HNC (Hierarchical Namespace Controller) Config Schema¶
Note
This is auto-generated documentation from a JSON schema that is under construction, this will improve over time.
Return to the root config schema
https://raw.githubusercontent.com/elastisys/compliantkubernetes-apps/main/config/schemas/config.yaml#/properties/hnc
Configuration for Hierarchical Namespace Controller.
Note
Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
---|---|---|---|---|---|---|---|
Can be instantiated | No | Unknown status | No | Forbidden | Forbidden | none | config/schemas/config.yaml* |
TYPE:
object
(HNC (Hierarchical Namespace Controller) Config)
PROPERTIES:
Property | Type | Required | Nullable | Defined by |
---|---|---|---|---|
enabled | boolean |
Optional | cannot be null | Welkin Apps Config |
additionalAllowPropagateResources | array |
Optional | cannot be null | Welkin Apps Config |
excludedExtraNamespaces | array |
Optional | cannot be null | Welkin Apps Config |
excludedNamespaces | array |
Optional | cannot be null | Welkin Apps Config |
ha | boolean |
Optional | cannot be null | Welkin Apps Config |
includedNamespacesRegex | string |
Optional | cannot be null | Welkin Apps Config |
managedNamespaceAnnotations | array |
Optional | cannot be null | Welkin Apps Config |
managedNamespaceLabels | array |
Optional | cannot be null | Welkin Apps Config |
manager | object |
Optional | cannot be null | Welkin Apps Config |
serviceMonitor | object |
Optional | cannot be null | Welkin Apps Config |
unpropagatedAnnotations | array |
Optional | cannot be null | Welkin Apps Config |
webhook | object |
Optional | cannot be null | Welkin Apps Config |
webhookMatchConditions | boolean |
Optional | cannot be null | Welkin Apps Config |
enabled¶
Enable HNC
enabled
-
is optional
-
Type:
boolean
(Enable HNC) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
boolean
(Enable HNC)
DEFAULTS:
The default value is:
true
additionalAllowPropagateResources¶
Additional resources to enable opt-in propagation for. Objects that should be propagated must have one of the annotations listed here https://github.com/kubernetes-sigs/hierarchical-namespaces/blob/master/docs/user-guide/how-to.md#limit-the-propagation-of-an-object-to-descendant-namespaces
additionalAllowPropagateResources
-
is optional
-
Type:
object[]
(Additional Allow Propagate Resources) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object[]
(Additional Allow Propagate Resources)
EXAMPLES:
resource: secrets
resource: networkpolicies
group: networking.k8s.io
excludedExtraNamespaces¶
Extra excluded namespace, here we should add the namespaces that are more likely to change
Including and excluding namespaces
excludedExtraNamespaces
-
is optional
-
Type:
string[]
-
cannot be null
-
defined in: Welkin Apps Config
TYPE:
string[]
excludedNamespaces¶
Excluded namespaces
excludedNamespaces
-
is optional
-
Type:
string[]
-
cannot be null
-
defined in: Welkin Apps Config
TYPE:
string[]
ha¶
Enable HA mode for hnc webhooks.
ha
-
is optional
-
Type:
boolean
(Enable Ha (High Availability)) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
boolean
(Enable Ha (High Availability))
DEFAULTS:
The default value is:
true
includedNamespacesRegex¶
Included namespaces, empty string will include all.
Including and excluding namespaces
includedNamespacesRegex
-
is optional
-
Type:
string
(Included Namespaces Regex) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
string
(Included Namespaces Regex)
managedNamespaceAnnotations¶
Annotations that will be propagated to subnamespaces (allows regex).
managedNamespaceAnnotations
-
is optional
-
Type:
string[]
-
cannot be null
-
defined in: Welkin Apps Config
TYPE:
string[]
managedNamespaceLabels¶
Labels that will be propagated to subnamespaces (allows regex).
Labels in particular must also be configured in the HierarchyConfiguration object to be propagated.
managedNamespaceLabels
-
is optional
-
Type:
string[]
-
cannot be null
-
defined in: Welkin Apps Config
TYPE:
string[]
manager¶
This is meant to describe the base class if you will, for Welkin resources.
manager
-
is optional
-
Type:
object
(Common Resource) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Common Resource)
serviceMonitor¶
Service monitor for Hierarchical Namespace Controller.
serviceMonitor
-
is optional
-
Type:
object
(Service Monitor) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Service Monitor)
unpropagatedAnnotations¶
Annotations that will be stripped from propagated objects
unpropagatedAnnotations
-
is optional
-
Type: unknown[]
-
cannot be null
-
defined in: Welkin Apps Config
TYPE:
unknown[]
webhook¶
Webhook for Hierarchical Namespace Controller.
webhook
-
is optional
-
Type:
object
(Webhook Config) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
object
(Webhook Config)
webhookMatchConditions¶
Fine grained mach conditions for webhook.
This feature is only available in Kubernetes v1.28+.
webhookMatchConditions
-
is optional
-
Type:
boolean
(Webhook Match Conditions Enable) -
cannot be null
-
defined in: Welkin Apps Config
TYPE:
boolean
(Webhook Match Conditions Enable)
Return to the root config schema
Generated Thu Dec 19 03:51:01 UTC 2024 from elastisys/compliantkubernetes-apps@main