From 7c8653eb8859dfd124d10ee77b3647b484240980 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Ho=C3=9F?= Date: Thu, 12 Sep 2024 15:59:40 +0200 Subject: [PATCH] re-generate docs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sebastian Hoß --- ...mzi_io_kafka_node_pool_v1beta2_manifest.md | 1035 +++++++++++++++++ .../kyverno_io_cluster_policy_v1_manifest.md | 159 ++- .../data-source.tf | 2 +- .../data-source.tf | 4 +- .../outputs.tf | 8 +- 5 files changed, 1199 insertions(+), 9 deletions(-) create mode 100644 docs/data-sources/kafka_strimzi_io_kafka_node_pool_v1beta2_manifest.md diff --git a/docs/data-sources/kafka_strimzi_io_kafka_node_pool_v1beta2_manifest.md b/docs/data-sources/kafka_strimzi_io_kafka_node_pool_v1beta2_manifest.md new file mode 100644 index 000000000..0f108c0f3 --- /dev/null +++ b/docs/data-sources/kafka_strimzi_io_kafka_node_pool_v1beta2_manifest.md @@ -0,0 +1,1035 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "k8s_kafka_strimzi_io_kafka_node_pool_v1beta2_manifest Data Source - terraform-provider-k8s" +subcategory: "kafka.strimzi.io" +description: |- + +--- + +# k8s_kafka_strimzi_io_kafka_node_pool_v1beta2_manifest (Data Source) + + + +## Example Usage + +```terraform +data "k8s_kafka_strimzi_io_kafka_node_pool_v1beta2_manifest" "example" { + metadata = { + name = "some-name" + namespace = "some-namespace" + } +} +``` + + +## Schema + +### Required + +- `metadata` (Attributes) Data that helps uniquely identify this object. See https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata for more details. (see [below for nested schema](#nestedatt--metadata)) + +### Optional + +- `spec` (Attributes) The specification of the KafkaNodePool. (see [below for nested schema](#nestedatt--spec)) + +### Read-Only + +- `yaml` (String) The generated manifest in YAML format. + + +### Nested Schema for `metadata` + +Required: + +- `name` (String) Unique identifier for this object. See https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names for more details. +- `namespace` (String) Namespaces provides a mechanism for isolating groups of resources within a single cluster. See https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ for more details. + +Optional: + +- `annotations` (Map of String) Keys and values that can be used by external tooling to store and retrieve arbitrary metadata about this object. See https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ for more details. +- `labels` (Map of String) Keys and values that can be used to organize and categorize objects. See https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ for more details. + + + +### Nested Schema for `spec` + +Required: + +- `replicas` (Number) The number of pods in the pool. +- `roles` (List of String) The roles that the nodes in this pool will have when KRaft mode is enabled. Supported values are 'broker' and 'controller'. This field is required. When KRaft mode is disabled, the only allowed value if 'broker'. +- `storage` (Attributes) Storage configuration (disk). Cannot be updated. (see [below for nested schema](#nestedatt--spec--storage)) + +Optional: + +- `jvm_options` (Attributes) JVM Options for pods. (see [below for nested schema](#nestedatt--spec--jvm_options)) +- `resources` (Attributes) CPU and memory resources to reserve. (see [below for nested schema](#nestedatt--spec--resources)) +- `template` (Attributes) Template for pool resources. The template allows users to specify how the resources belonging to this pool are generated. (see [below for nested schema](#nestedatt--spec--template)) + + +### Nested Schema for `spec.storage` + +Required: + +- `type` (String) Storage type, must be either 'ephemeral', 'persistent-claim', or 'jbod'. + +Optional: + +- `class` (String) The storage class to use for dynamic volume allocation. +- `delete_claim` (Boolean) Specifies if the persistent volume claim has to be deleted when the cluster is un-deployed. +- `id` (Number) Storage identification number. It is mandatory only for storage volumes defined in a storage of type 'jbod'. +- `kraft_metadata` (String) Specifies whether this volume should be used for storing KRaft metadata. This property is optional. When set, the only currently supported value is 'shared'. At most one volume can have this property set. +- `overrides` (Attributes List) Overrides for individual brokers. The 'overrides' field allows you to specify a different configuration for different brokers. (see [below for nested schema](#nestedatt--spec--storage--overrides)) +- `selector` (Map of String) Specifies a specific persistent volume to use. It contains key:value pairs representing labels for selecting such a volume. +- `size` (String) When 'type=persistent-claim', defines the size of the persistent volume claim, such as 100Gi. Mandatory when 'type=persistent-claim'. +- `size_limit` (String) When type=ephemeral, defines the total amount of local storage required for this EmptyDir volume (for example 1Gi). +- `volumes` (Attributes List) List of volumes as Storage objects representing the JBOD disks array. (see [below for nested schema](#nestedatt--spec--storage--volumes)) + + +### Nested Schema for `spec.storage.overrides` + +Optional: + +- `broker` (Number) Id of the kafka broker (broker identifier). +- `class` (String) The storage class to use for dynamic volume allocation for this broker. + + + +### Nested Schema for `spec.storage.volumes` + +Required: + +- `type` (String) Storage type, must be either 'ephemeral' or 'persistent-claim'. + +Optional: + +- `class` (String) The storage class to use for dynamic volume allocation. +- `delete_claim` (Boolean) Specifies if the persistent volume claim has to be deleted when the cluster is un-deployed. +- `id` (Number) Storage identification number. Mandatory for storage volumes defined with a 'jbod' storage type configuration. +- `kraft_metadata` (String) Specifies whether this volume should be used for storing KRaft metadata. This property is optional. When set, the only currently supported value is 'shared'. At most one volume can have this property set. +- `overrides` (Attributes List) Overrides for individual brokers. The 'overrides' field allows you to specify a different configuration for different brokers. (see [below for nested schema](#nestedatt--spec--storage--volumes--overrides)) +- `selector` (Map of String) Specifies a specific persistent volume to use. It contains key:value pairs representing labels for selecting such a volume. +- `size` (String) When 'type=persistent-claim', defines the size of the persistent volume claim, such as 100Gi. Mandatory when 'type=persistent-claim'. +- `size_limit` (String) When type=ephemeral, defines the total amount of local storage required for this EmptyDir volume (for example 1Gi). + + +### Nested Schema for `spec.storage.volumes.overrides` + +Optional: + +- `broker` (Number) Id of the kafka broker (broker identifier). +- `class` (String) The storage class to use for dynamic volume allocation for this broker. + + + + + +### Nested Schema for `spec.jvm_options` + +Optional: + +- `gc_logging_enabled` (Boolean) Specifies whether the Garbage Collection logging is enabled. The default is false. +- `java_system_properties` (Attributes List) A map of additional system properties which will be passed using the '-D' option to the JVM. (see [below for nested schema](#nestedatt--spec--jvm_options--java_system_properties)) +- `xms` (String) -Xms option to to the JVM. +- `xmx` (String) -Xmx option to to the JVM. +- `xx` (Map of String) A map of -XX options to the JVM. + + +### Nested Schema for `spec.jvm_options.java_system_properties` + +Optional: + +- `name` (String) The system property name. +- `value` (String) The system property value. + + + + +### Nested Schema for `spec.resources` + +Optional: + +- `claims` (Attributes List) (see [below for nested schema](#nestedatt--spec--resources--claims)) +- `limits` (Map of String) +- `requests` (Map of String) + + +### Nested Schema for `spec.resources.claims` + +Optional: + +- `name` (String) + + + + +### Nested Schema for `spec.template` + +Optional: + +- `init_container` (Attributes) Template for the Kafka init container. (see [below for nested schema](#nestedatt--spec--template--init_container)) +- `kafka_container` (Attributes) Template for the Kafka broker container. (see [below for nested schema](#nestedatt--spec--template--kafka_container)) +- `per_pod_ingress` (Attributes) Template for Kafka per-pod 'Ingress' used for access from outside of Kubernetes. (see [below for nested schema](#nestedatt--spec--template--per_pod_ingress)) +- `per_pod_route` (Attributes) Template for Kafka per-pod 'Routes' used for access from outside of OpenShift. (see [below for nested schema](#nestedatt--spec--template--per_pod_route)) +- `per_pod_service` (Attributes) Template for Kafka per-pod 'Services' used for access from outside of Kubernetes. (see [below for nested schema](#nestedatt--spec--template--per_pod_service)) +- `persistent_volume_claim` (Attributes) Template for all Kafka 'PersistentVolumeClaims'. (see [below for nested schema](#nestedatt--spec--template--persistent_volume_claim)) +- `pod` (Attributes) Template for Kafka 'Pods'. (see [below for nested schema](#nestedatt--spec--template--pod)) +- `pod_set` (Attributes) Template for Kafka 'StrimziPodSet' resource. (see [below for nested schema](#nestedatt--spec--template--pod_set)) + + +### Nested Schema for `spec.template.init_container` + +Optional: + +- `env` (Attributes List) Environment variables which should be applied to the container. (see [below for nested schema](#nestedatt--spec--template--init_container--env)) +- `security_context` (Attributes) Security context for the container. (see [below for nested schema](#nestedatt--spec--template--init_container--security_context)) +- `volume_mounts` (Attributes List) Additional volume mounts which should be applied to the container. (see [below for nested schema](#nestedatt--spec--template--init_container--volume_mounts)) + + +### Nested Schema for `spec.template.init_container.env` + +Optional: + +- `name` (String) The environment variable key. +- `value` (String) The environment variable value. + + + +### Nested Schema for `spec.template.init_container.security_context` + +Optional: + +- `allow_privilege_escalation` (Boolean) +- `app_armor_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--template--init_container--security_context--app_armor_profile)) +- `capabilities` (Attributes) (see [below for nested schema](#nestedatt--spec--template--init_container--security_context--capabilities)) +- `privileged` (Boolean) +- `proc_mount` (String) +- `read_only_root_filesystem` (Boolean) +- `run_as_group` (Number) +- `run_as_non_root` (Boolean) +- `run_as_user` (Number) +- `se_linux_options` (Attributes) (see [below for nested schema](#nestedatt--spec--template--init_container--security_context--se_linux_options)) +- `seccomp_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--template--init_container--security_context--seccomp_profile)) +- `windows_options` (Attributes) (see [below for nested schema](#nestedatt--spec--template--init_container--security_context--windows_options)) + + +### Nested Schema for `spec.template.init_container.security_context.app_armor_profile` + +Optional: + +- `localhost_profile` (String) +- `type` (String) + + + +### Nested Schema for `spec.template.init_container.security_context.capabilities` + +Optional: + +- `add` (List of String) +- `drop` (List of String) + + + +### Nested Schema for `spec.template.init_container.security_context.se_linux_options` + +Optional: + +- `level` (String) +- `role` (String) +- `type` (String) +- `user` (String) + + + +### Nested Schema for `spec.template.init_container.security_context.seccomp_profile` + +Optional: + +- `localhost_profile` (String) +- `type` (String) + + + +### Nested Schema for `spec.template.init_container.security_context.windows_options` + +Optional: + +- `gmsa_credential_spec` (String) +- `gmsa_credential_spec_name` (String) +- `host_process` (Boolean) +- `run_as_user_name` (String) + + + + +### Nested Schema for `spec.template.init_container.volume_mounts` + +Optional: + +- `mount_path` (String) +- `mount_propagation` (String) +- `name` (String) +- `read_only` (Boolean) +- `recursive_read_only` (String) +- `sub_path` (String) +- `sub_path_expr` (String) + + + + +### Nested Schema for `spec.template.kafka_container` + +Optional: + +- `env` (Attributes List) Environment variables which should be applied to the container. (see [below for nested schema](#nestedatt--spec--template--kafka_container--env)) +- `security_context` (Attributes) Security context for the container. (see [below for nested schema](#nestedatt--spec--template--kafka_container--security_context)) +- `volume_mounts` (Attributes List) Additional volume mounts which should be applied to the container. (see [below for nested schema](#nestedatt--spec--template--kafka_container--volume_mounts)) + + +### Nested Schema for `spec.template.kafka_container.env` + +Optional: + +- `name` (String) The environment variable key. +- `value` (String) The environment variable value. + + + +### Nested Schema for `spec.template.kafka_container.security_context` + +Optional: + +- `allow_privilege_escalation` (Boolean) +- `app_armor_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--template--kafka_container--security_context--app_armor_profile)) +- `capabilities` (Attributes) (see [below for nested schema](#nestedatt--spec--template--kafka_container--security_context--capabilities)) +- `privileged` (Boolean) +- `proc_mount` (String) +- `read_only_root_filesystem` (Boolean) +- `run_as_group` (Number) +- `run_as_non_root` (Boolean) +- `run_as_user` (Number) +- `se_linux_options` (Attributes) (see [below for nested schema](#nestedatt--spec--template--kafka_container--security_context--se_linux_options)) +- `seccomp_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--template--kafka_container--security_context--seccomp_profile)) +- `windows_options` (Attributes) (see [below for nested schema](#nestedatt--spec--template--kafka_container--security_context--windows_options)) + + +### Nested Schema for `spec.template.kafka_container.security_context.app_armor_profile` + +Optional: + +- `localhost_profile` (String) +- `type` (String) + + + +### Nested Schema for `spec.template.kafka_container.security_context.capabilities` + +Optional: + +- `add` (List of String) +- `drop` (List of String) + + + +### Nested Schema for `spec.template.kafka_container.security_context.se_linux_options` + +Optional: + +- `level` (String) +- `role` (String) +- `type` (String) +- `user` (String) + + + +### Nested Schema for `spec.template.kafka_container.security_context.seccomp_profile` + +Optional: + +- `localhost_profile` (String) +- `type` (String) + + + +### Nested Schema for `spec.template.kafka_container.security_context.windows_options` + +Optional: + +- `gmsa_credential_spec` (String) +- `gmsa_credential_spec_name` (String) +- `host_process` (Boolean) +- `run_as_user_name` (String) + + + + +### Nested Schema for `spec.template.kafka_container.volume_mounts` + +Optional: + +- `mount_path` (String) +- `mount_propagation` (String) +- `name` (String) +- `read_only` (Boolean) +- `recursive_read_only` (String) +- `sub_path` (String) +- `sub_path_expr` (String) + + + + +### Nested Schema for `spec.template.per_pod_ingress` + +Optional: + +- `metadata` (Attributes) Metadata applied to the resource. (see [below for nested schema](#nestedatt--spec--template--per_pod_ingress--metadata)) + + +### Nested Schema for `spec.template.per_pod_ingress.metadata` + +Optional: + +- `annotations` (Map of String) Annotations added to the Kubernetes resource. +- `labels` (Map of String) Labels added to the Kubernetes resource. + + + + +### Nested Schema for `spec.template.per_pod_route` + +Optional: + +- `metadata` (Attributes) Metadata applied to the resource. (see [below for nested schema](#nestedatt--spec--template--per_pod_route--metadata)) + + +### Nested Schema for `spec.template.per_pod_route.metadata` + +Optional: + +- `annotations` (Map of String) Annotations added to the Kubernetes resource. +- `labels` (Map of String) Labels added to the Kubernetes resource. + + + + +### Nested Schema for `spec.template.per_pod_service` + +Optional: + +- `metadata` (Attributes) Metadata applied to the resource. (see [below for nested schema](#nestedatt--spec--template--per_pod_service--metadata)) + + +### Nested Schema for `spec.template.per_pod_service.metadata` + +Optional: + +- `annotations` (Map of String) Annotations added to the Kubernetes resource. +- `labels` (Map of String) Labels added to the Kubernetes resource. + + + + +### Nested Schema for `spec.template.persistent_volume_claim` + +Optional: + +- `metadata` (Attributes) Metadata applied to the resource. (see [below for nested schema](#nestedatt--spec--template--persistent_volume_claim--metadata)) + + +### Nested Schema for `spec.template.persistent_volume_claim.metadata` + +Optional: + +- `annotations` (Map of String) Annotations added to the Kubernetes resource. +- `labels` (Map of String) Labels added to the Kubernetes resource. + + + + +### Nested Schema for `spec.template.pod` + +Optional: + +- `affinity` (Attributes) The pod's affinity rules. (see [below for nested schema](#nestedatt--spec--template--pod--affinity)) +- `enable_service_links` (Boolean) Indicates whether information about services should be injected into Pod's environment variables. +- `host_aliases` (Attributes List) The pod's HostAliases. HostAliases is an optional list of hosts and IPs that will be injected into the Pod's hosts file if specified. (see [below for nested schema](#nestedatt--spec--template--pod--host_aliases)) +- `image_pull_secrets` (Attributes List) List of references to secrets in the same namespace to use for pulling any of the images used by this Pod. When the 'STRIMZI_IMAGE_PULL_SECRETS' environment variable in Cluster Operator and the 'imagePullSecrets' option are specified, only the 'imagePullSecrets' variable is used and the 'STRIMZI_IMAGE_PULL_SECRETS' variable is ignored. (see [below for nested schema](#nestedatt--spec--template--pod--image_pull_secrets)) +- `metadata` (Attributes) Metadata applied to the resource. (see [below for nested schema](#nestedatt--spec--template--pod--metadata)) +- `priority_class_name` (String) The name of the priority class used to assign priority to the pods. +- `scheduler_name` (String) The name of the scheduler used to dispatch this 'Pod'. If not specified, the default scheduler will be used. +- `security_context` (Attributes) Configures pod-level security attributes and common container settings. (see [below for nested schema](#nestedatt--spec--template--pod--security_context)) +- `termination_grace_period_seconds` (Number) The grace period is the duration in seconds after the processes running in the pod are sent a termination signal, and the time when the processes are forcibly halted with a kill signal. Set this value to longer than the expected cleanup time for your process. Value must be a non-negative integer. A zero value indicates delete immediately. You might need to increase the grace period for very large Kafka clusters, so that the Kafka brokers have enough time to transfer their work to another broker before they are terminated. Defaults to 30 seconds. +- `tmp_dir_size_limit` (String) Defines the total amount of pod memory allocated for the temporary 'EmptyDir' volume '/tmp'. Specify the allocation in memory units, for example, '100Mi' for 100 mebibytes. Default value is '5Mi'. The '/tmp' volume is backed by pod memory, not disk storage, so avoid setting a high value as it consumes pod memory resources. +- `tolerations` (Attributes List) The pod's tolerations. (see [below for nested schema](#nestedatt--spec--template--pod--tolerations)) +- `topology_spread_constraints` (Attributes List) The pod's topology spread constraints. (see [below for nested schema](#nestedatt--spec--template--pod--topology_spread_constraints)) +- `volumes` (Attributes List) Additional volumes that can be mounted to the pod. (see [below for nested schema](#nestedatt--spec--template--pod--volumes)) + + +### Nested Schema for `spec.template.pod.affinity` + +Optional: + +- `node_affinity` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--node_affinity)) +- `pod_affinity` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_affinity)) +- `pod_anti_affinity` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_anti_affinity)) + + +### Nested Schema for `spec.template.pod.affinity.node_affinity` + +Optional: + +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--node_affinity--required_during_scheduling_ignored_during_execution)) + + +### Nested Schema for `spec.template.pod.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution` + +Optional: + +- `preference` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution--preference)) +- `weight` (Number) + + +### Nested Schema for `spec.template.pod.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution.preference` + +Optional: + +- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution--preference--match_expressions)) +- `match_fields` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--node_affinity--preferred_during_scheduling_ignored_during_execution--preference--match_fields)) + + +### Nested Schema for `spec.template.pod.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution.preference.match_expressions` + +Optional: + +- `key` (String) +- `operator` (String) +- `values` (List of String) + + + +### Nested Schema for `spec.template.pod.affinity.node_affinity.preferred_during_scheduling_ignored_during_execution.preference.match_fields` + +Optional: + +- `key` (String) +- `operator` (String) +- `values` (List of String) + + + + + +### Nested Schema for `spec.template.pod.affinity.node_affinity.required_during_scheduling_ignored_during_execution` + +Optional: + +- `node_selector_terms` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--node_affinity--required_during_scheduling_ignored_during_execution--node_selector_terms)) + + +### Nested Schema for `spec.template.pod.affinity.node_affinity.required_during_scheduling_ignored_during_execution.node_selector_terms` + +Optional: + +- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--node_affinity--required_during_scheduling_ignored_during_execution--node_selector_terms--match_expressions)) +- `match_fields` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--node_affinity--required_during_scheduling_ignored_during_execution--node_selector_terms--match_fields)) + + +### Nested Schema for `spec.template.pod.affinity.node_affinity.required_during_scheduling_ignored_during_execution.node_selector_terms.match_expressions` + +Optional: + +- `key` (String) +- `operator` (String) +- `values` (List of String) + + + +### Nested Schema for `spec.template.pod.affinity.node_affinity.required_during_scheduling_ignored_during_execution.node_selector_terms.match_fields` + +Optional: + +- `key` (String) +- `operator` (String) +- `values` (List of String) + + + + + + +### Nested Schema for `spec.template.pod.affinity.pod_affinity` + +Optional: + +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_affinity--required_during_scheduling_ignored_during_execution)) + + +### Nested Schema for `spec.template.pod.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution` + +Optional: + +- `pod_affinity_term` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) +- `weight` (Number) + + +### Nested Schema for `spec.template.pod.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` + +Optional: + +- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) +- `match_label_keys` (List of String) +- `mismatch_label_keys` (List of String) +- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) +- `topology_key` (String) + + +### Nested Schema for `spec.template.pod.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` + +Optional: + +- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) +- `match_labels` (Map of String) + + +### Nested Schema for `spec.template.pod.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` + +Optional: + +- `key` (String) +- `operator` (String) +- `values` (List of String) + + + + +### Nested Schema for `spec.template.pod.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector` + +Optional: + +- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) +- `match_labels` (Map of String) + + +### Nested Schema for `spec.template.pod.affinity.pod_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` + +Optional: + +- `key` (String) +- `operator` (String) +- `values` (List of String) + + + + + + +### Nested Schema for `spec.template.pod.affinity.pod_affinity.required_during_scheduling_ignored_during_execution` + +Optional: + +- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector)) +- `match_label_keys` (List of String) +- `mismatch_label_keys` (List of String) +- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) +- `topology_key` (String) + + +### Nested Schema for `spec.template.pod.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector` + +Optional: + +- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) +- `match_labels` (Map of String) + + +### Nested Schema for `spec.template.pod.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` + +Optional: + +- `key` (String) +- `operator` (String) +- `values` (List of String) + + + + +### Nested Schema for `spec.template.pod.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.namespace_selector` + +Optional: + +- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) +- `match_labels` (Map of String) + + +### Nested Schema for `spec.template.pod.affinity.pod_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` + +Optional: + +- `key` (String) +- `operator` (String) +- `values` (List of String) + + + + + + +### Nested Schema for `spec.template.pod.affinity.pod_anti_affinity` + +Optional: + +- `preferred_during_scheduling_ignored_during_execution` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution)) +- `required_during_scheduling_ignored_during_execution` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution)) + + +### Nested Schema for `spec.template.pod.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution` + +Optional: + +- `pod_affinity_term` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term)) +- `weight` (Number) + + +### Nested Schema for `spec.template.pod.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term` + +Optional: + +- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector)) +- `match_label_keys` (List of String) +- `mismatch_label_keys` (List of String) +- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector)) +- `namespaces` (List of String) +- `topology_key` (String) + + +### Nested Schema for `spec.template.pod.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector` + +Optional: + +- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector--match_expressions)) +- `match_labels` (Map of String) + + +### Nested Schema for `spec.template.pod.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.label_selector.match_expressions` + +Optional: + +- `key` (String) +- `operator` (String) +- `values` (List of String) + + + + +### Nested Schema for `spec.template.pod.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector` + +Optional: + +- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector--match_expressions)) +- `match_labels` (Map of String) + + +### Nested Schema for `spec.template.pod.affinity.pod_anti_affinity.preferred_during_scheduling_ignored_during_execution.pod_affinity_term.namespace_selector.match_expressions` + +Optional: + +- `key` (String) +- `operator` (String) +- `values` (List of String) + + + + + + +### Nested Schema for `spec.template.pod.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution` + +Optional: + +- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector)) +- `match_label_keys` (List of String) +- `mismatch_label_keys` (List of String) +- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector)) +- `namespaces` (List of String) +- `topology_key` (String) + + +### Nested Schema for `spec.template.pod.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector` + +Optional: + +- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector--match_expressions)) +- `match_labels` (Map of String) + + +### Nested Schema for `spec.template.pod.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.label_selector.match_expressions` + +Optional: + +- `key` (String) +- `operator` (String) +- `values` (List of String) + + + + +### Nested Schema for `spec.template.pod.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.namespace_selector` + +Optional: + +- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector--match_expressions)) +- `match_labels` (Map of String) + + +### Nested Schema for `spec.template.pod.affinity.pod_anti_affinity.required_during_scheduling_ignored_during_execution.namespace_selector.match_expressions` + +Optional: + +- `key` (String) +- `operator` (String) +- `values` (List of String) + + + + + + + +### Nested Schema for `spec.template.pod.host_aliases` + +Optional: + +- `hostnames` (List of String) +- `ip` (String) + + + +### Nested Schema for `spec.template.pod.image_pull_secrets` + +Optional: + +- `name` (String) + + + +### Nested Schema for `spec.template.pod.metadata` + +Optional: + +- `annotations` (Map of String) Annotations added to the Kubernetes resource. +- `labels` (Map of String) Labels added to the Kubernetes resource. + + + +### Nested Schema for `spec.template.pod.security_context` + +Optional: + +- `app_armor_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--security_context--app_armor_profile)) +- `fs_group` (Number) +- `fs_group_change_policy` (String) +- `run_as_group` (Number) +- `run_as_non_root` (Boolean) +- `run_as_user` (Number) +- `se_linux_options` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--security_context--se_linux_options)) +- `seccomp_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--security_context--seccomp_profile)) +- `supplemental_groups` (List of String) +- `sysctls` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--security_context--sysctls)) +- `windows_options` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--security_context--windows_options)) + + +### Nested Schema for `spec.template.pod.security_context.app_armor_profile` + +Optional: + +- `localhost_profile` (String) +- `type` (String) + + + +### Nested Schema for `spec.template.pod.security_context.se_linux_options` + +Optional: + +- `level` (String) +- `role` (String) +- `type` (String) +- `user` (String) + + + +### Nested Schema for `spec.template.pod.security_context.seccomp_profile` + +Optional: + +- `localhost_profile` (String) +- `type` (String) + + + +### Nested Schema for `spec.template.pod.security_context.sysctls` + +Optional: + +- `name` (String) +- `value` (String) + + + +### Nested Schema for `spec.template.pod.security_context.windows_options` + +Optional: + +- `gmsa_credential_spec` (String) +- `gmsa_credential_spec_name` (String) +- `host_process` (Boolean) +- `run_as_user_name` (String) + + + + +### Nested Schema for `spec.template.pod.tolerations` + +Optional: + +- `effect` (String) +- `key` (String) +- `operator` (String) +- `toleration_seconds` (Number) +- `value` (String) + + + +### Nested Schema for `spec.template.pod.topology_spread_constraints` + +Optional: + +- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--topology_spread_constraints--label_selector)) +- `match_label_keys` (List of String) +- `max_skew` (Number) +- `min_domains` (Number) +- `node_affinity_policy` (String) +- `node_taints_policy` (String) +- `topology_key` (String) +- `when_unsatisfiable` (String) + + +### Nested Schema for `spec.template.pod.topology_spread_constraints.label_selector` + +Optional: + +- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--topology_spread_constraints--label_selector--match_expressions)) +- `match_labels` (Map of String) + + +### Nested Schema for `spec.template.pod.topology_spread_constraints.label_selector.match_expressions` + +Optional: + +- `key` (String) +- `operator` (String) +- `values` (List of String) + + + + + +### Nested Schema for `spec.template.pod.volumes` + +Optional: + +- `config_map` (Attributes) ConfigMap to use to populate the volume. (see [below for nested schema](#nestedatt--spec--template--pod--volumes--config_map)) +- `empty_dir` (Attributes) EmptyDir to use to populate the volume. (see [below for nested schema](#nestedatt--spec--template--pod--volumes--empty_dir)) +- `name` (String) Name to use for the volume. Required. +- `persistent_volume_claim` (Attributes) PersistentVolumeClaim object to use to populate the volume. (see [below for nested schema](#nestedatt--spec--template--pod--volumes--persistent_volume_claim)) +- `secret` (Attributes) Secret to use populate the volume. (see [below for nested schema](#nestedatt--spec--template--pod--volumes--secret)) + + +### Nested Schema for `spec.template.pod.volumes.config_map` + +Optional: + +- `default_mode` (Number) +- `items` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--volumes--config_map--items)) +- `name` (String) +- `optional` (Boolean) + + +### Nested Schema for `spec.template.pod.volumes.config_map.items` + +Optional: + +- `key` (String) +- `mode` (Number) +- `path` (String) + + + + +### Nested Schema for `spec.template.pod.volumes.empty_dir` + +Optional: + +- `medium` (String) +- `size_limit` (Attributes) (see [below for nested schema](#nestedatt--spec--template--pod--volumes--empty_dir--size_limit)) + + +### Nested Schema for `spec.template.pod.volumes.empty_dir.size_limit` + +Optional: + +- `amount` (String) +- `format` (String) + + + + +### Nested Schema for `spec.template.pod.volumes.persistent_volume_claim` + +Optional: + +- `claim_name` (String) +- `read_only` (Boolean) + + + +### Nested Schema for `spec.template.pod.volumes.secret` + +Optional: + +- `default_mode` (Number) +- `items` (Attributes List) (see [below for nested schema](#nestedatt--spec--template--pod--volumes--secret--items)) +- `optional` (Boolean) +- `secret_name` (String) + + +### Nested Schema for `spec.template.pod.volumes.secret.items` + +Optional: + +- `key` (String) +- `mode` (Number) +- `path` (String) + + + + + + +### Nested Schema for `spec.template.pod_set` + +Optional: + +- `metadata` (Attributes) Metadata applied to the resource. (see [below for nested schema](#nestedatt--spec--template--pod_set--metadata)) + + +### Nested Schema for `spec.template.pod_set.metadata` + +Optional: + +- `annotations` (Map of String) Annotations added to the Kubernetes resource. +- `labels` (Map of String) Labels added to the Kubernetes resource. diff --git a/docs/data-sources/kyverno_io_cluster_policy_v1_manifest.md b/docs/data-sources/kyverno_io_cluster_policy_v1_manifest.md index a5dec9d5e..6fb3e74fd 100644 --- a/docs/data-sources/kyverno_io_cluster_policy_v1_manifest.md +++ b/docs/data-sources/kyverno_io_cluster_policy_v1_manifest.md @@ -17,7 +17,162 @@ data "k8s_kyverno_io_cluster_policy_v1_manifest" "example" { metadata = { name = "some-name" } - spec = {} + spec = { + rules = [ + { + name = "some-rule" + context = [ + { + name = "response" + api_call = { + method = "POST" + data = [ + { + key = "images" + value = jsonencode("some-string") + }, + ] + } + } + ] + } + ] + } +} + +data "k8s_kyverno_io_cluster_policy_v1_manifest" "int_value" { + metadata = { + name = "some-name" + } + spec = { + rules = [ + { + name = "some-rule" + context = [ + { + name = "response" + api_call = { + method = "POST" + data = [ + { + key = "images" + value = jsonencode(123) + }, + ] + } + } + ] + } + ] + } +} + +data "k8s_kyverno_io_cluster_policy_v1_manifest" "bool_value" { + metadata = { + name = "some-name" + } + spec = { + rules = [ + { + name = "some-rule" + context = [ + { + name = "response" + api_call = { + method = "POST" + data = [ + { + key = "images" + value = jsonencode(true) + }, + ] + } + } + ] + } + ] + } +} + +data "k8s_kyverno_io_cluster_policy_v1_manifest" "array_value" { + metadata = { + name = "some-name" + } + spec = { + rules = [ + { + name = "some-rule" + context = [ + { + name = "response" + api_call = { + method = "POST" + data = [ + { + key = "images" + value = jsonencode([123, 456, 789]) + }, + ] + } + } + ] + } + ] + } +} + +data "k8s_kyverno_io_cluster_policy_v1_manifest" "map_value" { + metadata = { + name = "some-name" + } + spec = { + rules = [ + { + name = "some-rule" + context = [ + { + name = "response" + api_call = { + method = "POST" + data = [ + { + key = "images" + value = jsonencode({ "a" : "b", "c" : "d" }) + }, + ] + } + } + ] + } + ] + } +} + +data "k8s_kyverno_io_cluster_policy_v1_manifest" "mixed_value" { + metadata = { + name = "some-name" + } + spec = { + rules = [ + { + name = "some-rule" + context = [ + { + name = "response" + api_call = { + method = "POST" + data = [ + { + key = "images" + value = jsonencode({ "a" : [123, 456], "c" : { "d" : true, "e" : "f", "g" : 789 } }) + }, + ] + } + } + ] + } + ] + } } ``` @@ -131,7 +286,7 @@ Optional: Required: - `key` (String) Key is a unique identifier for the data value -- `value` (Map of String) Value is the data value +- `value` (String) Value is the data value diff --git a/examples/data-sources/k8s_kafka_strimzi_io_kafka_node_pool_v1beta2_manifest/data-source.tf b/examples/data-sources/k8s_kafka_strimzi_io_kafka_node_pool_v1beta2_manifest/data-source.tf index ccff5b6f4..67de55472 100644 --- a/examples/data-sources/k8s_kafka_strimzi_io_kafka_node_pool_v1beta2_manifest/data-source.tf +++ b/examples/data-sources/k8s_kafka_strimzi_io_kafka_node_pool_v1beta2_manifest/data-source.tf @@ -1,6 +1,6 @@ data "k8s_kafka_strimzi_io_kafka_node_pool_v1beta2_manifest" "example" { metadata = { - name = "some-name" + name = "some-name" namespace = "some-namespace" } } diff --git a/examples/data-sources/k8s_kyverno_io_cluster_policy_v1_manifest/data-source.tf b/examples/data-sources/k8s_kyverno_io_cluster_policy_v1_manifest/data-source.tf index 6032315db..e4399e1a2 100644 --- a/examples/data-sources/k8s_kyverno_io_cluster_policy_v1_manifest/data-source.tf +++ b/examples/data-sources/k8s_kyverno_io_cluster_policy_v1_manifest/data-source.tf @@ -122,7 +122,7 @@ data "k8s_kyverno_io_cluster_policy_v1_manifest" "map_value" { data = [ { key = "images" - value = jsonencode({"a": "b", "c": "d"}) + value = jsonencode({ "a" : "b", "c" : "d" }) }, ] } @@ -149,7 +149,7 @@ data "k8s_kyverno_io_cluster_policy_v1_manifest" "mixed_value" { data = [ { key = "images" - value = jsonencode({"a": [123, 456], "c": {"d": true, "e": "f", "g": 789}}) + value = jsonencode({ "a" : [123, 456], "c" : { "d" : true, "e" : "f", "g" : 789 } }) }, ] } diff --git a/examples/data-sources/k8s_kyverno_io_cluster_policy_v1_manifest/outputs.tf b/examples/data-sources/k8s_kyverno_io_cluster_policy_v1_manifest/outputs.tf index 8e5a1870e..c72bca38f 100644 --- a/examples/data-sources/k8s_kyverno_io_cluster_policy_v1_manifest/outputs.tf +++ b/examples/data-sources/k8s_kyverno_io_cluster_policy_v1_manifest/outputs.tf @@ -1,10 +1,10 @@ output "manifests" { value = { - "example" = data.k8s_kyverno_io_cluster_policy_v1_manifest.example.yaml - "int_value" = data.k8s_kyverno_io_cluster_policy_v1_manifest.int_value.yaml - "bool_value" = data.k8s_kyverno_io_cluster_policy_v1_manifest.bool_value.yaml + "example" = data.k8s_kyverno_io_cluster_policy_v1_manifest.example.yaml + "int_value" = data.k8s_kyverno_io_cluster_policy_v1_manifest.int_value.yaml + "bool_value" = data.k8s_kyverno_io_cluster_policy_v1_manifest.bool_value.yaml "array_value" = data.k8s_kyverno_io_cluster_policy_v1_manifest.array_value.yaml - "map_value" = data.k8s_kyverno_io_cluster_policy_v1_manifest.map_value.yaml + "map_value" = data.k8s_kyverno_io_cluster_policy_v1_manifest.map_value.yaml "mixed_value" = data.k8s_kyverno_io_cluster_policy_v1_manifest.mixed_value.yaml } }