Skip to content

Latest commit

 

History

History
4144 lines (2616 loc) · 162 KB

apiref.adoc

File metadata and controls

4144 lines (2616 loc) · 162 KB
Raw

API Reference

toolchain.dev.openshift.com/v1alpha1

Package v1alpha1 contains API Schema definitions for the toolchain.dev.openshift.com v1alpha1 API group

AuthConfig

Defines all parameters concerned with the autoscaler

Field Description Default Validation

idp string

Represents the configured identity provider

AutomaticApprovalConfig

Defines all parameters necessary for automatic approval

Appears In:
Field Description Default Validation

enabled boolean

Defines if the automatic approval is enabled or not

domains string

Comma-separated email domains to consider for auto-approval.
For example: "domain.com,anotherdomain.org"
If domains is not set and enabled is true, it will default to auto approving all authenticated emails.
If domains is set and enabled is true, it will allow auto approving only for authenticated emails under
the domains entered. If enabled is false domains will be ignored.

AutoscalerConfig

Defines all parameters concerned with the autoscaler

Field Description Default Validation

deploy boolean

Defines the flag that determines whether to deploy the autoscaler buffer

bufferMemory string

Represents how much memory should be required by the autoscaler buffer

bufferCPU string

Represents how much CPU should be required by the autoscaler buffer

bufferReplicas integer

Represents the number of autoscaler buffer replicas to request

BannedUser

BannedUser is used to maintain a list of banned e-mail addresses

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

BannedUser

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

BannedUserList

BannedUserList contains a list of BannedUser

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

BannedUserList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items BannedUser array

XPreserveUnknownFields: {}

BannedUserSpec

BannedUserSpec defines the desired state of BannedUser

Appears In:
Field Description Default Validation

email string

The e-mail address of the account that has been banned

reason string

Reason of the ban

Binding

Binding defines a user role in a given workspace, and available actions that can be performed on the role

Appears In:
Field Description Default Validation

masterUserRecord string

MasterUserRecord is the name of the user that has access to the workspace.
This field is immutable via a validating webhook.

role string

Role is the role of the user in the current workspace. For example "admin" for the user that has all permissions on the current workspace.

availableActions string array

AvailableActions is a list of actions that can be performed on the binding.
Available values:
- "update" when the role in the current binding can be changed
- "delete" when the current binding can be deleted
- "override" when the current binding is inherited from a parent workspace, it cannot be updated, but it can be overridden by creating a new binding containing the same MasterUserRecord but different role in the subworkspace.

bindingRequest BindingRequest

BindingRequest provides the name and namespace of the SpaceBindingRequest that generated the SpaceBinding resource.
It’s available only if the binding was generated using the SpaceBindingRequest mechanism.

BindingRequest

BindingRequest contains the name and the namespace where of the associated SpaceBindingRequest.

Appears In:
Field Description Default Validation

name string

Name of the SpaceBindingRequest that generated the SpaceBinding resource.

namespace string

Namespace of the SpaceBindingRequest that generated the SpaceBinding resource.

CaptchaConfig

CaptchaConfig defines any configuration related to captcha verification

Field Description Default Validation

enabled boolean

Enabled specifies whether the captcha verification feature is enabled or not

scoreThreshold string

ScoreThreshold defines the captcha assessment score threshold. A score equal to or above the threshold means the user is most likely human and
can proceed signing up but a score below the threshold means the score is suspicious and further verification may be required.

requiredScore string

RequiredScore defines the lowest captcha score, below this score the user cannot proceed with the signup process at all.
Users with captcha score lower than the required one can still be approved manually.

allowLowScoreReactivation boolean

AllowLowScoreReactivation specifies whether the reactivation for users with low captcha score (below the RequiredScore) is enabled without the need for manual approval.

siteKey string

SiteKey defines the recaptcha site key to use when making recaptcha requests. There can be different ones for different environments. eg. dev, stage, prod

projectID string

ProjectID defines the GCP project ID that has the recaptcha service enabled.

CheConfig

Defines all parameters concerned with Che

Field Description Default Validation

keycloakRouteName string

Defines the Che/CRW Keycloak route name

routeName string

Defines the Che/CRW route name

namespace string

Defines the Che/CRW operator namespace

required boolean

Defines a flag that indicates whether the Che/CRW operator is required to be installed on the cluster. May be used in monitoring.

userDeletionEnabled boolean

Defines a flag to turn the Che user deletion logic on/off

secret CheSecret

Defines all secrets related to Che configuration

CheSecret

Defines all secrets related to Che configuration

Appears In:
Field Description Default Validation

ref string

Reference is the name of the secret resource to look up

cheAdminUsernameKey string

The key for the Che admin username in the secret values map

cheAdminPasswordKey string

The key for the Che admin password in the secret values map

CheStatus

CheStatus contains information about the status of Che/CRW, such as installed and whether the member configuration is correct

Appears In:
Field Description Default Validation

conditions Condition array

Conditions is an array of current Che status conditions
Supported condition types: ConditionReady

Cluster

Field Description Default Validation

name string

Name is the name of the corresponding ToolchainCluster resource

Condition

Field Description Default Validation

Type of condition

Status of the condition, one of True, False, Unknown.

lastTransitionTime Time

Last time the condition transit from one status to another.

reason string

(brief) reason for the condition’s last transition.

message string

Human readable message indicating details about last transition.

lastUpdatedTime Time

Last time the condition was updated

ConditionType

Underlying type: string

Appears In:

ConsoleConfig

Defines all parameters concerned with the console

Field Description Default Validation

namespace string

Defines the console route namespace

routeName string

Defines the console route name

ConsumedCapacity

ConsumedCapacity describes the capacity of the cluster consumed by the spaces currently provisioned to it.

Field Description Default Validation

memoryUsagePercentPerNodeRole object (keys:string, values:integer)

MemoryUsagePercentPerNodeRole is the percent of the memory used per node role (eg. worker, master)

spaceCount integer

SpaceCount is the number of spaces currently deployed to the cluster

DeactivationConfig

DeactivationConfig contains all configuration parameters related to deactivation

Appears In:
Field Description Default Validation

deactivatingNotificationDays integer

DeactivatingNotificationDays is the number of days after a pre-deactivating notification is sent that actual
deactivation occurs. If this parameter is set to zero, then there will be no delay

deactivationDomainsExcluded string

DeactivationDomainsExcluded is a string of comma-separated domains that should be excluded from automatic user deactivation
For example: "@redhat.com,@ibm.com"

userSignupDeactivatedRetentionDays integer

UserSignupDeactivatedRetentionDays is used to configure how many days we should keep deactivated UserSignup
resources before deleting them. This parameter value should reflect an extended period of time sufficient for
gathering user metrics before removing the resources from the cluster.

userSignupUnverifiedRetentionDays integer

UserSignupUnverifiedRetentionDays is used to configure how many days we should keep unverified (i.e. the user
hasn’t completed the user verification process via the registration service) UserSignup resources before deleting
them. It is intended for this parameter to define an aggressive cleanup schedule for unverified user signups,
and the default configuration value for this parameter reflects this.

DevSpaces

Field Description Default Validation

segmentWriteKey string

SegmentWriteKey specifies the segment write key

FeatureToggle

FeatureToggle defines a feature toggle/flag. Each feature is supposed to have a unique name. Features are represented by kube object manifests in space and user templates. Such manifests must have an annotation which refers to the corresponding feature name. For example a manifest for a RoleBinding object in a space tier template with the following annotation: "toolchain.dev.openshift.com/feature: os-lightspeed" would refer to a feature with "os-lightspeed" name. When that template is applied for a new space then that RoleBinding object would be applied conditionally, according to its weight.

Appears In:
Field Description Default Validation

name string

A unique name of the feature

weight integer

Rollout weight of the feature. An integer between 0-100.
If not set then 100 is used by default.
0 means the corresponding feature should not be enabled at all, which means
that corresponding template objects should not be applied at all.
100 means the feature should be always enabled (the template is always applied).
The features are weighted independently of each other.
For example if there are two features:
- feature1, weight=5
- feature2, weight=90
And tiers (one or many) contain the following object manifests:
- RoleBinding with "toolchain.dev.openshift.com/feature: feature1" annotation
- ConfigMap with "toolchain.dev.openshift.com/feature: feature2" annotation
Then the RoleBinding will be created for the corresponding tiers with probability of 0.05 (around 5 out of every 100 spaces would have it)
And the ConfigMap will be created with probability of 0.9 (around 90 out of every 100 spaces would have it)

100

Maximum: 100
Minimum: 0

GitHubSecret

GitHubSecret defines all secrets related to GitHub authentication/integration

Field Description Default Validation

ref string

Reference is the name of the secret resource to look up

accessTokenKey string

The key for the GitHub Access token in the secret values map

HostConfig

HostConfig contains all configuration parameters of the host operator

Appears In:
Field Description Default Validation

environment string

Environment specifies the host-operator environment such as prod, stage, unit-tests, e2e-tests, dev, etc

automaticApproval AutomaticApprovalConfig

Keeps parameters necessary for automatic approval

deactivation DeactivationConfig

Keeps parameters concerned with user deactivation

metrics MetricsConfig

Keeps parameters concerned with metrics

notifications NotificationsConfig

Keeps parameters concerned with notifications

registrationService RegistrationServiceConfig

Keeps parameters necessary for the registration service

tiers TiersConfig

Keeps parameters concerned with tiers

toolchainStatus ToolchainStatusConfig

Keeps parameters concerned with the toolchainstatus

users UsersConfig

Keeps parameters concerned with user management

spaceConfig SpaceConfig

Keeps parameters necessary for configuring Space provisioning functionality

publicViewerConfig PublicViewerConfiguration

Contains the PublicViewer configuration.
IMPORTANT: To provide a consistent User-Experience, each user
the space has been directly shared with should have at least
the same permissions the kubesaw-authenticated user has.

HostOperatorStatus

HostOperatorStatus defines the observed state of a toolchain’s host operator

Appears In:
Field Description Default Validation

version string

The version of the operator

revision string

The commit id from the host-operator repository used to build the operator

buildTimestamp string

The timestamp of the host operator build

deploymentName string

The status of the host operator’s deployment

conditions Condition array

Conditions is an array of current host operator status conditions
Supported condition types: ConditionReady

revisionCheck RevisionCheck

The status of the revision check for host operator’s deployment

HostRegistrationServiceStatus

HostRegistrationServiceStatus defines the observed state of a toolchain’s registration service

Appears In:
Field Description Default Validation

Deployment is the status of the registration service’s deployment

registrationServiceResources RegistrationServiceResourcesStatus

RegistrationServiceResources is the status for resources created for the registration service

Health provides health status of the registration service

revisionCheck RevisionCheck

The status of the revision check for registration service

HostRoutes

HostRoutes contains information about the public routes available to the user in the host cluster

Appears In:
Field Description Default Validation

proxyURL string

ProxyURL is the Proxy URL of the cluster

conditions Condition array

Conditions is an array of current member operator status conditions
Supported condition types: ConditionReady

HostStatus

HostStatus defines the status of the connection with the host cluster

Appears In:
Field Description Default Validation

conditions Condition array

Conditions is an array of current member operator status conditions
Supported condition types: ConditionReady

IdentityClaimsEmbedded

IdentityClaimsEmbedded is used to define a set of SSO claim values that we are interested in storing

Appears In:
Field Description Default Validation

sub string

Sub contains the value of the 'sub' claim

userID string

UserID contains the value of the 'user_id' claim

accountID string

AccountID contains the value of the 'account_id' claim

originalSub string

OriginalSub is an optional property temporarily introduced for the purpose of migrating the users to
a new IdP provider client, and contains the user’s "original-sub" claim

email string

Email contains the user’s email address

preferredUsername string

PreferredUsername contains the user’s username

givenName string

GivenName contains the value of the 'given_name' claim

familyName string

FamilyName contains the value of the 'family_name' claim

company string

Company contains the value of the 'company' claim

Idler

Idler enables automatic idling of payloads in a user namespaces where the name of the Idler matches the name of the corresponding namespace. For example an Idler with "foo" name will be managing pods in namespace "foo".

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

Idler

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

spec IdlerSpec

status IdlerStatus

IdlerList

IdlerList contains a list of Idlers

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

IdlerList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items Idler array

XPreserveUnknownFields: {}

IdlerSpec

IdlerSpec defines the desired state of Idler

Appears In:
Field Description Default Validation

timeoutSeconds integer

TimeoutSeconds is the number of seconds before the running pods will be deleted

IdlerStatus

IdlerStatus defines the observed state of Idler

Appears In:
Field Description Default Validation

pods Pod array

Pods is an array of tracked pods

conditions Condition array

Conditions is an array of current Idler conditions
Supported condition types: ConditionReady

LocalSecretReference

LocalSecretReference is a reference to a secret within the enclosing namespace.

Appears In:
Field Description Default Validation

name string

Name of a secret within the enclosing
namespace

MasterUserRecord

MasterUserRecord keeps all information about user, user accounts and namespaces provisioned in CodeReady Toolchain

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

MasterUserRecord

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

MasterUserRecordList

MasterUserRecordList contains a list of MasterUserRecord

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

MasterUserRecordList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items MasterUserRecord array

XPreserveUnknownFields: {}

MasterUserRecordSpec

MasterUserRecordSpec defines the desired state of MasterUserRecord

Appears In:
Field Description Default Validation

disabled boolean

If set to true then the corresponding user should not be able to login (but the underlying UserAccounts still exists)
"false" is assumed by default

userAccounts UserAccountEmbedded array

The list of user accounts in the member clusters which belong to this MasterUserRecord

tierName string

TierName is an optional property introduced to retain the name of the tier
for which the Dev Sandbox user is provisioned, so we can still deal with deactivation
once the NSTemplateSet field has been removed from []spec.UserAccounts
temporarily marked as optional until the migration took place (CRT-1321)

propagatedClaims PropagatedClaims

PropagatedClaims contains a selection of claim values from the SSO Identity Provider which are intended to
be "propagated" down the resource dependency chain

MasterUserRecordStatus

MasterUserRecordStatus defines the observed state of MasterUserRecord

Appears In:
Field Description Default Validation

conditions Condition array

Conditions is an array of current Master User Record conditions
Supported condition types:
Provisioning, UserAccountNotReady and Ready

userAccounts UserAccountStatusEmbedded array

The status of user accounts in the member clusters which belong to this MasterUserRecord

provisionedTime Time

The timestamp when the user was provisioned

Member

Member contains the status of a member cluster

Appears In:
Field Description Default Validation

apiEndpoint string

APIEndpoint is the server API URL of the cluster

clusterName string

The cluster identifier

spaceCount integer

Number of Spaces created within the member cluster

memberStatus MemberStatusStatus

The array of member status objects

MemberOperatorConfig

MemberOperatorConfig keeps all configuration parameters needed in member operator

Validation:

  • XPreserveUnknownFields: {}

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

MemberOperatorConfig

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

MemberOperatorConfigList

MemberOperatorConfigList contains a list of MemberOperatorConfig

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

MemberOperatorConfigList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items MemberOperatorConfig array

XPreserveUnknownFields: {}

MemberOperatorConfigSpec

MemberOperatorConfigSpec contains all configuration parameters of the member operator

Field Description Default Validation

auth AuthConfig

Keeps parameters concerned with authentication

autoscaler AutoscalerConfig

Keeps parameters concerned with the autoscaler

che CheConfig

Keeps parameters concerned with Che/CRW

console ConsoleConfig

Keeps parameters concerned with the console

environment string

Environment specifies the member-operator environment such as prod, stage, unit-tests, e2e-tests, dev, etc

skipUserCreation boolean

Defines the flag that determines whether User and Identity resources should be created for a UserAccount

memberStatus MemberStatusConfig

Keeps parameters concerned with member status

toolchainCluster ToolchainClusterConfig

Keeps parameters concerned with the toolchaincluster

webhook WebhookConfig

Keeps parameters concerned with the webhook

MemberOperatorConfigStatus

MemberOperatorConfigStatus defines the observed state of MemberOperatorConfig

Appears In:

MemberOperatorStatus

MemberOperatorStatus defines the observed state of a toolchain’s member operator

Appears In:
Field Description Default Validation

version string

The version of the operator

revision string

The commit id from the member-operator repository used to build the operator

buildTimestamp string

The timestamp of the member operator build

deploymentName string

The status of the member operator’s deployment

conditions Condition array

Conditions is an array of current member operator status conditions
Supported condition types: ConditionReady

revisionCheck RevisionCheck

The status of the revision check for member operator’s deployment

MemberStatus

MemberStatus is used to track toolchain member status

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

MemberStatus

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

MemberStatusConfig

Defines all parameters concerned with member status

Field Description Default Validation

refreshPeriod string

Defines the period between refreshes of the member status

gitHubSecret GitHubSecret

Defines all secrets related to GitHub authentication/integration

MemberStatusList

MemberStatusList contains a list of MemberStatus

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

MemberStatusList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items MemberStatus array

XPreserveUnknownFields: {}

MemberStatusSpec

MemberStatusSpec defines the desired state of MemberStatus

Appears In:

MemberStatusStatus

MemberStatusStatus defines the observed state of the toolchain member status

Appears In:
Field Description Default Validation

che CheStatus

Che is the status of Che/CRW, such as installed and whether the member configuration is correct

memberOperator MemberOperatorStatus

MemberOperator is the status of a toolchain member operator

hostConnection ToolchainClusterStatus

HostConnection is the status of the connection with the host cluster

host HostStatus

Host is the status of the connection with the host cluster

conditions Condition array

Conditions is an array of current toolchain status conditions
Supported condition types: ConditionReady

resourceUsage ResourceUsage

Resource usage of the cluster

routes Routes

Routes/URLs of the cluster, such as Console and Che Dashboard URLs

Members

Members contains all configuration for member operators

Appears In:
Field Description Default Validation

Defines default configuration to be applied to all member clusters

specificPerMemberCluster object (keys:string, values:MemberOperatorConfigSpec)

A map of cluster-specific member operator configurations indexed by member toolchaincluster name

Metric

Underlying type: object

Appears In:

MetricsConfig

MetricsConfig contains all configuration parameters related to metrics gathering

Appears In:
Field Description Default Validation

forceSynchronization boolean

ForceSynchronization is a flag used to trigger synchronization of the metrics
based on the resources rather than on the content of ToolchainStatus.status.metrics

NSTemplateSet

NSTemplateSet defines user environment via templates that are used for namespace provisioning

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

NSTemplateSet

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

NSTemplateSetClusterResources

NSTemplateSetClusterResources defines the cluster-scoped resources associated with a given user

Field Description Default Validation

templateRef string

TemplateRef The name of the TierTemplate resource which exists in the host cluster and which contains the template to use

NSTemplateSetList

NSTemplateSetList contains a list of NSTemplateSet

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

NSTemplateSetList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items NSTemplateSet array

XPreserveUnknownFields: {}

NSTemplateSetNamespace

NSTemplateSetNamespace the namespace definition in an NSTemplateSet resource

Field Description Default Validation

templateRef string

TemplateRef The name of the TierTemplate resource which exists in the host cluster and which contains the template to use

NSTemplateSetSpaceRole

NSTemplateSetSpaceRole the role template and the users to whom the templates should be applied to

Field Description Default Validation

templateRef string

TemplateRef The name of the TierTemplate resource which exists in the host cluster and which contains the template to use

usernames string array

Usernames the usernames to which the template applies

NSTemplateSetSpec

NSTemplateSetSpec defines the desired state of NSTemplateSet

Appears In:
Field Description Default Validation

tierName string

The name of the tier represented by this template set

namespaces NSTemplateSetNamespace array

The namespace templates

the cluster resources template (for cluster-wide quotas, etc.)

spaceRoles NSTemplateSetSpaceRole array

the role template and the users to whom the templates should be applied to

NSTemplateSetStatus

NSTemplateSetStatus defines the observed state of NSTemplateSet

Appears In:
Field Description Default Validation

namespaces NSTemplateSetNamespace array

The namespace templates that were used last time to provision NSTemplateSet CR

The cluster resources template (for cluster-wide quotas, etc.) that was used last time to provision the NSTemplateSet CR

spaceRoles NSTemplateSetSpaceRole array

The SpaceRole template and the users to whom the template was applied for when the NSTemplateSet CR was provisioned for the last time

featureToggles string array

FeatureToggles holds the list of feature toggles/flags that were enabled when the NSTemplateSet CR was provisioned for the last time

provisionedNamespaces SpaceNamespace array

ProvisionedNamespaces is a list of Namespaces that were provisioned by the NSTemplateSet.

conditions Condition array

Conditions is an array of current NSTemplateSet conditions
Supported condition types: ConditionReady

NSTemplateTier

NSTemplateTier configures user environment via templates used for namespaces the user has access to

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

NSTemplateTier

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

NSTemplateTierClusterResources

NSTemplateTierClusterResources defines the cluster-scoped resources associated with a given user

Appears In:
Field Description Default Validation

templateRef string

TemplateRef The name of the TierTemplate resource which exists in the host cluster and which contains the template to use

NSTemplateTierHistory

NSTemplateTierHistory a track record of an update

Appears In:
Field Description Default Validation

startTime Time

StartTime is the time when the NSTemplateTier was updated

hash string

Hash the hash matching on the templateRefs in the resource spec

completionTime Time

CompletionTime is the time when the last MasterUserRecord was updated

failures integer

Failures is the number of MasterUserRecords which failed to be updated

failedAccounts string array

FailedAccounts

NSTemplateTierList

NSTemplateTierList contains a list of NSTemplateTier

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

NSTemplateTierList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items NSTemplateTier array

XPreserveUnknownFields: {}

NSTemplateTierNamespace

NSTemplateTierNamespace the namespace definition in an NSTemplateTier resource

Appears In:
Field Description Default Validation

templateRef string

TemplateRef The name of the TierTemplate resource which exists in the host cluster and which contains the template to use

NSTemplateTierSpaceRole

NSTemplateTierSpaceRole the space roles definition in an NSTemplateTier resource

Appears In:
Field Description Default Validation

templateRef string

TemplateRef The name of the TierTemplate resource which exists in the host cluster and which contains the template to use

NSTemplateTierSpec

NSTemplateTierSpec defines the desired state of NSTemplateTier

Appears In:
Field Description Default Validation

namespaces NSTemplateTierNamespace array

The namespace templates

the cluster resources template (for cluster-wide quotas, etc.)

spaceRoles object (keys:string, values:NSTemplateTierSpaceRole)

the templates to set the spaces roles, indexed by role

spaceRequestConfig SpaceRequestConfig

SpaceRequestConfig stores all the configuration related to the Space Request feature

parameters Parameter array

Parameters is an optional array of Parameters to be used to replace "global" variables defined in the TierTemplate CRs of the NSTemplateTier.

NSTemplateTierStatus

NSTemplateTierStatus defines the observed state of NSTemplateTier

Appears In:
Field Description Default Validation

conditions Condition array

Conditions is an array of current NSTemplateTier conditions
Supported condition types: ConditionReady

updates NSTemplateTierHistory array

Updates is an array of all NSTemplateTier updates

revisions object (keys:string, values:string)

Revisions is a map of TierTemplate CR names (as the keys) and TierTemplateRevision CR names (as the values)
The map represents the current content of the TierTemplate CRs combined with the parameters defined in the tier.
Each of the referenced TierTemplateRevision CRs represents the content of the associated TierTemplate CR processed with the parameters.
If the content of the already referenced TierTemplateRevision CR doesn’t match the expected outcome of the processed TierTemplate CR,
then a new TierTemplateRevision CR is created and the name here is updated.

NamespaceAccess

NamespaceAccess defines the name of the namespace and the secret reference to access it

Appears In:
Field Description Default Validation

name string

Name is the corresponding name of the provisioned namespace

secretRef string

SecretRef is the name of the secret with a SA token that has admin-like
(or whatever we set in the tier template) permissions in the namespace

Notification

Notification registers a notification in the CodeReady Toolchain

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

Notification

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

NotificationList

NotificationList contains a list of Notification

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

NotificationList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items Notification array

XPreserveUnknownFields: {}

NotificationSecret

Defines all secrets related to notification configuration

Appears In:
Field Description Default Validation

ref string

Reference is the name of the secret resource to look up

mailgunDomain string

The key for the host operator mailgun domain used for creating an instance of mailgun

mailgunAPIKey string

The key for the host operator mailgun api key used for creating an instance of mailgun

mailgunSenderEmail string

The key for the host operator mailgun senders email

mailgunReplyToEmail string

The key for the reply-to email address that will be set in sent notifications

NotificationSpec

NotificationSpec defines the desired state of Notification

Appears In:
Field Description Default Validation

userID string

UserID is the user ID from RHD Identity Provider token (“sub” claim). The UserID is used by
the notification service (i.e. the NotificationController) to lookup the UserSignup resource for the user,
and extract from it the values required to generate the notification content and to deliver the notification
Deprecated: replaced by Context

recipient string

Recipient is used to specify the email address where the notification will be delivered. It must comply with
section 3.4.1 of RFC2822, and should be formatted to include the user’s first and last names,
e.g. "John Smith <[email protected]>"

context object (keys:string, values:string)

Context is used to set a number of arbitrary values to be passed to the notification content text formatter,
for inclusion in the body of the notification.

template string

Template is the name of the NotificationTemplate resource that will be used to generate the notification

subject string

Subject is used when no template value is specified, in cases where the complete notification subject is
specified at notification creation time

content string

Content is used when no template value is specified, in cases where the complete notification content is
specified at notification creation time

NotificationStatus

NotificationStatus defines the observed state of Notification

Appears In:
Field Description Default Validation

conditions Condition array

Conditions is an array of current Notification conditions
Supported condition types:
Sent

NotificationsConfig

NotificationsConfig contains all configuration parameters related to notifications

Appears In:
Field Description Default Validation

notificationDeliveryService string

NotificationDeliveryService is notification delivery service to use for notifications

durationBeforeNotificationDeletion string

DurationBeforeNotificationDeletion is notification delivery service to use for notifications

adminEmail string

The administrator email address for system notifications

templateSetName string

TemplateSetName defines the set of notification templates. Different Sandbox instances can use different notification templates. For example Dev Sandbox and AppStudio instances use different templates. By default, the "sandbox" template set name is used.

Defines all secrets related to notification configuration

OpenShiftRouteTarget

OpenShiftRouteTarget captures the look up information for retrieving an OpenShift Route object in the member cluster.

Appears In:
Field Description Default Validation

namespace string

name string

Parameter

Parameter defines a name/value variable that is to be processed during TierTemplate creation.

Field Description Default Validation

name string

Name must be set and it can be referenced in the TierTemplate
content using {{.NAME}}

value string

Value holds the Parameter data.
The value replaces all occurrences of the Parameter {{.NAME}}.

Pod

Appears In:
Field Description Default Validation

name string

startTime Time

PropagatedClaims

Field Description Default Validation

sub string

Sub contains the value of the 'sub' claim

userID string

UserID contains the value of the 'user_id' claim

accountID string

AccountID contains the value of the 'account_id' claim

originalSub string

OriginalSub is an optional property temporarily introduced for the purpose of migrating the users to
a new IdP provider client, and contains the user’s "original-sub" claim

email string

Email contains the user’s email address

ProxyPlugin

ProxyPlugin represents the configuration to handle GET’s to k8s services in member clusters that first route through the registration service running in the sandbox host cluster. Two forms of URL are supported: https://<proxy-host>/plugins/<ProxyPlugin.ObjectMeta.Name>/v1alpha2/<namespace-name>/ https://<proxy-host>/plugins/<ProxyPlugin.ObjectMeta.Name>/workspaces/<workspace-name>/v1alpha2/<namespace-name>;

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

ProxyPlugin

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

ProxyPluginList

ProxyPluginList contains a list of ProxyPlugin

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

ProxyPluginList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items ProxyPlugin array

XPreserveUnknownFields: {}

ProxyPluginSpec

ProxyPluginSpec defines the desired state of ProxyPlugin

Appears In:
Field Description Default Validation

openShiftRouteTargetEndpoint OpenShiftRouteTarget

OpenShiftRouteTargetEndpoint is an optional field that represents the look up information for an OpenShift Route
as the endpoint for the registration service to proxy requests to that have the https://<proxy-host>/plugins/<ProxyPlugin.ObjectMeta.Name>;
in its incoming URL. As we add more types besides OpenShift Routes, we will add more optional fields to this spec
object

ProxyPluginStatus

ProxyPluginStatus defines the observed state of ProxyPlugin

Appears In:
Field Description Default Validation

conditions Condition array

Conditions is an array of current Proxy Plugin conditions
Supported condition types: ConditionReady

PublicViewerConfiguration

Configuration to enable the PublicViewer support

Appears In:
Field Description Default Validation

enabled boolean

Defines whether the PublicViewer support should be enabled or not

false

RegistrationServiceAnalyticsConfig

RegistrationServiceAnalyticsConfig contains the subset of registration service configuration parameters related to analytics

Field Description Default Validation

devSpaces DevSpaces

DevSpaces contains the analytics configuration parameters for devspaces

segmentWriteKey string

SegmentWriteKey specifies the segment write key for sandbox

RegistrationServiceAuthConfig

RegistrationServiceAuthConfig contains the subset of registration service configuration parameters related to authentication

Field Description Default Validation

authClientLibraryURL string

AuthClientLibraryURL specifies the auth library location

authClientConfigContentType string

AuthClientConfigContentType specifies the auth config content type

authClientConfigRaw string

AuthClientConfigRaw specifies the URL used to access the registration service

authClientPublicKeysURL string

AuthClientPublicKeysURL specifies the public keys URL

ssoBaseURL string

SSOBaseURL specifies the SSO base URL such as https://sso.redhat.com

ssoRealm string

SSORealm specifies the SSO realm name

RegistrationServiceConfig

RegistrationServiceConfig contains all configuration parameters related to the registration service

Appears In:
Field Description Default Validation

Keeps parameters necessary for the registration service analytics config

Keeps parameters necessary for the registration service authentication config

environment string

Environment specifies the environment such as prod, stage, unit-tests, e2e-tests, dev, etc

logLevel string

LogLevel specifies the logging level

namespace string

Namespace specifies the namespace in which the registration service and host operator is running
Consumed by host operator and set as env var on registration-service deployment

registrationServiceURL string

RegistrationServiceURL is the URL used to a ccess the registration service

replicas integer

Replicas specifies the number of replicas to use for the registration service deployment

Keeps parameters necessary for the registration service verification config

RegistrationServiceDeploymentStatus

RegistrationServiceDeploymentStatus contains status of the registration service’s deployment

Field Description Default Validation

name string

The host operator deployment name

conditions Condition array

Conditions is an array of current deployment status conditions for a host operator
Supported condition types: Available, Progressing

RegistrationServiceHealth

RegistrationServiceHealth contains health status of the registration service

Field Description Default Validation

alive string

buildTime string

environment string

revision string

startTime string

conditions Condition array

Conditions is an array of status conditions for the health of the registration service
Supported condition types: ConditionReady

RegistrationServiceResourcesStatus

RegistrationServiceResourcesStatus contains conditions for creation/deployment of registration service resources

Field Description Default Validation

conditions Condition array

Conditions is an array of current registration service resource status conditions
Supported condition types: Deployed, Deploying, DeployingFailed

RegistrationServiceVerificationConfig

RegistrationServiceVerificationConfig contains the subset of registration service configuration parameters related to verification

Field Description Default Validation

Defines all secrets related to the registration service verification configuration

enabled boolean

VerificationEnabled specifies whether verification is enabled or not
Verification enablement works in the following way:
1. verification.enabled == false
No verification during the signup process at all. (no phone, no captcha)
2. verification.enabled == true && verification.captcha.enabled == true
Captcha is enabled and will bypass phone verification if the score is above the threshold but if the score is
below the threshold then phone verification kicks in.
3. verification.enabled == true && verification.captcha.enabled == false
Only phone verification is effect.

captcha CaptchaConfig

Captcha defines any configuration related to captcha verification

dailyLimit integer

VerificationDailyLimit specifies the number of times a user may initiate a phone verification request within a
24 hour period

attemptsAllowed integer

VerificationAttemptsAllowed specifies the number of times a user may attempt to correctly enter a verification code,
if they fail then they must request another code

messageTemplate string

VerificationMessageTemplate specifies the message template used to generate the content sent to users via SMS for
phone verification

excludedEmailDomains string

VerificationExcludedEmailDomains specifies the list of email address domains for which phone verification
is not required

codeExpiresInMin integer

VerificationCodeExpiresInMin specifies an int representing the number of minutes before a verification code should
be expired

notificationSender string

NotificationSender is used to specify which service should be used to send verification notifications. Allowed
values are "twilio", "aws". If not specified, the Twilio sender will be used.

awsRegion string

AWSRegion to use when sending notification SMS

awsSenderID string

AWSSenderID the Alphanumeric Sender ID to use, e.g. "DevSandbox"

awsSMSType string

AWSSMSType is the type of SMS message to send, either Promotional or Transactional
See https://docs.aws.amazon.com/sns/latest/dg/sms_publish-to-phone.html for details

twilioSenderConfigs TwilioSenderConfig array

TwilioSenderConfigs is an array of TwilioSenderConfig objects

RegistrationServiceVerificationSecret

Defines all secrets related to registration service verification configuration

Field Description Default Validation

ref string

Reference is the name of the secret resource to look up

twilioAccountSID string

TwilioAccountSID specifies the Twilio account identifier, used for sending phone verification messages

twilioAuthToken string

TwilioAuthToken specifies the Twilio authentication token, used for sending phone verification messages

twilioFromNumber string

TwilioFromNumber specifies the phone number or alphanumeric "Sender ID" for sending phone verification messages

awsAccessKeyID string

AWSAccessKeyId is the AWS Access Key used to authenticate in order to access AWS services

awsSecretAccessKey string

AWSSecretAccessKey is the AWS credential used to authenticate in order to access AWS services

recaptchaServiceAccountFile string

RecaptchaServiceAccountFile is the GCP service account file contents encoded in base64, it is
to be used with the recaptcha client for authentication

ResourceUsage

Contains information about the resource usage of the cluster

Appears In:
Field Description Default Validation

memoryUsagePerNodeRole object (keys:string, values:integer)

How many percent of the available memory is used per node role (eg. worker, master)

RevisionCheck

RevisionCheck contains status of revision check for the component, it highlights if the component is up-to-date and the deployed version matches the latest one in the GitHub repository.

Field Description Default Validation

conditions Condition array

Conditions is an array of status conditions for the health of the registration service
Supported condition types: ConditionReady

Routes

Routes contains information about the public routes available to the user in the cluster

Appears In:
Field Description Default Validation

consoleURL string

ConsoleURL is the web console URL of the cluster

cheDashboardURL string

CheDashboardURL is the Che Dashboard URL of the cluster if Che is installed

conditions Condition array

Conditions is an array of current member operator status conditions
Supported condition types: ConditionReady

SocialEvent

SocialEvent registers a social event in Dev Sandbox

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

SocialEvent

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

SocialEventList

SocialEventList contains a list of SocialEvent

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

SocialEventList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items SocialEvent array

XPreserveUnknownFields: {}

SocialEventSpec

SocialEventSpec defines the parameters for a Social event, such as a training session or workshop. Users may register for the event by using the event’s unique activation code

Appears In:
Field Description Default Validation

startTime Time

The timestamp from which users may register via this event’s activation code

endTime Time

The timestamp after which users may no longer register via this event’s activation code

description string

An optional description that may be provided describing the purpose of the event

maxAttendees integer

The maximum number of attendees

userTier string

The tier to assign to users registering for the event.
This must be the valid name of an nstemplatetier resource.

spaceTier string

The tier to assign to spaces created for users who registered for the event.
This must be the valid name of an nstemplatetier resource.

targetCluster string

The cluster in which the user/space should be provisioned in
If not set then the target cluster will be picked automatically

verificationRequired boolean

If true, the user will also be required to complete standard phone verification

SocialEventStatus

SocialEventStatus defines the observed state of SocialEvent

Appears In:
Field Description Default Validation

conditions Condition array

Conditions is an array of current SocialEventStatus conditions
Supported condition types:
Ready

activationCount integer

Space

Space is the Schema for the spaces API

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

Space

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

spec SpaceSpec

status SpaceStatus

SpaceBinding

SpaceBinding is the Schema for the spacebindings API which defines relationship between Spaces and MasterUserRecords

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

SpaceBinding

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

SpaceBindingList

SpaceBindingList contains a list of SpaceBinding

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

SpaceBindingList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items SpaceBinding array

XPreserveUnknownFields: {}

SpaceBindingRequest

SpaceBindingRequest is the Schema for the SpaceBindingRequest API

Validation:

  • XPreserveUnknownFields: {}

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

SpaceBindingRequest

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

SpaceBindingRequestList

SpaceBindingRequestList contains a list of SpaceBindingRequests

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

SpaceBindingRequestList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items SpaceBindingRequest array

XPreserveUnknownFields: {}

SpaceBindingRequestSpec

SpaceBindingRequestSpec defines the desired state of SpaceBindingRequest

Appears In:
Field Description Default Validation

masterUserRecord string

MasterUserRecord is a required property introduced to retain the name of the MUR
for which this SpaceBinding is provisioned.

spaceRole string

SpaceRole is a required property which defines the role that will be granted to the MUR in the current Space by the SpaceBinding resource.

SpaceBindingRequestStatus

SpaceBindingRequestStatus defines the observed state of SpaceBinding

Appears In:
Field Description Default Validation

conditions Condition array

Conditions is an array of SpaceBindingRequest conditions
Supported condition types:
Provisioning, SpaceBindingNotReady and Ready

SpaceBindingSpec

SpaceBindingSpec defines the desired state of SpaceBinding

Appears In:
Field Description Default Validation

masterUserRecord string

The MasterUserRecord is a name of the MasterUserRecord this SpaceBinding belongs to.

space string

The Space is a name of the Space this SpaceBinding is bound to.

spaceRole string

The SpaceRole is a name of the SpaceRole that is granted to the user for the Space. For example: admin, view, …​

SpaceBindingStatus

SpaceBindingStatus defines the observed state of SpaceBinding

Appears In:

SpaceConfig

SpaceConfig allows to configure Space provisioning related functionality.

Appears In:
Field Description Default Validation

spaceRequestEnabled boolean

SpaceRequestEnabled specifies whether the SpaceRequest controller should start or not.
This is specifically useful in order to enable/disable this functionality from configuration (e.g. disabled by default in Sandbox and enabled only for AppStudio stage/prod …​).

spaceBindingRequestEnabled boolean

SpaceBindingRequestEnabled specifies whether the SpaceBindingRequest controller should start or not.
This is specifically useful in order to enable/disable this functionality from configuration (e.g. disabled by default in Sandbox and enabled only for AppStudio stage/prod …​).

SpaceList

SpaceList contains a list of Space

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

SpaceList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items Space array

XPreserveUnknownFields: {}

SpaceNamespace

SpaceNamespace is a common type to define the information about a namespace within a Space Used in NSTemplateSet, Space and Workspace status

Field Description Default Validation

name string

Name the name of the namespace.

type string

Type the type of the namespace. eg. default

SpaceProvisionerCapacityThresholds

SpaceProvisionerCapacityThresholds defines the capacity thresholds of the space provisioner

Field Description Default Validation

maxNumberOfSpaces integer

MaxNumberOfSpaces is the maximum number of spaces that can be provisioned to the referenced cluster.

0 or undefined value means no limit.

Minimum: 0

maxMemoryUtilizationPercent integer

MaxMemoryUtilizationPercent is the maximum memory utilization of the cluster to permit provisioning
new spaces to it.

0 or undefined value means no limit.

Maximum: 100
Minimum: 0

SpaceProvisionerConfig

SpaceProvisionerConfig is the configuration of space provisioning in the member clusters.

Validation:

  • XPreserveUnknownFields: {}

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

SpaceProvisionerConfig

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

SpaceProvisionerConfigList

SpaceProvisionerConfigList contains a list of SpaceProvisionerConfig

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

SpaceProvisionerConfigList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

XPreserveUnknownFields: {}

SpaceProvisionerConfigSpec

Field Description Default Validation

placementRoles string array

PlacementRoles is the list of roles, or flavors, that the provisioner possesses that influence
the space scheduling decisions.

toolchainCluster string

ToolchainCluster is the name of the ToolchainCluster CR of the member cluster that this config is for.

enabled boolean

Enabled specifies whether the member cluster is enabled (and therefore can hold spaces) or not.

false

CapacityThresholds specifies the max capacities allowed in this provisioner

SpaceProvisionerConfigStatus

Field Description Default Validation

consumedCapacity ConsumedCapacity

ConsumedCapacity reflects the runtime state of the cluster and the capacity it currently consumes.
Nil if the consumed capacity is not known

conditions Condition array

Conditions describes the state of the configuration (its validity).
The only known condition type is "Ready". The SpaceProvisionerConfig is ready when the following is true:
* the referenced ToolchainCluster object exists and is itself ready
* the consumed capacity doesn’t breach the thresholds defined in the spec

SpaceRequest

SpaceRequest is the Schema for the space request API

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

SpaceRequest

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

SpaceRequestConfig

SpaceRequestConfig contains all the configuration related to the Space Request feature

Appears In:
Field Description Default Validation

serviceAccountName string

Provides the name of the Service Account whose token is to be copied

SpaceRequestList

SpaceRequestList contains a list of SpaceRequests

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

SpaceRequestList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items SpaceRequest array

XPreserveUnknownFields: {}

SpaceRequestSpec

SpaceRequestSpec defines the desired state of Space

Appears In:
Field Description Default Validation

tierName string

TierName is a required property introduced to retain the name of the tier
for which this Space is provisioned.

targetClusterRoles string array

TargetClusterRoles one or more label keys that define a set of clusters
where the Space can be provisioned.
The target cluster has to match ALL the roles defined in this field in order for the space to be provisioned there.

disableInheritance boolean

DisableInheritance indicates whether or not SpaceBindings from the parent-spaces are
automatically inherited to all sub-spaces in the tree.

Set to True to disable SpaceBinding inheritance from the parent-spaces.
Default is False.

SpaceRequestStatus

SpaceRequestStatus defines the observed state of Space

Appears In:
Field Description Default Validation

targetClusterURL string

TargetClusterURL The API URL of the cluster where Space is currently provisioned
Can be empty if provisioning did not start or failed
The URL is just for informative purposes for developers and controllers that are placed in member clusters.

namespaceAccess NamespaceAccess array

NamespaceAccess is the list with the provisioned namespace and secret to access it

conditions Condition array

Conditions is an array of SpaceRequest conditions
Supported condition types:
Provisioning, SpaceNotReady and Ready

SpaceSpec

SpaceSpec defines the desired state of Space

Appears In:
Field Description Default Validation

targetCluster string

TargetCluster The cluster in which this Space is going to be provisioned
If not set then the target cluster will be picked automatically

targetClusterRoles string array

TargetClusterRoles one or more label keys that define a set of clusters
where the Space can be provisioned.
The target cluster has to match ALL the roles defined in this field in order for the space to be provisioned there.
It can be used as an alternative to targetCluster field, which has precedence in case both roles and name are provided.

tierName string

TierName is introduced to retain the name of the tier
for which this Space is provisioned
If not set then the tier name will be set automatically

parentSpace string

ParentSpace holds the name of the context (Space) from which this space was created (requested),
enabling hierarchy relationships between different Spaces.

Keeping this association brings two main benefits:
1. SpaceBindings are inherited from the parent Space
2. Ability to easily monitor quota for the requested sub-spaces

disableInheritance boolean

DisableInheritance indicates whether or not SpaceBindings from the parent-spaces are
automatically inherited to all sub-spaces in the tree.

Set to True to disable SpaceBinding inheritance from the parent-spaces.
Default is False.

SpaceStatus

SpaceStatus defines the observed state of Space

Appears In:
Field Description Default Validation

targetCluster string

TargetCluster The cluster in which this Space is currently provisioned
Can be empty if provisioning did not start or failed
To be used to de-provision the NSTemplateSet if the Spec.TargetCluster is either changed or removed

provisionedNamespaces SpaceNamespace array

ProvisionedNamespaces is a list of Namespaces that were provisioned for the Space.

conditions Condition array

Conditions is an array of current Space conditions
Supported condition types: ConditionReady

TierTemplate

TierTemplate is the Schema for the tiertemplates API

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

TierTemplate

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

TierTemplateList

TierTemplateList contains a list of TierTemplate

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

TierTemplateList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items TierTemplate array

XPreserveUnknownFields: {}

TierTemplateRevision

TierTemplateRevision is the Schema for the tiertemplaterevisions API

Validation:

  • XPreserveUnknownFields: {}

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

TierTemplateRevision

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

TierTemplateRevisionList

TierTemplateRevisionList contains a list of TierTemplateRevisions

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

TierTemplateRevisionList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items TierTemplateRevision array

XPreserveUnknownFields: {}

TierTemplateRevisionSpec

TierTemplateRevisionSpec defines the desired state of TierTemplateRevision

Appears In:
Field Description Default Validation

templateObjects RawExtension array

TemplateObjects contains list of Unstructured Objects that can be parsed at runtime and will be applied as part of the tier provisioning.
The template parameters values will be defined in the NSTemplateTier CRD.

parameters Parameter array

Parameters is an optional array of Parameters which will be used to replace the variables present in the TemplateObjects list when provisioning a Space.

TierTemplateSpec

TierTemplateSpec defines the desired state of TierTemplate

Appears In:
Field Description Default Validation

tierName string

The tier of the template. For example: "basic", "advanced", or "team"

type string

The type of the template. For example: "code", "dev", "stage" or "cluster"

revision string

The revision of the corresponding template

template Template

Template contains an OpenShift Template to be used to provision either a user’s namespace or cluster-wide resources
Note: this field will be removed in favor of the new TemplateObjects below.

templateObjects RawExtension array

TemplateObjects contains list of Unstructured Objects that can be parsed at runtime and will be applied as part of the tier provisioning.

Note
 when specifying variables as part of the objects list , those concatenated as part of other strings do not need to be wrapped inside quotes,
while those that are not part of other strings do need to be wrapped in single quotes. This is required otherwise the yaml parser will error while trying to parse those resources containing variables.
eg: https://docs.google.com/document/d/1x5SoBT80df9fmVsaDgAE6DE7hE6lzmNIK087JUmgaJs/edit#heading=h.2iuytpfnmul5

The template parameters values will be defined in the NSTemplateTier CRD.

TiersConfig

TiersConfig contains all configuration parameters related to tiers

Appears In:
Field Description Default Validation

defaultUserTier string

DefaultUserTier specifies the default tier to assign for new users

defaultSpaceTier string

DefaultSpaceTier specifies the default tier to assign for new spaces

featureToggles FeatureToggle array

FeatureToggles specifies the list of feature toggles/flags

durationBeforeChangeTierRequestDeletion string

DurationBeforeChangeTierRequestDeletion specifies the duration before a ChangeTierRequest resource is deleted

templateUpdateRequestMaxPoolSize integer

TemplateUpdateRequestMaxPoolSize specifies the maximum number of concurrent TemplateUpdateRequests
when updating MasterUserRecords

ToolchainCluster

ToolchainCluster configures Toolchain to be aware of a Kubernetes cluster and encapsulates the details necessary to communicate with the cluster.

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

ToolchainCluster

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

ToolchainClusterConfig

Defines all parameters concerned with the toolchaincluster resource

Field Description Default Validation

healthCheckPeriod string

Defines the period in between health checks

healthCheckTimeout string

Defines the timeout for each health check

ToolchainClusterList

ToolchainClusterList contains a list of ToolchainCluster

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

ToolchainClusterList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items ToolchainCluster array

XPreserveUnknownFields: {}

ToolchainClusterSpec

ToolchainClusterSpec defines the desired state of ToolchainCluster

Appears In:
Field Description Default Validation

Name of the secret containing the kubeconfig required to connect
to the cluster.

ToolchainClusterStatus

ToolchainClusterStatus contains information about the current status of a cluster updated periodically by cluster controller.

Field Description Default Validation

apiEndpoint string

APIEndpoint is the API endpoint of the remote cluster. This can be a hostname,
hostname:port, IP or IP:port.

operatorNamespace string

OperatorNamespace is the namespace in which the operator runs in the remote cluster

conditions Condition array

Conditions is an array of current cluster conditions.

ToolchainConfig

ToolchainConfig keeps all configuration parameters needed for host and member operators

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

ToolchainConfig

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

ToolchainConfigList

ToolchainConfigList contains a list of ToolchainConfig

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

ToolchainConfigList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items ToolchainConfig array

XPreserveUnknownFields: {}

ToolchainConfigSpec

ToolchainConfigSpec contains all configuration for host and member operators

Appears In:
Field Description Default Validation

host HostConfig

Contains all host operator configuration

members Members

Contains all member operator configurations for all member clusters

ToolchainConfigStatus

ToolchainConfigStatus defines the observed state of ToolchainConfig

Appears In:
Field Description Default Validation

syncErrors object (keys:string, values:string)

SyncErrors is a map of sync errors indexed by toolchaincluster name that indicates whether
an attempt to sync configuration to a member cluster failed

conditions Condition array

Conditions is an array of the current ToolchainConfig conditions
Supported condition types: ConditionReady

ToolchainSecret

ToolchainSecret defines a reference to a secret, this type should be included inline in any structs that contain secrets eg. NotificationSecret

Field Description Default Validation

ref string

Reference is the name of the secret resource to look up

ToolchainStatus

ToolchainStatus is used to track overall toolchain status

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

ToolchainStatus

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

ToolchainStatusConfig

ToolchainStatusConfig contains all configuration parameters related to the toolchain status component

Appears In:
Field Description Default Validation

toolchainStatusRefreshTime string

ToolchainStatusRefreshTime specifies how often the ToolchainStatus should load and refresh the current hosted-toolchain status

gitHubSecret GitHubSecret

Defines all secrets related to GitHub authentication/integration

ToolchainStatusList

ToolchainStatusList contains a list of ToolchainStatus

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

ToolchainStatusList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items ToolchainStatus array

XPreserveUnknownFields: {}

ToolchainStatusSpec

ToolchainStatusSpec defines the desired state of ToolchainStatus

Appears In:

ToolchainStatusStatus

ToolchainStatusStatus defines the observed state of the toolchain, including host cluster and member cluster components

Appears In:
Field Description Default Validation

hostOperator HostOperatorStatus

HostOperator is the status of a toolchain host operator

registrationService HostRegistrationServiceStatus

RegistrationService is the status of the registration service

members Member array

Members is an array of member status objects

metrics object (keys:string, values:Metric)

Metrics is a map that stores metrics to be exposed on Prometheus.

hostRoutes HostRoutes

HostRoutes/URLs of the host cluster, such as Proxy URL

conditions Condition array

Conditions is an array of the current overall toolchain status conditions
Supported condition types: ConditionReady

TwilioSenderConfig

TwilioSenderConfig is used to associate a particular sender ID (a sender ID is a text value that appears instead of a phone number when receiving an SMS message), for example "RED HAT", with an array of country code values for which the Sender ID value will be set via the Twilio API when sending a verification code to a user in any of the country codes specified.

Since some countries are starting to block long form phone numbers (i.e. SMS messages from international phone numbers) the Sender ID may be an acceptable alternative to requiring the verification message to be sent from a local phone number.

Field Description Default Validation

senderID string

SenderID

countryCodes string array

CountryCodes

UserAccount

UserAccount keeps all information about user provisioned in the cluster

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

UserAccount

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

UserAccountEmbedded

Appears In:
Field Description Default Validation

targetCluster string

The cluster in which the user exists

UserAccountList

UserAccountList contains a list of UserAccount

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

UserAccountList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items UserAccount array

XPreserveUnknownFields: {}

UserAccountSpec

UserAccountSpec defines the desired state of UserAccount

Appears In:
Field Description Default Validation

disabled boolean

If set to true then the corresponding user should not be able to login
"false" is assumed by default

propagatedClaims PropagatedClaims

PropagatedClaims contains a selection of claim values from the SSO Identity Provider which are intended to
be "propagated" down the resource dependency chain

UserAccountStatus

UserAccountStatus defines the observed state of UserAccount

Field Description Default Validation

conditions Condition array

Conditions is an array of current User Account conditions
Supported condition types: ConditionReady

UserAccountStatusEmbedded

Field Description Default Validation

cluster Cluster

Cluster is the cluster in which the user exists

conditions Condition array

Conditions is an array of current User Account conditions
Supported condition types: ConditionReady

UserSignup

UserSignup registers a user in the CodeReady Toolchain

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

UserSignup

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

UserSignupList

UserSignupList contains a list of UserSignup

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

UserSignupList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items UserSignup array

XPreserveUnknownFields: {}

UserSignupSpec

UserSignupSpec defines the desired state of UserSignup

Appears In:
Field Description Default Validation

targetCluster string

The cluster in which the user is provisioned in
If not set then the target cluster will be picked automatically

states UserSignupState array

States contains a number of values that reflect the desired state of the UserSignup.

identityClaims IdentityClaimsEmbedded

IdentityClaims contains as-is claim values extracted from the user’s access token

UserSignupState

Underlying type: string

Appears In:

UserSignupStatus

UserSignupStatus defines the observed state of UserSignup

Appears In:
Field Description Default Validation

conditions Condition array

Conditions is an array of current UserSignup conditions
Supported condition types:
PendingApproval, Provisioning, Complete

compliantUsername string

CompliantUsername is used to store the transformed, DNS-1123 compliant username

homeSpace string

HomeSpace is the name of the Space that is created for the user
immediately after their account is approved.
This is used by the proxy when no workspace context is provided.

scheduledDeactivationTimestamp Time

ScheduledDeactivationTimestamp is the calculated timestamp after which the user’s account will be deactivated, typically
after the expiry of their trial and based on the term specific by their UserTier. This property may be used as
a convenience to determine the amount of time an account has left before deactivation, without requiring a separate
lookup for the UserTier and subsequent calculation. It is managed by the Deactivation controller in the host operator.

UserTier

UserTier contains user-specific configuration

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

UserTier

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

UserTierList

UserTierList contains a list of UserTier

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

UserTierList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items UserTier array

XPreserveUnknownFields: {}

UserTierSpec

UserTierSpec defines the desired state of UserTier

Appears In:
Field Description Default Validation

deactivationTimeoutDays integer

the period (in days) after which users within the tier will be deactivated

UsersConfig

UsersConfig contains all configuration parameters related to users

Appears In:
Field Description Default Validation

masterUserRecordUpdateFailureThreshold integer

MasterUserRecordUpdateFailureThreshold specifies the number of allowed failures before stopping attempts to update a MasterUserRecord

forbiddenUsernamePrefixes string

ForbiddenUsernamePrefixes is a comma-separated string that defines the prefixes that a username may not have when signing up.
If a username has a forbidden prefix, then the username compliance prefix is added to the username

forbiddenUsernameSuffixes string

ForbiddenUsernameSuffixes is a comma-separated string that defines the suffixes that a username may not have when signing up. If a
username has a forbidden suffix, then the username compliance suffix is added to the username

WebhookConfig

Defines all parameters concerned with the Webhook

Field Description Default Validation

deploy boolean

Defines the flag that determines whether to deploy the Webhook.
If the deploy flag is set to False and the Webhook was deployed previously it will be deleted by the memberoperatorconfig controller.

secret WebhookSecret

Defines all secrets related to webhook configuration

WebhookSecret

WebhookSecret defines all secrets related to webhook configuration

Appears In:
Field Description Default Validation

ref string

Reference is the name of the secret resource to look up

virtualMachineAccessKey string

The key in the secret values map that contains a comma-separated list of SSH keys

Workspace

Workspace is the Schema for the workspaces API but it is only for use by the Proxy. There will be no actual Workspace CRs in the host/member clusters. The CRD will be installed in member clusters for API discovery purposes only. The schema will be used by the proxy’s workspace lister API.

Validation:

  • XPreserveUnknownFields: {}

Appears In:
Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

Workspace

metadata ObjectMeta

Refer to Kubernetes API documentation for fields of metadata.

WorkspaceList

WorkspaceList contains a list of Workspaces

Field Description Default Validation

apiVersion string

toolchain.dev.openshift.com/v1alpha1

kind string

WorkspaceList

metadata ListMeta

Refer to Kubernetes API documentation for fields of metadata.

items Workspace array

XPreserveUnknownFields: {}

WorkspaceStatus

WorkspaceStatus defines the observed state of a Workspace

Appears In:
Field Description Default Validation

namespaces SpaceNamespace array

The list of namespaces belonging to the Workspace.

owner string

Owner the name of the UserSignup that owns the workspace. It’s the user who is being charged
for the usage and whose quota is used for the workspace. There is only one user for this kind
of relationship and it can be transferred to someone else during the lifetime of the workspace.
By default, it’s the creator who becomes the owner as well.

role string

Role defines what kind of permissions the user has in the given workspace.

type string

Type defines the type of workspace. For example, "home" for a user’s given workspace upon first
signing up. It is currently valid for this value to be empty.

availableRoles string array

AvailableRoles contains the roles for this tier. For example, "admin|contributor|maintainer".

bindings Binding array

Bindings enumerates the permissions that have been granted to users within the current workspace, and actions that can be applied to those permissions.