← Back to index Esc
Kind
Imagerepository
Group
image.toolkit.fluxcd.io
Version
v1beta1
apiVersion: image.toolkit.fluxcd.io/v1beta1 kind: Imagerepository metadata: name: example
View raw schema
apiVersion string
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind string
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata object
spec object
ImageRepositorySpec defines the parameters for scanning an image repository, e.g., `fluxcd/flux`.
accessFrom object
AccessFrom defines an ACL for allowing cross-namespace references to the ImageRepository object based on the caller's namespace labels.
namespaceSelectors []object required
NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in this list are evaluated using a logical OR operation.
matchLabels object
MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
certSecretRef object
CertSecretRef can be given the name of a secret containing either or both of - a PEM-encoded client certificate (`certFile`) and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server certificate.
name string required
Name of the referent.
exclusionList []string
ExclusionList is a list of regex strings used to exclude certain tags from being stored in the database.
image string required
Image is the name of the image repository
interval string required
Interval is the length of time to wait between scans of the image repository.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
secretRef object
SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with `kubectl create secret docker-registry`, or the equivalent.
name string required
Name of the referent.
serviceAccountName string
ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate the image pull if the service account has attached pull secrets.
maxLength: 253
suspend boolean
This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.
timeout string
Timeout for image scanning. Defaults to 'Interval' duration.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
status object
ImageRepositoryStatus defines the observed state of ImageRepository
canonicalImageName string
CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., `docker.io/library/alpine` rather than `alpine`.
conditions []object
lastTransitionTime string required
lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
message string required
message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
observedGeneration integer
observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
reason string required
reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
minLength: 1
maxLength: 1024
status string required
status of the condition, one of True, False, Unknown.
enum: True, False, Unknown
type string required
type of condition in CamelCase or in foo.example.com/CamelCase.
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
maxLength: 316
lastHandledReconcileAt string
LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change of the annotation value can be detected.
lastScanResult object
LastScanResult contains the number of fetched tags.
scanTime string
format: date-time
tagCount integer required
observedGeneration integer
ObservedGeneration is the last reconciled generation.
format: int64
Copied!