracted.size + optional: true + - name: ARGOCD_GIT_MODULES_ENABLED + valueFrom: + configMapKeyRef: + key: reposerver.enable.git.submodule + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_GIT_LS_REMOTE_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + key: reposerver.git.lsremote.parallelism.limit + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_GIT_REQUEST_TIMEOUT + valueFrom: + configMapKeyRef: + key: reposerver.git.request.timeout + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REVISION_CACHE_LOCK_TIMEOUT + valueFrom: + configMapKeyRef: + key: reposerver.revision.cache.lock.timeout + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_INCLUDE_HIDDEN_DIRECTORIES + valueFrom: + configMapKeyRef: + key: reposerver.include.hidden.directories + name: argocd-cmd-params-cm + optional: true + - name: HELM_CACHE_HOME + value: /helm-working-dir + - name: HELM_CONFIG_HOME + value: /helm-working-dir + - name: HELM_DATA_HOME + value: /helm-working-dir + volumeMounts: + - mountPath: /app/config/ssh + name: ssh-known-hosts + - mountPath: /app/config/tls + name: tls-certs + - mountPath: /app/config/gpg/source + name: gpg-keys + - mountPath: /app/config/gpg/keys + name: gpg-keyring + - mountPath: /app/config/reposerver/tls + name: argocd-repo-server-tls + - mountPath: /helm-working-dir + name: helm-working-dir + - mountPath: /home/argocd/cmp-server/plugins + name: plugins + - mountPath: /tmp + name: tmp + ports: + - name: repo-server + containerPort: 8081 + protocol: TCP + - name: metrics + containerPort: 8084 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz?full=true + port: metrics + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /healthz + port: metrics + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + initContainers: + - command: + - /bin/cp + - -n + - /usr/local/bin/argocd + - /var/run/argocd/argocd-cmp-server + image: quay.io/argoproj/argocd:v2.12.3 + imagePullPolicy: IfNotPresent + name: copyutil + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /var/run/argocd + name: var-files + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: argocd-repo-server + topologyKey: kubernetes.io/hostname + volumes: + - name: helm-working-dir + emptyDir: {} + - name: plugins + emptyDir: {} + - name: var-files + emptyDir: {} + - name: tmp + emptyDir: {} + - name: ssh-known-hosts + configMap: + name: argocd-ssh-known-hosts-cm + - name: tls-certs + configMap: + name: argocd-tls-certs-cm + - name: gpg-keys + configMap: + name: argocd-gpg-keys-cm + - name: gpg-keyring + emptyDir: {} + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + dnsPolicy: ClusterFirst + --- + # Source: argo-cd/templates/argocd-server/deployment.yaml + apiVersion: apps/v1 + kind: Deployment + metadata: + name: my-argo-cd-argocd-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + revisionHistoryLimit: 3 + selector: + matchLabels: + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: my-argo-cd + template: + metadata: + annotations: + checksum/cmd-params: 2d5aa9cd735d9e8a6889949480d070a8def6398371c3085772addc9395b87e0f + checksum/cm: 74925b77a3f491de9e0cf0b0185e1f46af90f039f9d755be3cb72bb1668ae9a5 + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + terminationGracePeriodSeconds: 30 + serviceAccountName: argocd-server + automountServiceAccountToken: true + containers: + - name: server + image: quay.io/argoproj/argocd:v2.12.3 + imagePullPolicy: IfNotPresent + args: + - /usr/local/bin/argocd-server + - --port=8080 + - --metrics-port=8083 + env: + - name: ARGOCD_SERVER_NAME + value: my-argo-cd-argocd-server + - name: ARGOCD_SERVER_INSECURE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.insecure + optional: true + - name: ARGOCD_SERVER_BASEHREF + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.basehref + optional: true + - name: ARGOCD_SERVER_ROOTPATH + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.rootpath + optional: true + - name: ARGOCD_SERVER_LOGFORMAT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.log.format + optional: true + - name: ARGOCD_SERVER_LOG_LEVEL + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.log.level + optional: true + - name: ARGOCD_SERVER_REPO_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: repo.server + optional: true + - name: ARGOCD_SERVER_DEX_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.dex.server + optional: true + - name: ARGOCD_SERVER_DISABLE_AUTH + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.disable.auth + optional: true + - name: ARGOCD_SERVER_ENABLE_GZIP + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.enable.gzip + optional: true + - name: ARGOCD_SERVER_REPO_SERVER_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.repo.server.timeout.seconds + optional: true + - name: ARGOCD_SERVER_X_FRAME_OPTIONS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.x.frame.options + optional: true + - name: ARGOCD_SERVER_CONTENT_SECURITY_POLICY + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.content.security.policy + optional: true + - name: ARGOCD_SERVER_REPO_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.repo.server.plaintext + optional: true + - name: ARGOCD_SERVER_REPO_SERVER_STRICT_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.repo.server.strict.tls + optional: true + - name: ARGOCD_SERVER_DEX_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.dex.server.plaintext + optional: true + - name: ARGOCD_SERVER_DEX_SERVER_STRICT_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.dex.server.strict.tls + optional: true + - name: ARGOCD_TLS_MIN_VERSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.tls.minversion + optional: true + - name: ARGOCD_TLS_MAX_VERSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.tls.maxversion + optional: true + - name: ARGOCD_TLS_CIPHERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.tls.ciphers + optional: true + - name: ARGOCD_SERVER_CONNECTION_STATUS_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.connection.status.cache.expiration + optional: true + - name: ARGOCD_SERVER_OIDC_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.oidc.cache.expiration + optional: true + - name: ARGOCD_SERVER_LOGIN_ATTEMPTS_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.login.attempts.expiration + optional: true + - name: ARGOCD_SERVER_STATIC_ASSETS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.staticassets + optional: true + - name: ARGOCD_APP_STATE_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.app.state.cache.expiration + optional: true + - name: REDIS_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.server + optional: true + - name: REDIS_COMPRESSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.compression + optional: true + - name: REDISDB + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.db + optional: true + - name: REDIS_USERNAME + valueFrom: + secretKeyRef: + name: argocd-redis + key: redis-username + optional: true + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: argocd-redis + key: auth + - name: REDIS_SENTINEL_USERNAME + valueFrom: + secretKeyRef: + name: my-argo-cd-redis-ha-haproxy + key: redis-sentinel-username + optional: true + - name: REDIS_SENTINEL_PASSWORD + valueFrom: + secretKeyRef: + name: my-argo-cd-redis-ha-haproxy + key: redis-sentinel-password + optional: true + - name: ARGOCD_DEFAULT_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.default.cache.expiration + optional: true + - name: ARGOCD_MAX_COOKIE_NUMBER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.http.cookie.maxnumber + optional: true + - name: ARGOCD_SERVER_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.listen.address + optional: true + - name: ARGOCD_SERVER_METRICS_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.metrics.listen.address + optional: true + - name: ARGOCD_SERVER_OTLP_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.address + optional: true + - name: ARGOCD_SERVER_OTLP_INSECURE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.insecure + optional: true + - name: ARGOCD_SERVER_OTLP_HEADERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.headers + optional: true + - name: ARGOCD_APPLICATION_NAMESPACES + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: application.namespaces + optional: true + - name: ARGOCD_SERVER_ENABLE_PROXY_EXTENSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.enable.proxy.extension + optional: true + - name: ARGOCD_K8SCLIENT_RETRY_MAX + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.k8sclient.retry.max + optional: true + - name: ARGOCD_K8SCLIENT_RETRY_BASE_BACKOFF + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.k8sclient.retry.base.backoff + optional: true + - name: ARGOCD_API_CONTENT_TYPES + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.api.content.types + optional: true + volumeMounts: + - mountPath: /app/config/ssh + name: ssh-known-hosts + - mountPath: /app/config/tls + name: tls-certs + - mountPath: /app/config/server/tls + name: argocd-repo-server-tls + - mountPath: /app/config/dex/tls + name: argocd-dex-server-tls + - mountPath: /home/argocd + name: plugins-home + - mountPath: /shared/app/custom + name: styles + - mountPath: /tmp + name: tmp + ports: + - name: server + containerPort: 8080 + protocol: TCP + - name: metrics + containerPort: 8083 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz?full=true + port: server + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /healthz + port: server + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: argocd-server + topologyKey: kubernetes.io/hostname + volumes: + - name: plugins-home + emptyDir: {} + - name: tmp + emptyDir: {} + - name: ssh-known-hosts + configMap: + name: argocd-ssh-known-hosts-cm + - name: tls-certs + configMap: + name: argocd-tls-certs-cm + - name: styles + configMap: + name: argocd-styles-cm + optional: true + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + - name: argocd-dex-server-tls + secret: + secretName: argocd-dex-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: ca.crt + path: ca.crt + dnsPolicy: ClusterFirst + --- + # Source: argo-cd/templates/dex/deployment.yaml + apiVersion: apps/v1 + kind: Deployment + metadata: + name: my-argo-cd-argocd-dex-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: dex-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + replicas: 1 + revisionHistoryLimit: 3 + selector: + matchLabels: + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: my-argo-cd + template: + metadata: + annotations: + checksum/cmd-params: 2d5aa9cd735d9e8a6889949480d070a8def6398371c3085772addc9395b87e0f + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: dex-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + terminationGracePeriodSeconds: 30 + serviceAccountName: argocd-dex-server + automountServiceAccountToken: true + containers: + - name: dex-server + image: ghcr.io/dexidp/dex:v2.38.0 + imagePullPolicy: IfNotPresent + command: + - /shared/argocd-dex + - --logformat=text + - --loglevel=info + args: + - rundex + env: + - name: ARGOCD_DEX_SERVER_DISABLE_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: dexserver.disable.tls + optional: true + ports: + - name: http + containerPort: 5556 + protocol: TCP + - name: grpc + containerPort: 5557 + protocol: TCP + - name: metrics + containerPort: 5558 + protocol: TCP + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - name: static-files + mountPath: /shared + - name: dexconfig + mountPath: /tmp + - name: argocd-dex-server-tls + mountPath: /tls + initContainers: + - name: copyutil + image: quay.io/argoproj/argocd:v2.12.3 + imagePullPolicy: IfNotPresent + command: + - /bin/cp + - -n + - /usr/local/bin/argocd + - /shared/argocd-dex + volumeMounts: + - mountPath: /shared + name: static-files + - mountPath: /tmp + name: dexconfig + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: argocd-dex-server + topologyKey: kubernetes.io/hostname + volumes: + - name: static-files + emptyDir: {} + - name: dexconfig + emptyDir: {} + - name: argocd-dex-server-tls + secret: + secretName: argocd-dex-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + dnsPolicy: ClusterFirst + --- + # Source: argo-cd/templates/argocd-repo-server/hpa.yaml + apiVersion: autoscaling/v2 + kind: HorizontalPodAutoscaler + metadata: + name: my-argo-cd-argocd-repo-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: repo-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: my-argo-cd-argocd-repo-server + minReplicas: 2 + maxReplicas: 5 + metrics: + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: 50 + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 50 + --- + # Source: argo-cd/templates/argocd-server/hpa.yaml + apiVersion: autoscaling/v2 + kind: HorizontalPodAutoscaler + metadata: + name: my-argo-cd-argocd-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: my-argo-cd-argocd-server + minReplicas: 2 + maxReplicas: 5 + metrics: + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: 50 + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 50 + --- + # Source: argo-cd/charts/redis-ha/templates/redis-ha-statefulset.yaml + apiVersion: apps/v1 + kind: StatefulSet + metadata: + name: my-argo-cd-redis-ha-server + namespace: "default" + labels: + my-argo-cd-redis-ha: replica + app: redis-ha + heritage: "Helm" + release: "my-argo-cd" + chart: redis-ha-4.27.6 + annotations: + {} + spec: + selector: + matchLabels: + release: my-argo-cd + app: redis-ha + serviceName: my-argo-cd-redis-ha + replicas: 3 + podManagementPolicy: OrderedReady + updateStrategy: + type: RollingUpdate + template: + metadata: + annotations: + checksum/init-config: 0b416ff71935c508edac80c320723311fe7152592019cae66a852c70f05cb641 + labels: + release: my-argo-cd + app: redis-ha + my-argo-cd-redis-ha: replica + spec: + terminationGracePeriodSeconds: 60 + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app: redis-ha + release: my-argo-cd + my-argo-cd-redis-ha: replica + topologyKey: kubernetes.io/hostname + securityContext: + fsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + serviceAccountName: my-argo-cd-redis-ha + automountServiceAccountToken: false + initContainers: + - name: config-init + image: public.ecr.aws/docker/library/redis:7.2.4-alpine + imagePullPolicy: IfNotPresent + resources: + {} + command: + - sh + args: + - /readonly-config/init.sh + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + env: + - name: SENTINEL_ID_0 + value: c02f0a92d6a13441492dc97e8cea1763f9e1a4ed + - name: SENTINEL_ID_1 + value: 447210edba68d6f5d7bebd6765de057bf36415b3 + - name: SENTINEL_ID_2 + value: 0fbf8eeb4191cc5102d187e1b3b682fba01685d9 + - name: AUTH + valueFrom: + secretKeyRef: + name: argocd-redis + key: auth + volumeMounts: + - name: config + mountPath: /readonly-config + readOnly: true + - name: data + mountPath: /data + + + containers: + - name: redis + image: public.ecr.aws/docker/library/redis:7.2.4-alpine + imagePullPolicy: IfNotPresent + command: + - redis-server + args: + - /data/conf/redis.conf + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + env: + - name: AUTH + valueFrom: + secretKeyRef: + name: argocd-redis + key: auth + livenessProbe: + initialDelaySeconds: 30 + periodSeconds: 15 + timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 5 + exec: + command: + - sh + - -c + - /health/redis_liveness.sh + readinessProbe: + initialDelaySeconds: 30 + periodSeconds: 15 + timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 5 + exec: + command: + - sh + - -c + - /health/redis_readiness.sh + resources: + {} + ports: + - name: redis + containerPort: 6379 + volumeMounts: + - name: config + mountPath: /readonly-config + readOnly: true + - mountPath: /data + name: data + - mountPath: /health + name: health + lifecycle: + preStop: + exec: + command: + - /bin/sh + - /readonly-config/trigger-failover-if-master.sh + - name: sentinel + image: public.ecr.aws/docker/library/redis:7.2.4-alpine + imagePullPolicy: IfNotPresent + command: + - redis-sentinel + args: + - /data/conf/sentinel.conf + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + env: + - name: AUTH + valueFrom: + secretKeyRef: + name: argocd-redis + key: auth + livenessProbe: + initialDelaySeconds: 30 + periodSeconds: 15 + timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 5 + exec: + command: + - sh + - -c + - /health/sentinel_liveness.sh + readinessProbe: + initialDelaySeconds: 30 + periodSeconds: 15 + timeoutSeconds: 15 + successThreshold: 3 + failureThreshold: 5 + exec: + command: + - sh + - -c + - /health/sentinel_liveness.sh + resources: + {} + ports: + - name: sentinel + containerPort: 26379 + volumeMounts: + - mountPath: /data + name: data + - mountPath: /health + name: health + lifecycle: + {} + + - name: split-brain-fix + image: public.ecr.aws/docker/library/redis:7.2.4-alpine + imagePullPolicy: IfNotPresent + command: + - sh + args: + - /readonly-config/fix-split-brain.sh + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + env: + - name: SENTINEL_ID_0 + value: c02f0a92d6a13441492dc97e8cea1763f9e1a4ed + - name: SENTINEL_ID_1 + value: 447210edba68d6f5d7bebd6765de057bf36415b3 + - name: SENTINEL_ID_2 + value: 0fbf8eeb4191cc5102d187e1b3b682fba01685d9 + - name: AUTH + valueFrom: + secretKeyRef: + name: argocd-redis + key: auth + resources: + {} + volumeMounts: + - name: config + mountPath: /readonly-config + readOnly: true + - mountPath: /data + name: data + volumes: + - name: config + configMap: + name: my-argo-cd-redis-ha-configmap + - name: health + configMap: + name: my-argo-cd-redis-ha-health-configmap + defaultMode: 0755 + - name: data + emptyDir: + {} + --- + # Source: argo-cd/templates/argocd-application-controller/statefulset.yaml + apiVersion: apps/v1 + kind: StatefulSet + metadata: + name: my-argo-cd-argocd-application-controller + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: application-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + replicas: 1 + revisionHistoryLimit: 5 + serviceName: my-argo-cd-argocd-application-controller + selector: + matchLabels: + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: my-argo-cd + template: + metadata: + annotations: + checksum/cmd-params: 2d5aa9cd735d9e8a6889949480d070a8def6398371c3085772addc9395b87e0f + checksum/cm: 74925b77a3f491de9e0cf0b0185e1f46af90f039f9d755be3cb72bb1668ae9a5 + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: application-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + terminationGracePeriodSeconds: 30 + serviceAccountName: argocd-application-controller + automountServiceAccountToken: true + containers: + - args: + - /usr/local/bin/argocd-application-controller + - --metrics-port=8082 + image: quay.io/argoproj/argocd:v2.12.3 + imagePullPolicy: IfNotPresent + name: application-controller + env: + - name: ARGOCD_CONTROLLER_REPLICAS + value: "1" + - name: ARGOCD_APPLICATION_CONTROLLER_NAME + value: my-argo-cd-argocd-application-controller + - name: ARGOCD_RECONCILIATION_TIMEOUT + valueFrom: + configMapKeyRef: + name: argocd-cm + key: timeout.reconciliation + optional: true + - name: ARGOCD_HARD_RECONCILIATION_TIMEOUT + valueFrom: + configMapKeyRef: + name: argocd-cm + key: timeout.hard.reconciliation + optional: true + - name: ARGOCD_RECONCILIATION_JITTER + valueFrom: + configMapKeyRef: + key: timeout.reconciliation.jitter + name: argocd-cm + optional: true + - name: ARGOCD_REPO_ERROR_GRACE_PERIOD_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.repo.error.grace.period.seconds + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: repo.server + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.repo.server.timeout.seconds + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_STATUS_PROCESSORS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.status.processors + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_OPERATION_PROCESSORS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.operation.processors + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.log.format + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.log.level + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_METRICS_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.metrics.cache.expiration + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.self.heal.timeout.seconds + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.repo.server.plaintext + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_STRICT_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.repo.server.strict.tls + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_PERSIST_RESOURCE_HEALTH + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.resource.health.persist + optional: true + - name: ARGOCD_APP_STATE_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.app.state.cache.expiration + optional: true + - name: REDIS_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.server + optional: true + - name: REDIS_COMPRESSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.compression + optional: true + - name: REDISDB + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.db + optional: true + - name: REDIS_USERNAME + valueFrom: + secretKeyRef: + name: argocd-redis + key: redis-username + optional: true + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: argocd-redis + key: auth + - name: REDIS_SENTINEL_USERNAME + valueFrom: + secretKeyRef: + name: my-argo-cd-redis-ha-haproxy + key: redis-sentinel-username + optional: true + - name: REDIS_SENTINEL_PASSWORD + valueFrom: + secretKeyRef: + name: my-argo-cd-redis-ha-haproxy + key: redis-sentinel-password + optional: true + - name: ARGOCD_DEFAULT_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.default.cache.expiration + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.address + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_INSECURE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.insecure + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_HEADERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.headers + optional: true + - name: ARGOCD_APPLICATION_NAMESPACES + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: application.namespaces + optional: true + - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.sharding.algorithm + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.kubectl.parallelism.limit + optional: true + - name: ARGOCD_K8SCLIENT_RETRY_MAX + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.k8sclient.retry.max + optional: true + - name: ARGOCD_K8SCLIENT_RETRY_BASE_BACKOFF + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.k8sclient.retry.base.backoff + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SERVER_SIDE_DIFF + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.diff.server.side + optional: true + - name: ARGOCD_IGNORE_NORMALIZER_JQ_TIMEOUT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.ignore.normalizer.jq.timeout + optional: true + ports: + - name: metrics + containerPort: 8082 + protocol: TCP + readinessProbe: + httpGet: + path: /healthz + port: metrics + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + workingDir: /home/argocd + volumeMounts: + - mountPath: /app/config/controller/tls + name: argocd-repo-server-tls + - mountPath: /home/argocd + name: argocd-home + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: argocd-application-controller + topologyKey: kubernetes.io/hostname + volumes: + - name: argocd-home + emptyDir: {} + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + dnsPolicy: ClusterFirst + --- + # Source: argo-cd/templates/argocd-server/ingress-grpc.yaml + apiVersion: networking.k8s.io/v1 + kind: Ingress + metadata: + name: my-argo-cd-argocd-server-grpc + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + ingressClassName: contour-internal + rules: + - host: grpc.argocd.example.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-argo-cd-argocd-server + port: + number: 443 + tls: + - hosts: + - grpc.argocd.example.com + secretName: wildcard-tls + --- + # Source: argo-cd/templates/argocd-server/ingress.yaml + apiVersion: networking.k8s.io/v1 + kind: Ingress + metadata: + name: my-argo-cd-argocd-server + namespace: default + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + annotations: + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + spec: + ingressClassName: nginx + rules: + - host: argocd.example.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-argo-cd-argocd-server + port: + number: 443 + tls: + - hosts: + - argocd.example.com + secretName: argocd-server-tls + --- + # Source: argo-cd/templates/redis-secret-init/serviceaccount.yaml + apiVersion: v1 + kind: ServiceAccount + automountServiceAccountToken: true + metadata: + name: my-argo-cd-argocd-redis-secret-init + namespace: "default" + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-redis-secret-init + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: redis-secret-init + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + --- + # Source: argo-cd/templates/redis-secret-init/role.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-redis-secret-init + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: redis-secret-init + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + name: my-argo-cd-argocd-redis-secret-init + namespace: "default" + rules: + - apiGroups: + - "" + resources: + - secrets + resourceNames: + - argocd-redis + verbs: + - get + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + --- + # Source: argo-cd/templates/redis-secret-init/rolebinding.yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-redis-secret-init + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: redis-secret-init + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + name: my-argo-cd-argocd-redis-secret-init + namespace: "default" + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: my-argo-cd-argocd-redis-secret-init + subjects: + - kind: ServiceAccount + name: my-argo-cd-argocd-redis-secret-init + --- + # Source: argo-cd/charts/redis-ha/templates/tests/test-redis-ha-configmap.yaml + apiVersion: v1 + kind: Pod + metadata: + name: my-argo-cd-redis-ha-configmap-test + namespace: "default" + labels: + app: redis-ha + heritage: "Helm" + release: "my-argo-cd" + chart: redis-ha-4.27.6 + annotations: + "helm.sh/hook": test-success + spec: + nodeSelector: + {} + tolerations: + [] + containers: + - name: check-init + image: koalaman/shellcheck:v0.5.0 + args: + - --shell=sh + - /readonly-config/init.sh + volumeMounts: + - name: config + mountPath: /readonly-config + readOnly: true + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + restartPolicy: Never + volumes: + - name: config + configMap: + name: my-argo-cd-redis-ha-configmap + --- + # Source: argo-cd/charts/redis-ha/templates/tests/test-redis-ha-pod.yaml + apiVersion: v1 + kind: Pod + metadata: + name: my-argo-cd-redis-ha-service-test + namespace: "default" + labels: + app: redis-ha + heritage: "Helm" + release: "my-argo-cd" + chart: redis-ha-4.27.6 + annotations: + "helm.sh/hook": test-success + spec: + nodeSelector: + {} + tolerations: + [] + containers: + - name: "my-argo-cd-service-test" + image: public.ecr.aws/docker/library/redis:7.2.4-alpine + command: + - sh + - -c + - redis-cli -h my-argo-cd-redis-ha-haproxy -p 6379 info server + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + restartPolicy: Never + --- + # Source: argo-cd/templates/redis-secret-init/job.yaml + apiVersion: batch/v1 + kind: Job + metadata: + name: my-argo-cd-argocd-redis-secret-init + namespace: "default" + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-redis-secret-init + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: redis-secret-init + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + ttlSecondsAfterFinished: 60 + template: + metadata: + labels: + helm.sh/chart: argo-cd-7.5.2 + app.kubernetes.io/name: argocd-redis-secret-init + app.kubernetes.io/instance: my-argo-cd + app.kubernetes.io/component: redis-secret-init + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v2.12.3" + spec: + containers: + - command: + - argocd + - admin + - redis-initial-password + image: quay.io/argoproj/argocd:v2.12.3 + imagePullPolicy: IfNotPresent + name: secret-init + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + restartPolicy: OnFailure + serviceAccountName: my-argo-cd-argocd-redis-secret-init + + - name: omni-kube-service-exposer # Name of the manifest. + contents: |- # Manifest contents as a string. + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRole + metadata: + name: omni-kube-service-exposer + rules: + - apiGroups: [""] + resources: ["services"] + verbs: ["get", "list", "watch"] + --- + apiVersion: v1 + kind: ServiceAccount + metadata: + name: omni-kube-service-exposer + namespace: kube-system + --- + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + metadata: + name: omni-kube-service-exposer + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: omni-kube-service-exposer + subjects: + - kind: ServiceAccount + name: omni-kube-service-exposer + namespace: kube-system + --- + apiVersion: apps/v1 + kind: DaemonSet + metadata: + name: omni-kube-service-exposer + namespace: kube-system + spec: + selector: + matchLabels: + app.kubernetes.io/name: omni-kube-service-exposer + template: + metadata: + labels: + app.kubernetes.io/name: omni-kube-service-exposer + spec: + serviceAccountName: omni-kube-service-exposer + hostNetwork: true + dnsPolicy: ClusterFirstWithHostNet + tolerations: + - operator: Exists + containers: + - name: omni-kube-service-exposer + image: ghcr.io/siderolabs/kube-service-exposer:v0.2.0 + args: + - --debug=false + - --annotation-key=omni-kube-service-exposer.sidero.dev/port + # siderolink CIDR + - --bind-cidrs="fdae:41e4:649b:9303::/64" + - --disallowed-host-port-ranges=6443,10250,50000-50001 + + # # A key used for the [encryption of secret data at rest](https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/). + + # # Decryption secret example (do not use in production!). + # aescbcEncryptionSecret: z01mye6j16bspJYtTB/5SFX8j7Ph4JXxM2Xuu4vsBPM= + + # # A key used for the [encryption of secret data at rest](https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/). + + # # Decryption secret example (do not use in production!). + # secretboxEncryptionSecret: z01mye6j16bspJYtTB/5SFX8j7Ph4JXxM2Xuu4vsBPM= + + # # The base64 encoded aggregator certificate authority used by Kubernetes for front-proxy certificate generation. + + # # AggregatorCA example. + # aggregatorCA: + # crt: LS0tIEVYQU1QTEUgQ0VSVElGSUNBVEUgLS0t + # key: LS0tIEVYQU1QTEUgS0VZIC0tLQ== + + # # The base64 encoded private key for service account token generation. + + # # AggregatorCA example. + # serviceAccount: + # key: LS0tIEVYQU1QTEUgS0VZIC0tLQ== + + # # API server specific configuration options. + # apiServer: + # image: registry.k8s.io/kube-apiserver:v1.30.2 # The container image used in the API server manifest. + # # Extra arguments to supply to the API server. + # extraArgs: + # feature-gates: ServerSideApply=true + # http2-max-streams-per-connection: "32" + # # Extra certificate subject alternative names for the API server's certificate. + # certSANs: + # - 1.2.3.4 + # - 4.5.6.7 + # # Configure the API server admission plugins. + # admissionControl: + # - name: PodSecurity # Name is the name of the admission controller. + # # Configuration is an embedded configuration object to be used as the plugin's + # configuration: + # apiVersion: pod-security.admission.config.k8s.io/v1alpha1 + # defaults: + # audit: restricted + # audit-version: latest + # enforce: baseline + # enforce-version: latest + # warn: restricted + # warn-version: latest + # exemptions: + # namespaces: + # - kube-system + # runtimeClasses: [] + # usernames: [] + # kind: PodSecurityConfiguration + # # Configure the API server audit policy. + # auditPolicy: + # apiVersion: audit.k8s.io/v1 + # kind: Policy + # rules: + # - level: Metadata + + # # Controller manager server specific configuration options. + # controllerManager: + # image: registry.k8s.io/kube-controller-manager:v1.30.2 # The container image used in the controller manager manifest. + # # Extra arguments to supply to the controller manager. + # extraArgs: + # feature-gates: ServerSideApply=true + + # # Kube-proxy server-specific configuration options + # proxy: + # disabled: false # Disable kube-proxy deployment on cluster bootstrap. + # image: registry.k8s.io/kube-proxy:v1.30.2 # The container image used in the kube-proxy manifest. + # mode: ipvs # proxy mode of kube-proxy. + # # Extra arguments to supply to kube-proxy. + # extraArgs: + # proxy-mode: iptables + + # # Scheduler server specific configuration options. + # scheduler: + # image: registry.k8s.io/kube-scheduler:v1.30.2 # The container image used in the scheduler manifest. + # # Extra arguments to supply to the scheduler. + # extraArgs: + # feature-gates: AllBeta=true + + # # Etcd specific configuration options. + # etcd: + # image: gcr.io/etcd-development/etcd:v3.5.14 # The container image used to create the etcd service. + # # The `ca` is the root certificate authority of the PKI. + # ca: + # crt: LS0tIEVYQU1QTEUgQ0VSVElGSUNBVEUgLS0t + # key: LS0tIEVYQU1QTEUgS0VZIC0tLQ== + # # Extra arguments to supply to etcd. + # extraArgs: + # election-timeout: "5000" + # # The `advertisedSubnets` field configures the networks to pick etcd advertised IP from. + # advertisedSubnets: + # - 10.0.0.0/8 + + # # Core DNS specific configuration options. + # coreDNS: + # image: registry.k8s.io/coredns/coredns:v1.11.1 # The `image` field is an override to the default coredns image. + + # # External cloud provider configuration. + # externalCloudProvider: + # enabled: true # Enable external cloud provider. + # # A list of urls that point to additional manifests for an external cloud provider. + # manifests: + # - https://raw.githubusercontent.com/kubernetes/cloud-provider-aws/v1.20.0-alpha.0/manifests/rbac.yaml + # - https://raw.githubusercontent.com/kubernetes/cloud-provider-aws/v1.20.0-alpha.0/manifests/aws-cloud-controller-manager-daemonset.yaml + + # # A list of urls that point to additional manifests. + # extraManifests: + # - https://www.example.com/manifest1.yaml + # - https://www.example.com/manifest2.yaml + + # # A map of key value pairs that will be added while fetching the extraManifests. + # extraManifestHeaders: + # Token: "1234567" + # X-ExtraInfo: info + + # # Settings for admin kubeconfig generation. + # adminKubeconfig: + # certLifetime: 1h0m0s # Admin kubeconfig certificate lifetime (default is 1 year). + + # # Allows running workload on control-plane nodes. + # allowSchedulingOnControlPlanes: true +--- +apiVersion: v1alpha1 +kind: SideroLinkConfig +apiUrl: grpc://HgblRC92LYnIbK8-7790apBwrlfzKzCP.org:8090?grpc_tunnel=false&jointoken=w7uVuW3zbVKIYQuzEcyetAHeYMeo5q2L9RvkAVfCfSCD # SideroLink API URL to connect to. +--- +apiVersion: v1alpha1 +kind: EventSinkConfig +endpoint: '[fdae:41e4:649b:9303::1]:8090' # The endpoint for the event sink as 'host:port'. +--- +apiVersion: v1alpha1 +kind: KmsgLogConfig +name: omni-kmsg # Name of the config document. +url: tcp://[fdae:41e4:649b:9303::1]:8092 # The URL encodes the log destination. diff --git a/client/pkg/compression/testdata/config-small.yaml b/client/pkg/compression/testdata/config-small.yaml new file mode 100644 index 00000000..dbbc1a66 --- /dev/null +++ b/client/pkg/compression/testdata/config-small.yaml @@ -0,0 +1,114 @@ +cluster: + ca: + crt: t9hj9r..Yfr6xH5uBlrFLKDRvNSpql-+B2VdD-bMv/.fTNFvU6FvQu+phvXKH36YiFf8.BOAAXNlWaZz-83ddEqpc2cBlKDI+PsaPxsnqd3NQz/.UbLCL1APbLvwVfq4dlvSfqn/pIbdppsFqIME54S.v+fZmfPYJNhSDXvsEj+1SiTgi=O6NT4W2x.0LF8u8f3qQUQw_PFRvVfUsxGP=5uefZp/RMjcxIjUYPFUmDNQvcPesW8=jC=TllrlD=2VaTT6E.2qbR8M8r.4A98-cEWSKedd+cqxI0iDQ-eq08unoJdtL6+/5qIDXudUpB4=faEHXEZG8=iZTZoIh6t4xqF9z=-DtuZF4BxLvGoLngfFvxpK_XiGfmTb/S6wWGdThzD2wh76zOl0nPUqs61ZolRiMYcvdaL90UhPl0nosb0mNmXwPrYIbNtA7CYZ69/8G_o3Q2xAMYhmAdg2+h4CtI=HdQ2hLTDAJaSuH9hHB4CsSF73HXaUd4XS7ZczZovMG+vLe_QTfCT_m-hVZ1t+13CbHwN8S8t+gM+hlbRhq3AcoApaiKD0P_.KXJo-L5L0q+ybYlBwYFZ6=7I7hrCXqsxzLQPAP+MkPwEDOLiP67paOSm=F.iI6AuUioo=dzE.h.-yp=NdCC8BXZzkzB6cI80nkOh/S5XZPYpzlIZVDOny7pVxV9msCuUEIWA+aFeB8sz+DVv0.h4ZECoCyQM7iPWehp=/cPSrNJTg0zQRj0kpvqGwA1RMX_wys3vv2WuLKdhFJ/pvCF97cNdQmngvL+=v+J1sC8PaGBxC=0KLr1eJHM1.=Fr9ZJ_P9Ohr3hQJNgLZ6iEb-NUo2td5bT2EJWnl0ee6Hg/gJpqzyfS69AEyhVDy0veN8jxv93QFl-tY13WLCVS8oR.oIIbPj+.xQ5Os8eKz-4D_FPZdot+mmxV_gL3Y6cujD6Fa7OQVYb-o+RxDM3j9AFULTVw8WtYqfvo6BnBwtnJ-tlNFMsR3M58rSXk0--Pan9DF69Zlz-6_ + key: "" + controlPlane: + endpoint: https://[fdae:41e4:649b:9303::1]:10000 + discovery: + enabled: true + registries: + kubernetes: + disabled: true + service: + endpoint: http://[fdae:41e4:649b:9303::1]:8093 + id: lH.4i4UV1J9+Quf8gqriGdXPsrXY=Q25_XOw7U70o=KxMu304ivAwqMxyOuz_rDo + inlineManifests: + - contents: |- + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRole + metadata: + name: omni-kube-service-exposer + rules: + - apiGroups: [""] + resources: ["services"] + verbs: ["get", "list", "watch"] + --- + apiVersion: v1 + kind: ServiceAccount + metadata: + name: omni-kube-service-exposer + namespace: kube-system + --- + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + metadata: + name: omni-kube-service-exposer + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: omni-kube-service-exposer + subjects: + - kind: ServiceAccount + name: omni-kube-service-exposer + namespace: kube-system + --- + apiVersion: apps/v1 + kind: DaemonSet + metadata: + name: omni-kube-service-exposer + namespace: kube-system + spec: + selector: + matchLabels: + app.kubernetes.io/name: omni-kube-service-exposer + template: + metadata: + labels: + app.kubernetes.io/name: omni-kube-service-exposer + spec: + serviceAccountName: omni-kube-service-exposer + hostNetwork: true + dnsPolicy: ClusterFirstWithHostNet + tolerations: + - operator: Exists + containers: + - name: omni-kube-service-exposer + image: ghcr.io/siderolabs/kube-service-exposer:v0.2.0 + args: + - --debug=false + - --annotation-key=omni-kube-service-exposer.sidero.dev/port + # siderolink CIDR + - --bind-cidrs="fdae:41e4:649b:9303::/64" + - --disallowed-host-port-ranges=6443,10250,50000-50001 + name: omni-kube-service-exposer + network: + dnsDomain: cluster.local + podSubnets: + - 10.244.0.0/16 + serviceSubnets: + - 10.96.0.0/12 + secret: fj0hiDVf5z3jZDTkQFrh4wj-tHisbrvrooLWBiwb4uuXW0bTe+xO6GAPoR+TLCUe + token: sHkLEpnzQ6.05k5cf5=SxK_O.kS1U9Jv +debug: false +machine: + ca: + crt: aG5ofXB9+ivOiD2AkxiDsxkCshhkvTb35NsbQQbDkuLYdmQ0CCh9/pj8vESTroSJyYJJOCsL+rYAQFUsqenOcVp.ZP4aec61u1ODfY7jxg+treEvReTluZCOOVvlGqgvE7A.z2QT9NQYqN4tKfKbKz=f03dTGStzQR8x8kqZ7yp9pxeSl3.F9E6dbf1KFrwDP2aO6I1E+V5pJqleZzDUCU7Y4j7dpuUQ_3uy2_/zCVpQxyZP_lTVS-xw5oFXdp_VdhJp=Mtemk1+iIK/DDo3i-xuWYmtHNLrPAkmL5N8v2Kd11c+ICHVnr=JF1QCLEPpKtfb3eSi08qG1j.FrMLwUnz7Ui-uBGH4VPPP/PqxzMw95d.JV4T4qRJgHa_wfztHDBj13DUU1oX4SF01FImPAid3Ocg-yF_0opqx/n6AAAfgMHJ=p+1brP-+59Kcxp/LA-d9sVPgJuOhLedfreAIak6o7_VX9XxRbs4sl1BoyDu/-v.t_GOrdBRV3ADySy.jee7VHY/=75Gn5Yi8+-efai0B1H=_G/uqTB1BrP/4FWPU2KU=-bN3ArHraFY5VXtXisrAak=JDVvETA/2kCmRKbLK0mCWpMcZwabw7/G1wi4JhLR.NI-M5+3LC2tsbMXtTImntQfYBQvRf-d=I9QBA+pYqU=1Y0435mS8Zs5IplpOp/tt61YVGSAXbsOvSNfzJQsuauE4=eM58h5vZ++9j9aokp638sDx7wRBV9HSmz.QKQQlx+g2Hxkjnhjvg0n7gLzNqEbzLGX15xZ2=p2a=u/xiQuAH/vT/kzTJktlDTaqT29ZVrmQ6gf=N5bPGp2phcNVgTp_Wp_R/ePWZlH3AqNGNqSxh59XQuBmGmC3Vex-s4WmwCDTdOWIcvSW-NUD7xayYIlnX/eiy/2Tr=_QYajy7Ots-_IlrNcWn8o67OO0NDoG9Pp_/3FNOX9TRl_8jk-2oH=rMH.D_VDTFmyeV-Tq2U0.C5MIi3ghvbuwKWBJDrdFfc5C_kPe6E3splFJ + key: "" + certSANs: + - K3wY9n1gFvXrnz2xzYAKVP+tv/rVWwgY.net + features: + apidCheckExtKeyUsage: true + diskQuotaSupport: true + hostDNS: + enabled: true + kubePrism: + enabled: true + port: 7445 + rbac: true + stableHostname: true + install: + disk: /dev/vda + image: factory.talos.dev/installer/8gNNqLWHQ4hd3LDLAtOVbzZJKwLAC-qo/0Y==kqfblGT3IOn-EJj_HeWms_yEFRG:v1.7.4 + wipe: false + kubelet: + defaultRuntimeSeccompProfileEnabled: true + disableManifestsDirectory: true + image: ghcr.io/siderolabs/kubelet:v1.30.1 + network: + kubespan: + enabled: true + registries: {} + token: -ZEdlNW0a-KFbZFB-AZWvfJycrdzJ7o5 + type: worker +persist: true +version: v1alpha1 diff --git a/client/pkg/omni/resources/omni/cluster_machine_config_patches_test.go b/client/pkg/omni/resources/omni/cluster_machine_config_patches_test.go index f17e5ce9..b329f669 100644 --- a/client/pkg/omni/resources/omni/cluster_machine_config_patches_test.go +++ b/client/pkg/omni/resources/omni/cluster_machine_config_patches_test.go @@ -29,13 +29,15 @@ text: "test"` func TestClusterMachineConfigPatchesSpecW_marshal(t *testing.T) { original := omni.NewClusterMachineConfigPatches("default", "1") - original.TypedSpec().Value.Patches = []string{newLineAndText, justText} + + err := original.TypedSpec().Value.SetUncompressedPatches([]string{newLineAndText, justText}) + require.NoError(t, err) out := must.Value(yaml.Marshal(must.Value(resource.MarshalYAML(original))(t)))(t) var dest protobuf.YAMLResource - err := yaml.Unmarshal(out, &dest) + err = yaml.Unmarshal(out, &dest) require.NoError(t, err) fmt.Println(string(out)) @@ -49,7 +51,10 @@ func TestClusterMachineConfigPatchesSpecW_marshal(t *testing.T) { func ExampleClusterMachineSpec_marshal() { original := omni.NewClusterMachineConfigPatches("default", "1") - original.TypedSpec().Value.Patches = []string{newLineAndText, justText} + + if err := original.TypedSpec().Value.SetUncompressedPatches([]string{newLineAndText, justText}); err != nil { + panic(err) + } current := time.Date(2022, 12, 9, 0, 0, 0, 0, time.UTC) original.Metadata().SetCreated(current) diff --git a/client/pkg/omni/resources/omni/config_patch.go b/client/pkg/omni/resources/omni/config_patch.go index 2a7ad28f..d81c053d 100644 --- a/client/pkg/omni/resources/omni/config_patch.go +++ b/client/pkg/omni/resources/omni/config_patch.go @@ -86,15 +86,15 @@ func (ConfigPatchExtension) ResourceDefinition() meta.ResourceDefinitionSpec { // ValidateConfigPatch parses the config patch data using Talos config loader, // then validates that the config patch doesn't have fields that are controlled by omni. -func ValidateConfigPatch(data string) error { - _, err := configloader.NewFromBytes([]byte(data)) +func ValidateConfigPatch(data []byte) error { + _, err := configloader.NewFromBytes(data) if err != nil { return err } var config map[string]any - err = yaml.Unmarshal([]byte(data), &config) + err = yaml.Unmarshal(data, &config) if err != nil { return err } diff --git a/client/pkg/omni/resources/omni/config_patch_test.go b/client/pkg/omni/resources/omni/config_patch_test.go index 945746c3..541e9f6f 100644 --- a/client/pkg/omni/resources/omni/config_patch_test.go +++ b/client/pkg/omni/resources/omni/config_patch_test.go @@ -83,7 +83,7 @@ machine: }, } { t.Run(tt.name, func(t *testing.T) { - err := omni.ValidateConfigPatch(tt.config) + err := omni.ValidateConfigPatch([]byte(tt.config)) if tt.expectedError != "" { require.Error(t, err, tt.expectedError) require.EqualError(t, err, tt.expectedError) diff --git a/client/pkg/omni/resources/omni/testdata/config.yaml b/client/pkg/omni/resources/omni/testdata/config.yaml new file mode 100644 index 00000000..379b4e50 --- /dev/null +++ b/client/pkg/omni/resources/omni/testdata/config.yaml @@ -0,0 +1,98 @@ +version: v1alpha1 +debug: false +persist: true +cluster: + id: KPOgwQiHAtaISoXPmJZquF46sx2t9qHh6AticK9vDDw= + secret: '******' + controlPlane: + endpoint: https://[fdae:41e4:649b:9303::1]:10001 + clusterName: talos-default-1 + network: + dnsDomain: cluster.local + podSubnets: + - 10.244.0.0/16 + serviceSubnets: + - 10.96.0.0/12 + token: '******' + secretboxEncryptionSecret: '******' + ca: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJpakNDQVMrZ0F3SUJBZ0lRUmdLU0wyRGs4ZmhEZ2gvTkQxVXdyVEFLQmdncWhrak9QUVFEQWpBVk1STXcKRVFZRFZRUUtFd3ByZFdKbGNtNWxkR1Z6TUI0WERUSTBNRGd5T1RBNE5EUXdNMW9YRFRNME1EZ3lOekE0TkRRdwpNMW93RlRFVE1CRUdBMVVFQ2hNS2EzVmlaWEp1WlhSbGN6QlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VICkEwSUFCT0lYTXY0Z3FlMFE1T2NjcWgxZWVUVldKTUpBRUZTdG84bXhNMFBSdFpRb0hQTHdwS1VzcVZjVDhBQU0KWjdJSnRKUWFYa2JaT0xwaFc4bTk5WXFEWTR5allUQmZNQTRHQTFVZER3RUIvd1FFQXdJQ2hEQWRCZ05WSFNVRQpGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFCkZnUVVXdUU4VWRteTNYTWRXUGowQk5NU2dPNEpFeVV3Q2dZSUtvWkl6ajBFQXdJRFNRQXdSZ0loQUtJcm9GbTkKOEk2YkhPaXl4L3pscHYxOUlXNFU4RDIzeEVXM1NPNTVRZWx5QWlFQWhnTnRPRE5hTmttRXlnSC94WC9YbTg0VQp4elpZSmtxQ1Q4K1RzR3BMaGxVPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + key: '******' + aggregatorCA: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJYakNDQVFXZ0F3SUJBZ0lRR3lFc0djMEV2NzNuZzNoSFB3U01uekFLQmdncWhrak9QUVFEQWpBQU1CNFgKRFRJME1EZ3lPVEE0TkRRd00xb1hEVE0wTURneU56QTRORFF3TTFvd0FEQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxRwpTTTQ5QXdFSEEwSUFCTmk3Rmg0QXVUR0VrTUFjeTRPc1BoN01jMi9DaTAwQ0txOHFVR0srZkpYRlIwTW5Sb0lPCklBTlIxSDQveUNnMmV3WnV1S3IyTm0rRkplK2V5bng5Tk5XallUQmZNQTRHQTFVZER3RUIvd1FFQXdJQ2hEQWQKQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZApCZ05WSFE0RUZnUVVzbWkycSs1ZE9QbmlxK1dVbzdlaGdFTzNRRjB3Q2dZSUtvWkl6ajBFQXdJRFJ3QXdSQUlnCkNLOE9mZEp4R2FrWElsMjV4MUV1aEhEcDdEeldXSzd3bDVQaUlGMTczZlVDSUhnVE04T0ZKK3FPdDlmTjk0VXEKNlhMRVp0ZTB1WFU2U1RhUzBVVjdVc25aCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + key: '******' + serviceAccount: + key: '******' + apiServer: + image: registry.k8s.io/kube-apiserver:v1.30.1 + certSANs: + - fdae:41e4:649b:9303::1 + - omni.omni-local.utkuozdemir.org + disablePodSecurityPolicy: true + admissionControl: + - name: PodSecurity + configuration: + apiVersion: pod-security.admission.config.k8s.io/v1alpha1 + defaults: + audit: restricted + audit-version: latest + enforce: baseline + enforce-version: latest + warn: restricted + warn-version: latest + exemptions: + namespaces: + - kube-system + runtimeClasses: [] + usernames: [] + kind: PodSecurityConfiguration + auditPolicy: + apiVersion: audit.k8s.io/v1 + kind: Policy + rules: + - level: Metadata + controllerManager: + image: registry.k8s.io/kube-controller-manager:v1.30.1 + proxy: + image: registry.k8s.io/kube-proxy:v1.30.1 + scheduler: + image: registry.k8s.io/kube-scheduler:v1.30.1 + discovery: + enabled: true + registries: + kubernetes: + disabled: true + service: {} + etcd: + ca: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJmRENDQVNPZ0F3SUJBZ0lRRFh1TVgwaTJGcEtaWUVNSWNpN1hJVEFLQmdncWhrak9QUVFEQWpBUE1RMHcKQ3dZRFZRUUtFd1JsZEdOa01CNFhEVEkwTURneU9UQTRORFF3TTFvWERUTTBNRGd5TnpBNE5EUXdNMW93RHpFTgpNQXNHQTFVRUNoTUVaWFJqWkRCWk1CTUdCeXFHU000OUFnRUdDQ3FHU000OUF3RUhBMElBQkJuNmJQWXBKTVM3CkFXT2VmVGczbnFtVHRIdXpZTjR4eUFlZ1Npb25lWjJpT1hWODNDWjdxMGhTdlB6NEVwaVpCTDUwUGQzNXdDMVoKU3RFY2pnY0wxenlqWVRCZk1BNEdBMVVkRHdFQi93UUVBd0lDaERBZEJnTlZIU1VFRmpBVUJnZ3JCZ0VGQlFjRApBUVlJS3dZQkJRVUhBd0l3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFkQmdOVkhRNEVGZ1FVWHA2S0tXbDBCRmtpCmRmZ3hJb2ZuYUk0NGJ5QXdDZ1lJS29aSXpqMEVBd0lEUndBd1JBSWdhTlpnMGhnSjBxTS9lRElZWVRQZ252TWUKUk56UkVTZzJsNXZXMTVlTlVUVUNJSDNUZTF0clRYNmVHakhVQ1dUZEpVeGNhZU1aRytOVm5LMHFCMEtnTDFwawotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + key: '******' + allowSchedulingOnControlPlanes: true +machine: + type: controlplane + token: '******' + ca: + crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJQakNCOGFBREFnRUNBaEFkYTAwVFdvOWsyaTNKb0NmUXdVZ2NNQVVHQXl0bGNEQVFNUTR3REFZRFZRUUsKRXdWMFlXeHZjekFlRncweU5EQTRNamt3T0RRME1ETmFGdzB6TkRBNE1qY3dPRFEwTUROYU1CQXhEakFNQmdOVgpCQW9UQlhSaGJHOXpNQ293QlFZREsyVndBeUVBUU5WeXVJYjM1eVZac25STDV6ZTFtYlF0K1dtNFAvNkJSZ3RWCmduNTl1VWlqWVRCZk1BNEdBMVVkRHdFQi93UUVBd0lDaERBZEJnTlZIU1VFRmpBVUJnZ3JCZ0VGQlFjREFRWUkKS3dZQkJRVUhBd0l3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFkQmdOVkhRNEVGZ1FVcCtwSGhranhTRnFPby9vOAphUFZWWjl6ZVZLUXdCUVlESzJWd0EwRUEza1FHSU1rK2hnNnN4M2Y0S2xOeEJUdExHVElBWG0zZk5YVlpzUmRlCk9jYkgzTGZZQ2ZIcU9nNXA1aHNEVGpXY2VZd3M0Y3Ribi9NTnN6TGZwYmQ2Q1E9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + key: '******' + certSANs: + - omni.omni-local.utkuozdemir.org + kubelet: + image: ghcr.io/siderolabs/kubelet:v1.30.1 + defaultRuntimeSeccompProfileEnabled: true + disableManifestsDirectory: true + network: {} + install: + disk: /dev/vda + image: factory.talos.dev/installer/5e0ac9d7e10ff9034bc4db865bf0337d40eeaec20683e27804939e1a88b7b654:v1.7.4 + wipe: false + features: + rbac: true + stableHostname: true + apidCheckExtKeyUsage: true + diskQuotaSupport: true + kubePrism: + enabled: true + port: 7445 + hostDNS: + enabled: true + env: diff --git a/client/pkg/omnictl/root.go b/client/pkg/omnictl/root.go index 7aadf22a..ed5c3e10 100644 --- a/client/pkg/omnictl/root.go +++ b/client/pkg/omnictl/root.go @@ -9,6 +9,7 @@ import ( "github.com/spf13/cobra" + "github.com/siderolabs/omni/client/pkg/compression" "github.com/siderolabs/omni/client/pkg/omnictl/config" "github.com/siderolabs/omni/client/pkg/omnictl/internal/access" ) @@ -20,6 +21,9 @@ var RootCmd = &cobra.Command{ Long: ``, SilenceUsage: true, DisableAutoGenTag: true, + PersistentPreRunE: func(*cobra.Command, []string) error { + return compression.InitConfig(true) + }, } func init() { diff --git a/client/pkg/template/internal/models/patch.go b/client/pkg/template/internal/models/patch.go index 67c2bdce..c6d0ca2c 100644 --- a/client/pkg/template/internal/models/patch.go +++ b/client/pkg/template/internal/models/patch.go @@ -96,7 +96,7 @@ func (patch *Patch) Validate() error { if err != nil { multiErr = multierror.Append(multiErr, fmt.Errorf("failed to access %q: %w", patch.File, err)) } else { - if err = omni.ValidateConfigPatch(string(raw)); err != nil { + if err = omni.ValidateConfigPatch(raw); err != nil { multiErr = multierror.Append(multiErr, fmt.Errorf("failed to validate patch %q: %w", patch.File, err)) } } @@ -109,7 +109,7 @@ func (patch *Patch) Validate() error { if err != nil { multiErr = multierror.Append(multiErr, fmt.Errorf("failed to marshal inline patch %q: %w", name, err)) } else { - if err = omni.ValidateConfigPatch(string(raw)); err != nil { + if err = omni.ValidateConfigPatch(raw); err != nil { multiErr = multierror.Append(multiErr, fmt.Errorf("failed to validate inline patch %q: %w", name, err)) } } @@ -157,7 +157,9 @@ func (patch *Patch) Translate(prefix string, weight int, labels ...pair.Pair[str patch.Descriptors.Apply(patchResource) - patchResource.TypedSpec().Value.Data = string(raw) + if err = patchResource.TypedSpec().Value.SetUncompressedData(raw); err != nil { + return nil, err + } return patchResource, nil } diff --git a/client/pkg/template/operations/export.go b/client/pkg/template/operations/export.go index 05fd6a1d..8ed9fa95 100644 --- a/client/pkg/template/operations/export.go +++ b/client/pkg/template/operations/export.go @@ -150,7 +150,16 @@ func writeYAML(writer io.Writer, modelList models.List) (err error) { func transformConfigPatchToModel(configPatch *omni.ConfigPatch) (models.Patch, error) { var data map[string]any - if err := yaml.Unmarshal([]byte(configPatch.TypedSpec().Value.GetData()), &data); err != nil { + buffer, err := configPatch.TypedSpec().Value.GetUncompressedData() + if err != nil { + return models.Patch{}, fmt.Errorf("failed to get patch data for patch %q: %w", configPatch.Metadata().ID(), err) + } + + defer buffer.Free() + + patchData := buffer.Data() + + if err = yaml.Unmarshal(patchData, &data); err != nil { return models.Patch{}, fmt.Errorf("failed to unmarshal patch %q: %w", configPatch.Metadata().ID(), err) } @@ -510,7 +519,16 @@ func getInstallDiskFromConfigPatch(configPatch *omni.ConfigPatch) string { var data map[string]any - if err := yaml.Unmarshal([]byte(configPatch.TypedSpec().Value.GetData()), &data); err != nil { + buffer, err := configPatch.TypedSpec().Value.GetUncompressedData() + if err != nil { + return "" // ignore the error, as it will be caught by the validation later + } + + defer buffer.Free() + + patchData := buffer.Data() + + if err = yaml.Unmarshal(patchData, &data); err != nil { return "" // ignore the error, as it will be caught by the validation later } diff --git a/client/pkg/template/operations/export_test.go b/client/pkg/template/operations/export_test.go index 62349377..3c744b7b 100644 --- a/client/pkg/template/operations/export_test.go +++ b/client/pkg/template/operations/export_test.go @@ -95,6 +95,15 @@ func assertVersionsUnchanged[T resource.Resource](t *testing.T, before map[resou } func assertConfigPatches(t *testing.T, before map[string]*omni.ConfigPatch, after map[string]*omni.ConfigPatch) { + getPatchData := func(patch *omni.ConfigPatch) string { + buffer, err := patch.TypedSpec().Value.GetUncompressedData() + require.NoError(t, err) + + defer buffer.Free() + + return string(buffer.Data()) + } + for _, beforeConfigPatch := range before { afterConfigPatch := after[beforeConfigPatch.Metadata().ID()] @@ -105,7 +114,10 @@ func assertConfigPatches(t *testing.T, before map[string]*omni.ConfigPatch, afte assert.Equal(t, beforeConfigPatch.Metadata().Labels(), afterConfigPatch.Metadata().Labels(), "labels changed for resource: %q", beforeConfigPatch.Metadata()) assert.Equal(t, beforeConfigPatch.Metadata().Annotations(), afterConfigPatch.Metadata().Annotations(), "annotations changed for resource: %q", beforeConfigPatch.Metadata()) - assert.YAMLEq(t, beforeConfigPatch.TypedSpec().Value.GetData(), afterConfigPatch.TypedSpec().Value.GetData(), + beforeData := getPatchData(beforeConfigPatch) + afterData := getPatchData(afterConfigPatch) + + assert.YAMLEq(t, beforeData, afterData, "config patch data changed for resource: %q", beforeConfigPatch.Metadata()) } } diff --git a/client/pkg/template/template_test.go b/client/pkg/template/template_test.go index 9f6ce486..3f9cab78 100644 --- a/client/pkg/template/template_test.go +++ b/client/pkg/template/template_test.go @@ -23,6 +23,8 @@ import ( "github.com/stretchr/testify/require" "gopkg.in/yaml.v3" + "github.com/siderolabs/omni/client/api/omni/specs" + "github.com/siderolabs/omni/client/pkg/compression" "github.com/siderolabs/omni/client/pkg/template" ) @@ -280,6 +282,18 @@ machine: } func TestTranslate(t *testing.T) { + previousCompressionConfig := specs.GetCompressionConfig() + + // disable resource compression for the test + compressionConfig, err := compression.BuildConfig(false, false, false) + require.NoError(t, err) + + t.Cleanup(func() { + specs.SetCompressionConfig(previousCompressionConfig) + }) + + specs.SetCompressionConfig(compressionConfig) + cwd, err := os.Getwd() require.NoError(t, err) diff --git a/client/pkg/template/testdata/cluster1-resources.yaml b/client/pkg/template/testdata/cluster1-resources.yaml index 3e070b21..8afcbefb 100644 --- a/client/pkg/template/testdata/cluster1-resources.yaml +++ b/client/pkg/template/testdata/cluster1-resources.yaml @@ -38,6 +38,7 @@ spec: network: kubespan: enabled: true + compresseddata: [] --- metadata: namespace: default @@ -61,6 +62,7 @@ spec: endpoints: - https://ghcr.io - https://ghcr.mirror.com + compresseddata: [] --- metadata: namespace: default @@ -133,6 +135,7 @@ spec: extraArgs: cloud-provider: external cloud-config: /etc/kubernetes/cloud-config.yaml + compresseddata: [] --- metadata: namespace: default @@ -154,6 +157,7 @@ spec: network: kubespan: enabled: true + compresseddata: [] --- metadata: namespace: default @@ -212,6 +216,7 @@ spec: machine: install: disk: /dev/vda + compresseddata: [] --- metadata: namespace: default @@ -237,3 +242,4 @@ spec: interface: eth0 routes: - gateway: 192.168.0.1 + compresseddata: [] diff --git a/client/pkg/template/testdata/cluster2-resources.yaml b/client/pkg/template/testdata/cluster2-resources.yaml index e9440303..25cfd507 100644 --- a/client/pkg/template/testdata/cluster2-resources.yaml +++ b/client/pkg/template/testdata/cluster2-resources.yaml @@ -38,6 +38,7 @@ spec: network: kubespan: enabled: true + compresseddata: [] --- metadata: namespace: default @@ -61,6 +62,7 @@ spec: endpoints: - https://ghcr.io - https://ghcr.mirror.com + compresseddata: [] --- metadata: namespace: default @@ -117,6 +119,7 @@ spec: network: kubespan: enabled: false + compresseddata: [] --- metadata: namespace: default @@ -173,6 +176,7 @@ spec: machine: install: disk: /dev/vdb + compresseddata: [] --- metadata: namespace: default @@ -198,3 +202,4 @@ spec: interface: eth0 routes: - gateway: 192.168.0.1 + compresseddata: [] diff --git a/client/pkg/template/testdata/cluster3-resources.yaml b/client/pkg/template/testdata/cluster3-resources.yaml index 8d362693..c7f9daa5 100644 --- a/client/pkg/template/testdata/cluster3-resources.yaml +++ b/client/pkg/template/testdata/cluster3-resources.yaml @@ -214,6 +214,7 @@ spec: interface: eth0 routes: - gateway: 192.168.0.1 + compresseddata: [] --- metadata: namespace: default diff --git a/cmd/integration-test/pkg/tests/auth.go b/cmd/integration-test/pkg/tests/auth.go index 837ac0fb..8dc48218 100644 --- a/cmd/integration-test/pkg/tests/auth.go +++ b/cmd/integration-test/pkg/tests/auth.go @@ -1220,13 +1220,13 @@ func AssertResourceAuthzWithACL(ctx context.Context, rootCli *client.Client, cli clusterAuthorized.TypedSpec().Value.KubernetesVersion = "1.27.3" err = userState.Create(ctx, clusterAuthorized) - assert.NoError(t, err) + require.NoError(t, err) t.Cleanup(func() { destroy(ctx, t, rootCli, clusterAuthorized.Metadata()) }) // try to get the unauthorized cluster using the user client - should work, as the user has the Reader role _, err = userState.Get(ctx, clusterUnauthorized.Metadata()) - assert.NoError(t, err) + require.NoError(t, err) // try to modify the unauthorized cluster using the user client clusterUnauthorized.TypedSpec().Value.TalosVersion = "1.4.5" @@ -1236,7 +1236,7 @@ func AssertResourceAuthzWithACL(ctx context.Context, rootCli *client.Client, cli // try to get the authorized cluster using the user client _, err = userState.Get(ctx, clusterAuthorized.Metadata()) - assert.NoError(t, err) + require.NoError(t, err) // test the logic for a config patch without any cluster association configPatchUnauthorized := omni.NewConfigPatch(resources.DefaultNamespace, "unauthorized-"+testID) @@ -1248,10 +1248,11 @@ func AssertResourceAuthzWithACL(ctx context.Context, rootCli *client.Client, cli configPatchAuthorized := omni.NewConfigPatch(resources.DefaultNamespace, "authorized"+testID) configPatchAuthorized.Metadata().Labels().Set(omni.LabelCluster, clusterAuthorized.Metadata().ID()) - configPatchAuthorized.TypedSpec().Value.Data = "debug: true" + err = configPatchAuthorized.TypedSpec().Value.SetUncompressedData([]byte("debug: true")) + require.NoError(t, err) err = userState.Create(ctx, configPatchAuthorized) - assert.NoError(t, err) + require.NoError(t, err) t.Cleanup(func() { destroy(ctx, t, rootCli, configPatchAuthorized.Metadata()) }) } diff --git a/cmd/integration-test/pkg/tests/cluster.go b/cmd/integration-test/pkg/tests/cluster.go index aa3f3ac1..4b0ccef2 100644 --- a/cmd/integration-test/pkg/tests/cluster.go +++ b/cmd/integration-test/pkg/tests/cluster.go @@ -135,11 +135,12 @@ func CreateClusterWithMachineClass(testCtx context.Context, st state.State, opti kubespanEnabler := omni.NewConfigPatch(resources.DefaultNamespace, fmt.Sprintf("%s-kubespan-enabler", options.Name)) kubespanEnabler.Metadata().Labels().Set(omni.LabelCluster, options.Name) - kubespanEnabler.TypedSpec().Value.Data = `machine: + err := kubespanEnabler.TypedSpec().Value.SetUncompressedData([]byte(`machine: network: kubespan: enabled: true -` +`)) + require.NoError(err) require.NoError(st.Create(ctx, cluster)) require.NoError(st.Create(ctx, kubespanEnabler)) @@ -175,12 +176,10 @@ func CreateClusterWithMachineClass(testCtx context.Context, st state.State, opti cps.Metadata().Labels().Set(omni.LabelCluster, options.Name) cps.Metadata().Labels().Set(omni.LabelClusterMachine, machineID) - cps.TypedSpec().Value.Data = fmt.Sprintf(`machine: + return cps.TypedSpec().Value.SetUncompressedData([]byte(fmt.Sprintf(`machine: kubelet: extraArgs: - node-labels: %s=%s`, nodeLabel, machineID) - - return nil + node-labels: %s=%s`, nodeLabel, machineID))) }) } @@ -681,9 +680,7 @@ func bindMachine(ctx context.Context, t *testing.T, st state.State, bindOpts bin return err } - cps.TypedSpec().Value.Data = string(patchBytes) - - return nil + return cps.TypedSpec().Value.SetUncompressedData(patchBytes) }) id := omni.WorkersResourceID(bindOpts.clusterName) diff --git a/cmd/integration-test/pkg/tests/config_patch.go b/cmd/integration-test/pkg/tests/config_patch.go index 35811b4d..736d4887 100644 --- a/cmd/integration-test/pkg/tests/config_patch.go +++ b/cmd/integration-test/pkg/tests/config_patch.go @@ -84,11 +84,9 @@ func AssertLargeImmediateConfigApplied(testCtx context.Context, cli *client.Clie configPatch := omni.NewConfigPatch(resources.DefaultNamespace, id, pair.MakePair(omni.LabelCluster, clusterName)) - // apply large config patch that creates a dummy interface + // apply the large config patch that creates a dummy interface createOrUpdate(ctx, t, st, configPatch, func(p *omni.ConfigPatch) error { - p.TypedSpec().Value.Data = sb.String() - - return nil + return p.TypedSpec().Value.SetUncompressedData([]byte(configPatchYAML)) }) t.Logf("created large config patch with dummy interface: %q", iface) @@ -97,7 +95,7 @@ func AssertLargeImmediateConfigApplied(testCtx context.Context, cli *client.Clie cmIDs := rtestutils.ResourceIDs[*omni.ClusterMachineConfigPatches](ctx, t, st, state.WithLabelQuery(resource.LabelEqual(omni.LabelCluster, clusterName))) rtestutils.AssertResources(ctx, t, st, cmIDs, func(cm *omni.ClusterMachineConfigPatches, assertion *assert.Assertions) { - assertion.True(clusterMachinePatchesContainsString(cm, iface), "cluster machine %q patches don't contain string %q", cm.Metadata().ID(), iface) + assertion.True(clusterMachinePatchesContainsString(t, cm, iface), "cluster machine %q patches don't contain string %q", cm.Metadata().ID(), iface) }) linkStatus := network.NewLinkStatus(network.NamespaceName, "") @@ -140,7 +138,7 @@ func AssertLargeImmediateConfigApplied(testCtx context.Context, cli *client.Clie // assert that the patch deletion is propagated to all clustermachines rtestutils.AssertResources(ctx, t, st, cmIDs, func(cm *omni.ClusterMachineConfigPatches, assertion *assert.Assertions) { - assertion.False(clusterMachinePatchesContainsString(cm, iface), "cluster machine %q patches contain string %q", cm.Metadata().ID(), iface) + assertion.False(clusterMachinePatchesContainsString(t, cm, iface), "cluster machine %q patches contain string %q", cm.Metadata().ID(), iface) }) } } @@ -182,11 +180,9 @@ func AssertConfigPatchWithReboot(testCtx context.Context, cli *client.Client, cl pair.MakePair(omni.LabelCluster, clusterName), pair.MakePair(omni.LabelClusterMachine, nodeID)) - // apply config patch that creates a file + // apply the config patch that creates a file createOrUpdate(ctx, t, st, configPatch, func(p *omni.ConfigPatch) error { - p.TypedSpec().Value.Data = configPatchYAML - - return nil + return p.TypedSpec().Value.SetUncompressedData([]byte(configPatchYAML)) }) t.Logf("created config patch with file: %q", file) @@ -195,7 +191,7 @@ func AssertConfigPatchWithReboot(testCtx context.Context, cli *client.Client, cl // assert that the patch is propagated to all clustermachines rtestutils.AssertResources(ctx, t, st, []resource.ID{nodeID}, func(cm *omni.ClusterMachineConfigPatches, assertion *assert.Assertions) { - assertion.True(clusterMachinePatchesContainsString(cm, file), "cluster machine %q patches don't contain string %q", file, cm.Metadata().ID()) + assertion.True(clusterMachinePatchesContainsString(t, cm, file), "cluster machine %q patches don't contain string %q", file, cm.Metadata().ID()) }) // assert that machine set enters into reconfiguring phase @@ -265,11 +261,9 @@ func AssertConfigPatchWithInvalidConfig(testCtx context.Context, cli *client.Cli pair.MakePair(omni.LabelCluster, clusterName), pair.MakePair(omni.LabelClusterMachine, cmID)) - // apply broken config patch + // apply the broken config patch createOrUpdate(ctx, t, st, configPatch, func(p *omni.ConfigPatch) error { - p.TypedSpec().Value.Data = configPatchYAML - - return nil + return p.TypedSpec().Value.SetUncompressedData([]byte(configPatchYAML)) }) t.Logf("created config patch with file: %q", file) @@ -319,25 +313,23 @@ func AssertConfigPatchMachineSet(testCtx context.Context, cli *client.Client, cl pair.MakePair(omni.LabelMachineSet, workerMachineSetName), ) - // apply config patch that creates a dummy interface + // apply the config patch that creates a dummy interface createOrUpdate(ctx, t, st, configPatch, func(p *omni.ConfigPatch) error { - p.TypedSpec().Value.Data = configPatchYAML - - return nil + return p.TypedSpec().Value.SetUncompressedData([]byte(configPatchYAML)) }) // assert that the patch is propagated to all worker machine set ClusterMachines workerIDs := rtestutils.ResourceIDs[*omni.ClusterMachineConfigPatches](ctx, t, st, state.WithLabelQuery(resource.LabelEqual(omni.LabelMachineSet, workerMachineSetName))) rtestutils.AssertResources(ctx, t, st, workerIDs, func(cm *omni.ClusterMachineConfigPatches, assertion *assert.Assertions) { - assertion.True(clusterMachinePatchesContainsString(cm, iface), "cluster machine %q patches don't contain string %q", cm.Metadata().ID(), iface) + assertion.True(clusterMachinePatchesContainsString(t, cm, iface), "cluster machine %q patches don't contain string %q", cm.Metadata().ID(), iface) }) // assert that the patch is *NOT* propagated to all controlplane machine set ClusterMachines controlPlaneIDs := rtestutils.ResourceIDs[*omni.ClusterMachineConfigPatches](ctx, t, st, state.WithLabelQuery(resource.LabelEqual(omni.LabelMachineSet, controlPlaneMachineSetName))) rtestutils.AssertResources(ctx, t, st, controlPlaneIDs, func(cm *omni.ClusterMachineConfigPatches, assertion *assert.Assertions) { - assertion.False(clusterMachinePatchesContainsString(cm, iface), "cluster machine %q patches contain string %q", cm.Metadata().ID(), iface) + assertion.False(clusterMachinePatchesContainsString(t, cm, iface), "cluster machine %q patches contain string %q", cm.Metadata().ID(), iface) }) // cleanup @@ -370,23 +362,21 @@ func AssertConfigPatchSingleClusterMachine(testCtx context.Context, cli *client. pair.MakePair(omni.LabelCluster, clusterName), pair.MakePair(omni.LabelClusterMachine, cmID)) - // apply config patch + // apply the config patch createOrUpdate(ctx, t, st, configPatch, func(p *omni.ConfigPatch) error { - p.TypedSpec().Value.Data = configPatchYAML - - return nil + return p.TypedSpec().Value.SetUncompressedData([]byte(configPatchYAML)) }) // assert that the patch is propagated to the clustermachine rtestutils.AssertResources(ctx, t, st, []resource.ID{cmID}, func(r *omni.ClusterMachineConfigPatches, assertion *assert.Assertions) { - assertion.True(clusterMachinePatchesContainsString(r, iface), "cluster machine %q patches don't contain string %q", r.Metadata().ID(), iface) + assertion.True(clusterMachinePatchesContainsString(t, r, iface), "cluster machine %q patches don't contain string %q", r.Metadata().ID(), iface) }) // assert that the patch is *NOT* propagated to other clustermachines of the cluster otherCMIDs := cmIDs[1:] rtestutils.AssertResources(ctx, t, st, otherCMIDs, func(r *omni.ClusterMachineConfigPatches, assertion *assert.Assertions) { - assertion.False(clusterMachinePatchesContainsString(r, iface), "cluster machine %q patches contain string %q", r.Metadata().ID(), iface) + assertion.False(clusterMachinePatchesContainsString(t, r, iface), "cluster machine %q patches contain string %q", r.Metadata().ID(), iface) }) // cleanup @@ -394,8 +384,11 @@ func AssertConfigPatchSingleClusterMachine(testCtx context.Context, cli *client. } } -func clusterMachinePatchesContainsString(clusterMachineConfigPatches *omni.ClusterMachineConfigPatches, str string) bool { - for _, patch := range clusterMachineConfigPatches.TypedSpec().Value.GetPatches() { +func clusterMachinePatchesContainsString(t *testing.T, clusterMachineConfigPatches *omni.ClusterMachineConfigPatches, str string) bool { + patches, err := clusterMachineConfigPatches.TypedSpec().Value.GetUncompressedPatches() + require.NoError(t, err) + + for _, patch := range patches { if strings.Contains(patch, str) { return true } diff --git a/cmd/integration-test/pkg/tests/maintenance.go b/cmd/integration-test/pkg/tests/maintenance.go index 0f631310..3e63da9d 100644 --- a/cmd/integration-test/pkg/tests/maintenance.go +++ b/cmd/integration-test/pkg/tests/maintenance.go @@ -41,7 +41,14 @@ func AssertMaintenanceTestConfigIsPresent(ctx context.Context, omniState state.S machineID := ids[machineIndex] rtestutils.AssertResource[*omni.RedactedClusterMachineConfig](ctx, t, omniState, machineID, func(r *omni.RedactedClusterMachineConfig, assertion *assert.Assertions) { - assertion.Contains(r.TypedSpec().Value.Data, testPatch) + buffer, bufferErr := r.TypedSpec().Value.GetUncompressedData() + assertion.NoError(bufferErr) + + defer buffer.Free() + + data := string(buffer.Data()) + + assertion.Contains(data, testPatch) }) } } diff --git a/cmd/integration-test/pkg/tests/rolling_update.go b/cmd/integration-test/pkg/tests/rolling_update.go index 3bb31aab..ef128e6a 100644 --- a/cmd/integration-test/pkg/tests/rolling_update.go +++ b/cmd/integration-test/pkg/tests/rolling_update.go @@ -66,7 +66,8 @@ func AssertWorkerNodesRollingConfigUpdate(testCtx context.Context, cli *client.C pair.MakePair(omni.LabelCluster, clusterName), pair.MakePair(omni.LabelMachineSet, workersResourceID)) - machineSetPatch.TypedSpec().Value.Data = fmt.Sprintf(`{"machine":{"env":{"%d":"test-val"}}}`, epochSeconds) + err = machineSetPatch.TypedSpec().Value.SetUncompressedData([]byte(fmt.Sprintf(`{"machine":{"env":{"%d":"test-val"}}}`, epochSeconds))) + require.NoError(t, err) require.NoError(t, st.Create(ctx, machineSetPatch)) diff --git a/cmd/integration-test/root.go b/cmd/integration-test/root.go index 860b7ba5..80bfb9a1 100644 --- a/cmd/integration-test/root.go +++ b/cmd/integration-test/root.go @@ -19,6 +19,7 @@ import ( "github.com/mattn/go-shellwords" "github.com/spf13/cobra" + "github.com/siderolabs/omni/client/pkg/compression" clientconsts "github.com/siderolabs/omni/client/pkg/constants" "github.com/siderolabs/omni/cmd/integration-test/pkg/clientconfig" "github.com/siderolabs/omni/cmd/integration-test/pkg/tests" @@ -30,6 +31,9 @@ var rootCmd = &cobra.Command{ Use: "omni-integration-test", Short: "Omni integration test runner.", Long: ``, + PersistentPreRunE: func(*cobra.Command, []string) error { + return compression.InitConfig(true) + }, RunE: func(*cobra.Command, []string) error { return withContext(func(ctx context.Context) error { // hacky hack diff --git a/cmd/omni/main.go b/cmd/omni/main.go index 5a3db918..cbb1bada 100644 --- a/cmd/omni/main.go +++ b/cmd/omni/main.go @@ -26,6 +26,7 @@ import ( "go.uber.org/zap/zapcore" "k8s.io/klog/v2" + "github.com/siderolabs/omni/client/pkg/compression" "github.com/siderolabs/omni/client/pkg/constants" authres "github.com/siderolabs/omni/client/pkg/omni/resources/auth" omnires "github.com/siderolabs/omni/client/pkg/omni/resources/omni" @@ -96,6 +97,12 @@ var rootCmd = &cobra.Command{ return fmt.Errorf("failed to set up logging: %w", err) } + if err = compression.InitConfig(config.Config.ConfigDataCompression.Enabled); err != nil { + return err + } + + logger.Info("initialized resource compression config", zap.Bool("enabled", config.Config.ConfigDataCompression.Enabled)) + // set kubernetes logger to use warn log level and use zap klog.SetLogger(zapr.NewLogger(logger.WithOptions(zap.IncreaseLevel(zapcore.WarnLevel)).With(logging.Component("kubernetes")))) @@ -446,6 +453,8 @@ func init() { rootCmd.Flags().BoolVar(&config.Config.WorkloadProxying.Enabled, "workload-proxying-enabled", config.Config.WorkloadProxying.Enabled, "enable workload proxying feature.") rootCmd.Flags().StringVar(&config.Config.WorkloadProxying.Subdomain, "workload-proxying-subdomain", config.Config.WorkloadProxying.Subdomain, "workload proxying subdomain.") + rootCmd.Flags().BoolVar(&config.Config.ConfigDataCompression.Enabled, "config-data-compression-enabled", config.Config.ConfigDataCompression.Enabled, "enable config data compression.") + rootCmd.Flags().IntVar(&config.Config.LocalResourceServerPort, "local-resource-server-port", config.Config.LocalResourceServerPort, "port for local read-only public resource server.") ensure.NoError(rootCmd.MarkFlagRequired("private-key-source")) diff --git a/frontend/src/api/omni/specs/omni.pb.ts b/frontend/src/api/omni/specs/omni.pb.ts index a5260c52..bc0ddcf6 100644 --- a/frontend/src/api/omni/specs/omni.pb.ts +++ b/frontend/src/api/omni/specs/omni.pb.ts @@ -320,6 +320,7 @@ export type ClusterMachineSpec = { export type ClusterMachineConfigPatchesSpec = { patches?: string[] + compressed_patches?: Uint8Array[] } export type ClusterMachineTalosVersionSpec = { @@ -331,10 +332,12 @@ export type ClusterMachineConfigSpec = { data?: Uint8Array cluster_machine_version?: string generation_error?: string + compressed_data?: Uint8Array } export type RedactedClusterMachineConfigSpec = { data?: string + compressed_data?: Uint8Array } export type ClusterMachineIdentitySpec = { @@ -440,6 +443,7 @@ export type InstallationMediaSpec = { export type ConfigPatchSpec = { data?: string + compressed_data?: Uint8Array } export type MachineSetSpecMachineClass = { diff --git a/go.mod b/go.mod index b1c4957f..9ba33e23 100644 --- a/go.mod +++ b/go.mod @@ -26,7 +26,7 @@ require ( github.com/blang/semver v3.5.1+incompatible github.com/blang/semver/v4 v4.0.0 github.com/containers/image/v5 v5.32.2 - github.com/cosi-project/runtime v0.6.1 + github.com/cosi-project/runtime v0.6.2 github.com/cosi-project/state-etcd v0.3.1 github.com/crewjam/saml v0.4.14 github.com/dustin/go-humanize v1.0.1 diff --git a/go.sum b/go.sum index af58beb7..7c70b0f0 100644 --- a/go.sum +++ b/go.sum @@ -107,8 +107,8 @@ github.com/coreos/go-semver v0.3.1 h1:yi21YpKnrx1gt5R+la8n5WgS0kCrsPp33dmEyHReZr github.com/coreos/go-semver v0.3.1/go.mod h1:irMmmIw/7yzSRPWryHsK7EYSg09caPQL03VsM8rvUec= github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= -github.com/cosi-project/runtime v0.6.1 h1:mKNACtmdO9rBdI83zpVDuDRap7w4kCyE40gYn7oricM= -github.com/cosi-project/runtime v0.6.1/go.mod h1:2iQ2Wu57UNm89ZksFLoMLGEZnPzUkk5g64+AlWHopo4= +github.com/cosi-project/runtime v0.6.2 h1:GHp/GoJlqAfmVXq69r7CeSIXj31glMNz8z2RM3ugpRU= +github.com/cosi-project/runtime v0.6.2/go.mod h1:2iQ2Wu57UNm89ZksFLoMLGEZnPzUkk5g64+AlWHopo4= github.com/cosi-project/state-etcd v0.3.1 h1:Xeg2YW8k4/tHhJao/SenC+eZiJaIkeavXVB8tHEgaIc= github.com/cosi-project/state-etcd v0.3.1/go.mod h1:DTYhrWuBJHkkl1ke7Q/L1tQEd2N8p6XfZ+8haev3Tco= github.com/cpuguy83/go-md2man/v2 v2.0.4 h1:wfIWP927BUkWJb2NmU/kNDYIBTh/ziUX91+lVfRxZq4= diff --git a/go.work b/go.work index 6b876c4c..0c41996c 100644 --- a/go.work +++ b/go.work @@ -4,4 +4,5 @@ use ( . ./client ./internal/e2e-tests + ./hack/zstd-dict ) diff --git a/hack/zstd-dict/.gitignore b/hack/zstd-dict/.gitignore new file mode 100644 index 00000000..00acd393 --- /dev/null +++ b/hack/zstd-dict/.gitignore @@ -0,0 +1 @@ +/inputs diff --git a/hack/zstd-dict/.golangci.yml b/hack/zstd-dict/.golangci.yml new file mode 100644 index 00000000..8f094df7 --- /dev/null +++ b/hack/zstd-dict/.golangci.yml @@ -0,0 +1,161 @@ +# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. +# +# Generated on 2024-09-05T11:23:56Z by kres b5ca957. + +# options for analysis running +run: + timeout: 10m + issues-exit-code: 1 + tests: true + build-tags: [ ] + modules-download-mode: readonly + +# output configuration options +output: + formats: + - format: colored-line-number + path: stdout + print-issued-lines: true + print-linter-name: true + uniq-by-line: true + path-prefix: "" + +# all available settings of specific linters +linters-settings: + dogsled: + max-blank-identifiers: 2 + dupl: + threshold: 150 + errcheck: + check-type-assertions: true + check-blank: true + exhaustive: + default-signifies-exhaustive: false + gci: + sections: + - standard # Standard section: captures all standard packages. + - default # Default section: contains all imports that could not be matched to another section type. + - localmodule # Imports from the same module. + gocognit: + min-complexity: 30 + nestif: + min-complexity: 5 + goconst: + min-len: 3 + min-occurrences: 3 + gocritic: + disabled-checks: [ ] + gocyclo: + min-complexity: 20 + godot: + scope: declarations + gofmt: + simplify: true + gomodguard: { } + govet: + enable-all: true + lll: + line-length: 200 + tab-width: 4 + misspell: + locale: US + ignore-words: [ ] + nakedret: + max-func-lines: 30 + prealloc: + simple: true + range-loops: true # Report preallocation suggestions on range loops, true by default + for-loops: false # Report preallocation suggestions on for loops, false by default + nolintlint: + allow-unused: false + allow-no-explanation: [ ] + require-explanation: false + require-specific: true + rowserrcheck: { } + testpackage: { } + unparam: + check-exported: false + unused: + local-variables-are-used: false + whitespace: + multi-if: false # Enforces newlines (or comments) after every multi-line if statement + multi-func: false # Enforces newlines (or comments) after every multi-line function signature + wsl: + strict-append: true + allow-assign-and-call: true + allow-multiline-assign: true + allow-cuddle-declarations: false + allow-trailing-comment: false + force-case-trailing-whitespace: 0 + force-err-cuddling: false + allow-separated-leading-comment: false + gofumpt: + extra-rules: false + cyclop: + # the maximal code complexity to report + max-complexity: 20 + depguard: + rules: + prevent_unmaintained_packages: + list-mode: lax # allow unless explicitly denied + files: + - $all + deny: + - pkg: io/ioutil + desc: "replaced by io and os packages since Go 1.16: https://tip.golang.org/doc/go1.16#ioutil" + prevent_sync_errgroup: + deny: + - desc: Use github.com/siderolabs/omni/client/pkg/panichandler.ErrGroup instead + pkg: golang.org/x/sync/errgroup + files: + - $all + - '!$test' + - '!**/integration-test/**' + - '!**/omnictl/**' + - '!**/panichandler/**' + list-mode: lax + +linters: + enable-all: true + disable-all: false + fast: false + disable: + - exhaustruct + - err113 + - forbidigo + - funlen + - gochecknoglobals + - gochecknoinits + - godox + - gomnd + - gomoddirectives + - gosec + - inamedparam + - ireturn + - mnd + - nestif + - nonamedreturns + - paralleltest + - tagalign + - tagliatelle + - thelper + - varnamelen + - wrapcheck + - testifylint # complains about our assert recorder and has a number of false positives for assert.Greater(t, thing, 1) + - protogetter # complains about us using Value field on typed spec, instead of GetValue which has a different signature + - perfsprint # complains about us using fmt.Sprintf in non-performance critical code, updating just kres took too long + - goimports # same as gci + - musttag # seems to be broken - goes into imported libraries and reports issues there + +issues: + exclude: [ ] + exclude-rules: [ ] + exclude-use-default: false + exclude-case-sensitive: false + max-issues-per-linter: 10 + max-same-issues: 3 + new: false + +severity: + default-severity: error + case-sensitive: false diff --git a/hack/zstd-dict/.kresignore b/hack/zstd-dict/.kresignore new file mode 100644 index 00000000..e69de29b diff --git a/hack/zstd-dict/README.md b/hack/zstd-dict/README.md new file mode 100644 index 00000000..cc97496f --- /dev/null +++ b/hack/zstd-dict/README.md @@ -0,0 +1,36 @@ +# zstd-dict + +zstd-dict is a tool for generating a zstd dictionary used to compress resources containing partial or full Talos machine configurations, such as `ClusterMachineConfig` and `ConfigPatch`. + +The dictionary is generated using a training set consisting of: + +- Randomly generated Talos machine configuration YAMLs +- ArgoCD application manifests generated via the `helm template` command + +Kubernetes manifests are included because they are commonly used in the `inlineManifests` section of Talos machine configurations. + +This tool updates the `client/pkg/compression/data/config.zdict` dictionary file under the Omni project root. It also writes the input files used for training into the `inputs/` directory. + +The `inputs/` directory can then be used as input to generate a dictionary using the `zstd` command-line tool. + +To generate a dictionary via command line: + +1. Install `zstd` +2. In the directory of this tool, run the following command: + +```bash +export DICT_ID=1 +zstd --train -r inputs -o ../../client/pkg/compression/data/config.$DICT_ID.zdict --dictID $DICT_ID --maxdict=64KB +``` + +**Note:** The dictionary trained via command line might produce different, potentially better results than the one generated by this tool. Compare the results of both dictionaries before deciding +which one to use. + +**Note:** When updating the dictionary, follow these steps to maintain backward compatibility: + +1. Increment the dictionary ID in this tool. +2. Update the shell command above with the new dictionary ID. +3. In the `client/pkg/compression/data/` package, add the new dictionary file without removing the old ones. +4. Update the code in the compression package to handle multiple dictionary versions, ensuring that the decoder can still access and use the old dictionaries when needed. + +These steps are crucial to maintain compatibility with data compressed using previous dictionary versions. diff --git a/hack/zstd-dict/data/argocd-values.yaml b/hack/zstd-dict/data/argocd-values.yaml new file mode 100644 index 00000000..b0183b94 --- /dev/null +++ b/hack/zstd-dict/data/argocd-values.yaml @@ -0,0 +1,38 @@ +redis-ha: + enabled: true + +controller: + replicas: 1 + +server: + autoscaling: + enabled: true + minReplicas: 2 + ingress: + enabled: true + ingressClassName: nginx + annotations: + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + tls: true + ingressGrpc: + enabled: true + ingressClassName: contour-internal + extraTls: + - hosts: + - grpc.argocd.example.com + secretName: wildcard-tls + +repoServer: + autoscaling: + enabled: true + minReplicas: 2 + +applicationSet: + replicas: 2 + +global: + domain: argocd.example.com + +certificate: + enabled: true diff --git a/hack/zstd-dict/data/machineconfig.tmpl.yaml b/hack/zstd-dict/data/machineconfig.tmpl.yaml new file mode 100644 index 00000000..e2035832 --- /dev/null +++ b/hack/zstd-dict/data/machineconfig.tmpl.yaml @@ -0,0 +1,633 @@ +# Generated by Omni on 2024-09-05T12:50:45.707723918Z +version: v1alpha1 # Indicates the schema used to decode the contents. +debug: false # Enable verbose logging to the console. +persist: true +# Provides machine specific configuration options. +machine: + type: {{ .MachineType }} # Defines the role of the machine within the cluster. + token: {{ .MachineToken }} # The `token` is used by a machine to join the PKI of the cluster. + # The root certificate authority of the PKI. + ca: + crt: {{ .MachineCaCrt }} + key: "" + # Extra certificate subject alternative names for the machine's certificate. + certSANs: + - {{ .Domain }} + # Used to provide additional options to the kubelet. + kubelet: + image: ghcr.io/siderolabs/kubelet:v1.30.1 # The `image` field is an optional reference to an alternative kubelet image. + defaultRuntimeSeccompProfileEnabled: true # Enable container runtime default Seccomp profile. + disableManifestsDirectory: true # The `disableManifestsDirectory` field configures the kubelet to get static pod manifests from the /etc/kubernetes/manifests directory. + + # # The `ClusterDNS` field is an optional reference to an alternative kubelet clusterDNS ip list. + # clusterDNS: + # - 10.96.0.10 + # - 169.254.2.53 + + # # The `extraArgs` field is used to provide additional flags to the kubelet. + # extraArgs: + # key: value + + # # The `extraMounts` field is used to add additional mounts to the kubelet container. + # extraMounts: + # - destination: /var/lib/example # Destination is the absolute path where the mount will be placed in the container. + # type: bind # Type specifies the mount kind. + # source: /var/lib/example # Source specifies the source path of the mount. + # # Options are fstab style mount options. + # options: + # - bind + # - rshared + # - rw + + # # The `extraConfig` field is used to provide kubelet configuration overrides. + # extraConfig: + # serverTLSBootstrap: true + + # # The `KubeletCredentialProviderConfig` field is used to provide kubelet credential configuration. + # credentialProviderConfig: + # apiVersion: kubelet.config.k8s.io/v1 + # kind: CredentialProviderConfig + # providers: + # - apiVersion: credentialprovider.kubelet.k8s.io/v1 + # defaultCacheDuration: 12h + # matchImages: + # - '*.dkr.ecr.*.amazonaws.com' + # - '*.dkr.ecr.*.amazonaws.com.cn' + # - '*.dkr.ecr-fips.*.amazonaws.com' + # - '*.dkr.ecr.us-iso-east-1.c2s.ic.gov' + # - '*.dkr.ecr.us-isob-east-1.sc2s.sgov.gov' + # name: ecr-credential-provider + + # # The `nodeIP` field is used to configure `--node-ip` flag for the kubelet. + # nodeIP: + # # The `validSubnets` field configures the networks to pick kubelet node IP from. + # validSubnets: + # - 10.0.0.0/8 + # - '!10.0.0.3/32' + # - fdc7::/16 + # Provides machine specific network configuration options. + network: + # Configures KubeSpan feature. + kubespan: + enabled: true # Enable the KubeSpan feature. + + # # `interfaces` is used to define the network interface configuration. + # interfaces: + # - interface: enp0s1 # The interface name. + # # Assigns static IP addresses to the interface. + # addresses: + # - 192.168.2.0/24 + # # A list of routes associated with the interface. + # routes: + # - network: 0.0.0.0/0 # The route's network (destination). + # gateway: 192.168.2.1 # The route's gateway (if empty, creates link scope route). + # metric: 1024 # The optional metric for the route. + # mtu: 1500 # The interface's MTU. + # + # # # Picks a network device using the selector. + + # # # select a device with bus prefix 00:*. + # # deviceSelector: + # # busPath: 00:* # PCI, USB bus prefix, supports matching by wildcard. + # # # select a device with mac address matching `*:f0:ab` and `virtio` kernel driver. + # # deviceSelector: + # # hardwareAddr: '*:f0:ab' # Device hardware address, supports matching by wildcard. + # # driver: virtio # Kernel driver, supports matching by wildcard. + # # # select a device with bus prefix 00:*, a device with mac address matching `*:f0:ab` and `virtio` kernel driver. + # # deviceSelector: + # # - busPath: 00:* # PCI, USB bus prefix, supports matching by wildcard. + # # - hardwareAddr: '*:f0:ab' # Device hardware address, supports matching by wildcard. + # # driver: virtio # Kernel driver, supports matching by wildcard. + + # # # Bond specific options. + # # bond: + # # # The interfaces that make up the bond. + # # interfaces: + # # - enp2s0 + # # - enp2s1 + # # # Picks a network device using the selector. + # # deviceSelectors: + # # - busPath: 00:* # PCI, USB bus prefix, supports matching by wildcard. + # # - hardwareAddr: '*:f0:ab' # Device hardware address, supports matching by wildcard. + # # driver: virtio # Kernel driver, supports matching by wildcard. + # # mode: 802.3ad # A bond option. + # # lacpRate: fast # A bond option. + + # # # Bridge specific options. + # # bridge: + # # # The interfaces that make up the bridge. + # # interfaces: + # # - enxda4042ca9a51 + # # - enxae2a6774c259 + # # # A bridge option. + # # stp: + # # enabled: true # Whether Spanning Tree Protocol (STP) is enabled. + + # # # Indicates if DHCP should be used to configure the interface. + # # dhcp: true + + # # # DHCP specific options. + # # dhcpOptions: + # # routeMetric: 1024 # The priority of all routes received via DHCP. + + # # # Wireguard specific configuration. + + # # # wireguard server example + # # wireguard: + # # privateKey: ABCDEF... # Specifies a private key configuration (base64 encoded). + # # listenPort: 51111 # Specifies a device's listening port. + # # # Specifies a list of peer configurations to apply to a device. + # # peers: + # # - publicKey: ABCDEF... # Specifies the public key of this peer. + # # endpoint: 192.168.1.3 # Specifies the endpoint of this peer entry. + # # # AllowedIPs specifies a list of allowed IP addresses in CIDR notation for this peer. + # # allowedIPs: + # # - 192.168.1.0/24 + # # # wireguard peer example + # # wireguard: + # # privateKey: ABCDEF... # Specifies a private key configuration (base64 encoded). + # # # Specifies a list of peer configurations to apply to a device. + # # peers: + # # - publicKey: ABCDEF... # Specifies the public key of this peer. + # # endpoint: 192.168.1.2:51822 # Specifies the endpoint of this peer entry. + # # persistentKeepaliveInterval: 10s # Specifies the persistent keepalive interval for this peer. + # # # AllowedIPs specifies a list of allowed IP addresses in CIDR notation for this peer. + # # allowedIPs: + # # - 192.168.1.0/24 + + # # # Virtual (shared) IP address configuration. + + # # # layer2 vip example + # # vip: + # # ip: 172.16.199.55 # Specifies the IP address to be used. + + # # Used to statically set the nameservers for the machine. + # nameservers: + # - 8.8.8.8 + # - 1.1.1.1 + + # # Allows for extra entries to be added to the `/etc/hosts` file + # extraHostEntries: + # - ip: 192.168.1.100 # The IP of the host. + # # The host alias. + # aliases: + # - example + # - example.domain.tld + # Used to provide instructions for installations. + install: + disk: /dev/vda # The disk used for installations. + image: factory.talos.dev/{{ .Installer }}/{{ .SchematicID }}:v1.7.4 # Allows for supplying the image used to perform the installation. + wipe: false # Indicates if the installation disk should be wiped at installation time. + + # # Look up disk using disk attributes like model, size, serial and others. + # diskSelector: + # size: 4GB # Disk size. + # model: WDC* # Disk model `/sys/block//device/model`. + # busPath: /pci0000:00/0000:00:17.0/ata1/host0/target0:0:0/0:0:0:0 # Disk bus path. + + # # Allows for supplying extra kernel args via the bootloader. + # extraKernelArgs: + # - talos.platform=metal + # - reboot=k + + # # Allows for supplying additional system extension images to install on top of base Talos image. + # extensions: + # - image: ghcr.io/siderolabs/gvisor:20220117.0-v1.0.0 # System extension image. + # Used to configure the machine's container image registry mirrors. + registries: {} + # # Specifies mirror configuration for each registry host namespace. + # mirrors: + # ghcr.io: + # # List of endpoints (URLs) for registry mirrors to use. + # endpoints: + # - https://registry.insecure + # - https://ghcr.io/v2/ + + # # Specifies TLS & auth configuration for HTTPS image registries. + # config: + # registry.insecure: + # # The TLS configuration for the registry. + # tls: + # insecureSkipVerify: true # Skip TLS server certificate verification (not recommended). + # + # # # Enable mutual TLS authentication with the registry. + # # clientIdentity: + # # crt: LS0tIEVYQU1QTEUgQ0VSVElGSUNBVEUgLS0t + # # key: LS0tIEVYQU1QTEUgS0VZIC0tLQ== + # + # # # The auth configuration for this registry. + # # auth: + # # username: username # Optional registry authentication. + # # password: password # Optional registry authentication. + + # Features describe individual Talos features that can be switched on or off. + features: + rbac: true # Enable role-based access control (RBAC). + stableHostname: true # Enable stable default hostname. + apidCheckExtKeyUsage: true # Enable checks for extended key usage of client certificates in apid. + diskQuotaSupport: true # Enable XFS project quota support for EPHEMERAL partition and user disks. + # KubePrism - local proxy/load balancer on defined port that will distribute + kubePrism: + enabled: true # Enable KubePrism support - will start local load balancing proxy. + port: 7445 # KubePrism port. + # Configures host DNS caching resolver. + hostDNS: + enabled: true # Enable host DNS caching resolver. + + # # Configure Talos API access from Kubernetes pods. + # kubernetesTalosAPIAccess: + # enabled: true # Enable Talos API access from Kubernetes pods. + # # The list of Talos API roles which can be granted for access from Kubernetes pods. + # allowedRoles: + # - os:reader + # # The list of Kubernetes namespaces Talos API access is available from. + # allowedKubernetesNamespaces: + # - kube-system + + # # Provides machine specific control plane configuration options. + + # # ControlPlane definition example. + # controlPlane: + # # Controller manager machine specific configuration options. + # controllerManager: + # disabled: false # Disable kube-controller-manager on the node. + # # Scheduler machine specific configuration options. + # scheduler: + # disabled: true # Disable kube-scheduler on the node. + + # # Used to provide static pod definitions to be run by the kubelet directly bypassing the kube-apiserver. + + # # nginx static pod. + # pods: + # - apiVersion: v1 + # kind: pod + # metadata: + # name: nginx + # spec: + # containers: + # - image: nginx + # name: nginx + + # # Used to partition, format and mount additional disks. + + # # MachineDisks list example. + # disks: + # - device: /dev/sdb # The name of the disk to use. + # # A list of partitions to create on the disk. + # partitions: + # - mountpoint: /var/mnt/extra # Where to mount the partition. + # + # # # The size of partition: either bytes or human readable representation. If `size:` is omitted, the partition is sized to occupy the full disk. + + # # # Human readable representation. + # # size: 100 MB + # # # Precise value in bytes. + # # size: 1073741824 + + # # Allows the addition of user specified files. + + # # MachineFiles usage example. + # files: + # - content: '...' # The contents of the file. + # permissions: 0o666 # The file's permissions in octal. + # path: /tmp/file.txt # The path of the file. + # op: append # The operation to use + + # # The `env` field allows for the addition of environment variables. + + # # Environment variables definition examples. + # env: + # GRPC_GO_LOG_SEVERITY_LEVEL: info + # GRPC_GO_LOG_VERBOSITY_LEVEL: "99" + # https_proxy: http://SERVER:PORT/ + # env: + # GRPC_GO_LOG_SEVERITY_LEVEL: error + # https_proxy: https://USERNAME:PASSWORD@SERVER:PORT/ + # env: + # https_proxy: http://DOMAIN\USERNAME:PASSWORD@SERVER:PORT/ + + # # Used to configure the machine's time settings. + + # # Example configuration for cloudflare ntp server. + # time: + # disabled: false # Indicates if the time service is disabled for the machine. + # # description: | + # servers: + # - time.cloudflare.com + # bootTimeout: 2m0s # Specifies the timeout when the node time is considered to be in sync unlocking the boot sequence. + + # # Used to configure the machine's sysctls. + + # # MachineSysctls usage example. + # sysctls: + # kernel.domainname: talos.dev + # net.ipv4.ip_forward: "0" + # net/ipv6/conf/eth0.100/disable_ipv6: "1" + + # # Used to configure the machine's sysfs. + + # # MachineSysfs usage example. + # sysfs: + # devices.system.cpu.cpu0.cpufreq.scaling_governor: performance + + # # Machine system disk encryption configuration. + # systemDiskEncryption: + # # Ephemeral partition encryption. + # ephemeral: + # provider: luks2 # Encryption provider to use for the encryption. + # # Defines the encryption keys generation and storage method. + # keys: + # - # Deterministically generated key from the node UUID and PartitionLabel. + # nodeID: {} + # slot: 0 # Key slot number for LUKS2 encryption. + # + # # # KMS managed encryption key. + # # kms: + # # endpoint: https://192.168.88.21:4443 # KMS endpoint to Seal/Unseal the key. + # + # # # Cipher kind to use for the encryption. Depends on the encryption provider. + # # cipher: aes-xts-plain64 + + # # # Defines the encryption sector size. + # # blockSize: 4096 + + # # # Additional --perf parameters for the LUKS2 encryption. + # # options: + # # - no_read_workqueue + # # - no_write_workqueue + + # # Configures the udev system. + # udev: + # # List of udev rules to apply to the udev system + # rules: + # - SUBSYSTEM=="drm", KERNEL=="renderD*", GROUP="44", MODE="0660" + + # # Configures the logging system. + # logging: + # # Logging destination. + # destinations: + # - endpoint: tcp://1.2.3.4:12345 # Where to send logs. Supported protocols are "tcp" and "udp". + # format: json_lines # Logs format. + + # # Configures the kernel. + # kernel: + # # Kernel modules to load. + # modules: + # - name: brtfs # Module name. + + # # Configures the seccomp profiles for the machine. + # seccompProfiles: + # - name: audit.json # The `name` field is used to provide the file name of the seccomp profile. + # # The `value` field is used to provide the seccomp profile. + # value: + # defaultAction: SCMP_ACT_LOG + + # # Configures the node labels for the machine. + + # # node labels example. + # nodeLabels: + # exampleLabel: exampleLabelValue + + # # Configures the node taints for the machine. Effect is optional. + + # # node taints example. + # nodeTaints: + # exampleTaint: exampleTaintValue:NoSchedule +# Provides cluster specific configuration options. +cluster: + id: {{ .ClusterID }} # Globally unique identifier for this cluster (base64 encoded random 32 bytes). + secret: {{ .ClusterSecret }} # Shared secret of cluster (base64 encoded random 32 bytes). + # Provides control plane specific configuration options. + controlPlane: + endpoint: https://[fdae:41e4:649b:9303::1]:10000 # Endpoint is the canonical controlplane endpoint, which can be an IP address or a DNS hostname. + # Provides cluster specific network configuration options. + network: + dnsDomain: cluster.local # The domain used by Kubernetes DNS. + # The pod subnet CIDR. + podSubnets: + - 10.244.0.0/16 + # The service subnet CIDR. + serviceSubnets: + - 10.96.0.0/12 + + # # The CNI used. + # cni: + # name: custom # Name of CNI to use. + # # URLs containing manifests to apply for the CNI. + # urls: + # - https://docs.projectcalico.org/archive/v3.20/manifests/canal.yaml + token: {{ .ClusterToken }} # The [bootstrap token](https://kubernetes.io/docs/reference/access-authn-authz/bootstrap-tokens/) used to join the cluster. + # The base64 encoded root certificate authority used by Kubernetes. + ca: + crt: {{ .ClusterCaCrt }} + key: "" + # Configures cluster member discovery. + discovery: + enabled: true # Enable the cluster membership discovery feature. + # Configure registries used for cluster member discovery. + registries: + # Kubernetes registry uses Kubernetes API server to discover cluster members and stores additional information + kubernetes: + disabled: true # Disable Kubernetes discovery registry. + # Service registry is using an external service to push and pull information about cluster members. + service: + endpoint: http://[fdae:41e4:649b:9303::1]:8093 # External service endpoint. + # A list of inline Kubernetes manifests. + inlineManifests: + - name: omni-kube-service-exposer # Name of the manifest. + contents: |- # Manifest contents as a string. + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRole + metadata: + name: omni-kube-service-exposer + rules: + - apiGroups: [""] + resources: ["services"] + verbs: ["get", "list", "watch"] + --- + apiVersion: v1 + kind: ServiceAccount + metadata: + name: omni-kube-service-exposer + namespace: kube-system + --- + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + metadata: + name: omni-kube-service-exposer + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: omni-kube-service-exposer + subjects: + - kind: ServiceAccount + name: omni-kube-service-exposer + namespace: kube-system + --- + apiVersion: apps/v1 + kind: DaemonSet + metadata: + name: omni-kube-service-exposer + namespace: kube-system + spec: + selector: + matchLabels: + app.kubernetes.io/name: omni-kube-service-exposer + template: + metadata: + labels: + app.kubernetes.io/name: omni-kube-service-exposer + spec: + serviceAccountName: omni-kube-service-exposer + hostNetwork: true + dnsPolicy: ClusterFirstWithHostNet + tolerations: + - operator: Exists + containers: + - name: omni-kube-service-exposer + image: ghcr.io/siderolabs/kube-service-exposer:v0.2.0 + args: + - --debug=false + - --annotation-key=omni-kube-service-exposer.sidero.dev/port + # siderolink CIDR + - --bind-cidrs="fdae:41e4:649b:9303::/64" + - --disallowed-host-port-ranges=6443,10250,50000-50001 + + # # A key used for the [encryption of secret data at rest](https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/). + + # # Decryption secret example (do not use in production!). + # aescbcEncryptionSecret: z01mye6j16bspJYtTB/5SFX8j7Ph4JXxM2Xuu4vsBPM= + + # # A key used for the [encryption of secret data at rest](https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/). + + # # Decryption secret example (do not use in production!). + # secretboxEncryptionSecret: z01mye6j16bspJYtTB/5SFX8j7Ph4JXxM2Xuu4vsBPM= + + # # The base64 encoded aggregator certificate authority used by Kubernetes for front-proxy certificate generation. + + # # AggregatorCA example. + # aggregatorCA: + # crt: LS0tIEVYQU1QTEUgQ0VSVElGSUNBVEUgLS0t + # key: LS0tIEVYQU1QTEUgS0VZIC0tLQ== + + # # The base64 encoded private key for service account token generation. + + # # AggregatorCA example. + # serviceAccount: + # key: LS0tIEVYQU1QTEUgS0VZIC0tLQ== + + # # API server specific configuration options. + # apiServer: + # image: registry.k8s.io/kube-apiserver:v1.30.2 # The container image used in the API server manifest. + # # Extra arguments to supply to the API server. + # extraArgs: + # feature-gates: ServerSideApply=true + # http2-max-streams-per-connection: "32" + # # Extra certificate subject alternative names for the API server's certificate. + # certSANs: + # - 1.2.3.4 + # - 4.5.6.7 + # # Configure the API server admission plugins. + # admissionControl: + # - name: PodSecurity # Name is the name of the admission controller. + # # Configuration is an embedded configuration object to be used as the plugin's + # configuration: + # apiVersion: pod-security.admission.config.k8s.io/v1alpha1 + # defaults: + # audit: restricted + # audit-version: latest + # enforce: baseline + # enforce-version: latest + # warn: restricted + # warn-version: latest + # exemptions: + # namespaces: + # - kube-system + # runtimeClasses: [] + # usernames: [] + # kind: PodSecurityConfiguration + # # Configure the API server audit policy. + # auditPolicy: + # apiVersion: audit.k8s.io/v1 + # kind: Policy + # rules: + # - level: Metadata + + # # Controller manager server specific configuration options. + # controllerManager: + # image: registry.k8s.io/kube-controller-manager:v1.30.2 # The container image used in the controller manager manifest. + # # Extra arguments to supply to the controller manager. + # extraArgs: + # feature-gates: ServerSideApply=true + + # # Kube-proxy server-specific configuration options + # proxy: + # disabled: false # Disable kube-proxy deployment on cluster bootstrap. + # image: registry.k8s.io/kube-proxy:v1.30.2 # The container image used in the kube-proxy manifest. + # mode: ipvs # proxy mode of kube-proxy. + # # Extra arguments to supply to kube-proxy. + # extraArgs: + # proxy-mode: iptables + + # # Scheduler server specific configuration options. + # scheduler: + # image: registry.k8s.io/kube-scheduler:v1.30.2 # The container image used in the scheduler manifest. + # # Extra arguments to supply to the scheduler. + # extraArgs: + # feature-gates: AllBeta=true + + # # Etcd specific configuration options. + # etcd: + # image: gcr.io/etcd-development/etcd:v3.5.14 # The container image used to create the etcd service. + # # The `ca` is the root certificate authority of the PKI. + # ca: + # crt: LS0tIEVYQU1QTEUgQ0VSVElGSUNBVEUgLS0t + # key: LS0tIEVYQU1QTEUgS0VZIC0tLQ== + # # Extra arguments to supply to etcd. + # extraArgs: + # election-timeout: "5000" + # # The `advertisedSubnets` field configures the networks to pick etcd advertised IP from. + # advertisedSubnets: + # - 10.0.0.0/8 + + # # Core DNS specific configuration options. + # coreDNS: + # image: registry.k8s.io/coredns/coredns:v1.11.1 # The `image` field is an override to the default coredns image. + + # # External cloud provider configuration. + # externalCloudProvider: + # enabled: true # Enable external cloud provider. + # # A list of urls that point to additional manifests for an external cloud provider. + # manifests: + # - https://raw.githubusercontent.com/kubernetes/cloud-provider-aws/v1.20.0-alpha.0/manifests/rbac.yaml + # - https://raw.githubusercontent.com/kubernetes/cloud-provider-aws/v1.20.0-alpha.0/manifests/aws-cloud-controller-manager-daemonset.yaml + + # # A list of urls that point to additional manifests. + # extraManifests: + # - https://www.example.com/manifest1.yaml + # - https://www.example.com/manifest2.yaml + + # # A map of key value pairs that will be added while fetching the extraManifests. + # extraManifestHeaders: + # Token: "1234567" + # X-ExtraInfo: info + + # # Settings for admin kubeconfig generation. + # adminKubeconfig: + # certLifetime: 1h0m0s # Admin kubeconfig certificate lifetime (default is 1 year). + + # # Allows running workload on control-plane nodes. + # allowSchedulingOnControlPlanes: true +--- +apiVersion: v1alpha1 +kind: SideroLinkConfig +apiUrl: grpc://{{ .Domain }}:8090?grpc_tunnel=false&jointoken=w7uVuW3zbVKIYQuzEcyetAHeYMeo5q2L9RvkAVfCfSCD # SideroLink API URL to connect to. +--- +apiVersion: v1alpha1 +kind: EventSinkConfig +endpoint: '[fdae:41e4:649b:9303::1]:8090' # The endpoint for the event sink as 'host:port'. +--- +apiVersion: v1alpha1 +kind: KmsgLogConfig +name: omni-kmsg # Name of the config document. +url: tcp://[fdae:41e4:649b:9303::1]:8092 # The URL encodes the log destination. diff --git a/hack/zstd-dict/go.mod b/hack/zstd-dict/go.mod new file mode 100644 index 00000000..4088a4f8 --- /dev/null +++ b/hack/zstd-dict/go.mod @@ -0,0 +1,149 @@ +module github.com/siderolabs/omni-hack-zstd-dict + +go 1.23.0 + +require ( + github.com/klauspost/compress v1.17.9 + github.com/mittwald/go-helm-client v0.12.13 + go.uber.org/zap v1.26.0 + helm.sh/helm/v3 v3.15.4 +) + +require ( + github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect + github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect + github.com/BurntSushi/toml v1.3.2 // indirect + github.com/MakeNowJust/heredoc v1.0.0 // indirect + github.com/Masterminds/goutils v1.1.1 // indirect + github.com/Masterminds/semver/v3 v3.2.1 // indirect + github.com/Masterminds/sprig/v3 v3.2.3 // indirect + github.com/Masterminds/squirrel v1.5.4 // indirect + github.com/Microsoft/hcsshim v0.12.3 // indirect + github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect + github.com/beorn7/perks v1.0.1 // indirect + github.com/blang/semver/v4 v4.0.0 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect + github.com/chai2010/gettext-go v1.0.3 // indirect + github.com/containerd/containerd v1.7.17 // indirect + github.com/containerd/log v0.1.0 // indirect + github.com/cyphar/filepath-securejoin v0.2.5 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect + github.com/distribution/reference v0.6.0 // indirect + github.com/docker/cli v26.1.3+incompatible // indirect + github.com/docker/distribution v2.8.3+incompatible // indirect + github.com/docker/docker v26.1.3+incompatible // indirect + github.com/docker/docker-credential-helpers v0.8.1 // indirect + github.com/docker/go-connections v0.5.0 // indirect + github.com/docker/go-metrics v0.0.1 // indirect + github.com/emicklei/go-restful/v3 v3.12.0 // indirect + github.com/evanphx/json-patch v5.9.0+incompatible // indirect + github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect + github.com/fatih/color v1.17.0 // indirect + github.com/felixge/httpsnoop v1.0.4 // indirect + github.com/go-errors/errors v1.5.1 // indirect + github.com/go-gorp/gorp/v3 v3.1.0 // indirect + github.com/go-logr/logr v1.4.1 // indirect + github.com/go-logr/stdr v1.2.2 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect + github.com/go-openapi/jsonreference v0.21.0 // indirect + github.com/go-openapi/swag v0.23.0 // indirect + github.com/gobwas/glob v0.2.3 // indirect + github.com/gogo/protobuf v1.3.2 // indirect + github.com/golang/protobuf v1.5.4 // indirect + github.com/google/btree v1.1.2 // indirect + github.com/google/gnostic-models v0.6.8 // indirect + github.com/google/go-cmp v0.6.0 // indirect + github.com/google/gofuzz v1.2.0 // indirect + github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect + github.com/google/uuid v1.6.0 // indirect + github.com/gorilla/mux v1.8.1 // indirect + github.com/gorilla/websocket v1.5.1 // indirect + github.com/gosuri/uitable v0.0.4 // indirect + github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect + github.com/hashicorp/errwrap v1.1.0 // indirect + github.com/hashicorp/go-multierror v1.1.1 // indirect + github.com/huandu/xstrings v1.4.0 // indirect + github.com/imdario/mergo v0.3.16 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect + github.com/jmoiron/sqlx v1.4.0 // indirect + github.com/josharian/intern v1.0.0 // indirect + github.com/json-iterator/go v1.1.12 // indirect + github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect + github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect + github.com/lib/pq v1.10.9 // indirect + github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect + github.com/mailru/easyjson v0.7.7 // indirect + github.com/mattn/go-colorable v0.1.13 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-runewidth v0.0.15 // indirect + github.com/mitchellh/copystructure v1.2.0 // indirect + github.com/mitchellh/go-wordwrap v1.0.1 // indirect + github.com/mitchellh/reflectwalk v1.0.2 // indirect + github.com/moby/locker v1.0.1 // indirect + github.com/moby/spdystream v0.2.0 // indirect + github.com/moby/term v0.5.0 // indirect + github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect + github.com/modern-go/reflect2 v1.0.2 // indirect + github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect + github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect + github.com/opencontainers/go-digest v1.0.0 // indirect + github.com/opencontainers/image-spec v1.1.0 // indirect + github.com/peterbourgon/diskv v2.0.1+incompatible // indirect + github.com/pkg/errors v0.9.1 // indirect + github.com/prometheus/client_golang v1.19.1 // indirect + github.com/prometheus/client_model v0.6.1 // indirect + github.com/prometheus/common v0.53.0 // indirect + github.com/prometheus/procfs v0.15.0 // indirect + github.com/rivo/uniseg v0.4.7 // indirect + github.com/rubenv/sql-migrate v1.6.1 // indirect + github.com/russross/blackfriday/v2 v2.1.0 // indirect + github.com/shopspring/decimal v1.4.0 // indirect + github.com/sirupsen/logrus v1.9.3 // indirect + github.com/spf13/cast v1.6.0 // indirect + github.com/spf13/cobra v1.8.0 // indirect + github.com/spf13/pflag v1.0.5 // indirect + github.com/stretchr/objx v0.5.2 // indirect + github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect + github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect + github.com/xeipuuv/gojsonschema v1.2.0 // indirect + github.com/xlab/treeprint v1.2.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0 // indirect + go.opentelemetry.io/otel v1.26.0 // indirect + go.opentelemetry.io/otel/metric v1.26.0 // indirect + go.opentelemetry.io/otel/trace v1.26.0 // indirect + go.starlark.net v0.0.0-20240517230649-3792562d0b7f // indirect + go.uber.org/multierr v1.11.0 // indirect + golang.org/x/crypto v0.25.0 // indirect + golang.org/x/net v0.25.0 // indirect + golang.org/x/oauth2 v0.20.0 // indirect + golang.org/x/sync v0.7.0 // indirect + golang.org/x/sys v0.22.0 // indirect + golang.org/x/term v0.22.0 // indirect + golang.org/x/text v0.16.0 // indirect + golang.org/x/time v0.5.0 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291 // indirect + google.golang.org/grpc v1.64.0 // indirect + google.golang.org/protobuf v1.34.1 // indirect + gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect + gopkg.in/inf.v0 v0.9.1 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect + k8s.io/api v0.30.3 // indirect + k8s.io/apiextensions-apiserver v0.30.3 // indirect + k8s.io/apimachinery v0.30.3 // indirect + k8s.io/apiserver v0.30.3 // indirect + k8s.io/cli-runtime v0.30.3 // indirect + k8s.io/client-go v0.30.3 // indirect + k8s.io/component-base v0.30.3 // indirect + k8s.io/klog/v2 v2.120.1 // indirect + k8s.io/kube-openapi v0.0.0-20240430033511-f0e62f92d13f // indirect + k8s.io/kubectl v0.30.3 // indirect + k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0 // indirect + oras.land/oras-go v1.2.5 // indirect + sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect + sigs.k8s.io/kustomize/api v0.17.1 // indirect + sigs.k8s.io/kustomize/kyaml v0.17.0 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect + sigs.k8s.io/yaml v1.4.0 // indirect +) diff --git a/hack/zstd-dict/go.sum b/hack/zstd-dict/go.sum new file mode 100644 index 00000000..f375e202 --- /dev/null +++ b/hack/zstd-dict/go.sum @@ -0,0 +1,503 @@ +filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA= +filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4= +github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9vkmnHYOMsOr4WLk+Vo07yKIzd94sVoIqshQ4bU= +github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8= +github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 h1:L/gRVlceqvL25UVaW/CKtUDjefjrs0SPonmDGUVOYP0= +github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= +github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8= +github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= +github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7OputlJIzU= +github.com/DATA-DOG/go-sqlmock v1.5.2/go.mod h1:88MAG/4G7SMwSE3CeA0ZKzrT5CiOU3OJ+JlNzwDqpNU= +github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ= +github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= +github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= +github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= +github.com/Masterminds/semver/v3 v3.2.0/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= +github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0= +github.com/Masterminds/semver/v3 v3.2.1/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= +github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj9n6YA= +github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM= +github.com/Masterminds/squirrel v1.5.4 h1:uUcX/aBc8O7Fg9kaISIUsHXdKuqehiXAMQTYX8afzqM= +github.com/Masterminds/squirrel v1.5.4/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10= +github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= +github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU= +github.com/Microsoft/hcsshim v0.12.3 h1:LS9NXqXhMoqNCplK1ApmVSfB4UnVLRDWRapB6EIlxE0= +github.com/Microsoft/hcsshim v0.12.3/go.mod h1:Iyl1WVpZzr+UkzjekHZbV8o5Z9ZkxNGx6CtY2Qg/JVQ= +github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d h1:UrqY+r/OJnIp5u0s1SbQ8dVfLCZJsnvazdBP5hS4iRs= +github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= +github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= +github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= +github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= +github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= +github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= +github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= +github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= +github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= +github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM= +github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= +github.com/bshuster-repo/logrus-logstash-hook v1.0.0 h1:e+C0SB5R1pu//O4MQ3f9cFuPGoOVeF2fE4Og9otCc70= +github.com/bshuster-repo/logrus-logstash-hook v1.0.0/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= +github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd h1:rFt+Y/IK1aEZkEHchZRSq9OQbsSzIT/OrI8YFFmRIng= +github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= +github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b h1:otBG+dV+YK+Soembjv71DPz3uX/V/6MMlSyD9JBQ6kQ= +github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= +github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0 h1:nvj0OLI3YqYXer/kZD8Ri1aaunCxIEsOst1BVJswV0o= +github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/chai2010/gettext-go v1.0.3 h1:9liNh8t+u26xl5ddmWLmsOsdNLwkdRTg5AG+JnTiM80= +github.com/chai2010/gettext-go v1.0.3/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA= +github.com/containerd/cgroups v1.1.0 h1:v8rEWFl6EoqHB+swVNjVoCJE8o3jX7e8nqBGPLaDFBM= +github.com/containerd/cgroups/v3 v3.0.2 h1:f5WFqIVSgo5IZmtTT3qVBo6TzI1ON6sycSBKkymb9L0= +github.com/containerd/cgroups/v3 v3.0.2/go.mod h1:JUgITrzdFqp42uI2ryGA+ge0ap/nxzYgkGmIcetmErE= +github.com/containerd/containerd v1.7.17 h1:KjNnn0+tAVQHAoaWRjmdak9WlvnFR/8rU1CHHy8Rm2A= +github.com/containerd/containerd v1.7.17/go.mod h1:vK+hhT4TIv2uejlcDlbVIc8+h/BqtKLIyNrtCZol8lI= +github.com/containerd/continuity v0.4.2 h1:v3y/4Yz5jwnvqPKJJ+7Wf93fyWoCB3F5EclWG023MDM= +github.com/containerd/continuity v0.4.2/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ= +github.com/containerd/errdefs v0.1.0 h1:m0wCRBiu1WJT/Fr+iOoQHMQS/eP5myQ8lCv4Dz5ZURM= +github.com/containerd/errdefs v0.1.0/go.mod h1:YgWiiHtLmSeBrvpw+UfPijzbLaB77mEG1WwJTDETIV0= +github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= +github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= +github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= +github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= +github.com/cyphar/filepath-securejoin v0.2.5 h1:6iR5tXJ/e6tJZzzdMc1km3Sa7RRIVBKAK32O2s7AYfo= +github.com/cyphar/filepath-securejoin v0.2.5/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2 h1:aBfCb7iqHmDEIp6fBvC/hQUddQfg+3qdYjwzaiP9Hnc= +github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2/go.mod h1:WHNsWjnIn2V1LYOrME7e8KxSeKunYHsxEm4am0BUtcI= +github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk= +github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= +github.com/docker/cli v26.1.3+incompatible h1:bUpXT/N0kDE3VUHI2r5VMsYQgi38kYuoC0oL9yt3lqc= +github.com/docker/cli v26.1.3+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= +github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/docker v26.1.3+incompatible h1:lLCzRbrVZrljpVNobJu1J2FHk8V0s4BawoZippkc+xo= +github.com/docker/docker v26.1.3+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker-credential-helpers v0.8.1 h1:j/eKUktUltBtMzKqmfLB0PAgqYyMHOp5vfsD1807oKo= +github.com/docker/docker-credential-helpers v0.8.1/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M= +github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c= +github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc= +github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c h1:+pKlWGMw7gf6bQ+oDZB4KHQFypsfjYlq/C4rfL7D3g8= +github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= +github.com/docker/go-metrics v0.0.1 h1:AgB/0SvBxihN0X8OR4SjsblXkbMvalQ8cjmtKQ2rQV8= +github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= +github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1 h1:ZClxb8laGDf5arXfYcAtECDFgAgHklGI8CxgjHnXKJ4= +github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= +github.com/emicklei/go-restful/v3 v3.12.0 h1:y2DdzBAURM29NFF94q6RaY4vjIH1rtwDapwQtU84iWk= +github.com/emicklei/go-restful/v3 v3.12.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/evanphx/json-patch v5.9.0+incompatible h1:fBXyNpNMuTTDdquAq/uisOr2lShz4oaXpDTX2bLe7ls= +github.com/evanphx/json-patch v5.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f h1:Wl78ApPPB2Wvf/TIe2xdyJxTlb6obmF18d8QdkxNDu4= +github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f/go.mod h1:OSYXu++VVOHnXeitef/D8n/6y4QV8uLHSFXX4NeXMGc= +github.com/fatih/color v1.17.0 h1:GlRw1BRJxkpqUCBKzKOw098ed57fEsKeNjpTe3cSjK4= +github.com/fatih/color v1.17.0/go.mod h1:YZ7TlrGPkiz6ku9fK3TLD/pl3CpsiFyu8N92HLgmosI= +github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= +github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= +github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6FI= +github.com/foxcpp/go-mockdns v1.0.0/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4= +github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= +github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= +github.com/go-errors/errors v1.5.1 h1:ZwEMSLRCapFLflTpT7NKaAc7ukJ8ZPEjzlxt8rPN8bk= +github.com/go-errors/errors v1.5.1/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= +github.com/go-gorp/gorp/v3 v3.1.0 h1:ItKF/Vbuj31dmV4jxA1qblpSwkl9g1typ24xoe70IGs= +github.com/go-gorp/gorp/v3 v3.1.0/go.mod h1:dLEjIyyRNiXvNZ8PSmzpt1GsWAUK8kjVhEpjH8TixEw= +github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= +github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= +github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= +github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= +github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= +github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= +github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= +github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= +github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= +github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= +github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y= +github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg= +github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= +github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= +github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= +github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= +github.com/gomodule/redigo v1.8.2 h1:H5XSIre1MB5NbPYFp+i1NBbb5qN1W8Y8YAQoAYbkm8k= +github.com/gomodule/redigo v1.8.2/go.mod h1:P9dn9mFrCBvWhGE1wpxx6fgq7BAeLBk+UUUzlpkBYO0= +github.com/google/btree v1.1.2 h1:xf4v41cLI2Z6FxbKm+8Bu+m8ifhj15JuZ9sa0jZCMUU= +github.com/google/btree v1.1.2/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= +github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= +github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= +github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 h1:k7nVchz72niMH6YLQNvHSdIE7iqsQxK1P41mySCvssg= +github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= +github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= +github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4= +github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q= +github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= +github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ= +github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY= +github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= +github.com/gosuri/uitable v0.0.4 h1:IG2xLKRvErL3uhY6e1BylFzG+aJiwQviDDTfOKeKTpY= +github.com/gosuri/uitable v0.0.4/go.mod h1:tKR86bXuXPZazfOTG1FIzvjIdXzd0mo4Vtn16vt0PJo= +github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJrOjhax5N+uePQ0Fh1Z7PheYoUI/0nzkPA= +github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= +github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= +github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= +github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= +github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= +github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= +github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= +github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU= +github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= +github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= +github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= +github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/jmoiron/sqlx v1.4.0 h1:1PLqN7S1UYp5t4SrVVnt4nUVNemrDAtxlulVe+Qgm3o= +github.com/jmoiron/sqlx v1.4.0/go.mod h1:ZrZ7UsYB/weZdl2Bxg6jCRO9c3YHl8r3ahlKmRT4JLY= +github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= +github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= +github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= +github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= +github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA= +github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= +github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 h1:SOEGU9fKiNWd/HOJuq6+3iTQz8KNCLtVX6idSoTLdUw= +github.com/lann/builder v0.0.0-20180802200727-47ae307949d0/go.mod h1:dXGbAdH5GtBTC4WfIxhKZfyBF/HBFgRZSWwZ9g/He9o= +github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 h1:P6pPBnrTSX3DEVR4fDembhRWSsG5rVo6hYhAB/ADZrk= +github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0/go.mod h1:vmVJ0l/dxyfGW6FmdpVm2joNMFikkuWg0EoCKLGUMNw= +github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= +github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0= +github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= +github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= +github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= +github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U= +github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= +github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU= +github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= +github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= +github.com/miekg/dns v1.1.25 h1:dFwPR6SfLtrSwgDcIq2bcU/gVutB4sNApq2HBdqcakg= +github.com/miekg/dns v1.1.25/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= +github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= +github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= +github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= +github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= +github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= +github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= +github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/mittwald/go-helm-client v0.12.13 h1:TzoHH3NmlUdgy4cbo2tAuGQTcXkUKdORhZSE/Cq72bA= +github.com/mittwald/go-helm-client v0.12.13/go.mod h1:BMoJyfs5n2MTe1RmWjTHuRl7b5wXfe6l7Eik1ZaZ0JU= +github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= +github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= +github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= +github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= +github.com/moby/sys/mountinfo v0.6.2 h1:BzJjoreD5BMFNmD9Rus6gdd1pLuecOFPt8wC+Vygl78= +github.com/moby/sys/mountinfo v0.6.2/go.mod h1:IJb6JQeOklcdMU9F5xQ8ZALD+CUr5VlGpwtX+VE0rpI= +github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0= +github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/2gBQ3RWajuToeY6ZtZTIKv2v7ThUy5KKusIT0yc0= +github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/onsi/ginkgo/v2 v2.17.2 h1:7eMhcy3GimbsA3hEnVKdw/PQM9XN9krpKVXsZdph0/g= +github.com/onsi/ginkgo/v2 v2.17.2/go.mod h1:nP2DPOQoNsQmsVyv5rDA8JkXQoCs6goXIvr/PRJ1eCc= +github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= +github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= +github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= +github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= +github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug= +github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM= +github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= +github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= +github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5 h1:Ii+DKncOVM8Cu1Hc+ETb5K+23HdAMvESYE3ZJ5b5cMI= +github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE= +github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/poy/onpar v1.1.2 h1:QaNrNiZx0+Nar5dLgTVp5mXkyoVFIbepjyEoGSnhbAY= +github.com/poy/onpar v1.1.2/go.mod h1:6X8FLNoxyr9kkmnlqpK6LSoiOtrO6MICtWwEuWkLjzg= +github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= +github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= +github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= +github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE= +github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho= +github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= +github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= +github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= +github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= +github.com/prometheus/common v0.53.0 h1:U2pL9w9nmJwJDa4qqLQ3ZaePJ6ZTwt7cMD3AG3+aLCE= +github.com/prometheus/common v0.53.0/go.mod h1:BrxBKv3FWBIGXw89Mg1AeBq7FSyRzXWI3l3e7W3RN5U= +github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= +github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= +github.com/prometheus/procfs v0.15.0 h1:A82kmvXJq2jTu5YUhSGNlYoxh85zLnKgPz4bMZgI5Ek= +github.com/prometheus/procfs v0.15.0/go.mod h1:Y0RJ/Y5g5wJpkTisOtqwDSo4HwhGmLB4VQSw2sQJLHk= +github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= +github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= +github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= +github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= +github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= +github.com/rubenv/sql-migrate v1.6.1 h1:bo6/sjsan9HaXAsNxYP/jCEDUGibHp8JmOBw7NTGRos= +github.com/rubenv/sql-migrate v1.6.1/go.mod h1:tPzespupJS0jacLfhbwto/UjSX+8h2FdWB7ar+QlHa0= +github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= +github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= +github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= +github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= +github.com/shopspring/decimal v1.4.0 h1:bxl37RwXBklmTi0C79JfXCEBD1cqqHt0bbgBAGFp81k= +github.com/shopspring/decimal v1.4.0/go.mod h1:gawqmDU56v4yIKSwfBSFip1HdCCXN8/+DMd9qYNcwME= +github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= +github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0= +github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= +github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= +github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= +github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= +github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= +github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= +github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ= +github.com/xlab/treeprint v1.2.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43 h1:+lm10QQTNSBd8DVTNGHx7o/IKu9HYDvLMffDhbyLccI= +github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= +github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50 h1:hlE8//ciYMztlGpl/VA+Zm1AcTPHYkHJPbHqE6WJUXE= +github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= +github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f h1:ERexzlUfuTvpE74urLSbIQW0Z/6hF9t8U4NsJLaioAY= +github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= +go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= +go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0 h1:Xs2Ncz0gNihqu9iosIZ5SkBbWo5T8JhhLJFMQL1qmLI= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0/go.mod h1:vy+2G/6NvVMpwGX/NyLqcC41fxepnuKHk16E6IZUcJc= +go.opentelemetry.io/otel v1.26.0 h1:LQwgL5s/1W7YiiRwxf03QGnWLb2HW4pLiAhaA5cZXBs= +go.opentelemetry.io/otel v1.26.0/go.mod h1:UmLkJHUAidDval2EICqBMbnAd0/m2vmpf/dAM+fvFs4= +go.opentelemetry.io/otel/metric v1.26.0 h1:7S39CLuY5Jgg9CrnA9HHiEjGMF/X2VHvoXGgSllRz30= +go.opentelemetry.io/otel/metric v1.26.0/go.mod h1:SY+rHOI4cEawI9a7N1A4nIg/nTQXe1ccCNWYOJUrpX4= +go.opentelemetry.io/otel/trace v1.26.0 h1:1ieeAUb4y0TE26jUFrCIXKpTuVK7uJGN9/Z/2LP5sQA= +go.opentelemetry.io/otel/trace v1.26.0/go.mod h1:4iDxvGDQuUkHve82hJJ8UqrwswHYsZuWCBllGV2U2y0= +go.starlark.net v0.0.0-20240517230649-3792562d0b7f h1:APah0oANPHA7m/z/1Ngcccc+BEO/dmLcEfrzHAQQY6w= +go.starlark.net v0.0.0-20240517230649-3792562d0b7f/go.mod h1:YKMCv9b1WrfWmeqdV5MAuEHWsu5iC+fe6kYl2sQjdI8= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= +go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= +go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= +go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= +go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= +golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= +golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30= +golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= +golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= +golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= +golang.org/x/oauth2 v0.20.0 h1:4mQdhULixXKP1rwYBW0vAijoXnkTG0BLCDRzfe1idMo= +golang.org/x/oauth2 v0.20.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= +golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= +golang.org/x/term v0.22.0 h1:BbsgPEJULsl2fV/AT3v15Mjva5yXKQDyKf+TbDz7QJk= +golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= +golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg= +golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291 h1:AgADTJarZTBqgjiUzRgfaBchgYB3/WFTC80GPwsMcRI= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291/go.mod h1:EfXuqaE1J41VCDicxHzUDm+8rk+7ZdXzHV0IhO/I6s0= +google.golang.org/grpc v1.64.0 h1:KH3VH9y/MgNQg1dE7b3XfVK0GsPSIzJwdF617gUSbvY= +google.golang.org/grpc v1.64.0/go.mod h1:oxjF8E3FBnjp+/gVFYdWacaLDx9na1aqy9oovLpxQYg= +google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg= +google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= +gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o= +gotest.tools/v3 v3.4.0/go.mod h1:CtbdzLSsqVhDgMtKsx03ird5YTGB3ar27v0u/yKBW5g= +helm.sh/helm/v3 v3.15.4 h1:UFHd6oZ1IN3FsUZ7XNhOQDyQ2QYknBNWRHH57e9cbHY= +helm.sh/helm/v3 v3.15.4/go.mod h1:phOwlxqGSgppCY/ysWBNRhG3MtnpsttOzxaTK+Mt40E= +k8s.io/api v0.30.3 h1:ImHwK9DCsPA9uoU3rVh4QHAHHK5dTSv1nxJUapx8hoQ= +k8s.io/api v0.30.3/go.mod h1:GPc8jlzoe5JG3pb0KJCSLX5oAFIW3/qNJITlDj8BH04= +k8s.io/apiextensions-apiserver v0.30.3 h1:oChu5li2vsZHx2IvnGP3ah8Nj3KyqG3kRSaKmijhB9U= +k8s.io/apiextensions-apiserver v0.30.3/go.mod h1:uhXxYDkMAvl6CJw4lrDN4CPbONkF3+XL9cacCT44kV4= +k8s.io/apimachinery v0.30.3 h1:q1laaWCmrszyQuSQCfNB8cFgCuDAoPszKY4ucAjDwHc= +k8s.io/apimachinery v0.30.3/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= +k8s.io/apiserver v0.30.3 h1:QZJndA9k2MjFqpnyYv/PH+9PE0SHhx3hBho4X0vE65g= +k8s.io/apiserver v0.30.3/go.mod h1:6Oa88y1CZqnzetd2JdepO0UXzQX4ZnOekx2/PtEjrOg= +k8s.io/cli-runtime v0.30.3 h1:aG69oRzJuP2Q4o8dm+f5WJIX4ZBEwrvdID0+MXyUY6k= +k8s.io/cli-runtime v0.30.3/go.mod h1:hwrrRdd9P84CXSKzhHxrOivAR9BRnkMt0OeP5mj7X30= +k8s.io/client-go v0.30.3 h1:bHrJu3xQZNXIi8/MoxYtZBBWQQXwy16zqJwloXXfD3k= +k8s.io/client-go v0.30.3/go.mod h1:8d4pf8vYu665/kUbsxWAQ/JDBNWqfFeZnvFiVdmx89U= +k8s.io/component-base v0.30.3 h1:Ci0UqKWf4oiwy8hr1+E3dsnliKnkMLZMVbWzeorlk7s= +k8s.io/component-base v0.30.3/go.mod h1:C1SshT3rGPCuNtBs14RmVD2xW0EhRSeLvBh7AGk1quA= +k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= +k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240430033511-f0e62f92d13f h1:0LQagt0gDpKqvIkAMPaRGcXawNMouPECM1+F9BVxEaM= +k8s.io/kube-openapi v0.0.0-20240430033511-f0e62f92d13f/go.mod h1:S9tOR0FxgyusSNR+MboCuiDpVWkAifZvaYI1Q2ubgro= +k8s.io/kubectl v0.30.3 h1:YIBBvMdTW0xcDpmrOBzcpUVsn+zOgjMYIu7kAq+yqiI= +k8s.io/kubectl v0.30.3/go.mod h1:IcR0I9RN2+zzTRUa1BzZCm4oM0NLOawE6RzlDvd1Fpo= +k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0 h1:jgGTlFYnhF1PM1Ax/lAlxUPE+KfCIXHaathvJg1C3ak= +k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +oras.land/oras-go v1.2.5 h1:XpYuAwAb0DfQsunIyMfeET92emK8km3W4yEzZvUbsTo= +oras.land/oras-go v1.2.5/go.mod h1:PuAwRShRZCsZb7g8Ar3jKKQR/2A/qN+pkYxIOd/FAoo= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= +sigs.k8s.io/kustomize/api v0.17.1 h1:MYJBOP/yQ3/5tp4/sf6HiiMfNNyO97LmtnirH9SLNr4= +sigs.k8s.io/kustomize/api v0.17.1/go.mod h1:ffn5491s2EiNrJSmgqcWGzQUVhc/pB0OKNI0HsT/0tA= +sigs.k8s.io/kustomize/kyaml v0.17.0 h1:G2bWs03V9Ur2PinHLzTUJ8Ded+30SzXZKiO92SRDs3c= +sigs.k8s.io/kustomize/kyaml v0.17.0/go.mod h1:6lxkYF1Cv9Ic8g/N7I86cvxNc5iinUo/P2vKsHNmpyE= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/hack/zstd-dict/main.go b/hack/zstd-dict/main.go new file mode 100644 index 00000000..7bc0651b --- /dev/null +++ b/hack/zstd-dict/main.go @@ -0,0 +1,346 @@ +// Copyright (c) 2024 Sidero Labs, Inc. +// +// Use of this software is governed by the Business Source License +// included in the LICENSE file. + +// Package main provides a tool for training a zstd dictionary for compressing machine configuration YAML files and Kubernetes manifests. +package main + +import ( + "bufio" + "bytes" + _ "embed" + "fmt" + "log" + "math/rand/v2" + "os" + "path/filepath" + "slices" + "text/template" + + "github.com/klauspost/compress/dict" + "github.com/klauspost/compress/zstd" + helmclient "github.com/mittwald/go-helm-client" + "go.uber.org/zap" + "go.uber.org/zap/zapio" + "gopkg.in/yaml.v3" + "helm.sh/helm/v3/pkg/chartutil" + "helm.sh/helm/v3/pkg/repo" +) + +const ( + argoCDChartKubeVersion = "1.31.0" + argoCDChartName = "argo-cd" + argoCDChartNamespace = "default" + argoCDChartReleaseName = "my-argo-cd" + argoCDChartRepo = "https://argoproj.github.io/argo-helm" + argoCDChartRepoName = "argo" + argoCDChartVersion = "7.5.2" + + zstdDictID = 1 + zstdMaxDictSize = 64 << 10 // 64KB +) + +var ( + // machineConfigTemplate is a Go template for generating machine configuration YAML. + // + //go:embed data/machineconfig.tmpl.yaml + machineConfigTemplate string + + // argoCDValues is a Helm values file for Argo CD. + // + //go:embed data/argocd-values.yaml + argoCDValues string +) + +func main() { + if err := train(); err != nil { + log.Fatalf("failed to train dictionary: %v", err) + } +} + +func getDestPath() (string, error) { + cwd, err := os.Getwd() + if err != nil { + return "", err + } + + // assume we are in the hack/zstd-dict directory + dir := filepath.Clean(filepath.Join(cwd, "../../client/pkg/compression/data")) + + if _, err = os.Stat(dir); err != nil { + // assume we are in the project root directory + dir = filepath.Clean(filepath.Join(cwd, "client/pkg/compression/data")) + + if _, err = os.Stat(dir); err != nil { + return "", err + } + } + + return filepath.Join(dir, fmt.Sprintf("config.%d.zdict", zstdDictID)), nil +} + +func train() error { + logger, err := zap.NewDevelopment() + if err != nil { + return err + } + + logWriter := &zapio.Writer{ + Log: logger, + } + + defer logWriter.Close() //nolint:errcheck + + machineConfigInputs, err := generateMachineConfigInputs(64, true) + if err != nil { + return err + } + + machineConfigInputsNoComments, err := generateMachineConfigInputs(64, false) + if err != nil { + return err + } + + // zstd doesn't like input files larger than 128KB, so we split the Argo CD manifests into chunks. + argoCDInputs, err := generateArgoCDManifestInputs(112 << 10) // 112KB + if err != nil { + return err + } + + inputs := slices.Concat(machineConfigInputs, machineConfigInputsNoComments, argoCDInputs) + + if err = saveInputs(inputs); err != nil { + return err + } + + zstdDict, err := dict.BuildZstdDict(inputs, dict.Options{ + ZstdDictID: zstdDictID, + MaxDictSize: zstdMaxDictSize, // 64KB + HashBytes: 8, + ZstdLevel: zstd.SpeedDefault, + }) + if err != nil { + return err + } + + destPath, err := getDestPath() + if err != nil { + return err + } + + if err = os.WriteFile(destPath, zstdDict, 0o644); err != nil { + return err + } + + return nil +} + +// saveInputs saves the input data to the "inputs" directory. +// +// The files in the directory can later be used to train a zstd dictionary via command line, e.g.: +// $ zstd --train -r inputs -o config-via-cli.zdict --dictID 1 --maxdict=64KB +// +// It can be used to compare the output with the one generated by this tool. +func saveInputs(inputs [][]byte) error { + dir := "inputs" + + if err := os.RemoveAll(dir); err != nil { + return err + } + + if err := os.MkdirAll(dir, 0o755); err != nil { + return err + } + + for i, data := range inputs { + fileName := fmt.Sprintf("input-%d.yaml", i) + + if err := os.WriteFile(filepath.Join(dir, fileName), data, 0o644); err != nil { + return err + } + } + + return nil +} + +func generateArgoCDManifestInputs(maxSizeBytes int) ([][]byte, error) { + helmClient, err := helmclient.New(&helmclient.Options{}) + if err != nil { + return nil, err + } + + if err = helmClient.AddOrUpdateChartRepo(repo.Entry{ + Name: argoCDChartRepoName, + URL: argoCDChartRepo, + }); err != nil { + return nil, err + } + + kubeVersion, err := chartutil.ParseKubeVersion(argoCDChartKubeVersion) + if err != nil { + return nil, err + } + + argoCDManifests, err := helmClient.TemplateChart( + &helmclient.ChartSpec{ + ReleaseName: argoCDChartReleaseName, + ChartName: argoCDChartRepoName + "/" + argoCDChartName, + Namespace: argoCDChartNamespace, + ValuesYaml: argoCDValues, + Version: argoCDChartVersion, + }, &helmclient.HelmTemplateOptions{ + KubeVersion: kubeVersion, + APIVersions: chartutil.DefaultVersionSet, + }) + if err != nil { + return nil, err + } + + // split the manifests into chunks + + var result [][]byte + + scanner := bufio.NewScanner(bytes.NewReader(argoCDManifests)) + + var buf bytes.Buffer + + for scanner.Scan() { + line := scanner.Text() + buf.WriteString(line) + buf.WriteString("\n") + + if buf.Len() > maxSizeBytes { + result = append(result, slices.Clone(buf.Bytes())) + + buf.Reset() + } + } + + if buf.Len() > 0 { + result = append(result, slices.Clone(buf.Bytes())) + } + + return result, nil +} + +func generateMachineConfigInputs(num int, includeComments bool) ([][]byte, error) { + inputs := make([][]byte, 0, num) + + for range num { + data, err := randomMachineConfig() + if err != nil { + return nil, err + } + + if !includeComments { + data, err = removeYAMLComments(data) + if err != nil { + return nil, err + } + } + + inputs = append(inputs, data) + } + + return inputs, nil +} + +func removeYAMLComments(data []byte) ([]byte, error) { + var m map[string]any + + if err := yaml.Unmarshal(data, &m); err != nil { + return nil, err + } + + return yaml.Marshal(&m) +} + +func randomMachineConfig() ([]byte, error) { + opts := randomTemplateOptions() + + tmpl, err := template.New("machineconfig").Parse(machineConfigTemplate) + if err != nil { + return nil, err + } + + var buf bytes.Buffer + + if err = tmpl.Execute(&buf, opts); err != nil { + return nil, err + } + + return buf.Bytes(), nil +} + +type templateOptions struct { + MachineType string // controlplane or worker + MachineToken string // example: 4llcpr.xfg2q2s0lshj2t40 + MachineCaCrt string // example: LS0tLS1CRUdJTiBDRVJUSU... + Domain string // example: omni.omni-local.utkuozdemir.org + Installer string // installer or installer-secureboot + SchematicID string // example: 376567988ad370138ad8b2698212367b8edcb69b5fd68c80be1f2ec7d603b4ba + ClusterID string // example: gzlckavg-OUDujIaLx5PFDw17C4WrT9JL-_yjYoo1SY= + ClusterSecret string // example: w5oJWDpnnju9CDA+BQY2jVKjhkVMmqU/oAa3S2Zj+OI= + ClusterToken string // example: o1s1dd.mhwu1453qbgoedgy + ClusterCaCrt string // example: LS0tLS1CRUdJTiBDR... + JoinToken string // example: w7uVuW3zaaaaaaaaacyetAHeYMeo5q2L9RvkAVfCfSCD +} + +func randomTemplateOptions() templateOptions { + return templateOptions{ + MachineType: randomMachineType(), + MachineToken: randomString(32), + MachineCaCrt: randomString(1024), + Domain: randomDomain(), + Installer: randomInstaller(), + SchematicID: randomString(64), + ClusterID: randomString(64), + ClusterSecret: randomString(64), + ClusterToken: randomString(32), + ClusterCaCrt: randomString(1024), + JoinToken: randomString(64), + } +} + +func randomString(n int) string { + const letters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.=+/-_" + + b := make([]byte, n) + + for i := range b { + b[i] = letters[rand.IntN(len(letters))] + } + + return string(b) +} + +var ( + tlds = []string{ + "com", + "org", + "net", + "de", + "ru", + } + machineTypes = []string{ + "controlplane", + "worker", + } + installers = []string{ + "installer", + "installer-secureboot", + } +) + +func randomDomain() string { + return randomString(32) + "." + tlds[rand.IntN(len(tlds))] +} + +func randomMachineType() string { + return machineTypes[rand.IntN(len(machineTypes))] +} + +func randomInstaller() string { + return installers[rand.IntN(len(installers))] +} diff --git a/internal/backend/grpc/grpc_test.go b/internal/backend/grpc/grpc_test.go index 0d98ccde..64bbab32 100644 --- a/internal/backend/grpc/grpc_test.go +++ b/internal/backend/grpc/grpc_test.go @@ -6,13 +6,13 @@ package grpc_test import ( + "bytes" "context" "encoding/json" "errors" "fmt" "net" "path/filepath" - "strings" "testing" "time" @@ -157,8 +157,9 @@ func (suite *GrpcSuite) TestCreateDenied() { func (suite *GrpcSuite) TestCrud() { client := resapi.NewResourceServiceClient(suite.conn) - resourceSpec := &specs.ConfigPatchSpec{ - Data: strings.TrimSpace(` + resourceSpec := &specs.ConfigPatchSpec{} + + err := resourceSpec.SetUncompressedData(bytes.TrimSpace([]byte(` { "machine": { "env": { @@ -166,8 +167,8 @@ func (suite *GrpcSuite) TestCrud() { } } } -`), - } +`))) + suite.Require().NoError(err) rawSpec, err := runtime.MarshalJSON(resourceSpec) suite.Assert().NoError(err) @@ -198,9 +199,10 @@ func (suite *GrpcSuite) TestCrud() { suite.Require().True(proto.Equal(res.TypedSpec().Value, resourceSpec)) - resourceSpec = &specs.ConfigPatchSpec{ - Data: "machine: {}", - } + resourceSpec = &specs.ConfigPatchSpec{} + + err = resourceSpec.SetUncompressedData([]byte("machine: {}")) + suite.Require().NoError(err) rawSpec, err = runtime.MarshalJSON(resourceSpec) suite.Assert().NoError(err) @@ -219,6 +221,13 @@ func (suite *GrpcSuite) TestCrud() { suite.Require().True(proto.Equal(res.TypedSpec().Value, resourceSpec)) + buffer, bufferErr := resourceSpec.GetUncompressedData() + suite.Require().NoError(bufferErr) + + defer buffer.Free() + + patchData := string(buffer.Data()) + err = retry.Constant(time.Second, retry.WithUnits(time.Millisecond*50)).RetryWithContext(ctx, func(ctx context.Context) error { items, e := client.List(ctx, &resapi.ListRequest{ Namespace: resources.DefaultNamespace, @@ -241,8 +250,8 @@ func (suite *GrpcSuite) TestCrud() { return e } - if resourceSpec.Data != data.Spec.Data { - return retry.ExpectedErrorf("%s != %s", resourceSpec.Data, data.Spec.Data) + if patchData != data.Spec.Data { + return retry.ExpectedErrorf("%s != %s", patchData, data.Spec.Data) } } diff --git a/internal/backend/grpc/management.go b/internal/backend/grpc/management.go index 3ad6e985..9233f994 100644 --- a/internal/backend/grpc/management.go +++ b/internal/backend/grpc/management.go @@ -262,7 +262,7 @@ func (s *managementServer) ValidateConfig(ctx context.Context, request *manageme return nil, err } - if err := omnires.ValidateConfigPatch(request.Config); err != nil { + if err := omnires.ValidateConfigPatch([]byte(request.Config)); err != nil { return nil, status.Error(codes.InvalidArgument, err.Error()) } diff --git a/internal/backend/resourcelogger/resourcelogger_test.go b/internal/backend/resourcelogger/resourcelogger_test.go index deee9496..2a53cbad 100644 --- a/internal/backend/resourcelogger/resourcelogger_test.go +++ b/internal/backend/resourcelogger/resourcelogger_test.go @@ -86,7 +86,9 @@ func TestResourceLogger(t *testing.T) { }, } cbs.TypedSpec().Value.Bootstrapped = false - cp.TypedSpec().Value.Data = "some data" + + err = cp.TypedSpec().Value.SetUncompressedData([]byte("some data")) + require.NoError(t, err) require.NoError(t, st.Create(ctx, machineStatus)) require.NoError(t, st.Create(ctx, cbs)) @@ -96,7 +98,9 @@ func TestResourceLogger(t *testing.T) { machineStatus.TypedSpec().Value.ManagementAddress = "some-address-updated" machineStatus.TypedSpec().Value.Network.Domainname = "ccc" cbs.TypedSpec().Value.Bootstrapped = true - cp.TypedSpec().Value.Data = "some data updated" + + err = cp.TypedSpec().Value.SetUncompressedData([]byte("some data updated")) + require.NoError(t, err) // Wait for a bit more than a second to ensure that the value of the `updated:` field in the diff // will be changed on the .Update calls (since those fields are formatted to the second-precision). diff --git a/internal/backend/runtime/omni/audit/hooks/hooks.go b/internal/backend/runtime/omni/audit/hooks/hooks.go index 12bc256d..2a46d9aa 100644 --- a/internal/backend/runtime/omni/audit/hooks/hooks.go +++ b/internal/backend/runtime/omni/audit/hooks/hooks.go @@ -368,7 +368,15 @@ func handleConfigPatch(data *audit.Data, res *omni.ConfigPatch) error { data.ConfigPatch.ID = res.Metadata().ID() data.ConfigPatch.Labels = maps.Clone(res.Metadata().Labels().Raw()) - data.ConfigPatch.Data = res.TypedSpec().Value.GetData() + + buffer, err := res.TypedSpec().Value.GetUncompressedData() + if err != nil { + return err + } + + defer buffer.Free() + + data.ConfigPatch.Data = string(buffer.Data()) return nil } diff --git a/internal/backend/runtime/omni/controllers/omni/cluster_machine_config.go b/internal/backend/runtime/omni/controllers/omni/cluster_machine_config.go index f1bf3c98..58a22ae4 100644 --- a/internal/backend/runtime/omni/controllers/omni/cluster_machine_config.go +++ b/internal/backend/runtime/omni/controllers/omni/cluster_machine_config.go @@ -239,7 +239,7 @@ func reconcileClusterMachineConfig( var helper clusterMachineConfigControllerHelper - machineConfig.TypedSpec().Value.Data, err = helper.generateConfig(clusterMachine, clusterMachineConfigPatches, secrets, loadBalancerConfig, + data, err := helper.generateConfig(clusterMachine, clusterMachineConfigPatches, secrets, loadBalancerConfig, cluster, clusterConfigVersion, machineConfigGenOptions, defaultGenOptions, connectionParams, eventSinkPort) if err != nil { machineConfig.TypedSpec().Value.GenerationError = err.Error() @@ -247,6 +247,10 @@ func reconcileClusterMachineConfig( return nil //nolint:nilerr } + if err = machineConfig.TypedSpec().Value.SetUncompressedData(data); err != nil { + return err + } + machineConfig.TypedSpec().Value.ClusterMachineVersion = clusterMachine.Metadata().Version().String() machineConfig.TypedSpec().Value.GenerationError = "" @@ -333,7 +337,10 @@ func (clusterMachineConfigControllerHelper) generateConfig(clusterMachine *omni. return nil, err } - patchList := clusterMachineConfigPatches.TypedSpec().Value.Patches + patchList, err := clusterMachineConfigPatches.TypedSpec().Value.GetUncompressedPatches() + if err != nil { + return nil, err + } if quirks.New(talosVersion).SupportsMultidoc() { var siderolinkConfig []byte diff --git a/internal/backend/runtime/omni/controllers/omni/cluster_machine_config_status.go b/internal/backend/runtime/omni/controllers/omni/cluster_machine_config_status.go index d57765e7..be0ad32f 100644 --- a/internal/backend/runtime/omni/controllers/omni/cluster_machine_config_status.go +++ b/internal/backend/runtime/omni/controllers/omni/cluster_machine_config_status.go @@ -54,7 +54,7 @@ type ClusterMachineConfigStatusController = qtransform.QController[*omni.Cluster // NewClusterMachineConfigStatusController initializes ClusterMachineConfigStatusController. // -//nolint:gocognit,gocyclo,cyclop +//nolint:gocognit,gocyclo,cyclop,maintidx func NewClusterMachineConfigStatusController() *ClusterMachineConfigStatusController { ongoingResets := &ongoingResets{ statuses: map[string]*resetStatus{}, @@ -159,7 +159,14 @@ func NewClusterMachineConfigStatusController() *ClusterMachineConfigStatusContro } } - shaSum := sha256.Sum256(machineConfig.TypedSpec().Value.Data) + buffer, err := machineConfig.TypedSpec().Value.GetUncompressedData() + if err != nil { + return err + } + + defer buffer.Free() + + shaSum := sha256.Sum256(buffer.Data()) shaSumString := hex.EncodeToString(shaSum[:]) if configStatus.TypedSpec().Value.ClusterMachineConfigSha256 == shaSumString { @@ -463,8 +470,15 @@ func (h *clusterMachineConfigStatusControllerHandler) applyConfig(inputCtx conte ctx, applyCancel := context.WithTimeout(inputCtx, time.Minute) defer applyCancel() + data, err := machineConfig.TypedSpec().Value.GetUncompressedData() + if err != nil { + return err + } + + defer data.Free() + resp, err := c.ApplyConfiguration(ctx, &machineapi.ApplyConfigurationRequest{ - Data: machineConfig.TypedSpec().Value.Data, + Data: data.Data(), Mode: machineapi.ApplyConfigurationRequest_AUTO, }) if err != nil { diff --git a/internal/backend/runtime/omni/controllers/omni/cluster_machine_config_test.go b/internal/backend/runtime/omni/controllers/omni/cluster_machine_config_test.go index d4626faf..3f07ac2a 100644 --- a/internal/backend/runtime/omni/controllers/omni/cluster_machine_config_test.go +++ b/internal/backend/runtime/omni/controllers/omni/cluster_machine_config_test.go @@ -12,7 +12,6 @@ import ( "github.com/cosi-project/runtime/pkg/safe" "github.com/siderolabs/go-retry/retry" - "github.com/siderolabs/talos/pkg/machinery/config" "github.com/siderolabs/talos/pkg/machinery/config/configloader" "github.com/siderolabs/talos/pkg/machinery/config/machine" "github.com/stretchr/testify/assert" @@ -51,11 +50,14 @@ func (suite *ClusterMachineConfigSuite) TestReconcile() { _, err := safe.StateUpdateWithConflicts(suite.ctx, suite.state, omni.NewClusterMachineConfigPatches(resources.DefaultNamespace, machines[0].Metadata().ID()).Metadata(), func(config *omni.ClusterMachineConfigPatches) error { - config.TypedSpec().Value.Patches = append(config.TypedSpec().Value.Patches, `machine: + patches, err := config.TypedSpec().Value.GetUncompressedPatches() + suite.Require().NoError(err) + + patches = append(patches, `machine: network: hostname: patched-node`) - return nil + return config.TypedSpec().Value.SetUncompressedPatches(patches) }, ) @@ -66,10 +68,15 @@ func (suite *ClusterMachineConfigSuite) TestReconcile() { &suite.OmniSuite, *omni.NewClusterMachineConfig(resources.DefaultNamespace, m.Metadata().ID()).Metadata(), func(cfg *omni.ClusterMachineConfig, assertions *assert.Assertions) { - var machineconfig config.Provider + buffer, bufferErr := cfg.TypedSpec().Value.GetUncompressedData() + suite.Require().NoError(bufferErr) + + defer buffer.Free() + + configData := buffer.Data() - machineconfig, err = configloader.NewFromBytes(cfg.TypedSpec().Value.Data) - suite.Require().NoError(err) + machineconfig, mcErr := configloader.NewFromBytes(configData) + suite.Require().NoError(mcErr) expectedType := machine.TypeWorker if _, ok := m.Metadata().Labels().Get(omni.LabelControlPlaneRole); ok { @@ -102,11 +109,14 @@ func (suite *ClusterMachineConfigSuite) TestReconcile() { _, err = safe.StateUpdateWithConflicts(suite.ctx, suite.state, omni.NewClusterMachineConfigPatches(resources.DefaultNamespace, machines[0].Metadata().ID()).Metadata(), func(config *omni.ClusterMachineConfigPatches) error { - config.TypedSpec().Value.Patches = append(config.TypedSpec().Value.Patches, `machine: + patches, patchesErr := config.TypedSpec().Value.GetUncompressedPatches() + suite.Require().NoError(patchesErr) + + patches = append(patches, `machine: install: image: `+newImage) - return nil + return config.TypedSpec().Value.SetUncompressedPatches(patches) }, ) @@ -118,10 +128,15 @@ func (suite *ClusterMachineConfigSuite) TestReconcile() { func(res *omni.ClusterMachineConfig, assertions *assert.Assertions) { spec := res.TypedSpec().Value - var machineconfig config.Provider + buffer, bufferErr := spec.GetUncompressedData() + suite.Require().NoError(bufferErr) - machineconfig, err = configloader.NewFromBytes(spec.Data) - suite.Require().NoError(err) + defer buffer.Free() + + configData := buffer.Data() + + machineconfig, configErr := configloader.NewFromBytes(configData) + suite.Require().NoError(configErr) assertions.Equal(newImage, machineconfig.Machine().Install().Image()) }, @@ -157,13 +172,16 @@ func (suite *ClusterMachineConfigSuite) TestGenerationError() { _, err := safe.StateUpdateWithConflicts(suite.ctx, suite.state, omni.NewClusterMachineConfigPatches(resources.DefaultNamespace, machines[0].Metadata().ID()).Metadata(), func(config *omni.ClusterMachineConfigPatches) error { - config.TypedSpec().Value.Patches = append(config.TypedSpec().Value.Patches, `machine: + patches, err := config.TypedSpec().Value.GetUncompressedPatches() + suite.Require().NoError(err) + + patches = append(patches, `machine: network: interfaces: - interface: eth42 bridge: invalidValueType`) - return nil + return config.TypedSpec().Value.SetUncompressedPatches(patches) }, ) @@ -174,7 +192,15 @@ func (suite *ClusterMachineConfigSuite) TestGenerationError() { *omni.NewClusterMachineConfig(resources.DefaultNamespace, machines[0].Metadata().ID()).Metadata(), func(cfg *omni.ClusterMachineConfig, assert *assert.Assertions) { expectedError := "yaml: unmarshal errors" - assert.Contains(cfg.TypedSpec().Value.GenerationError, expectedError, string(cfg.TypedSpec().Value.GetData())) + + buffer, bufferErr := cfg.TypedSpec().Value.GetUncompressedData() + suite.Require().NoError(bufferErr) + + defer buffer.Free() + + data := buffer.Data() + + assert.Contains(cfg.TypedSpec().Value.GenerationError, expectedError, string(data)) assert.Empty(cfg.TypedSpec().Value.ClusterMachineVersion) }, ) diff --git a/internal/backend/runtime/omni/controllers/omni/cluster_machine_encryption.go b/internal/backend/runtime/omni/controllers/omni/cluster_machine_encryption.go index db1dbc71..1232c18a 100644 --- a/internal/backend/runtime/omni/controllers/omni/cluster_machine_encryption.go +++ b/internal/backend/runtime/omni/controllers/omni/cluster_machine_encryption.go @@ -100,7 +100,7 @@ func (ctrl *ClusterMachineEncryptionController) Run(ctx context.Context, r contr return err } - data := buffer.String() + data := buffer.Bytes() err = clusters.ForEachErr(func(cluster *omni.Cluster) error { if !omni.GetEncryptionEnabled(cluster) { @@ -114,7 +114,10 @@ func (ctrl *ClusterMachineEncryptionController) Run(ctx context.Context, r contr ) return safe.WriterModify[*omni.ConfigPatch](ctx, r, patch, func(r *omni.ConfigPatch) error { - r.TypedSpec().Value.Data = data + if err = r.TypedSpec().Value.SetUncompressedData(data); err != nil { + return err + } + r.Metadata().Annotations().Set(omni.ConfigPatchName, constants.EncryptionConfigName) r.Metadata().Annotations().Set(omni.ConfigPatchDescription, constants.EncryptionConfigDescription) r.Metadata().Labels().Set(omni.LabelCluster, clusterName) diff --git a/internal/backend/runtime/omni/controllers/omni/cluster_workload_proxy.go b/internal/backend/runtime/omni/controllers/omni/cluster_workload_proxy.go index 2cc74c24..b04443b9 100644 --- a/internal/backend/runtime/omni/controllers/omni/cluster_workload_proxy.go +++ b/internal/backend/runtime/omni/controllers/omni/cluster_workload_proxy.go @@ -6,10 +6,10 @@ package omni import ( + "bytes" "context" _ "embed" "fmt" - "strings" "text/template" "github.com/cosi-project/runtime/pkg/controller" @@ -27,7 +27,7 @@ var kubeServiceExposerConfigPatchTemplate string // ClusterWorkloadProxyController is a controller that manages cluster workload proxy setting. type ClusterWorkloadProxyController struct { - configPatchData string + configPatchData []byte } // Name returns the name of the controller. @@ -98,9 +98,7 @@ func (ctrl *ClusterWorkloadProxyController) Run(ctx context.Context, r controlle patch.Metadata().Labels().Set(omni.LabelCluster, cluster.Metadata().ID()) patch.Metadata().Labels().Set(omni.LabelSystemPatch, "") - patch.TypedSpec().Value.Data = configPatchData - - return nil + return patch.TypedSpec().Value.SetUncompressedData(configPatchData) }); modifyErr != nil { errs = multierror.Append(errs, fmt.Errorf("failed to modify config patch: %w", modifyErr)) } @@ -120,14 +118,14 @@ func (ctrl *ClusterWorkloadProxyController) Run(ctx context.Context, r controlle } } -func (ctrl *ClusterWorkloadProxyController) getConfigPatchData() (string, error) { - if ctrl.configPatchData != "" { +func (ctrl *ClusterWorkloadProxyController) getConfigPatchData() ([]byte, error) { + if len(ctrl.configPatchData) > 0 { return ctrl.configPatchData, nil } tmpl, err := template.New("kube-service-exposer-config-patch").Parse(kubeServiceExposerConfigPatchTemplate) if err != nil { - return "", fmt.Errorf("failed to parse template: %w", err) + return nil, fmt.Errorf("failed to parse template: %w", err) } type tmplOptions struct { @@ -138,13 +136,13 @@ func (ctrl *ClusterWorkloadProxyController) getConfigPatchData() (string, error) AnnotationKey: ServicePortAnnotationKey, } - var sb strings.Builder + var buf bytes.Buffer - if err = tmpl.Execute(&sb, opts); err != nil { - return "", fmt.Errorf("failed to execute template: %w", err) + if err = tmpl.Execute(&buf, opts); err != nil { + return nil, fmt.Errorf("failed to execute template: %w", err) } - ctrl.configPatchData = sb.String() + ctrl.configPatchData = buf.Bytes() return ctrl.configPatchData, nil } diff --git a/internal/backend/runtime/omni/controllers/omni/cluster_workload_proxy_test.go b/internal/backend/runtime/omni/controllers/omni/cluster_workload_proxy_test.go index f3ac2e11..cbfcc635 100644 --- a/internal/backend/runtime/omni/controllers/omni/cluster_workload_proxy_test.go +++ b/internal/backend/runtime/omni/controllers/omni/cluster_workload_proxy_test.go @@ -41,7 +41,14 @@ func (suite *ClusterWorkloadProxySuite) TestReconcile() { configPatch := omni.NewConfigPatch(resources.DefaultNamespace, configPatchID) assertResource(&suite.OmniSuite, configPatch.Metadata(), func(res *omni.ConfigPatch, assertion *assert.Assertions) { - assertion.Contains(res.TypedSpec().Value.Data, "omni-kube-service-exposer") + buffer, err := res.TypedSpec().Value.GetUncompressedData() + assertion.NoError(err) + + defer buffer.Free() + + data := string(buffer.Data()) + + assertion.Contains(data, "omni-kube-service-exposer") }) cluster.TypedSpec().Value.GetFeatures().EnableWorkloadProxy = false diff --git a/internal/backend/runtime/omni/controllers/omni/discovery_service_config_patch.go b/internal/backend/runtime/omni/controllers/omni/discovery_service_config_patch.go index 72ea32e4..8eb3db91 100644 --- a/internal/backend/runtime/omni/controllers/omni/discovery_service_config_patch.go +++ b/internal/backend/runtime/omni/controllers/omni/discovery_service_config_patch.go @@ -6,6 +6,7 @@ package omni import ( + "bytes" "context" "fmt" "net" @@ -34,10 +35,10 @@ type DiscoveryServiceConfigPatchController = qtransform.QController[*omni.Cluste // NewDiscoveryServiceConfigPatchController initializes DiscoveryServiceConfigPatchController. func NewDiscoveryServiceConfigPatchController(embeddedDiscoveryServicePort int) *DiscoveryServiceConfigPatchController { - getPatch := sync.OnceValues(func() (string, error) { - var sb strings.Builder + getPatch := sync.OnceValues(func() ([]byte, error) { + var buf bytes.Buffer - encoder := yaml.NewEncoder(&sb) + encoder := yaml.NewEncoder(&buf) encoder.SetIndent(2) @@ -52,10 +53,10 @@ func NewDiscoveryServiceConfigPatchController(embeddedDiscoveryServicePort int) }, }, }); err != nil { - return "", fmt.Errorf("failed to encode patch: %w", err) + return nil, fmt.Errorf("failed to encode patch: %w", err) } - return sb.String(), nil + return buf.Bytes(), nil }) return qtransform.NewQController( @@ -83,9 +84,7 @@ func NewDiscoveryServiceConfigPatchController(embeddedDiscoveryServicePort int) return err } - configPatch.TypedSpec().Value.Data = patchYAML - - return nil + return configPatch.TypedSpec().Value.SetUncompressedData(patchYAML) }, }, qtransform.WithConcurrency(2), diff --git a/internal/backend/runtime/omni/controllers/omni/discovery_service_config_patch_test.go b/internal/backend/runtime/omni/controllers/omni/discovery_service_config_patch_test.go index 97129bdf..f9612915 100644 --- a/internal/backend/runtime/omni/controllers/omni/discovery_service_config_patch_test.go +++ b/internal/backend/runtime/omni/controllers/omni/discovery_service_config_patch_test.go @@ -42,7 +42,14 @@ func (suite *DiscoveryServiceConfigPatchSuite) TestReconcile() { // assert that the new clusterStatus is marked to use the embedded discovery service rtestutils.AssertResource[*omni.ConfigPatch](suite.ctx, suite.T(), suite.state, patchID, func(r *omni.ConfigPatch, assertion *assert.Assertions) { - assertion.Contains(r.TypedSpec().Value.Data, "http://"+net.JoinHostPort(siderolink.ListenHost, strconv.Itoa(port))) + buffer, err := r.TypedSpec().Value.GetUncompressedData() + assertion.NoError(err) + + defer buffer.Free() + + data := string(buffer.Data()) + + assertion.Contains(data, "http://"+net.JoinHostPort(siderolink.ListenHost, strconv.Itoa(port))) }) _, err := safe.StateUpdateWithConflicts[*omni.ClusterStatus](suite.ctx, suite.state, clusterStatus.Metadata(), func(res *omni.ClusterStatus) error { diff --git a/internal/backend/runtime/omni/controllers/omni/internal/machineset/operations.go b/internal/backend/runtime/omni/controllers/omni/internal/machineset/operations.go index 2714099f..26e8d105 100644 --- a/internal/backend/runtime/omni/controllers/omni/internal/machineset/operations.go +++ b/internal/backend/runtime/omni/controllers/omni/internal/machineset/operations.go @@ -6,9 +6,9 @@ package machineset import ( + "bytes" "context" "fmt" - "strings" "github.com/cosi-project/runtime/pkg/controller" "github.com/cosi-project/runtime/pkg/resource" @@ -16,6 +16,7 @@ import ( "github.com/cosi-project/runtime/pkg/state" "go.uber.org/zap" + "github.com/siderolabs/omni/client/api/omni/specs" "github.com/siderolabs/omni/client/pkg/omni/resources" "github.com/siderolabs/omni/client/pkg/omni/resources/omni" "github.com/siderolabs/omni/internal/backend/runtime/omni/controllers/helpers" @@ -47,7 +48,10 @@ func (c *Create) Apply(ctx context.Context, r controller.ReaderWriter, logger *z clusterMachineConfigPatches.Metadata().Labels().Set(omni.LabelMachineSet, machineSet.Metadata().ID()) helpers.UpdateInputsVersions(clusterMachine, configPatches...) - setPatches(clusterMachineConfigPatches, configPatches) + + if err := setPatches(clusterMachineConfigPatches, configPatches); err != nil { + return err + } var err error @@ -129,9 +133,7 @@ func (u *Update) Apply(ctx context.Context, r controller.ReaderWriter, logger *z // update ClusterMachineConfigPatches resource with the list of matching patches for the machine err := safe.WriterModify(ctx, r, omni.NewClusterMachineConfigPatches(resources.DefaultNamespace, u.ID), func(clusterMachineConfigPatches *omni.ClusterMachineConfigPatches) error { - setPatches(clusterMachineConfigPatches, configPatches) - - return nil + return setPatches(clusterMachineConfigPatches, configPatches) }, ) if err != nil { @@ -205,16 +207,97 @@ func (d *Destroy) Apply(ctx context.Context, r controller.ReaderWriter, logger * return nil } -func setPatches(clusterMachineConfigPatches *omni.ClusterMachineConfigPatches, patches []*omni.ConfigPatch) { - patchesRaw := make([]string, 0, len(patches)) +//nolint:staticcheck // we are ok with using the deprecated method here +func setPatches(clusterMachineConfigPatches *omni.ClusterMachineConfigPatches, patches []*omni.ConfigPatch) error { + // clear the patch fields + clusterMachineConfigPatches.TypedSpec().Value.Patches = nil + clusterMachineConfigPatches.TypedSpec().Value.CompressedPatches = nil + + if specs.GetCompressionConfig().Enabled { + return setPatchesCompress(clusterMachineConfigPatches, patches) + } + + return setPatchesNoCompress(clusterMachineConfigPatches, patches) +} + +//nolint:staticcheck // we are ok with using the deprecated method here +func setPatchesCompress(res *omni.ClusterMachineConfigPatches, patches []*omni.ConfigPatch) error { + for _, patch := range patches { + compressedSize := len(patch.TypedSpec().Value.CompressedData) + + if compressedSize == 0 { // patch is not compressed, compress and then append it + if isEmptyPatch(patch) { + continue + } + + buffer, err := patch.TypedSpec().Value.GetUncompressedData() + if err != nil { + return err + } + + if err = patch.TypedSpec().Value.SetUncompressedData(buffer.Data()); err != nil { + return err + } + + res.TypedSpec().Value.CompressedPatches = append(res.TypedSpec().Value.CompressedPatches, patch.TypedSpec().Value.CompressedData) + + buffer.Free() // we can already free the buffer, as we already read and compressed it + + continue + } + + // patch is compressed, append it directly + + if compressedSize < 1024 { // this is a small patch, decompress to check if it's all whitespace + if isEmptyPatch(patch) { + continue + } + } + + // append the patch + res.TypedSpec().Value.CompressedPatches = append(res.TypedSpec().Value.CompressedPatches, patch.TypedSpec().Value.CompressedData) + } + + return nil +} +//nolint:staticcheck // we are ok with using the deprecated method here +func setPatchesNoCompress(res *omni.ClusterMachineConfigPatches, patches []*omni.ConfigPatch) error { for _, patch := range patches { - data := patch.TypedSpec().Value.Data + compressedSize := len(patch.TypedSpec().Value.CompressedData) + + if compressedSize == 0 { // not compressed, append the patch + if isEmptyPatch(patch) { + continue + } + + res.TypedSpec().Value.Patches = append(res.TypedSpec().Value.Patches, patch.TypedSpec().Value.Data) - if strings.TrimSpace(data) != "" { - patchesRaw = append(patchesRaw, data) + continue } + + // compressed, decompress and append the patch + + buffer, err := patch.TypedSpec().Value.GetUncompressedData() + if err != nil { + return err + } + + res.TypedSpec().Value.Patches = append(res.TypedSpec().Value.Patches, string(buffer.Data())) + + buffer.Free() // we can already free the buffer, as we converted its bytes to a string + } + + return nil +} + +func isEmptyPatch(patch *omni.ConfigPatch) bool { + buffer, err := patch.TypedSpec().Value.GetUncompressedData() + if err != nil { + return false } - clusterMachineConfigPatches.TypedSpec().Value.Patches = patchesRaw + defer buffer.Free() + + return len(bytes.TrimSpace(buffer.Data())) == 0 } diff --git a/internal/backend/runtime/omni/controllers/omni/internal/machineset/operations_test.go b/internal/backend/runtime/omni/controllers/omni/internal/machineset/operations_test.go index a2e2a99c..337267e7 100644 --- a/internal/backend/runtime/omni/controllers/omni/internal/machineset/operations_test.go +++ b/internal/backend/runtime/omni/controllers/omni/internal/machineset/operations_test.go @@ -94,10 +94,12 @@ func TestCreate(t *testing.T) { ctx := context.Background() patch := omni.NewConfigPatch(resources.DefaultNamespace, "some") - patch.TypedSpec().Value.Data = `machine: + + err := patch.TypedSpec().Value.SetUncompressedData([]byte(`machine: network: kubespan: - enabled: true` + enabled: true`)) + require.NoError(err) rc, err := machineset.NewReconciliationContext( cluster, @@ -143,7 +145,10 @@ func TestCreate(t *testing.T) { require.NoError(err) - require.NotEmpty(clusterMachineConfigPatches.TypedSpec().Value.Patches) + patches, err := clusterMachineConfigPatches.TypedSpec().Value.GetUncompressedPatches() + require.NoError(err) + + require.NotEmpty(patches) } // TestUpdate run update 4 times: @@ -171,15 +176,19 @@ func TestUpdate(t *testing.T) { ctx := context.Background() patch1 := omni.NewConfigPatch(resources.DefaultNamespace, "some") - patch1.TypedSpec().Value.Data = `machine: + + err := patch1.TypedSpec().Value.SetUncompressedData([]byte(`machine: network: kubespan: - enabled: true` + enabled: true`)) + require.NoError(err) patch2 := omni.NewConfigPatch(resources.DefaultNamespace, "some") - patch2.TypedSpec().Value.Data = `machine: + + err = patch2.TypedSpec().Value.SetUncompressedData([]byte(`machine: network: - hostname: some` + hostname: some`)) + require.NoError(err) patchHelper := &fakePatchHelper{ patches: map[string][]*omni.ConfigPatch{ @@ -195,10 +204,7 @@ func TestUpdate(t *testing.T) { configStatus := omni.NewClusterMachineConfigStatus(resources.DefaultNamespace, "aa") configStatus.TypedSpec().Value.ClusterMachineVersion = clusterMachine.Metadata().Version().String() - var ( - rc *machineset.ReconciliationContext - err error - ) + var rc *machineset.ReconciliationContext updateReconciliationContext := func() { rc, err = machineset.NewReconciliationContext( @@ -257,7 +263,10 @@ func TestUpdate(t *testing.T) { require.NoError(err) - require.NotEmpty(clusterMachineConfigPatches.TypedSpec().Value.Patches) + patches, err := clusterMachineConfigPatches.TypedSpec().Value.GetUncompressedPatches() + require.NoError(err) + + require.NotEmpty(patches) patchHelper.patches["aa"] = append(patchHelper.patches["aa"], patch1) diff --git a/internal/backend/runtime/omni/controllers/omni/internal/machineset/reconciliation_context.go b/internal/backend/runtime/omni/controllers/omni/internal/machineset/reconciliation_context.go index a5113d86..4d3c80fa 100644 --- a/internal/backend/runtime/omni/controllers/omni/internal/machineset/reconciliation_context.go +++ b/internal/backend/runtime/omni/controllers/omni/internal/machineset/reconciliation_context.go @@ -98,9 +98,7 @@ type patchHelper interface { } // BuildReconciliationContext is the COSI reader dependent method to build the reconciliation context. -func BuildReconciliationContext( - ctx context.Context, r controller.Reader, machineSet *omni.MachineSet, -) (*ReconciliationContext, error) { +func BuildReconciliationContext(ctx context.Context, r controller.Reader, machineSet *omni.MachineSet) (*ReconciliationContext, error) { clusterName, ok := machineSet.Metadata().Labels().Get(omni.LabelCluster) if !ok { return nil, fmt.Errorf("failed to determine the cluster of the machine set %q", machineSet.Metadata().ID()) diff --git a/internal/backend/runtime/omni/controllers/omni/kubernetes_upgrade_status.go b/internal/backend/runtime/omni/controllers/omni/kubernetes_upgrade_status.go index f5910cdb..5946b074 100644 --- a/internal/backend/runtime/omni/controllers/omni/kubernetes_upgrade_status.go +++ b/internal/backend/runtime/omni/controllers/omni/kubernetes_upgrade_status.go @@ -334,8 +334,17 @@ func applyUpgradePatches(ctx context.Context, r controller.Writer, cluster *omni func(configPatch *omni.ConfigPatch) error { var cfg v1alpha1.Config - if configPatch.TypedSpec().Value.Data != "" { - if err := yaml.Unmarshal([]byte(configPatch.TypedSpec().Value.Data), &cfg); err != nil { + buffer, err := configPatch.TypedSpec().Value.GetUncompressedData() + if err != nil { + return err + } + + defer buffer.Free() + + patchData := buffer.Data() + + if len(patchData) > 0 { + if err = yaml.Unmarshal(patchData, &cfg); err != nil { return err } } @@ -358,7 +367,9 @@ func applyUpgradePatches(ctx context.Context, r controller.Writer, cluster *omni return err } - configPatch.TypedSpec().Value.Data = string(data) + if err = configPatch.TypedSpec().Value.SetUncompressedData(data); err != nil { + return err + } anyPatchApplied = true diff --git a/internal/backend/runtime/omni/controllers/omni/machine_set_status_test.go b/internal/backend/runtime/omni/controllers/omni/machine_set_status_test.go index 69a69500..33a70a3d 100644 --- a/internal/backend/runtime/omni/controllers/omni/machine_set_status_test.go +++ b/internal/backend/runtime/omni/controllers/omni/machine_set_status_test.go @@ -106,7 +106,7 @@ func (suite *MachineSetStatusSuite) createMachineSetWithOpts(clusterName string, pair.MakePair(omni.LabelMachineSet, machineSetName), ) - extraPatch.TypedSpec().Value.Data = patch + suite.Require().NoError(extraPatch.TypedSpec().Value.SetUncompressedData([]byte(patch))) suite.Require().NoError(suite.state.Create(suite.ctx, extraPatch)) } @@ -133,10 +133,11 @@ func (suite *MachineSetStatusSuite) createMachineSetWithOpts(clusterName string, patch1 := omni.NewConfigPatch(resources.DefaultNamespace, patchName, pair.MakePair(omni.LabelCluster, clusterName)) - patch1.TypedSpec().Value.Data = `machine: + err = patch1.TypedSpec().Value.SetUncompressedData([]byte(`machine: network: kubespan: - enabled: true` + enabled: true`)) + suite.Require().NoError(err) err = suite.state.Create(suite.ctx, patch1) if !state.IsConflictError(err) { @@ -485,7 +486,10 @@ func (suite *MachineSetStatusSuite) TestConfigUpdate() { &suite.OmniSuite, *omni.NewClusterMachineConfigPatches(resources.DefaultNamespace, m).Metadata(), func(res *omni.ClusterMachineConfigPatches, assertions *assert.Assertions) { - assertions.Len(res.TypedSpec().Value.Patches, 2, "expected to have 2 machine patches in the ClusterMachine") + patches, err := res.TypedSpec().Value.GetUncompressedPatches() + assertions.NoError(err) + + assertions.Len(patches, 2, "expected to have 2 machine patches in the ClusterMachine") }, ) } @@ -504,9 +508,10 @@ func (suite *MachineSetStatusSuite) TestConfigUpdate() { pair.MakePair(omni.LabelClusterMachine, machines[0]), ) - machinePatch.TypedSpec().Value.Data = `machine: + err := machinePatch.TypedSpec().Value.SetUncompressedData([]byte(`machine: network: - hostname: the-running-node-cluster-machine-patch` + hostname: the-running-node-cluster-machine-patch`)) + suite.Require().NoError(err) rtestutils.AssertResource[*omni.MachineSetStatus](suite.ctx, suite.T(), suite.state, machineSet.Metadata().ID(), func(r *omni.MachineSetStatus, assertion *assert.Assertions) { assertion.True( @@ -531,9 +536,10 @@ func (suite *MachineSetStatusSuite) TestConfigUpdate() { pair.MakePair(omni.LabelMachine, machines[0]), ) - machinePatch.TypedSpec().Value.Data = `machine: + err = machinePatch.TypedSpec().Value.SetUncompressedData([]byte(`machine: network: - hostname: the-running-node-machine-patch` + hostname: the-running-node-machine-patch`)) + suite.Require().NoError(err) suite.Assert().NoError(suite.state.Create(suite.ctx, machinePatch)) @@ -544,7 +550,10 @@ func (suite *MachineSetStatusSuite) TestConfigUpdate() { &suite.OmniSuite, *omni.NewClusterMachineConfigPatches(resources.DefaultNamespace, machines[0]).Metadata(), func(res *omni.ClusterMachineConfigPatches, assertions *assert.Assertions) { - assertions.Len(res.TypedSpec().Value.Patches, 2, "the machine was updated while it shouldn't be") + patches, patchesErr := res.TypedSpec().Value.GetUncompressedPatches() + assertions.NoError(patchesErr) + + assertions.Len(patches, 2, "the machine was updated while it shouldn't be") }, ) @@ -554,9 +563,10 @@ func (suite *MachineSetStatusSuite) TestConfigUpdate() { pair.MakePair(omni.LabelClusterMachine, machines[2]), ) - machinePatch.TypedSpec().Value.Data = `machine: + err = machinePatch.TypedSpec().Value.SetUncompressedData([]byte(`machine: network: - hostname: the-pending-node` + hostname: the-pending-node`)) + suite.Require().NoError(err) suite.Assert().NoError(suite.state.Create(suite.ctx, machinePatch)) @@ -565,7 +575,10 @@ func (suite *MachineSetStatusSuite) TestConfigUpdate() { &suite.OmniSuite, *omni.NewClusterMachineConfigPatches(resources.DefaultNamespace, machines[2]).Metadata(), func(res *omni.ClusterMachineConfigPatches, assertions *assert.Assertions) { - assertions.Len(res.TypedSpec().Value.Patches, 3, "expected to have 3 machine patches in the ClusterMachine but found %d", len(res.TypedSpec().Value.Patches)) + patches, err := res.TypedSpec().Value.GetUncompressedPatches() + assertions.NoError(err) + + assertions.Len(patches, 3, "expected to have 3 machine patches in the ClusterMachine but found %d", len(patches)) }, ) @@ -577,7 +590,9 @@ func (suite *MachineSetStatusSuite) TestConfigUpdate() { &suite.OmniSuite, *omni.NewClusterMachineConfigPatches(resources.DefaultNamespace, machines[0]).Metadata(), func(res *omni.ClusterMachineConfigPatches, assertions *assert.Assertions) { - patches := res.TypedSpec().Value.Patches + patches, err := res.TypedSpec().Value.GetUncompressedPatches() + assertions.NoError(err) + assertions.Len(patches, 4, "expected to have 4 machine patches in the ClusterMachine but found %d", len(patches)) }, ) @@ -609,7 +624,10 @@ func (suite *MachineSetStatusSuite) TestConfigUpdateWithMaxParallelism() { &suite.OmniSuite, *omni.NewClusterMachineConfigPatches(resources.DefaultNamespace, m).Metadata(), func(res *omni.ClusterMachineConfigPatches, assertions *assert.Assertions) { - assertions.Len(res.TypedSpec().Value.Patches, 1, "unexpected number of patches in the ClusterMachine") + patches, err := res.TypedSpec().Value.GetUncompressedPatches() + assertions.NoError(err) + + assertions.Len(patches, 1, "unexpected number of patches in the ClusterMachine") }, ) } @@ -627,7 +645,9 @@ func (suite *MachineSetStatusSuite) TestConfigUpdateWithMaxParallelism() { machineSetPatch := omni.NewConfigPatch(resources.DefaultNamespace, machineSet.Metadata().ID()+"-patch", pair.MakePair(omni.LabelCluster, clusterName), pair.MakePair(omni.LabelMachineSet, machineSet.Metadata().ID())) - machineSetPatch.TypedSpec().Value.Data = `{"machine":{"env":{"AAA":"BBB"}}}` + + err = machineSetPatch.TypedSpec().Value.SetUncompressedData([]byte(`{"machine":{"env":{"AAA":"BBB"}}}`)) + suite.Require().NoError(err) suite.Require().NoError(suite.state.Create(suite.ctx, machineSetPatch)) @@ -654,7 +674,12 @@ func (suite *MachineSetStatusSuite) TestConfigUpdateWithMaxParallelism() { res, err = event.Resource() suite.Require().NoError(err) - suite.Len(res.TypedSpec().Value.Patches, 2, "unexpected number of patches in the ClusterMachine") + var patches []string + + patches, err = res.TypedSpec().Value.GetUncompressedPatches() + suite.Require().NoError(err) + + suite.Len(patches, 2, "unexpected number of patches in the ClusterMachine") ids = append(ids, res.Metadata().ID()) } @@ -852,10 +877,11 @@ func (suite *MachineSetStatusSuite) TestMachineLocks() { ), ) - patch.TypedSpec().Value.Data = `cluster: - allowSchedulingOnControlPlanes: true` + err = patch.TypedSpec().Value.SetUncompressedData([]byte(`cluster: + allowSchedulingOnControlPlanes: true`)) + suite.Require().NoError(err) - suite.Assert().NoError(suite.state.Create(suite.ctx, patch)) + suite.Require().NoError(suite.state.Create(suite.ctx, patch)) var eg errgroup.Group @@ -885,13 +911,16 @@ func (suite *MachineSetStatusSuite) TestMachineLocks() { }) suite.assertMachinePatches(machines, func(machine *omni.ClusterMachineConfigPatches, assertions *assert.Assertions) { + patches, patchesErr := machine.TypedSpec().Value.GetUncompressedPatches() + assertions.NoError(patchesErr) + if machine.Metadata().ID() == machines[1] { - assertions.Lenf(machine.TypedSpec().Value.Patches, 1, "machine %s is locked but was updated", machine.Metadata().ID()) + assertions.Lenf(patches, 1, "machine %s is locked but was updated", machine.Metadata().ID()) return } - assertions.Lenf(machine.TypedSpec().Value.Patches, 2, "machine %s is not locked but was not updated", machine.Metadata().ID()) + assertions.Lenf(patches, 2, "machine %s is not locked but was not updated", machine.Metadata().ID()) }) _, err = safe.StateUpdateWithConflicts(ctx, suite.state, machineSetNode.Metadata(), func(res *omni.MachineSetNode) error { @@ -903,7 +932,10 @@ func (suite *MachineSetStatusSuite) TestMachineLocks() { suite.Require().NoError(err) suite.assertMachinePatches(machines, func(machine *omni.ClusterMachineConfigPatches, assertions *assert.Assertions) { - assertions.Lenf(machine.TypedSpec().Value.Patches, 2, "machine %s is not locked but was not updated", machine.Metadata().ID()) + patches, patchesErr := machine.TypedSpec().Value.GetUncompressedPatches() + assertions.NoError(patchesErr) + + assertions.Lenf(patches, 2, "machine %s is not locked but was not updated", machine.Metadata().ID()) }) } @@ -932,7 +964,10 @@ func (suite *MachineSetStatusSuite) assertMachinesState(machines []string, clust }) suite.assertMachinePatches(machines, func(res *omni.ClusterMachineConfigPatches, assertions *assert.Assertions) { - assertions.NotEmpty(res.TypedSpec().Value.Patches, "expected to have machine patches in the ClusterMachine") + patches, err := res.TypedSpec().Value.GetUncompressedPatches() + assertions.NoError(err) + + assertions.NotEmpty(patches, "expected to have machine patches in the ClusterMachine") }) } diff --git a/internal/backend/runtime/omni/controllers/omni/omni_test.go b/internal/backend/runtime/omni/controllers/omni/omni_test.go index c03c06f1..d4fbf9a8 100644 --- a/internal/backend/runtime/omni/controllers/omni/omni_test.go +++ b/internal/backend/runtime/omni/controllers/omni/omni_test.go @@ -483,11 +483,13 @@ func (suite *OmniSuite) createCluster(clusterName string, controlPlanes, workers ) clusterMachineConfigPatches := omni.NewClusterMachineConfigPatches(resources.DefaultNamespace, clusterMachine.Metadata().ID()) - clusterMachineConfigPatches.TypedSpec().Value.Patches = []string{ + + err := clusterMachineConfigPatches.TypedSpec().Value.SetUncompressedPatches([]string{ `machine: install: disk: ` + testInstallDisk, - } + }) + suite.Require().NoError(err) clusterMachine.TypedSpec().Value.KubernetesVersion = cluster.TypedSpec().Value.KubernetesVersion diff --git a/internal/backend/runtime/omni/controllers/omni/redacted_cluster_machine_config.go b/internal/backend/runtime/omni/controllers/omni/redacted_cluster_machine_config.go index 47bdfe7e..2eb13d49 100644 --- a/internal/backend/runtime/omni/controllers/omni/redacted_cluster_machine_config.go +++ b/internal/backend/runtime/omni/controllers/omni/redacted_cluster_machine_config.go @@ -43,15 +43,24 @@ func NewRedactedClusterMachineConfigController() *RedactedClusterMachineConfigCo return xerrors.NewTagged[qtransform.SkipReconcileTag](errors.New("config input hasn't changed")) } - data := cmc.TypedSpec().Value.GetData() + buffer, err := cmc.TypedSpec().Value.GetUncompressedData() + if err != nil { + return err + } + + defer buffer.Free() + + data := buffer.Data() if data == nil { - cmcr.TypedSpec().Value.Data = "" + if err = cmcr.TypedSpec().Value.SetUncompressedData(nil); err != nil { + return err + } return nil } - config, err := configloader.NewFromBytes(cmc.TypedSpec().Value.GetData()) + config, err := configloader.NewFromBytes(data) if err != nil { return err } @@ -61,7 +70,9 @@ func NewRedactedClusterMachineConfigController() *RedactedClusterMachineConfigCo return err } - cmcr.TypedSpec().Value.Data = string(redactedData) + if err = cmcr.TypedSpec().Value.SetUncompressedData(redactedData); err != nil { + return err + } helpers.CopyAllLabels(cmc, cmcr) diff --git a/internal/backend/runtime/omni/controllers/omni/redacted_cluster_machine_config_test.go b/internal/backend/runtime/omni/controllers/omni/redacted_cluster_machine_config_test.go index 7fb18c9a..534e5a4a 100644 --- a/internal/backend/runtime/omni/controllers/omni/redacted_cluster_machine_config_test.go +++ b/internal/backend/runtime/omni/controllers/omni/redacted_cluster_machine_config_test.go @@ -36,13 +36,20 @@ func (suite *RedactedClusterMachineConfigSuite) TestReconcile() { cmc := omni.NewClusterMachineConfig(resources.DefaultNamespace, id) - cmc.TypedSpec().Value.Data = suite.generateConfig() + suite.Require().NoError(cmc.TypedSpec().Value.SetUncompressedData(suite.generateConfig())) suite.Require().NoError(suite.state.Create(suite.ctx, cmc)) rtestutils.AssertResources(suite.ctx, suite.T(), suite.state, []string{id}, func(rcmc *omni.RedactedClusterMachineConfig, assert *assert.Assertions) { - assert.Contains(rcmc.TypedSpec().Value.Data, x509.Redacted) + buffer, err := rcmc.TypedSpec().Value.GetUncompressedData() + assert.NoError(err) + + defer buffer.Free() + + data := string(buffer.Data()) + + assert.Contains(data, x509.Redacted) }, ) diff --git a/internal/backend/runtime/omni/migration/migration_test.go b/internal/backend/runtime/omni/migration/migration_test.go index 1558bcbb..39f72236 100644 --- a/internal/backend/runtime/omni/migration/migration_test.go +++ b/internal/backend/runtime/omni/migration/migration_test.go @@ -159,7 +159,15 @@ func (suite *MigrationSuite) TestConfigPatches() { suite.assertLabel(diskPatch, "cluster-machine", machine.Metadata().ID()) config := v1alpha1.Config{} - suite.Require().NoError(yaml.Unmarshal([]byte(diskPatch.TypedSpec().Value.Data), &config)) + + buffer, err := diskPatch.TypedSpec().Value.GetUncompressedData() + suite.Require().NoError(err) + + defer buffer.Free() + + patchData := buffer.Data() + + suite.Require().NoError(yaml.Unmarshal(patchData, &config)) suite.Require().Equal(testInstallDisk, config.MachineConfig.MachineInstall.InstallDisk) @@ -167,9 +175,16 @@ func (suite *MigrationSuite) TestConfigPatches() { suite.assertLabel(userPatch, "cluster", "c1") suite.assertLabel(userPatch, "cluster-machine", machine.Metadata().ID()) + buffer, err = userPatch.TypedSpec().Value.GetUncompressedData() + suite.Require().NoError(err) + + defer buffer.Free() + + patchData = buffer.Data() + suite.Require().Equal( testConfigPatch, - userPatch.TypedSpec().Value.Data, + string(patchData), ) } @@ -1002,7 +1017,8 @@ func (suite *MigrationSuite) TestPatchesExtraction() { } createResources = append(createResources, xslices.Map(machines, func(m machine) pair.Pair[string, resource.Resource] { - return pair.MakePair[string, resource.Resource](omnictrl.NewClusterMachineConfigController(nil, 8090).Name(), omni.NewClusterMachineConfig(resources.DefaultNamespace, clusterName+"."+m.name)) + return pair.MakePair[string, resource.Resource](omnictrl.NewClusterMachineConfigController(nil, 8090).Name(), + omni.NewClusterMachineConfig(resources.DefaultNamespace, clusterName+"."+m.name)) })...) for _, res := range createResources { @@ -1016,7 +1032,11 @@ func (suite *MigrationSuite) TestPatchesExtraction() { patches, err := safe.StateGet[*omni.ClusterMachineConfigPatches](ctx, suite.state, omni.NewClusterMachineConfigPatches(resources.DefaultNamespace, m).Metadata()) suite.Require().NoError(err) suite.assertLabel(patches, omni.SystemLabelPrefix+"cluster", "patches") - suite.Require().Len(patches.TypedSpec().Value.Patches, 1) + + patchList, err := patches.TypedSpec().Value.GetUncompressedPatches() + suite.Require().NoError(err) + + suite.Require().Len(patchList, 1) config, err := safe.StateGet[*omni.ClusterMachineConfig](ctx, suite.state, omni.NewClusterMachineConfig(resources.DefaultNamespace, m).Metadata()) suite.Require().NoError(err) @@ -1085,7 +1105,8 @@ func (suite *MigrationSuite) TestInstallDiskPatchMigration() { } createResources = append(createResources, xslices.Map(machines, func(m machine) pair.Pair[string, resource.Resource] { - return pair.MakePair[string, resource.Resource](omnictrl.NewClusterMachineConfigController(nil, 8090).Name(), omni.NewClusterMachineConfig(resources.DefaultNamespace, clusterName+"."+m.name)) + return pair.MakePair[string, resource.Resource](omnictrl.NewClusterMachineConfigController(nil, 8090).Name(), + omni.NewClusterMachineConfig(resources.DefaultNamespace, clusterName+"."+m.name)) })...) for _, res := range createResources { @@ -1233,19 +1254,21 @@ func (suite *MigrationSuite) TestClearEmptyConfigPatches() { cp1 := omni.NewClusterMachineConfigPatches(resources.DefaultNamespace, "1") - cp1.TypedSpec().Value.Patches = []string{ + err := cp1.TypedSpec().Value.SetUncompressedPatches([]string{ "foo: yaml", "bar: yaml", "", "baz: yaml", - } + }) + suite.Require().NoError(err) cp2 := omni.NewClusterMachineConfigPatches(resources.DefaultNamespace, "2") - cp2.TypedSpec().Value.Patches = []string{ + err = cp2.TypedSpec().Value.SetUncompressedPatches([]string{ "", "", - } + }) + suite.Require().NoError(err) suite.Require().NoError(suite.state.Create(ctx, cp1, state.WithCreateOwner("MachineSetStatusController"))) suite.Require().NoError(suite.state.Create(ctx, cp2, state.WithCreateOwner("MachineSetStatusController"))) @@ -1260,13 +1283,19 @@ func (suite *MigrationSuite) TestClearEmptyConfigPatches() { cp2After, err := safe.StateGetByID[*omni.ClusterMachineConfigPatches](ctx, suite.state, "2") suite.Require().NoError(err) + patches, err := cp1After.TypedSpec().Value.GetUncompressedPatches() + suite.Require().NoError(err) + suite.Assert().Equal([]string{ "foo: yaml", "bar: yaml", "baz: yaml", - }, cp1After.TypedSpec().Value.Patches) + }, patches) + + patches, err = cp2After.TypedSpec().Value.GetUncompressedPatches() + suite.Require().NoError(err) - suite.Assert().Empty(cp2After.TypedSpec().Value.Patches) + suite.Assert().Empty(patches) } func (suite *MigrationSuite) TestCleanupDanglingSchematicConfigurations() { diff --git a/internal/backend/runtime/omni/migration/migrations.go b/internal/backend/runtime/omni/migration/migrations.go index 6e17daea..c4bcd02c 100644 --- a/internal/backend/runtime/omni/migration/migrations.go +++ b/internal/backend/runtime/omni/migration/migrations.go @@ -103,7 +103,9 @@ func deprecateClusterMachineTemplates(ctx context.Context, s state.State, _ *zap helpers.CopyLabels(val, patch, deprecatedCluster) if err = createOrUpdate(ctx, s, patch, func(p *omni.ConfigPatch) error { - p.TypedSpec().Value.Data = item.Value.Patch + if err = p.TypedSpec().Value.SetUncompressedData([]byte(item.Value.Patch)); err != nil { + return err + } return nil }, ""); err != nil { @@ -137,7 +139,10 @@ func deprecateClusterMachineTemplates(ctx context.Context, s state.State, _ *zap return err } - p.TypedSpec().Value.Data = string(data) + if err = p.TypedSpec().Value.SetUncompressedData(data); err != nil { + return err + } + p.Metadata().Labels().Set("machine-uuid", val.Metadata().ID()) return nil @@ -853,6 +858,19 @@ func removeConfigPatchesFromClusterMachines(ctx context.Context, st state.State, return err } + getPatchData := func(p *omni.ConfigPatch) (string, error) { + buffer, bufferErr := p.TypedSpec().Value.GetUncompressedData() + if bufferErr != nil { + return "", err + } + + defer buffer.Free() + + data := buffer.Data() + + return string(data), err + } + return items.ForEachErr(func(item *omni.ClusterMachine) error { owner := omnictrl.NewMachineSetController().ControllerName @@ -875,12 +893,15 @@ func removeConfigPatchesFromClusterMachines(ctx context.Context, st state.State, patchesRaw := make([]string, 0, len(patches)) for _, p := range patches { - patchesRaw = append(patchesRaw, p.TypedSpec().Value.Data) - } + data, dataErr := getPatchData(p) + if dataErr != nil { + return dataErr + } - res.TypedSpec().Value.Patches = patchesRaw + patchesRaw = append(patchesRaw, data) + } - return nil + return res.TypedSpec().Value.SetUncompressedPatches(patchesRaw) }, owner, state.WithExpectedPhaseAny(), ) if err != nil { @@ -1026,26 +1047,29 @@ func clearEmptyConfigPatches(ctx context.Context, s state.State, _ *zap.Logger) list, err := safe.StateListAll[*omni.ClusterMachineConfigPatches](ctx, s) return list.ForEachErr(func(res *omni.ClusterMachineConfigPatches) error { - if len(res.TypedSpec().Value.Patches) == 0 { + patches, getErr := res.TypedSpec().Value.GetUncompressedPatches() + if getErr != nil { + return getErr + } + + if len(patches) == 0 { return nil } var filteredPatches []string - for _, patch := range res.TypedSpec().Value.Patches { + for _, patch := range patches { if strings.TrimSpace(patch) != "" { filteredPatches = append(filteredPatches, patch) } } - if len(filteredPatches) == len(res.TypedSpec().Value.Patches) { + if len(filteredPatches) == len(patches) { return nil } _, err = safe.StateUpdateWithConflicts(ctx, s, res.Metadata(), func(r *omni.ClusterMachineConfigPatches) error { - r.TypedSpec().Value.Patches = filteredPatches - - return nil + return r.TypedSpec().Value.SetUncompressedPatches(filteredPatches) }, state.WithUpdateOwner(res.Metadata().Owner()), state.WithExpectedPhaseAny()) return err diff --git a/internal/backend/runtime/omni/state_validation.go b/internal/backend/runtime/omni/state_validation.go index 7bca7b71..5033c756 100644 --- a/internal/backend/runtime/omni/state_validation.go +++ b/internal/backend/runtime/omni/state_validation.go @@ -6,6 +6,7 @@ package omni import ( + "bytes" "context" "errors" "fmt" @@ -733,15 +734,39 @@ func configPatchValidationOptions(st state.State) []validated.StateOption { } } - return omni.ValidateConfigPatch(res.TypedSpec().Value.GetData()) + buffer, err := res.TypedSpec().Value.GetUncompressedData() + if err != nil { + return err + } + + defer buffer.Free() + + return omni.ValidateConfigPatch(buffer.Data()) })), validated.WithUpdateValidations(validated.NewUpdateValidationForType(func(_ context.Context, oldRes *omni.ConfigPatch, newRes *omni.ConfigPatch, _ ...state.UpdateOption) error { // keep the old config patch if the data is the same for backwards-compatibility and for teardown cases - if oldRes.TypedSpec().Value.Data == newRes.TypedSpec().Value.Data { + oldBuffer, err := oldRes.TypedSpec().Value.GetUncompressedData() + if err != nil { + return err + } + + defer oldBuffer.Free() + + newBuffer, err := newRes.TypedSpec().Value.GetUncompressedData() + if err != nil { + return err + } + + defer newBuffer.Free() + + oldData := oldBuffer.Data() + newData := newBuffer.Data() + + if bytes.Equal(oldData, newData) { return nil } - return omni.ValidateConfigPatch(newRes.TypedSpec().Value.GetData()) + return omni.ValidateConfigPatch(newData) })), } } diff --git a/internal/backend/runtime/omni/state_validation_test.go b/internal/backend/runtime/omni/state_validation_test.go index 1d492257..8dc916bf 100644 --- a/internal/backend/runtime/omni/state_validation_test.go +++ b/internal/backend/runtime/omni/state_validation_test.go @@ -693,9 +693,10 @@ cluster: clusterName: test-cluster-name `) - configPatch.TypedSpec().Value.Data = patchDataNotAllowed + err := configPatch.TypedSpec().Value.SetUncompressedData([]byte(patchDataNotAllowed)) + require.NoError(t, err) - err := st.Create(ctx, configPatch) + err = st.Create(ctx, configPatch) require.ErrorContains(t, err, "is not allowed in the config patch") patchDataAllowed := strings.TrimSpace(` @@ -704,12 +705,14 @@ machine: bla: bla `) - configPatch.TypedSpec().Value.Data = patchDataAllowed + err = configPatch.TypedSpec().Value.SetUncompressedData([]byte(patchDataAllowed)) + require.NoError(t, err) err = st.Create(ctx, configPatch) require.NoError(t, err) - configPatch.TypedSpec().Value.Data = patchDataNotAllowed + err = configPatch.TypedSpec().Value.SetUncompressedData([]byte(patchDataNotAllowed)) + require.NoError(t, err) err = st.Update(ctx, configPatch) require.ErrorContains(t, err, "is not allowed in the config patch") diff --git a/internal/backend/runtime/watch.go b/internal/backend/runtime/watch.go index 0ab527cd..a924f15c 100644 --- a/internal/backend/runtime/watch.go +++ b/internal/backend/runtime/watch.go @@ -69,6 +69,15 @@ func NewWatchResponse(eventType resources.EventType, res, old any) (*resources.W // MarshalJSON encodes resource as JSON using jsonpb marshaler for proto.Messages or a standard marshaler. func MarshalJSON(res any) (string, error) { + if marshaler, ok := res.(json.Marshaler); ok { + marshaled, err := marshaler.MarshalJSON() + if err != nil { + return "", fmt.Errorf("failed to marshal resource: %w", err) + } + + return string(marshaled), nil + } + if m, ok := res.(proto.Message); ok { opts := protojson.MarshalOptions{ UseProtoNames: true, diff --git a/internal/pkg/config/config.go b/internal/pkg/config/config.go index 5e7e1d75..b2a3e725 100644 --- a/internal/pkg/config/config.go +++ b/internal/pkg/config/config.go @@ -80,6 +80,8 @@ type Params struct { WorkloadProxying WorkloadProxyingParams `yaml:"workloadProxying"` + ConfigDataCompression ConfigDataCompressionParams `yaml:"configDataCompression"` + LocalResourceServerPort int `yaml:"localResourceServerPort"` EtcdBackup EtcdBackupParams `yaml:"etcdBackup"` @@ -139,6 +141,13 @@ type WorkloadProxyingParams struct { Enabled bool `yaml:"enabled"` } +// ConfigDataCompressionParams defines config data compression configs. +// +//nolint:revive +type ConfigDataCompressionParams struct { + Enabled bool `yaml:"enabled"` +} + // LoadBalancerParams defines load balancer configs. type LoadBalancerParams struct { MinPort int `yaml:"minPort"` @@ -273,6 +282,10 @@ var ( Subdomain: "proxy-us", }, + ConfigDataCompression: ConfigDataCompressionParams{ + Enabled: false, + }, + LocalResourceServerPort: 8081, EtcdBackup: EtcdBackupParams{