ImageRepository

image.toolkit.fluxcd.io / v1beta1

apiVersion: image.toolkit.fluxcd.io/v1beta1 kind: ImageRepository metadata: name: example

apiVersion string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

kind string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

metadata object

spec object

ImageRepositorySpec defines the parameters for scanning an image repository, e.g., `fluxcd/flux`.

accessFrom object

AccessFrom defines an ACL for allowing cross-namespace references to the ImageRepository object based on the caller's namespace labels.

namespaceSelectors []object required

NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in this list are evaluated using a logical OR operation.

matchLabels object

MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

certSecretRef object

CertSecretRef can be given the name of a secret containing either or both of - a PEM-encoded client certificate (`certFile`) and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server certificate.

name string required

Name of the referent.

exclusionList []string

ExclusionList is a list of regex strings used to exclude certain tags from being stored in the database.

image string required

Image is the name of the image repository

interval string required

Interval is the length of time to wait between scans of the image repository.

pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$

secretRef object

SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with `kubectl create secret docker-registry`, or the equivalent.

name string required

Name of the referent.

serviceAccountName string

ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate the image pull if the service account has attached pull secrets.

maxLength: 253

suspend boolean

This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.

timeout string

Timeout for image scanning. Defaults to 'Interval' duration.

pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$

status object

ImageRepositoryStatus defines the observed state of ImageRepository

canonicalImageName string

CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., `docker.io/library/alpine` rather than `alpine`.

conditions []object

lastTransitionTime string required

lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.

format: date-time

message string required

message is a human readable message indicating details about the transition. This may be an empty string.

maxLength: 32768

observedGeneration integer

observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.

format: int64

minimum: 0

reason string required

reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.

pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$

minLength: 1

maxLength: 1024

status string required

status of the condition, one of True, False, Unknown.

enum: True, False, Unknown

type string required

type of condition in CamelCase or in foo.example.com/CamelCase.

pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$

maxLength: 316

lastHandledReconcileAt string

LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change of the annotation value can be detected.

lastScanResult object

LastScanResult contains the number of fetched tags.

scanTime string

format: date-time

tagCount integer required

observedGeneration integer

ObservedGeneration is the last reconciled generation.

format: int64

No matches. Try .spec.accessFrom for an exact path