Skip to content

HNC (Hierarchical Namespace Controller) Config Schema

Note

This is auto-generated documentation from a JSON schema that is under construction, this will improve over time.

Return to the root config schema

https://raw.githubusercontent.com/elastisys/compliantkubernetes-apps/main/config/schemas/config.yaml#/properties/hnc

Configuration for Hierarchical Namespace Controller.

Abstract Extensible Status Identifiable Custom Properties Additional Properties Access Restrictions Defined In
Can be instantiated No Unknown status No Forbidden Forbidden none config/schemas/config.yaml*

TYPE:

object (HNC (Hierarchical Namespace Controller) Config)

PROPERTIES:

Property Type Required Nullable Defined by
enabled boolean Optional cannot be null Welkin Apps Config
additionalAllowPropagateResources array Optional cannot be null Welkin Apps Config
excludedExtraNamespaces array Optional cannot be null Welkin Apps Config
excludedNamespaces array Optional cannot be null Welkin Apps Config
ha boolean Optional cannot be null Welkin Apps Config
includedNamespacesRegex string Optional cannot be null Welkin Apps Config
managedNamespaceAnnotations array Optional cannot be null Welkin Apps Config
managedNamespaceLabels array Optional cannot be null Welkin Apps Config
manager object Optional cannot be null Welkin Apps Config
serviceMonitor object Optional cannot be null Welkin Apps Config
unpropagatedAnnotations array Optional cannot be null Welkin Apps Config
webhook object Optional cannot be null Welkin Apps Config
webhookMatchConditions boolean Optional cannot be null Welkin Apps Config

enabled

Enable HNC

enabled

TYPE:

boolean (Enable HNC)

DEFAULTS:

The default value is:

true

additionalAllowPropagateResources

Additional resources to enable opt-in propagation for. Objects that should be propagated must have one of the annotations listed here https://github.com/kubernetes-sigs/hierarchical-namespaces/blob/master/docs/user-guide/how-to.md#limit-the-propagation-of-an-object-to-descendant-namespaces

additionalAllowPropagateResources

TYPE:

object[] (Additional Allow Propagate Resources)

EXAMPLES:

resource: secrets
resource: networkpolicies
group: networking.k8s.io

excludedExtraNamespaces

Extra excluded namespace, here we should add the namespaces that are more likely to change

Including and excluding namespaces

excludedExtraNamespaces

TYPE:

string[]

excludedNamespaces

Excluded namespaces

excludedNamespaces

TYPE:

string[]

ha

Enable HA mode for hnc webhooks.

ha

TYPE:

boolean (Enable Ha (High Availability))

DEFAULTS:

The default value is:

true

includedNamespacesRegex

Included namespaces, empty string will include all.

Including and excluding namespaces

includedNamespacesRegex

TYPE:

string (Included Namespaces Regex)

managedNamespaceAnnotations

Annotations that will be propagated to subnamespaces (allows regex).

managedNamespaceAnnotations

TYPE:

string[]

managedNamespaceLabels

Labels that will be propagated to subnamespaces (allows regex).

Labels in particular must also be configured in the HierarchyConfiguration object to be propagated.

managedNamespaceLabels

TYPE:

string[]

manager

This is meant to describe the base class if you will, for Welkin resources.

manager

TYPE:

object (Common Resource)

serviceMonitor

Service monitor for Hierarchical Namespace Controller.

serviceMonitor

TYPE:

object (Service Monitor)

unpropagatedAnnotations

Annotations that will be stripped from propagated objects

unpropagatedAnnotations

TYPE:

unknown[]

webhook

Webhook for Hierarchical Namespace Controller.

webhook

TYPE:

object (Webhook Config)

webhookMatchConditions

Fine grained mach conditions for webhook.

This feature is only available in Kubernetes v1.28+.

webhookMatchConditions

TYPE:

boolean (Webhook Match Conditions Enable)

Return to the root config schema


Generated Thu Dec 19 03:51:01 UTC 2024 from elastisys/compliantkubernetes-apps@main