Kluctl Controller API reference

Kluctl Controller API reference

Packages:

gitops.kluctl.io/v1beta1

Package v1beta1 contains API Schema definitions for the gitops.kluctl.io v1beta1 API group.

Resource Types:

    Decryption

    (Appears on: KluctlDeploymentSpec)

    Decryption defines how decryption is handled for Kubernetes manifests.

    Field Description
    provider
    string

    Provider is the name of the decryption engine.

    secretRef
    LocalObjectReference
    (Optional)

    The secret name containing the private OpenPGP keys used for decryption.

    serviceAccount
    string
    (Optional)

    ServiceAccount specifies the service account used to authenticate against cloud providers. This is currently only usable for AWS KMS keys. The specified service account will be used to authenticate to AWS by signing a token in an IRSA compliant way.

    GitCredentials

    (Appears on: ProjectSource)

    Field Description
    host
    string

    Host specifies the hostname that this git secret applies to. If set to ‘’, this set of credentials applies to all hosts. Using ‘’ for http(s) based repositories is not supported, meaning that such credentials sets will be ignored. You must always set a proper hostname in that case.

    pathPrefix
    string
    (Optional)

    PathPrefix specified the path prefix to be used to filter git urls. Only urls that have this prefix will use this set of credentials.

    secretRef
    LocalObjectReference

    SecretRef specifies the Secret containing authentication credentials for the git repository. For HTTPS repositories the Secret must contain ‘username’ and ‘password’ fields. For SSH repositories the Secret must contain ‘identity’ and ‘known_hosts’ fields.

    HelmCredentials

    (Appears on: KluctlDeploymentSpec)

    Field Description
    secretRef
    LocalObjectReference

    SecretRef holds the name of a secret that contains the Helm credentials. The secret must either contain the fields credentialsId which refers to the credentialsId found in https://kluctl.io/docs/kluctl/reference/deployments/helm/#private-chart-repositories or an url used to match the credentials found in Kluctl projects helm-chart.yaml files. The secret can either container basic authentication credentials via username and password or TLS authentication via certFile and keyFile. caFile can be specified to override the CA to use while contacting the repository. The secret can also contain insecureSkipTlsVerify: "true", which will disable TLS verification. passCredentialsAll: "true" can be specified to make the controller pass credentials to all requests, even if the hostname changes in-between.

    KluctlDeployment

    KluctlDeployment is the Schema for the kluctldeployments API

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    KluctlDeploymentSpec


    source
    ProjectSource

    Specifies the project source location

    decryption
    Decryption
    (Optional)

    Decrypt Kubernetes secrets before applying them on the cluster.

    interval
    Kubernetes meta/v1.Duration

    The interval at which to reconcile the KluctlDeployment. Reconciliation means that the deployment is fully rendered and only deployed when the result changes compared to the last deployment. To override this behavior, set the DeployInterval value.

    retryInterval
    Kubernetes meta/v1.Duration
    (Optional)

    The interval at which to retry a previously failed reconciliation. When not specified, the controller uses the Interval value to retry failures.

    deployInterval
    SafeDuration
    (Optional)

    DeployInterval specifies the interval at which to deploy the KluctlDeployment, even in cases the rendered result does not change.

    validateInterval
    SafeDuration
    (Optional)

    ValidateInterval specifies the interval at which to validate the KluctlDeployment. Validation is performed the same way as with ‘kluctl validate -t ’. Defaults to the same value as specified in Interval. Validate is also performed whenever a deployment is performed, independent of the value of ValidateInterval

    timeout
    Kubernetes meta/v1.Duration
    (Optional)

    Timeout for all operations. Defaults to ‘Interval’ duration.

    suspend
    bool
    (Optional)

    This flag tells the controller to suspend subsequent kluctl executions, it does not apply to already started executions. Defaults to false.

    helmCredentials
    []HelmCredentials
    (Optional)

    HelmCredentials is a list of Helm credentials used when non pre-pulled Helm Charts are used inside a Kluctl deployment.

    serviceAccountName
    string
    (Optional)

    The name of the Kubernetes service account to use while deploying. If not specified, the default service account is used.

    kubeConfig
    KubeConfig
    (Optional)

    The KubeConfig for deploying to the target cluster. Specifies the kubeconfig to be used when invoking kluctl. Contexts in this kubeconfig must match the context found in the kluctl target. As an alternative, specify the context to be used via ‘context’

    target
    string
    (Optional)

    Target specifies the kluctl target to deploy. If not specified, an empty target is used that has no name and no context. Use ‘TargetName’ and ‘Context’ to specify the name and context in that case.

    targetNameOverride
    string
    (Optional)

    TargetNameOverride sets or overrides the target name. This is especially useful when deployment without a target.

    context
    string
    (Optional)

    If specified, overrides the context to be used. This will effectively make kluctl ignore the context specified in the target.

    args
    k8s.io/apimachinery/pkg/runtime.RawExtension
    (Optional)

    Args specifies dynamic target args.

    images
    []github.com/kluctl/kluctl/v2/pkg/types.FixedImage
    (Optional)

    Images contains a list of fixed image overrides. Equivalent to using ‘–fixed-images-file’ when calling kluctl.

    dryRun
    bool
    (Optional)

    DryRun instructs kluctl to run everything in dry-run mode. Equivalent to using ‘–dry-run’ when calling kluctl.

    noWait
    bool
    (Optional)

    NoWait instructs kluctl to not wait for any resources to become ready, including hooks. Equivalent to using ‘–no-wait’ when calling kluctl.

    forceApply
    bool
    (Optional)

    ForceApply instructs kluctl to force-apply in case of SSA conflicts. Equivalent to using ‘–force-apply’ when calling kluctl.

    replaceOnError
    bool
    (Optional)

    ReplaceOnError instructs kluctl to replace resources on error. Equivalent to using ‘–replace-on-error’ when calling kluctl.

    forceReplaceOnError
    bool
    (Optional)

    ForceReplaceOnError instructs kluctl to force-replace resources in case a normal replace fails. Equivalent to using ‘–force-replace-on-error’ when calling kluctl.

    abortOnError
    bool
    (Optional)

    ForceReplaceOnError instructs kluctl to abort deployments immediately when something fails. Equivalent to using ‘–abort-on-error’ when calling kluctl.

    includeTags
    []string
    (Optional)

    IncludeTags instructs kluctl to only include deployments with given tags. Equivalent to using ‘–include-tag’ when calling kluctl.

    excludeTags
    []string
    (Optional)

    ExcludeTags instructs kluctl to exclude deployments with given tags. Equivalent to using ‘–exclude-tag’ when calling kluctl.

    includeDeploymentDirs
    []string
    (Optional)

    IncludeDeploymentDirs instructs kluctl to only include deployments with the given dir. Equivalent to using ‘–include-deployment-dir’ when calling kluctl.

    excludeDeploymentDirs
    []string
    (Optional)

    ExcludeDeploymentDirs instructs kluctl to exclude deployments with the given dir. Equivalent to using ‘–exclude-deployment-dir’ when calling kluctl.

    deployMode
    string
    (Optional)

    DeployMode specifies what deploy mode should be used. The options ‘full-deploy’ and ‘poke-images’ are supported. With the ‘poke-images’ option, only images are patched into the target without performing a full deployment.

    validate
    bool
    (Optional)

    Validate enables validation after deploying

    prune
    bool
    (Optional)

    Prune enables pruning after deploying.

    delete
    bool
    (Optional)

    Delete enables deletion of the specified target when the KluctlDeployment object gets deleted.

    manual
    bool
    (Optional)

    Manual enables manual deployments, meaning that the deployment will initially start as a dry run deployment and only after manual approval cause a real deployment

    manualObjectsHash
    string
    (Optional)

    ManualObjectsHash specifies the rendered objects hash that is approved for manual deployment. If Manual is set to true, the controller will skip deployments when the current reconciliation loops calculated objects hash does not match this value. There are two ways to use this value properly. 1. Set it manually to the value found in status.lastObjectsHash. 2. Use the Kluctl Webui to manually approve a deployment, which will set this field appropriately.

    status
    KluctlDeploymentStatus

    KluctlDeploymentSpec

    (Appears on: KluctlDeployment)

    Field Description
    source
    ProjectSource

    Specifies the project source location

    decryption
    Decryption
    (Optional)

    Decrypt Kubernetes secrets before applying them on the cluster.

    interval
    Kubernetes meta/v1.Duration

    The interval at which to reconcile the KluctlDeployment. Reconciliation means that the deployment is fully rendered and only deployed when the result changes compared to the last deployment. To override this behavior, set the DeployInterval value.

    retryInterval
    Kubernetes meta/v1.Duration
    (Optional)

    The interval at which to retry a previously failed reconciliation. When not specified, the controller uses the Interval value to retry failures.

    deployInterval
    SafeDuration
    (Optional)

    DeployInterval specifies the interval at which to deploy the KluctlDeployment, even in cases the rendered result does not change.

    validateInterval
    SafeDuration
    (Optional)

    ValidateInterval specifies the interval at which to validate the KluctlDeployment. Validation is performed the same way as with ‘kluctl validate -t ’. Defaults to the same value as specified in Interval. Validate is also performed whenever a deployment is performed, independent of the value of ValidateInterval

    timeout
    Kubernetes meta/v1.Duration
    (Optional)

    Timeout for all operations. Defaults to ‘Interval’ duration.

    suspend
    bool
    (Optional)

    This flag tells the controller to suspend subsequent kluctl executions, it does not apply to already started executions. Defaults to false.

    helmCredentials
    []HelmCredentials
    (Optional)

    HelmCredentials is a list of Helm credentials used when non pre-pulled Helm Charts are used inside a Kluctl deployment.

    serviceAccountName
    string
    (Optional)

    The name of the Kubernetes service account to use while deploying. If not specified, the default service account is used.

    kubeConfig
    KubeConfig
    (Optional)

    The KubeConfig for deploying to the target cluster. Specifies the kubeconfig to be used when invoking kluctl. Contexts in this kubeconfig must match the context found in the kluctl target. As an alternative, specify the context to be used via ‘context’

    target
    string
    (Optional)

    Target specifies the kluctl target to deploy. If not specified, an empty target is used that has no name and no context. Use ‘TargetName’ and ‘Context’ to specify the name and context in that case.

    targetNameOverride
    string
    (Optional)

    TargetNameOverride sets or overrides the target name. This is especially useful when deployment without a target.

    context
    string
    (Optional)

    If specified, overrides the context to be used. This will effectively make kluctl ignore the context specified in the target.

    args
    k8s.io/apimachinery/pkg/runtime.RawExtension
    (Optional)

    Args specifies dynamic target args.

    images
    []github.com/kluctl/kluctl/v2/pkg/types.FixedImage
    (Optional)

    Images contains a list of fixed image overrides. Equivalent to using ‘–fixed-images-file’ when calling kluctl.

    dryRun
    bool
    (Optional)

    DryRun instructs kluctl to run everything in dry-run mode. Equivalent to using ‘–dry-run’ when calling kluctl.

    noWait
    bool
    (Optional)

    NoWait instructs kluctl to not wait for any resources to become ready, including hooks. Equivalent to using ‘–no-wait’ when calling kluctl.

    forceApply
    bool
    (Optional)

    ForceApply instructs kluctl to force-apply in case of SSA conflicts. Equivalent to using ‘–force-apply’ when calling kluctl.

    replaceOnError
    bool
    (Optional)

    ReplaceOnError instructs kluctl to replace resources on error. Equivalent to using ‘–replace-on-error’ when calling kluctl.

    forceReplaceOnError
    bool
    (Optional)

    ForceReplaceOnError instructs kluctl to force-replace resources in case a normal replace fails. Equivalent to using ‘–force-replace-on-error’ when calling kluctl.

    abortOnError
    bool
    (Optional)

    ForceReplaceOnError instructs kluctl to abort deployments immediately when something fails. Equivalent to using ‘–abort-on-error’ when calling kluctl.

    includeTags
    []string
    (Optional)

    IncludeTags instructs kluctl to only include deployments with given tags. Equivalent to using ‘–include-tag’ when calling kluctl.

    excludeTags
    []string
    (Optional)

    ExcludeTags instructs kluctl to exclude deployments with given tags. Equivalent to using ‘–exclude-tag’ when calling kluctl.

    includeDeploymentDirs
    []string
    (Optional)

    IncludeDeploymentDirs instructs kluctl to only include deployments with the given dir. Equivalent to using ‘–include-deployment-dir’ when calling kluctl.

    excludeDeploymentDirs
    []string
    (Optional)

    ExcludeDeploymentDirs instructs kluctl to exclude deployments with the given dir. Equivalent to using ‘–exclude-deployment-dir’ when calling kluctl.

    deployMode
    string
    (Optional)

    DeployMode specifies what deploy mode should be used. The options ‘full-deploy’ and ‘poke-images’ are supported. With the ‘poke-images’ option, only images are patched into the target without performing a full deployment.

    validate
    bool
    (Optional)

    Validate enables validation after deploying

    prune
    bool
    (Optional)

    Prune enables pruning after deploying.

    delete
    bool
    (Optional)

    Delete enables deletion of the specified target when the KluctlDeployment object gets deleted.

    manual
    bool
    (Optional)

    Manual enables manual deployments, meaning that the deployment will initially start as a dry run deployment and only after manual approval cause a real deployment

    manualObjectsHash
    string
    (Optional)

    ManualObjectsHash specifies the rendered objects hash that is approved for manual deployment. If Manual is set to true, the controller will skip deployments when the current reconciliation loops calculated objects hash does not match this value. There are two ways to use this value properly. 1. Set it manually to the value found in status.lastObjectsHash. 2. Use the Kluctl Webui to manually approve a deployment, which will set this field appropriately.

    KluctlDeploymentStatus

    (Appears on: KluctlDeployment)

    KluctlDeploymentStatus defines the observed state of KluctlDeployment

    Field Description
    lastHandledReconcileAt
    string
    (Optional)

    LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change of the annotation value can be detected.

    lastHandledDeployAt
    string
    (Optional)
    lastHandledPruneAt
    string
    (Optional)
    lastHandledValidateAt
    string
    (Optional)
    observedGeneration
    int64
    (Optional)

    ObservedGeneration is the last reconciled generation.

    observedCommit
    string

    ObservedCommit is the last commit observed

    conditions
    []Kubernetes meta/v1.Condition
    (Optional)
    projectKey
    github.com/kluctl/kluctl/v2/pkg/types/result.ProjectKey
    (Optional)
    targetKey
    github.com/kluctl/kluctl/v2/pkg/types/result.TargetKey
    (Optional)
    lastObjectsHash
    string
    (Optional)
    lastManualObjectsHash
    string
    (Optional)
    lastPrepareError
    string
    (Optional)
    lastDeployError
    string
    (Optional)
    lastValidateError
    string
    (Optional)
    lastDriftDetectionError
    string
    (Optional)
    lastDeployResult
    k8s.io/apimachinery/pkg/runtime.RawExtension
    (Optional)

    LastDeployResult is the result summary of the last deploy command

    lastValidateResult
    k8s.io/apimachinery/pkg/runtime.RawExtension
    (Optional)

    LastValidateResult is the result summary of the last validate command

    lastDriftDetectionResult
    k8s.io/apimachinery/pkg/runtime.RawExtension

    LastDriftDetectionResult is the result of the last drift detection command optional

    lastDriftDetectionResultMessage
    string

    LastDriftDetectionResultMessage contains a short message that describes the drift optional

    KubeConfig

    (Appears on: KluctlDeploymentSpec)

    KubeConfig references a Kubernetes secret that contains a kubeconfig file.

    Field Description
    secretRef
    SecretKeyReference

    SecretRef holds the name of a secret that contains a key with the kubeconfig file as the value. If no key is set, the key will default to ‘value’. The secret must be in the same namespace as the Kustomization. It is recommended that the kubeconfig is self-contained, and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific cmd-path auth helpers will not function without adding binaries and credentials to the Pod that is responsible for reconciling the KluctlDeployment.

    LocalObjectReference

    (Appears on: Decryption, GitCredentials, HelmCredentials, ProjectSource)

    Field Description
    name
    string

    Name of the referent.

    ProjectSource

    (Appears on: KluctlDeploymentSpec)

    Field Description
    url
    github.com/kluctl/kluctl/v2/pkg/types.GitUrl

    Url specifies the Git url where the project source is located

    ref
    github.com/kluctl/kluctl/v2/pkg/types.GitRef
    (Optional)

    Ref specifies the branch, tag or commit that should be used. If omitted, the default branch of the repo is used.

    path
    string
    (Optional)

    Path specifies the sub-directory to be used as project directory

    secretRef
    LocalObjectReference

    SecretRef specifies the Secret containing authentication credentials for See GitCredentials.SecretRef for details DEPRECATED this field is deprecated and will be removed in a future version of the controller. Use Credentials instead. WARNING using this field causes the controller to pass http basic auth credentials to ALL repositories involved. Use Credentials with a proper Host field instead.

    credentials
    []GitCredentials
    (Optional)

    Credentials specifies a list of secrets with credentials

    SafeDuration

    (Appears on: KluctlDeploymentSpec)

    Field Description
    Duration
    Kubernetes meta/v1.Duration

    SecretKeyReference

    (Appears on: KubeConfig)

    SecretKeyReference contains enough information to locate the referenced Kubernetes Secret object in the same namespace. Optionally a key can be specified. Use this type instead of core/v1 SecretKeySelector when the Key is optional and the Optional field is not applicable.

    Field Description
    name
    string

    Name of the Secret.

    key
    string
    (Optional)

    Key in the Secret, when not specified an implementation-specific default key is used.

    This page was automatically generated with gen-crd-api-reference-docs