HNC (Hierarchical Namespace Controller) Config Schema¶
Note
This is auto-generated documentation from a JSON schema that is under construction, this will improve over time.
Return to the root config schema
https://raw.githubusercontent.com/elastisys/compliantkubernetes-apps/v0.41.0/config/schemas/config.yaml#/properties/hnc
Configuration for Hierarchical Namespace Controller.
Note
Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
---|---|---|---|---|---|---|---|
Can be instantiated | No | Unknown status | No | Forbidden | Forbidden | none | config/schemas/config.yaml* |
TYPE:
object
(HNC (Hierarchical Namespace Controller) Config)
PROPERTIES:
enabled¶
Enable HNC
enabled
-
is optional
-
Type:
boolean
(Enable HNC) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
boolean
(Enable HNC)
DEFAULTS:
The default value is:
true
additionalAllowPropagateResources¶
Additional resources to enable opt-in propagation for. Objects that should be propagated must have one of the annotations listed here https://github.com/kubernetes-sigs/hierarchical-namespaces/blob/master/docs/user-guide/how-to.md#limit-the-propagation-of-an-object-to-descendant-namespaces
additionalAllowPropagateResources
-
is optional
-
Type:
object[]
(Additional Allow Propagate Resources) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object[]
(Additional Allow Propagate Resources)
EXAMPLES:
resource: secrets
resource: networkpolicies
group: networking.k8s.io
excludedExtraNamespaces¶
Extra excluded namespace, here we should add the namespaces that are more likely to change
Including and excluding namespaces
excludedExtraNamespaces
-
is optional
-
Type:
string[]
-
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string[]
excludedNamespaces¶
Excluded namespaces
excludedNamespaces
-
is optional
-
Type:
string[]
-
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string[]
ha¶
Enable HA mode for hnc webhooks.
ha
-
is optional
-
Type:
boolean
(Enable Ha (High Availability)) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
boolean
(Enable Ha (High Availability))
DEFAULTS:
The default value is:
true
includedNamespacesRegex¶
Included namespaces, empty string will include all.
Including and excluding namespaces
includedNamespacesRegex
-
is optional
-
Type:
string
(Included Namespaces Regex) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string
(Included Namespaces Regex)
managedNamespaceAnnotations¶
Annotations that will be propagated to subnamespaces (allows regex).
managedNamespaceAnnotations
-
is optional
-
Type:
string[]
-
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string[]
managedNamespaceLabels¶
Labels that will be propagated to subnamespaces (allows regex).
Labels in particular must also be configured in the HierarchyConfiguration object to be propagated.
managedNamespaceLabels
-
is optional
-
Type:
string[]
-
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string[]
manager¶
This is meant to describe the base class if you will, for ck8s resources.
manager
-
is optional
-
Type:
object
(Common Resource) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object
(Common Resource)
serviceMonitor¶
Service monitor for Hierarchical Namespace Controller.
serviceMonitor
-
is optional
-
Type:
object
(Service Monitor) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object
(Service Monitor)
unpropagatedAnnotations¶
Annotations that will be stripped from propagated objects
unpropagatedAnnotations
-
is optional
-
Type: unknown[]
-
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
unknown[]
webhook¶
Webhook for Hierarchical Namespace Controller.
webhook
-
is optional
-
Type:
object
(Webhook Config) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object
(Webhook Config)
webhookMatchConditions¶
Fine grained mach conditions for webhook.
This feature is only available in Kubernetes v1.28+.
webhookMatchConditions
-
is optional
-
Type:
boolean
(Webhook Match Conditions Enable) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
boolean
(Webhook Match Conditions Enable)
Return to the root config schema
Generated Thu Nov 14 16:21:55 UTC 2024 from elastisys/compliantkubernetes-apps@v0.41.0