APIServiceExportTemplate
APIServiceExportTemplate CRD schema reference (group kube-bind.io)
Version v1alpha2
Properties
.apiVersion
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
.kind
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
.metadata
.spec
spec specifies the template.
.spec.description
description is an optional description of the template.
.spec.namespaces
Namespaces specifies the namespaces that should be bootstrapped as part of this template. When objects originate from provider side, consumer does not always know the necessary details This field allows provider to pre-heat the necessary namespaces on provider side by creating APIServiceNamespace objects attached to the APIServiceExport. More namespaces can be created later by the consumer.
.spec.namespaces[*]
.spec.namespaces[*].name
name is the name of the namespace to create on provider side.
.spec.permissionClaims
permissionClaims defines the permission claims required by this template.
.spec.permissionClaims[*]
PermissionClaim selects objects of a GVR that a service provider may request and that a consumer may accept and allow the service provider access to.
.spec.permissionClaims[*].group
group is the name of an API group. For core groups this is the empty string ‘“”’.
.spec.permissionClaims[*].resource
resource is the name of the resource. Note: it is worth noting that you can not ask for permissions for resource provided by a CRD not provided by an service binding export.
.spec.permissionClaims[*].selector
Selector is a resource selector that selects objects of a GVR.
.spec.permissionClaims[*].selector.labelSelector
LabelSelector is a label selector that selects objects of a GVR.
.spec.permissionClaims[*].selector.labelSelector.matchExpressions
matchExpressions is a list of label selector requirements. The requirements are ANDed.
.spec.permissionClaims[*].selector.labelSelector.matchExpressions[*]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.permissionClaims[*].selector.labelSelector.matchExpressions[*].key
key is the label key that the selector applies to.
.spec.permissionClaims[*].selector.labelSelector.matchExpressions[*].operator
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
.spec.permissionClaims[*].selector.labelSelector.matchExpressions[*].values
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
.spec.permissionClaims[*].selector.labelSelector.matchExpressions[*].values[*]
.spec.permissionClaims[*].selector.labelSelector.matchLabels
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
.spec.permissionClaims[*].selector.namedResources
NamedResource is a shorthand for selecting a single resource by name and namespace.
.spec.permissionClaims[*].selector.namedResources[*]
NamedResource selects a specific resource by name and namespace.
.spec.permissionClaims[*].selector.namedResources[*].name
Name is the name of the resource. Name matches the metadata.name field of the underlying object.
.spec.permissionClaims[*].selector.namedResources[*].namespace
Namespace represents namespace where an object of the given group/resource may be managed. Namespaces matches against the metadata.namespace field. If not provided, the object is assumed to be cluster-scoped. Namespaces field is ignored for namespaced isolation mode.
.spec.permissionClaims[*].selector.references
Reference is a reference to the object that contains jsonPath to select objects of a GVR.
.spec.permissionClaims[*].selector.references[*]
SelectorReference selects objects of a GVR via a reference to another object.
.spec.permissionClaims[*].selector.references[*].group
group is the name of an API group. For core groups this is the empty string ‘“”’.
.spec.permissionClaims[*].selector.references[*].jsonPath
JSONPath is a JSONPath expression that selects the name and namespace of the resource from the referenced object.
.spec.permissionClaims[*].selector.references[*].jsonPath.name
.spec.permissionClaims[*].selector.references[*].jsonPath.namespace
.spec.permissionClaims[*].selector.references[*].resource
resource is the name of the resource. Note: it is worth noting that you can not ask for permissions for resource provided by a CRD not provided by an service binding export.
.spec.permissionClaims[*].selector.references[*].versions
versions is a list of versions that should be used to fetch the referenced object. If not specified and apiserviceexport contains versions for the same group/resource, those versions are used. Otherwise, references is considered invalid.
.spec.permissionClaims[*].selector.references[*].versions[*]
.spec.resources
resources defines the CRDs that are part of this template.
.spec.resources[*]
.spec.resources[*].group
group is the name of an API group. For core groups this is the empty string ‘“”’.
.spec.resources[*].resource
resource is the name of the resource. Note: it is worth noting that you can not ask for permissions for resource provided by a CRD not provided by an service binding export.
.spec.resources[*].versions
versions is a list of versions that should be exported. If this is empty a sensible default is chosen by the service provider.
.spec.resources[*].versions[*]
.spec.scope
scope defines the scope of the resources in this template.
.status
status contains reconciliation information for the template.
.status.conditions
conditions is a list of conditions that apply to the APIServiceExportTemplate.
.status.conditions[*]
Condition defines an observation of a object operational state.
.status.conditions[*].lastTransitionTime
Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
.status.conditions[*].message
A human readable message indicating details about the transition. This field may be empty.
.status.conditions[*].reason
The reason for the condition’s last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty.
.status.conditions[*].severity
Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False.
.status.conditions[*].status
Status of the condition, one of True, False, Unknown.
.status.conditions[*].type
Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important.