Skip to content

workflow.v1alpha1.template

"Template is a reusable and composable unit of execution in a workflow"

Index

Fields

fn withActiveDeadlineSeconds

withActiveDeadlineSeconds(activeDeadlineSeconds)

fn withAutomountServiceAccountToken

withAutomountServiceAccountToken(automountServiceAccountToken)

"AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in pods. ServiceAccountName of ExecutorConfig must be specified if this value is false."

fn withDaemon

withDaemon(daemon)

"Deamon will allow a workflow to proceed to the next step so long as the container reaches readiness"

fn withFailFast

withFailFast(failFast)

"FailFast, if specified, will fail this template if any of its child pods has failed. This is useful for when this template is expanded with withItems, etc."

fn withHostAliases

withHostAliases(hostAliases)

"HostAliases is an optional list of hosts and IPs that will be injected into the pod spec"

fn withHostAliasesMixin

withHostAliasesMixin(hostAliases)

"HostAliases is an optional list of hosts and IPs that will be injected into the pod spec"

Note: This function appends passed data to existing values

fn withInitContainers

withInitContainers(initContainers)

"InitContainers is a list of containers which run before the main container."

fn withInitContainersMixin

withInitContainersMixin(initContainers)

"InitContainers is a list of containers which run before the main container."

Note: This function appends passed data to existing values

fn withName

withName(name)

"Name is the name of the template"

fn withNodeSelector

withNodeSelector(nodeSelector)

"NodeSelector is a selector to schedule this step of the workflow to be run on the selected node(s). Overrides the selector set at the workflow level."

fn withNodeSelectorMixin

withNodeSelectorMixin(nodeSelector)

"NodeSelector is a selector to schedule this step of the workflow to be run on the selected node(s). Overrides the selector set at the workflow level."

Note: This function appends passed data to existing values

fn withParallelism

withParallelism(parallelism)

"Parallelism limits the max total parallel pods that can execute at the same time within the boundaries of this template invocation. If additional steps/dag templates are invoked, the pods created by those templates will not be counted towards this total."

fn withPlugin

withPlugin(plugin)

"Plugin is an Object with exactly one key"

fn withPluginMixin

withPluginMixin(plugin)

"Plugin is an Object with exactly one key"

Note: This function appends passed data to existing values

fn withPodSpecPatch

withPodSpecPatch(podSpecPatch)

"PodSpecPatch holds strategic merge patch to apply against the pod spec. Allows parameterization of container fields which are not strings (e.g. resource limits)."

fn withPriority

withPriority(priority)

"Priority to apply to workflow pods."

fn withPriorityClassName

withPriorityClassName(priorityClassName)

"PriorityClassName to apply to workflow pods."

fn withSchedulerName

withSchedulerName(schedulerName)

"If specified, the pod will be dispatched by specified scheduler. Or it will be dispatched by workflow scope scheduler if specified. If neither specified, the pod will be dispatched by default scheduler."

fn withServiceAccountName

withServiceAccountName(serviceAccountName)

"ServiceAccountName to apply to workflow pods"

fn withSidecars

withSidecars(sidecars)

"Sidecars is a list of containers which run alongside the main container Sidecars are automatically killed when the main container completes"

fn withSidecarsMixin

withSidecarsMixin(sidecars)

"Sidecars is a list of containers which run alongside the main container Sidecars are automatically killed when the main container completes"

Note: This function appends passed data to existing values

fn withSteps

withSteps(steps)

"Steps define a series of sequential/parallel workflow steps"

fn withStepsMixin

withStepsMixin(steps)

"Steps define a series of sequential/parallel workflow steps"

Note: This function appends passed data to existing values

fn withTimeout

withTimeout(timeout)

"Timeout allows to set the total node execution timeout duration counting from the node's start time. This duration also includes time in which the node spends in Pending state. This duration may not be applied to Step or DAG templates."

fn withTolerations

withTolerations(tolerations)

"Tolerations to apply to workflow pods."

fn withTolerationsMixin

withTolerationsMixin(tolerations)

"Tolerations to apply to workflow pods."

Note: This function appends passed data to existing values

fn withVolumes

withVolumes(volumes)

"Volumes is a list of volumes that can be mounted by containers in a template."

fn withVolumesMixin

withVolumesMixin(volumes)

"Volumes is a list of volumes that can be mounted by containers in a template."

Note: This function appends passed data to existing values

obj affinity

"Affinity is a group of affinity scheduling rules."

obj affinity.nodeAffinity

"Node affinity is a group of node affinity scheduling rules."

fn affinity.nodeAffinity.withPreferredDuringSchedulingIgnoredDuringExecution

withPreferredDuringSchedulingIgnoredDuringExecution(preferredDuringSchedulingIgnoredDuringExecution)

"The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred."

fn affinity.nodeAffinity.withPreferredDuringSchedulingIgnoredDuringExecutionMixin

withPreferredDuringSchedulingIgnoredDuringExecutionMixin(preferredDuringSchedulingIgnoredDuringExecution)

"The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred."

Note: This function appends passed data to existing values

obj affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution

"A node selector represents the union of the results of one or more label queries over a set of nodes; that is, it represents the OR of the selectors represented by the node selector terms."

fn affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.withNodeSelectorTerms

withNodeSelectorTerms(nodeSelectorTerms)

"Required. A list of node selector terms. The terms are ORed."

fn affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.withNodeSelectorTermsMixin

withNodeSelectorTermsMixin(nodeSelectorTerms)

"Required. A list of node selector terms. The terms are ORed."

Note: This function appends passed data to existing values

obj affinity.podAffinity

"Pod affinity is a group of inter pod affinity scheduling rules."

fn affinity.podAffinity.withPreferredDuringSchedulingIgnoredDuringExecution

withPreferredDuringSchedulingIgnoredDuringExecution(preferredDuringSchedulingIgnoredDuringExecution)

"The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred."

fn affinity.podAffinity.withPreferredDuringSchedulingIgnoredDuringExecutionMixin

withPreferredDuringSchedulingIgnoredDuringExecutionMixin(preferredDuringSchedulingIgnoredDuringExecution)

"The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred."

Note: This function appends passed data to existing values

fn affinity.podAffinity.withRequiredDuringSchedulingIgnoredDuringExecution

withRequiredDuringSchedulingIgnoredDuringExecution(requiredDuringSchedulingIgnoredDuringExecution)

"If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied."

fn affinity.podAffinity.withRequiredDuringSchedulingIgnoredDuringExecutionMixin

withRequiredDuringSchedulingIgnoredDuringExecutionMixin(requiredDuringSchedulingIgnoredDuringExecution)

"If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied."

Note: This function appends passed data to existing values

obj affinity.podAntiAffinity

"Pod anti affinity is a group of inter pod anti affinity scheduling rules."

fn affinity.podAntiAffinity.withPreferredDuringSchedulingIgnoredDuringExecution

withPreferredDuringSchedulingIgnoredDuringExecution(preferredDuringSchedulingIgnoredDuringExecution)

"The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred."

fn affinity.podAntiAffinity.withPreferredDuringSchedulingIgnoredDuringExecutionMixin

withPreferredDuringSchedulingIgnoredDuringExecutionMixin(preferredDuringSchedulingIgnoredDuringExecution)

"The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding \"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred."

Note: This function appends passed data to existing values

fn affinity.podAntiAffinity.withRequiredDuringSchedulingIgnoredDuringExecution

withRequiredDuringSchedulingIgnoredDuringExecution(requiredDuringSchedulingIgnoredDuringExecution)

"If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied."

fn affinity.podAntiAffinity.withRequiredDuringSchedulingIgnoredDuringExecutionMixin

withRequiredDuringSchedulingIgnoredDuringExecutionMixin(requiredDuringSchedulingIgnoredDuringExecution)

"If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied."

Note: This function appends passed data to existing values

obj archiveLocation

"ArtifactLocation describes a location for a single or multiple artifacts. It is used as single artifact in the context of inputs/outputs (e.g. outputs.artifacts.artname). It is also used to describe the location of multiple artifacts such as the archive location of a single workflow step, which the executor will use as a default location to store its files."

fn archiveLocation.withArchiveLogs

withArchiveLogs(archiveLogs)

"ArchiveLogs indicates if the container logs should be archived"

obj archiveLocation.artifactory

"ArtifactoryArtifact is the location of an artifactory artifact"

fn archiveLocation.artifactory.withUrl

withUrl(url)

"URL of the artifact"

obj archiveLocation.artifactory.passwordSecret

"SecretKeySelector selects a key of a Secret."

fn archiveLocation.artifactory.passwordSecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn archiveLocation.artifactory.passwordSecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn archiveLocation.artifactory.passwordSecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj archiveLocation.artifactory.usernameSecret

"SecretKeySelector selects a key of a Secret."

fn archiveLocation.artifactory.usernameSecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn archiveLocation.artifactory.usernameSecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn archiveLocation.artifactory.usernameSecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj archiveLocation.gcs

"GCSArtifact is the location of a GCS artifact"

fn archiveLocation.gcs.withBucket

withBucket(bucket)

"Bucket is the name of the bucket"

fn archiveLocation.gcs.withKey

withKey(key)

"Key is the path in the bucket where the artifact resides"

obj archiveLocation.gcs.serviceAccountKeySecret

"SecretKeySelector selects a key of a Secret."

fn archiveLocation.gcs.serviceAccountKeySecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn archiveLocation.gcs.serviceAccountKeySecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn archiveLocation.gcs.serviceAccountKeySecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj archiveLocation.git

"GitArtifact is the location of an git artifact"

fn archiveLocation.git.withDepth

withDepth(depth)

"Depth specifies clones/fetches should be shallow and include the given number of commits from the branch tip"

fn archiveLocation.git.withDisableSubmodules

withDisableSubmodules(disableSubmodules)

"DisableSubmodules disables submodules during git clone"

fn archiveLocation.git.withFetch

withFetch(fetch)

"Fetch specifies a number of refs that should be fetched before checkout"

fn archiveLocation.git.withFetchMixin

withFetchMixin(fetch)

"Fetch specifies a number of refs that should be fetched before checkout"

Note: This function appends passed data to existing values

fn archiveLocation.git.withInsecureIgnoreHostKey

withInsecureIgnoreHostKey(insecureIgnoreHostKey)

"InsecureIgnoreHostKey disables SSH strict host key checking during git clone"

fn archiveLocation.git.withRepo

withRepo(repo)

"Repo is the git repository"

fn archiveLocation.git.withRevision

withRevision(revision)

"Revision is the git commit, tag, branch to checkout"

obj archiveLocation.git.passwordSecret

"SecretKeySelector selects a key of a Secret."

fn archiveLocation.git.passwordSecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn archiveLocation.git.passwordSecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn archiveLocation.git.passwordSecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj archiveLocation.git.sshPrivateKeySecret

"SecretKeySelector selects a key of a Secret."

fn archiveLocation.git.sshPrivateKeySecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn archiveLocation.git.sshPrivateKeySecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn archiveLocation.git.sshPrivateKeySecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj archiveLocation.git.usernameSecret

"SecretKeySelector selects a key of a Secret."

fn archiveLocation.git.usernameSecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn archiveLocation.git.usernameSecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn archiveLocation.git.usernameSecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj archiveLocation.hdfs

"HDFSArtifact is the location of an HDFS artifact"

fn archiveLocation.hdfs.withAddresses

withAddresses(addresses)

"Addresses is accessible addresses of HDFS name nodes"

fn archiveLocation.hdfs.withAddressesMixin

withAddressesMixin(addresses)

"Addresses is accessible addresses of HDFS name nodes"

Note: This function appends passed data to existing values

fn archiveLocation.hdfs.withForce

withForce(force)

"Force copies a file forcibly even if it exists"

fn archiveLocation.hdfs.withHdfsUser

withHdfsUser(hdfsUser)

"HDFSUser is the user to access HDFS file system. It is ignored if either ccache or keytab is used."

fn archiveLocation.hdfs.withKrbRealm

withKrbRealm(krbRealm)

"KrbRealm is the Kerberos realm used with Kerberos keytab It must be set if keytab is used."

fn archiveLocation.hdfs.withKrbServicePrincipalName

withKrbServicePrincipalName(krbServicePrincipalName)

"KrbServicePrincipalName is the principal name of Kerberos service It must be set if either ccache or keytab is used."

fn archiveLocation.hdfs.withKrbUsername

withKrbUsername(krbUsername)

"KrbUsername is the Kerberos username used with Kerberos keytab It must be set if keytab is used."

fn archiveLocation.hdfs.withPath

withPath(path)

"Path is a file path in HDFS"

obj archiveLocation.hdfs.krbCCacheSecret

"SecretKeySelector selects a key of a Secret."

fn archiveLocation.hdfs.krbCCacheSecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn archiveLocation.hdfs.krbCCacheSecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn archiveLocation.hdfs.krbCCacheSecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj archiveLocation.hdfs.krbConfigConfigMap

"Selects a key from a ConfigMap."

fn archiveLocation.hdfs.krbConfigConfigMap.withKey

withKey(key)

"The key to select."

fn archiveLocation.hdfs.krbConfigConfigMap.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn archiveLocation.hdfs.krbConfigConfigMap.withOptional

withOptional(optional)

"Specify whether the ConfigMap or its key must be defined"

obj archiveLocation.hdfs.krbKeytabSecret

"SecretKeySelector selects a key of a Secret."

fn archiveLocation.hdfs.krbKeytabSecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn archiveLocation.hdfs.krbKeytabSecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn archiveLocation.hdfs.krbKeytabSecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj archiveLocation.http

"HTTPArtifact allows an file served on HTTP to be placed as an input artifact in a container"

fn archiveLocation.http.withHeaders

withHeaders(headers)

"Headers are an optional list of headers to send with HTTP requests for artifacts"

fn archiveLocation.http.withHeadersMixin

withHeadersMixin(headers)

"Headers are an optional list of headers to send with HTTP requests for artifacts"

Note: This function appends passed data to existing values

fn archiveLocation.http.withUrl

withUrl(url)

"URL of the artifact"

obj archiveLocation.oss

"OSSArtifact is the location of an Alibaba Cloud OSS artifact"

fn archiveLocation.oss.withBucket

withBucket(bucket)

"Bucket is the name of the bucket"

fn archiveLocation.oss.withCreateBucketIfNotPresent

withCreateBucketIfNotPresent(createBucketIfNotPresent)

"CreateBucketIfNotPresent tells the driver to attempt to create the OSS bucket for output artifacts, if it doesn't exist"

fn archiveLocation.oss.withEndpoint

withEndpoint(endpoint)

"Endpoint is the hostname of the bucket endpoint"

fn archiveLocation.oss.withKey

withKey(key)

"Key is the path in the bucket where the artifact resides"

fn archiveLocation.oss.withSecurityToken

withSecurityToken(securityToken)

"SecurityToken is the user's temporary security token. For more details, check out: https://www.alibabacloud.com/help/doc-detail/100624.htm"

obj archiveLocation.oss.accessKeySecret

"SecretKeySelector selects a key of a Secret."

fn archiveLocation.oss.accessKeySecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn archiveLocation.oss.accessKeySecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn archiveLocation.oss.accessKeySecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj archiveLocation.oss.lifecycleRule

"OSSLifecycleRule specifies how to manage bucket's lifecycle"

fn archiveLocation.oss.lifecycleRule.withMarkDeletionAfterDays

withMarkDeletionAfterDays(markDeletionAfterDays)

"MarkDeletionAfterDays is the number of days before we delete objects in the bucket"

fn archiveLocation.oss.lifecycleRule.withMarkInfrequentAccessAfterDays

withMarkInfrequentAccessAfterDays(markInfrequentAccessAfterDays)

"MarkInfrequentAccessAfterDays is the number of days before we convert the objects in the bucket to Infrequent Access (IA) storage type"

obj archiveLocation.oss.secretKeySecret

"SecretKeySelector selects a key of a Secret."

fn archiveLocation.oss.secretKeySecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn archiveLocation.oss.secretKeySecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn archiveLocation.oss.secretKeySecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj archiveLocation.raw

"RawArtifact allows raw string content to be placed as an artifact in a container"

fn archiveLocation.raw.withData

withData(data)

"Data is the string contents of the artifact"

obj archiveLocation.s3

"S3Artifact is the location of an S3 artifact"

fn archiveLocation.s3.withBucket

withBucket(bucket)

"Bucket is the name of the bucket"

fn archiveLocation.s3.withEndpoint

withEndpoint(endpoint)

"Endpoint is the hostname of the bucket endpoint"

fn archiveLocation.s3.withInsecure

withInsecure(insecure)

"Insecure will connect to the service with TLS"

fn archiveLocation.s3.withKey

withKey(key)

"Key is the key in the bucket where the artifact resides"

fn archiveLocation.s3.withRegion

withRegion(region)

"Region contains the optional bucket region"

fn archiveLocation.s3.withRoleARN

withRoleARN(roleARN)

"RoleARN is the Amazon Resource Name (ARN) of the role to assume."

fn archiveLocation.s3.withUseSDKCreds

withUseSDKCreds(useSDKCreds)

"UseSDKCreds tells the driver to figure out credentials based on sdk defaults."

obj archiveLocation.s3.accessKeySecret

"SecretKeySelector selects a key of a Secret."

fn archiveLocation.s3.accessKeySecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn archiveLocation.s3.accessKeySecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn archiveLocation.s3.accessKeySecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj archiveLocation.s3.createBucketIfNotPresent

"CreateS3BucketOptions options used to determine automatic automatic bucket-creation process"

fn archiveLocation.s3.createBucketIfNotPresent.withObjectLocking

withObjectLocking(objectLocking)

"ObjectLocking Enable object locking"

obj archiveLocation.s3.encryptionOptions

"S3EncryptionOptions used to determine encryption options during s3 operations"

fn archiveLocation.s3.encryptionOptions.withEnableEncryption

withEnableEncryption(enableEncryption)

"EnableEncryption tells the driver to encrypt objects if set to true. If kmsKeyId and serverSideCustomerKeySecret are not set, SSE-S3 will be used"

fn archiveLocation.s3.encryptionOptions.withKmsEncryptionContext

withKmsEncryptionContext(kmsEncryptionContext)

"KmsEncryptionContext is a json blob that contains an encryption context. See https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context for more information"

fn archiveLocation.s3.encryptionOptions.withKmsKeyId

withKmsKeyId(kmsKeyId)

"KMSKeyId tells the driver to encrypt the object using the specified KMS Key."

obj archiveLocation.s3.encryptionOptions.serverSideCustomerKeySecret

"SecretKeySelector selects a key of a Secret."

fn archiveLocation.s3.encryptionOptions.serverSideCustomerKeySecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn archiveLocation.s3.encryptionOptions.serverSideCustomerKeySecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn archiveLocation.s3.encryptionOptions.serverSideCustomerKeySecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj archiveLocation.s3.secretKeySecret

"SecretKeySelector selects a key of a Secret."

fn archiveLocation.s3.secretKeySecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn archiveLocation.s3.secretKeySecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn archiveLocation.s3.secretKeySecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj container

"A single application container that you want to run within a pod."

fn container.withArgs

withArgs(args)

"Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"

fn container.withArgsMixin

withArgsMixin(args)

"Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"

Note: This function appends passed data to existing values

fn container.withCommand

withCommand(command)

"Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"

fn container.withCommandMixin

withCommandMixin(command)

"Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"

Note: This function appends passed data to existing values

fn container.withEnv

withEnv(env)

"List of environment variables to set in the container. Cannot be updated."

fn container.withEnvFrom

withEnvFrom(envFrom)

"List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated."

fn container.withEnvFromMixin

withEnvFromMixin(envFrom)

"List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated."

Note: This function appends passed data to existing values

fn container.withEnvMixin

withEnvMixin(env)

"List of environment variables to set in the container. Cannot be updated."

Note: This function appends passed data to existing values

fn container.withImage

withImage(image)

"Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets."

fn container.withImagePullPolicy

withImagePullPolicy(imagePullPolicy)

"Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images\n\nPossible enum values:\n - \"Always\" means that kubelet always attempts to pull the latest image. Container will fail If the pull fails.\n - \"IfNotPresent\" means that kubelet pulls if the image isn't present on disk. Container will fail if the image isn't present and the pull fails.\n - \"Never\" means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn't present"

fn container.withName

withName(name)

"Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated."

fn container.withPorts

withPorts(ports)

"List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated."

fn container.withPortsMixin

withPortsMixin(ports)

"List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated."

Note: This function appends passed data to existing values

fn container.withStdin

withStdin(stdin)

"Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false."

fn container.withStdinOnce

withStdinOnce(stdinOnce)

"Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false"

fn container.withTerminationMessagePath

withTerminationMessagePath(terminationMessagePath)

"Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated."

fn container.withTerminationMessagePolicy

withTerminationMessagePolicy(terminationMessagePolicy)

"Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.\n\nPossible enum values:\n - \"FallbackToLogsOnError\" will read the most recent contents of the container logs for the container status message when the container exits with an error and the terminationMessagePath has no contents.\n - \"File\" is the default behavior and will set the container status message to the contents of the container's terminationMessagePath when the container exits."

fn container.withTty

withTty(tty)

"Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false."

fn container.withVolumeDevices

withVolumeDevices(volumeDevices)

"volumeDevices is the list of block devices to be used by the container."

fn container.withVolumeDevicesMixin

withVolumeDevicesMixin(volumeDevices)

"volumeDevices is the list of block devices to be used by the container."

Note: This function appends passed data to existing values

fn container.withVolumeMounts

withVolumeMounts(volumeMounts)

"Pod volumes to mount into the container's filesystem. Cannot be updated."

fn container.withVolumeMountsMixin

withVolumeMountsMixin(volumeMounts)

"Pod volumes to mount into the container's filesystem. Cannot be updated."

Note: This function appends passed data to existing values

fn container.withWorkingDir

withWorkingDir(workingDir)

"Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated."

obj container.lifecycle

"Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted."

obj container.lifecycle.postStart

"LifecycleHandler defines a specific action that should be taken in a lifecycle hook. One and only one of the fields, except TCPSocket must be specified."

obj container.lifecycle.postStart.exec

"ExecAction describes a \"run in container\" action."

fn container.lifecycle.postStart.exec.withCommand

withCommand(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

fn container.lifecycle.postStart.exec.withCommandMixin

withCommandMixin(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

Note: This function appends passed data to existing values

obj container.lifecycle.postStart.httpGet

"HTTPGetAction describes an action based on HTTP Get requests."

fn container.lifecycle.postStart.httpGet.withHost

withHost(host)

"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."

fn container.lifecycle.postStart.httpGet.withHttpHeaders

withHttpHeaders(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

fn container.lifecycle.postStart.httpGet.withHttpHeadersMixin

withHttpHeadersMixin(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

Note: This function appends passed data to existing values

fn container.lifecycle.postStart.httpGet.withPath

withPath(path)

"Path to access on the HTTP server."

fn container.lifecycle.postStart.httpGet.withPort

withPort(port)

fn container.lifecycle.postStart.httpGet.withScheme

withScheme(scheme)

"Scheme to use for connecting to the host. Defaults to HTTP.\n\nPossible enum values:\n - \"HTTP\" means that the scheme used will be http://\n - \"HTTPS\" means that the scheme used will be https://"

obj container.lifecycle.postStart.tcpSocket

"TCPSocketAction describes an action based on opening a socket"

fn container.lifecycle.postStart.tcpSocket.withHost

withHost(host)

"Optional: Host name to connect to, defaults to the pod IP."

fn container.lifecycle.postStart.tcpSocket.withPort

withPort(port)

obj container.lifecycle.preStop

"LifecycleHandler defines a specific action that should be taken in a lifecycle hook. One and only one of the fields, except TCPSocket must be specified."

obj container.lifecycle.preStop.exec

"ExecAction describes a \"run in container\" action."

fn container.lifecycle.preStop.exec.withCommand

withCommand(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

fn container.lifecycle.preStop.exec.withCommandMixin

withCommandMixin(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

Note: This function appends passed data to existing values

obj container.lifecycle.preStop.httpGet

"HTTPGetAction describes an action based on HTTP Get requests."

fn container.lifecycle.preStop.httpGet.withHost

withHost(host)

"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."

fn container.lifecycle.preStop.httpGet.withHttpHeaders

withHttpHeaders(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

fn container.lifecycle.preStop.httpGet.withHttpHeadersMixin

withHttpHeadersMixin(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

Note: This function appends passed data to existing values

fn container.lifecycle.preStop.httpGet.withPath

withPath(path)

"Path to access on the HTTP server."

fn container.lifecycle.preStop.httpGet.withPort

withPort(port)

fn container.lifecycle.preStop.httpGet.withScheme

withScheme(scheme)

"Scheme to use for connecting to the host. Defaults to HTTP.\n\nPossible enum values:\n - \"HTTP\" means that the scheme used will be http://\n - \"HTTPS\" means that the scheme used will be https://"

obj container.lifecycle.preStop.tcpSocket

"TCPSocketAction describes an action based on opening a socket"

fn container.lifecycle.preStop.tcpSocket.withHost

withHost(host)

"Optional: Host name to connect to, defaults to the pod IP."

fn container.lifecycle.preStop.tcpSocket.withPort

withPort(port)

obj container.livenessProbe

"Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic."

fn container.livenessProbe.withFailureThreshold

withFailureThreshold(failureThreshold)

"Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."

fn container.livenessProbe.withInitialDelaySeconds

withInitialDelaySeconds(initialDelaySeconds)

"Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"

fn container.livenessProbe.withPeriodSeconds

withPeriodSeconds(periodSeconds)

"How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."

fn container.livenessProbe.withSuccessThreshold

withSuccessThreshold(successThreshold)

"Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."

fn container.livenessProbe.withTerminationGracePeriodSeconds

withTerminationGracePeriodSeconds(terminationGracePeriodSeconds)

"Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."

fn container.livenessProbe.withTimeoutSeconds

withTimeoutSeconds(timeoutSeconds)

"Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"

obj container.livenessProbe.exec

"ExecAction describes a \"run in container\" action."

fn container.livenessProbe.exec.withCommand

withCommand(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

fn container.livenessProbe.exec.withCommandMixin

withCommandMixin(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

Note: This function appends passed data to existing values

obj container.livenessProbe.grpc

fn container.livenessProbe.grpc.withPort

withPort(port)

"Port number of the gRPC service. Number must be in the range 1 to 65535."

fn container.livenessProbe.grpc.withService

withService(service)

"Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC."

obj container.livenessProbe.httpGet

"HTTPGetAction describes an action based on HTTP Get requests."

fn container.livenessProbe.httpGet.withHost

withHost(host)

"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."

fn container.livenessProbe.httpGet.withHttpHeaders

withHttpHeaders(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

fn container.livenessProbe.httpGet.withHttpHeadersMixin

withHttpHeadersMixin(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

Note: This function appends passed data to existing values

fn container.livenessProbe.httpGet.withPath

withPath(path)

"Path to access on the HTTP server."

fn container.livenessProbe.httpGet.withPort

withPort(port)

fn container.livenessProbe.httpGet.withScheme

withScheme(scheme)

"Scheme to use for connecting to the host. Defaults to HTTP.\n\nPossible enum values:\n - \"HTTP\" means that the scheme used will be http://\n - \"HTTPS\" means that the scheme used will be https://"

obj container.livenessProbe.tcpSocket

"TCPSocketAction describes an action based on opening a socket"

fn container.livenessProbe.tcpSocket.withHost

withHost(host)

"Optional: Host name to connect to, defaults to the pod IP."

fn container.livenessProbe.tcpSocket.withPort

withPort(port)

obj container.readinessProbe

"Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic."

fn container.readinessProbe.withFailureThreshold

withFailureThreshold(failureThreshold)

"Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."

fn container.readinessProbe.withInitialDelaySeconds

withInitialDelaySeconds(initialDelaySeconds)

"Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"

fn container.readinessProbe.withPeriodSeconds

withPeriodSeconds(periodSeconds)

"How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."

fn container.readinessProbe.withSuccessThreshold

withSuccessThreshold(successThreshold)

"Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."

fn container.readinessProbe.withTerminationGracePeriodSeconds

withTerminationGracePeriodSeconds(terminationGracePeriodSeconds)

"Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."

fn container.readinessProbe.withTimeoutSeconds

withTimeoutSeconds(timeoutSeconds)

"Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"

obj container.readinessProbe.exec

"ExecAction describes a \"run in container\" action."

fn container.readinessProbe.exec.withCommand

withCommand(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

fn container.readinessProbe.exec.withCommandMixin

withCommandMixin(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

Note: This function appends passed data to existing values

obj container.readinessProbe.grpc

fn container.readinessProbe.grpc.withPort

withPort(port)

"Port number of the gRPC service. Number must be in the range 1 to 65535."

fn container.readinessProbe.grpc.withService

withService(service)

"Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC."

obj container.readinessProbe.httpGet

"HTTPGetAction describes an action based on HTTP Get requests."

fn container.readinessProbe.httpGet.withHost

withHost(host)

"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."

fn container.readinessProbe.httpGet.withHttpHeaders

withHttpHeaders(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

fn container.readinessProbe.httpGet.withHttpHeadersMixin

withHttpHeadersMixin(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

Note: This function appends passed data to existing values

fn container.readinessProbe.httpGet.withPath

withPath(path)

"Path to access on the HTTP server."

fn container.readinessProbe.httpGet.withPort

withPort(port)

fn container.readinessProbe.httpGet.withScheme

withScheme(scheme)

"Scheme to use for connecting to the host. Defaults to HTTP.\n\nPossible enum values:\n - \"HTTP\" means that the scheme used will be http://\n - \"HTTPS\" means that the scheme used will be https://"

obj container.readinessProbe.tcpSocket

"TCPSocketAction describes an action based on opening a socket"

fn container.readinessProbe.tcpSocket.withHost

withHost(host)

"Optional: Host name to connect to, defaults to the pod IP."

fn container.readinessProbe.tcpSocket.withPort

withPort(port)

obj container.resources

"ResourceRequirements describes the compute resource requirements."

fn container.resources.withLimits

withLimits(limits)

"Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"

fn container.resources.withLimitsMixin

withLimitsMixin(limits)

"Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"

Note: This function appends passed data to existing values

fn container.resources.withRequests

withRequests(requests)

"Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"

fn container.resources.withRequestsMixin

withRequestsMixin(requests)

"Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"

Note: This function appends passed data to existing values

obj container.securityContext

"SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence."

fn container.securityContext.withAllowPrivilegeEscalation

withAllowPrivilegeEscalation(allowPrivilegeEscalation)

"AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows."

fn container.securityContext.withPrivileged

withPrivileged(privileged)

"Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows."

fn container.securityContext.withProcMount

withProcMount(procMount)

"procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows."

fn container.securityContext.withReadOnlyRootFilesystem

withReadOnlyRootFilesystem(readOnlyRootFilesystem)

"Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows."

fn container.securityContext.withRunAsGroup

withRunAsGroup(runAsGroup)

"The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."

fn container.securityContext.withRunAsNonRoot

withRunAsNonRoot(runAsNonRoot)

"Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."

fn container.securityContext.withRunAsUser

withRunAsUser(runAsUser)

"The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."

obj container.securityContext.capabilities

"Adds and removes POSIX capabilities from running containers."

fn container.securityContext.capabilities.withAdd

withAdd(add)

"Added capabilities"

fn container.securityContext.capabilities.withAddMixin

withAddMixin(add)

"Added capabilities"

Note: This function appends passed data to existing values

fn container.securityContext.capabilities.withDrop

withDrop(drop)

"Removed capabilities"

fn container.securityContext.capabilities.withDropMixin

withDropMixin(drop)

"Removed capabilities"

Note: This function appends passed data to existing values

obj container.securityContext.seLinuxOptions

"SELinuxOptions are the labels to be applied to the container"

fn container.securityContext.seLinuxOptions.withLevel

withLevel(level)

"Level is SELinux level label that applies to the container."

fn container.securityContext.seLinuxOptions.withRole

withRole(role)

"Role is a SELinux role label that applies to the container."

fn container.securityContext.seLinuxOptions.withType

withType(type)

"Type is a SELinux type label that applies to the container."

fn container.securityContext.seLinuxOptions.withUser

withUser(user)

"User is a SELinux user label that applies to the container."

obj container.securityContext.seccompProfile

"SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set."

fn container.securityContext.seccompProfile.withLocalhostProfile

withLocalhostProfile(localhostProfile)

"localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\"."

fn container.securityContext.seccompProfile.withType

withType(type)

"type indicates which kind of seccomp profile will be applied. Valid options are:\n\nLocalhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.\n\nPossible enum values:\n - \"Localhost\" indicates a profile defined in a file on the node should be used. The file's location relative to /seccomp.\n - \"RuntimeDefault\" represents the default container runtime seccomp profile.\n - \"Unconfined\" indicates no seccomp profile is applied (A.K.A. unconfined)."

obj container.securityContext.windowsOptions

"WindowsSecurityContextOptions contain Windows-specific options and credentials."

fn container.securityContext.windowsOptions.withGmsaCredentialSpec

withGmsaCredentialSpec(gmsaCredentialSpec)

"GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field."

fn container.securityContext.windowsOptions.withGmsaCredentialSpecName

withGmsaCredentialSpecName(gmsaCredentialSpecName)

"GMSACredentialSpecName is the name of the GMSA credential spec to use."

fn container.securityContext.windowsOptions.withHostProcess

withHostProcess(hostProcess)

"HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true."

fn container.securityContext.windowsOptions.withRunAsUserName

withRunAsUserName(runAsUserName)

"The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."

obj container.startupProbe

"Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic."

fn container.startupProbe.withFailureThreshold

withFailureThreshold(failureThreshold)

"Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."

fn container.startupProbe.withInitialDelaySeconds

withInitialDelaySeconds(initialDelaySeconds)

"Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"

fn container.startupProbe.withPeriodSeconds

withPeriodSeconds(periodSeconds)

"How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."

fn container.startupProbe.withSuccessThreshold

withSuccessThreshold(successThreshold)

"Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."

fn container.startupProbe.withTerminationGracePeriodSeconds

withTerminationGracePeriodSeconds(terminationGracePeriodSeconds)

"Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."

fn container.startupProbe.withTimeoutSeconds

withTimeoutSeconds(timeoutSeconds)

"Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"

obj container.startupProbe.exec

"ExecAction describes a \"run in container\" action."

fn container.startupProbe.exec.withCommand

withCommand(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

fn container.startupProbe.exec.withCommandMixin

withCommandMixin(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

Note: This function appends passed data to existing values

obj container.startupProbe.grpc

fn container.startupProbe.grpc.withPort

withPort(port)

"Port number of the gRPC service. Number must be in the range 1 to 65535."

fn container.startupProbe.grpc.withService

withService(service)

"Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC."

obj container.startupProbe.httpGet

"HTTPGetAction describes an action based on HTTP Get requests."

fn container.startupProbe.httpGet.withHost

withHost(host)

"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."

fn container.startupProbe.httpGet.withHttpHeaders

withHttpHeaders(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

fn container.startupProbe.httpGet.withHttpHeadersMixin

withHttpHeadersMixin(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

Note: This function appends passed data to existing values

fn container.startupProbe.httpGet.withPath

withPath(path)

"Path to access on the HTTP server."

fn container.startupProbe.httpGet.withPort

withPort(port)

fn container.startupProbe.httpGet.withScheme

withScheme(scheme)

"Scheme to use for connecting to the host. Defaults to HTTP.\n\nPossible enum values:\n - \"HTTP\" means that the scheme used will be http://\n - \"HTTPS\" means that the scheme used will be https://"

obj container.startupProbe.tcpSocket

"TCPSocketAction describes an action based on opening a socket"

fn container.startupProbe.tcpSocket.withHost

withHost(host)

"Optional: Host name to connect to, defaults to the pod IP."

fn container.startupProbe.tcpSocket.withPort

withPort(port)

obj containerSet

fn containerSet.withContainers

withContainers(containers)

fn containerSet.withContainersMixin

withContainersMixin(containers)

Note: This function appends passed data to existing values

fn containerSet.withVolumeMounts

withVolumeMounts(volumeMounts)

fn containerSet.withVolumeMountsMixin

withVolumeMountsMixin(volumeMounts)

Note: This function appends passed data to existing values

obj containerSet.retryStrategy

fn containerSet.retryStrategy.withDuration

withDuration(duration)

"Duration is the time between each retry, examples values are \"300ms\", \"1s\" or \"5m\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\"."

fn containerSet.retryStrategy.withRetries

withRetries(retries)

obj dag

"DAGTemplate is a template subtype for directed acyclic graph templates"

fn dag.withFailFast

withFailFast(failFast)

"This flag is for DAG logic. The DAG logic has a built-in \"fail fast\" feature to stop scheduling new steps, as soon as it detects that one of the DAG nodes is failed. Then it waits until all DAG nodes are completed before failing the DAG itself. The FailFast flag default is true, if set to false, it will allow a DAG to run all branches of the DAG to completion (either success or failure), regardless of the failed outcomes of branches in the DAG. More info and example about this feature at https://github.com/argoproj/argo-workflows/issues/1442"

fn dag.withTarget

withTarget(target)

"Target are one or more names of targets to execute in a DAG"

fn dag.withTasks

withTasks(tasks)

"Tasks are a list of DAG tasks"

fn dag.withTasksMixin

withTasksMixin(tasks)

"Tasks are a list of DAG tasks"

Note: This function appends passed data to existing values

obj data

"Data is a data template"

fn data.withTransformation

withTransformation(transformation)

"Transformation applies a set of transformations"

fn data.withTransformationMixin

withTransformationMixin(transformation)

"Transformation applies a set of transformations"

Note: This function appends passed data to existing values

obj data.source

"DataSource sources external data into a data template"

obj data.source.artifactPaths

"ArtifactPaths expands a step from a collection of artifacts"

fn data.source.artifactPaths.withArchiveLogs

withArchiveLogs(archiveLogs)

"ArchiveLogs indicates if the container logs should be archived"

fn data.source.artifactPaths.withFrom

withFrom(from)

"From allows an artifact to reference an artifact from a previous step"

fn data.source.artifactPaths.withFromExpression

withFromExpression(fromExpression)

"FromExpression, if defined, is evaluated to specify the value for the artifact"

fn data.source.artifactPaths.withGlobalName

withGlobalName(globalName)

"GlobalName exports an output artifact to the global scope, making it available as '{{io.argoproj.workflow.v1alpha1.outputs.artifacts.XXXX}} and in workflow.status.outputs.artifacts"

fn data.source.artifactPaths.withMode

withMode(mode)

"mode bits to use on this file, must be a value between 0 and 0777 set when loading input artifacts."

fn data.source.artifactPaths.withName

withName(name)

"name of the artifact. must be unique within a template's inputs/outputs."

fn data.source.artifactPaths.withOptional

withOptional(optional)

"Make Artifacts optional, if Artifacts doesn't generate or exist"

fn data.source.artifactPaths.withPath

withPath(path)

"Path is the container path to the artifact"

fn data.source.artifactPaths.withRecurseMode

withRecurseMode(recurseMode)

"If mode is set, apply the permission recursively into the artifact if it is a folder"

fn data.source.artifactPaths.withSubPath

withSubPath(subPath)

"SubPath allows an artifact to be sourced from a subpath within the specified source"

obj data.source.artifactPaths.archive

"ArchiveStrategy describes how to archive files/directory when saving artifacts"

fn data.source.artifactPaths.archive.withNone

withNone(none)

"NoneStrategy indicates to skip tar process and upload the files or directory tree as independent files. Note that if the artifact is a directory, the artifact driver must support the ability to save/load the directory appropriately."

fn data.source.artifactPaths.archive.withNoneMixin

withNoneMixin(none)

"NoneStrategy indicates to skip tar process and upload the files or directory tree as independent files. Note that if the artifact is a directory, the artifact driver must support the ability to save/load the directory appropriately."

Note: This function appends passed data to existing values

fn data.source.artifactPaths.archive.withZip

withZip(zip)

"ZipStrategy will unzip zipped input artifacts"

fn data.source.artifactPaths.archive.withZipMixin

withZipMixin(zip)

"ZipStrategy will unzip zipped input artifacts"

Note: This function appends passed data to existing values

obj data.source.artifactPaths.archive.tar

"TarStrategy will tar and gzip the file or directory when saving"

fn data.source.artifactPaths.archive.tar.withCompressionLevel

withCompressionLevel(compressionLevel)

"CompressionLevel specifies the gzip compression level to use for the artifact. Defaults to gzip.DefaultCompression."

obj data.source.artifactPaths.artifactory

"ArtifactoryArtifact is the location of an artifactory artifact"

fn data.source.artifactPaths.artifactory.withUrl

withUrl(url)

"URL of the artifact"

obj data.source.artifactPaths.artifactory.passwordSecret

"SecretKeySelector selects a key of a Secret."

fn data.source.artifactPaths.artifactory.passwordSecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn data.source.artifactPaths.artifactory.passwordSecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn data.source.artifactPaths.artifactory.passwordSecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj data.source.artifactPaths.artifactory.usernameSecret

"SecretKeySelector selects a key of a Secret."

fn data.source.artifactPaths.artifactory.usernameSecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn data.source.artifactPaths.artifactory.usernameSecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn data.source.artifactPaths.artifactory.usernameSecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj data.source.artifactPaths.gcs

"GCSArtifact is the location of a GCS artifact"

fn data.source.artifactPaths.gcs.withBucket

withBucket(bucket)

"Bucket is the name of the bucket"

fn data.source.artifactPaths.gcs.withKey

withKey(key)

"Key is the path in the bucket where the artifact resides"

obj data.source.artifactPaths.gcs.serviceAccountKeySecret

"SecretKeySelector selects a key of a Secret."

fn data.source.artifactPaths.gcs.serviceAccountKeySecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn data.source.artifactPaths.gcs.serviceAccountKeySecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn data.source.artifactPaths.gcs.serviceAccountKeySecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj data.source.artifactPaths.git

"GitArtifact is the location of an git artifact"

fn data.source.artifactPaths.git.withDepth

withDepth(depth)

"Depth specifies clones/fetches should be shallow and include the given number of commits from the branch tip"

fn data.source.artifactPaths.git.withDisableSubmodules

withDisableSubmodules(disableSubmodules)

"DisableSubmodules disables submodules during git clone"

fn data.source.artifactPaths.git.withFetch

withFetch(fetch)

"Fetch specifies a number of refs that should be fetched before checkout"

fn data.source.artifactPaths.git.withFetchMixin

withFetchMixin(fetch)

"Fetch specifies a number of refs that should be fetched before checkout"

Note: This function appends passed data to existing values

fn data.source.artifactPaths.git.withInsecureIgnoreHostKey

withInsecureIgnoreHostKey(insecureIgnoreHostKey)

"InsecureIgnoreHostKey disables SSH strict host key checking during git clone"

fn data.source.artifactPaths.git.withRepo

withRepo(repo)

"Repo is the git repository"

fn data.source.artifactPaths.git.withRevision

withRevision(revision)

"Revision is the git commit, tag, branch to checkout"

obj data.source.artifactPaths.git.passwordSecret

"SecretKeySelector selects a key of a Secret."

fn data.source.artifactPaths.git.passwordSecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn data.source.artifactPaths.git.passwordSecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn data.source.artifactPaths.git.passwordSecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj data.source.artifactPaths.git.sshPrivateKeySecret

"SecretKeySelector selects a key of a Secret."

fn data.source.artifactPaths.git.sshPrivateKeySecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn data.source.artifactPaths.git.sshPrivateKeySecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn data.source.artifactPaths.git.sshPrivateKeySecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj data.source.artifactPaths.git.usernameSecret

"SecretKeySelector selects a key of a Secret."

fn data.source.artifactPaths.git.usernameSecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn data.source.artifactPaths.git.usernameSecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn data.source.artifactPaths.git.usernameSecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj data.source.artifactPaths.hdfs

"HDFSArtifact is the location of an HDFS artifact"

fn data.source.artifactPaths.hdfs.withAddresses

withAddresses(addresses)

"Addresses is accessible addresses of HDFS name nodes"

fn data.source.artifactPaths.hdfs.withAddressesMixin

withAddressesMixin(addresses)

"Addresses is accessible addresses of HDFS name nodes"

Note: This function appends passed data to existing values

fn data.source.artifactPaths.hdfs.withForce

withForce(force)

"Force copies a file forcibly even if it exists"

fn data.source.artifactPaths.hdfs.withHdfsUser

withHdfsUser(hdfsUser)

"HDFSUser is the user to access HDFS file system. It is ignored if either ccache or keytab is used."

fn data.source.artifactPaths.hdfs.withKrbRealm

withKrbRealm(krbRealm)

"KrbRealm is the Kerberos realm used with Kerberos keytab It must be set if keytab is used."

fn data.source.artifactPaths.hdfs.withKrbServicePrincipalName

withKrbServicePrincipalName(krbServicePrincipalName)

"KrbServicePrincipalName is the principal name of Kerberos service It must be set if either ccache or keytab is used."

fn data.source.artifactPaths.hdfs.withKrbUsername

withKrbUsername(krbUsername)

"KrbUsername is the Kerberos username used with Kerberos keytab It must be set if keytab is used."

fn data.source.artifactPaths.hdfs.withPath

withPath(path)

"Path is a file path in HDFS"

obj data.source.artifactPaths.hdfs.krbCCacheSecret

"SecretKeySelector selects a key of a Secret."

fn data.source.artifactPaths.hdfs.krbCCacheSecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn data.source.artifactPaths.hdfs.krbCCacheSecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn data.source.artifactPaths.hdfs.krbCCacheSecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj data.source.artifactPaths.hdfs.krbConfigConfigMap

"Selects a key from a ConfigMap."

fn data.source.artifactPaths.hdfs.krbConfigConfigMap.withKey

withKey(key)

"The key to select."

fn data.source.artifactPaths.hdfs.krbConfigConfigMap.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn data.source.artifactPaths.hdfs.krbConfigConfigMap.withOptional

withOptional(optional)

"Specify whether the ConfigMap or its key must be defined"

obj data.source.artifactPaths.hdfs.krbKeytabSecret

"SecretKeySelector selects a key of a Secret."

fn data.source.artifactPaths.hdfs.krbKeytabSecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn data.source.artifactPaths.hdfs.krbKeytabSecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn data.source.artifactPaths.hdfs.krbKeytabSecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj data.source.artifactPaths.http

"HTTPArtifact allows an file served on HTTP to be placed as an input artifact in a container"

fn data.source.artifactPaths.http.withHeaders

withHeaders(headers)

"Headers are an optional list of headers to send with HTTP requests for artifacts"

fn data.source.artifactPaths.http.withHeadersMixin

withHeadersMixin(headers)

"Headers are an optional list of headers to send with HTTP requests for artifacts"

Note: This function appends passed data to existing values

fn data.source.artifactPaths.http.withUrl

withUrl(url)

"URL of the artifact"

obj data.source.artifactPaths.oss

"OSSArtifact is the location of an Alibaba Cloud OSS artifact"

fn data.source.artifactPaths.oss.withBucket

withBucket(bucket)

"Bucket is the name of the bucket"

fn data.source.artifactPaths.oss.withCreateBucketIfNotPresent

withCreateBucketIfNotPresent(createBucketIfNotPresent)

"CreateBucketIfNotPresent tells the driver to attempt to create the OSS bucket for output artifacts, if it doesn't exist"

fn data.source.artifactPaths.oss.withEndpoint

withEndpoint(endpoint)

"Endpoint is the hostname of the bucket endpoint"

fn data.source.artifactPaths.oss.withKey

withKey(key)

"Key is the path in the bucket where the artifact resides"

fn data.source.artifactPaths.oss.withSecurityToken

withSecurityToken(securityToken)

"SecurityToken is the user's temporary security token. For more details, check out: https://www.alibabacloud.com/help/doc-detail/100624.htm"

obj data.source.artifactPaths.oss.accessKeySecret

"SecretKeySelector selects a key of a Secret."

fn data.source.artifactPaths.oss.accessKeySecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn data.source.artifactPaths.oss.accessKeySecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn data.source.artifactPaths.oss.accessKeySecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj data.source.artifactPaths.oss.lifecycleRule

"OSSLifecycleRule specifies how to manage bucket's lifecycle"

fn data.source.artifactPaths.oss.lifecycleRule.withMarkDeletionAfterDays

withMarkDeletionAfterDays(markDeletionAfterDays)

"MarkDeletionAfterDays is the number of days before we delete objects in the bucket"

fn data.source.artifactPaths.oss.lifecycleRule.withMarkInfrequentAccessAfterDays

withMarkInfrequentAccessAfterDays(markInfrequentAccessAfterDays)

"MarkInfrequentAccessAfterDays is the number of days before we convert the objects in the bucket to Infrequent Access (IA) storage type"

obj data.source.artifactPaths.oss.secretKeySecret

"SecretKeySelector selects a key of a Secret."

fn data.source.artifactPaths.oss.secretKeySecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn data.source.artifactPaths.oss.secretKeySecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn data.source.artifactPaths.oss.secretKeySecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj data.source.artifactPaths.raw

"RawArtifact allows raw string content to be placed as an artifact in a container"

fn data.source.artifactPaths.raw.withData

withData(data)

"Data is the string contents of the artifact"

obj data.source.artifactPaths.s3

"S3Artifact is the location of an S3 artifact"

fn data.source.artifactPaths.s3.withBucket

withBucket(bucket)

"Bucket is the name of the bucket"

fn data.source.artifactPaths.s3.withEndpoint

withEndpoint(endpoint)

"Endpoint is the hostname of the bucket endpoint"

fn data.source.artifactPaths.s3.withInsecure

withInsecure(insecure)

"Insecure will connect to the service with TLS"

fn data.source.artifactPaths.s3.withKey

withKey(key)

"Key is the key in the bucket where the artifact resides"

fn data.source.artifactPaths.s3.withRegion

withRegion(region)

"Region contains the optional bucket region"

fn data.source.artifactPaths.s3.withRoleARN

withRoleARN(roleARN)

"RoleARN is the Amazon Resource Name (ARN) of the role to assume."

fn data.source.artifactPaths.s3.withUseSDKCreds

withUseSDKCreds(useSDKCreds)

"UseSDKCreds tells the driver to figure out credentials based on sdk defaults."

obj data.source.artifactPaths.s3.accessKeySecret

"SecretKeySelector selects a key of a Secret."

fn data.source.artifactPaths.s3.accessKeySecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn data.source.artifactPaths.s3.accessKeySecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn data.source.artifactPaths.s3.accessKeySecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj data.source.artifactPaths.s3.createBucketIfNotPresent

"CreateS3BucketOptions options used to determine automatic automatic bucket-creation process"

fn data.source.artifactPaths.s3.createBucketIfNotPresent.withObjectLocking

withObjectLocking(objectLocking)

"ObjectLocking Enable object locking"

obj data.source.artifactPaths.s3.encryptionOptions

"S3EncryptionOptions used to determine encryption options during s3 operations"

fn data.source.artifactPaths.s3.encryptionOptions.withEnableEncryption

withEnableEncryption(enableEncryption)

"EnableEncryption tells the driver to encrypt objects if set to true. If kmsKeyId and serverSideCustomerKeySecret are not set, SSE-S3 will be used"

fn data.source.artifactPaths.s3.encryptionOptions.withKmsEncryptionContext

withKmsEncryptionContext(kmsEncryptionContext)

"KmsEncryptionContext is a json blob that contains an encryption context. See https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context for more information"

fn data.source.artifactPaths.s3.encryptionOptions.withKmsKeyId

withKmsKeyId(kmsKeyId)

"KMSKeyId tells the driver to encrypt the object using the specified KMS Key."

obj data.source.artifactPaths.s3.encryptionOptions.serverSideCustomerKeySecret

"SecretKeySelector selects a key of a Secret."

fn data.source.artifactPaths.s3.encryptionOptions.serverSideCustomerKeySecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn data.source.artifactPaths.s3.encryptionOptions.serverSideCustomerKeySecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn data.source.artifactPaths.s3.encryptionOptions.serverSideCustomerKeySecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj data.source.artifactPaths.s3.secretKeySecret

"SecretKeySelector selects a key of a Secret."

fn data.source.artifactPaths.s3.secretKeySecret.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn data.source.artifactPaths.s3.secretKeySecret.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn data.source.artifactPaths.s3.secretKeySecret.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj executor

"ExecutorConfig holds configurations of an executor container."

fn executor.withServiceAccountName

withServiceAccountName(serviceAccountName)

"ServiceAccountName specifies the service account name of the executor container."

obj http

fn http.withBody

withBody(body)

"Body is content of the HTTP Request"

fn http.withHeaders

withHeaders(headers)

"Headers are an optional list of headers to send with HTTP requests"

fn http.withHeadersMixin

withHeadersMixin(headers)

"Headers are an optional list of headers to send with HTTP requests"

Note: This function appends passed data to existing values

fn http.withInsecureSkipVerify

withInsecureSkipVerify(insecureSkipVerify)

"insecureSkipVerify is a bool when if set to true will skip TLS verification for the HTTP client"

fn http.withMethod

withMethod(method)

"Method is HTTP methods for HTTP Request"

fn http.withSuccessCondition

withSuccessCondition(successCondition)

"SuccessCondition is an expression if evaluated to true is considered successful"

fn http.withTimeoutSeconds

withTimeoutSeconds(timeoutSeconds)

"TimeoutSeconds is request timeout for HTTP Request. Default is 30 seconds"

fn http.withUrl

withUrl(url)

"URL of the HTTP Request"

obj inputs

"Inputs are the mechanism for passing parameters, artifacts, volumes from one template to another"

fn inputs.withArtifacts

withArtifacts(artifacts)

"Artifact are a list of artifacts passed as inputs"

fn inputs.withArtifactsMixin

withArtifactsMixin(artifacts)

"Artifact are a list of artifacts passed as inputs"

Note: This function appends passed data to existing values

fn inputs.withParameters

withParameters(parameters)

"Parameters are a list of parameters passed as inputs"

fn inputs.withParametersMixin

withParametersMixin(parameters)

"Parameters are a list of parameters passed as inputs"

Note: This function appends passed data to existing values

obj memoize

"Memoization enables caching for the Outputs of the template"

fn memoize.withKey

withKey(key)

"Key is the key to use as the caching key"

fn memoize.withMaxAge

withMaxAge(maxAge)

"MaxAge is the maximum age (e.g. \"180s\", \"24h\") of an entry that is still considered valid. If an entry is older than the MaxAge, it will be ignored."

obj memoize.cache

"Cache is the configuration for the type of cache to be used"

obj memoize.cache.configMap

"Selects a key from a ConfigMap."

fn memoize.cache.configMap.withKey

withKey(key)

"The key to select."

fn memoize.cache.configMap.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn memoize.cache.configMap.withOptional

withOptional(optional)

"Specify whether the ConfigMap or its key must be defined"

obj metadata

"Pod metdata"

fn metadata.withAnnotations

withAnnotations(annotations)

fn metadata.withAnnotationsMixin

withAnnotationsMixin(annotations)

Note: This function appends passed data to existing values

fn metadata.withLabels

withLabels(labels)

fn metadata.withLabelsMixin

withLabelsMixin(labels)

Note: This function appends passed data to existing values

obj metrics

"Metrics are a list of metrics emitted from a Workflow/Template"

fn metrics.withPrometheus

withPrometheus(prometheus)

"Prometheus is a list of prometheus metrics to be emitted"

fn metrics.withPrometheusMixin

withPrometheusMixin(prometheus)

"Prometheus is a list of prometheus metrics to be emitted"

Note: This function appends passed data to existing values

obj outputs

"Outputs hold parameters, artifacts, and results from a step"

fn outputs.withArtifacts

withArtifacts(artifacts)

"Artifacts holds the list of output artifacts produced by a step"

fn outputs.withArtifactsMixin

withArtifactsMixin(artifacts)

"Artifacts holds the list of output artifacts produced by a step"

Note: This function appends passed data to existing values

fn outputs.withExitCode

withExitCode(exitCode)

"ExitCode holds the exit code of a script template"

fn outputs.withParameters

withParameters(parameters)

"Parameters holds the list of output parameters produced by a step"

fn outputs.withParametersMixin

withParametersMixin(parameters)

"Parameters holds the list of output parameters produced by a step"

Note: This function appends passed data to existing values

fn outputs.withResult

withResult(result)

"Result holds the result (stdout) of a script template"

obj resource

"ResourceTemplate is a template subtype to manipulate kubernetes resources"

fn resource.withAction

withAction(action)

"Action is the action to perform to the resource. Must be one of: get, create, apply, delete, replace, patch"

fn resource.withFailureCondition

withFailureCondition(failureCondition)

"FailureCondition is a label selector expression which describes the conditions of the k8s resource in which the step was considered failed"

fn resource.withFlags

withFlags(flags)

"Flags is a set of additional options passed to kubectl before submitting a resource I.e. to disable resource validation: flags: [\n\t\"--validate=false\" # disable resource validation\n]"

fn resource.withFlagsMixin

withFlagsMixin(flags)

"Flags is a set of additional options passed to kubectl before submitting a resource I.e. to disable resource validation: flags: [\n\t\"--validate=false\" # disable resource validation\n]"

Note: This function appends passed data to existing values

fn resource.withManifest

withManifest(manifest)

"Manifest contains the kubernetes manifest"

fn resource.withMergeStrategy

withMergeStrategy(mergeStrategy)

"MergeStrategy is the strategy used to merge a patch. It defaults to \"strategic\" Must be one of: strategic, merge, json"

fn resource.withSetOwnerReference

withSetOwnerReference(setOwnerReference)

"SetOwnerReference sets the reference to the workflow on the OwnerReference of generated resource."

fn resource.withSuccessCondition

withSuccessCondition(successCondition)

"SuccessCondition is a label selector expression which describes the conditions of the k8s resource in which it is acceptable to proceed to the following step"

obj retryStrategy

"RetryStrategy provides controls on how to retry a workflow step"

fn retryStrategy.withExpression

withExpression(expression)

"Expression is a condition expression for when a node will be retried. If it evaluates to false, the node will not be retried and the retry strategy will be ignored"

fn retryStrategy.withLimit

withLimit(limit)

fn retryStrategy.withRetryPolicy

withRetryPolicy(retryPolicy)

"RetryPolicy is a policy of NodePhase statuses that will be retried"

obj retryStrategy.affinity

"RetryAffinity prevents running steps on the same host."

fn retryStrategy.affinity.withNodeAntiAffinity

withNodeAntiAffinity(nodeAntiAffinity)

"RetryNodeAntiAffinity is a placeholder for future expansion, only empty nodeAntiAffinity is allowed. In order to prevent running steps on the same host, it uses \"kubernetes.io/hostname\"."

fn retryStrategy.affinity.withNodeAntiAffinityMixin

withNodeAntiAffinityMixin(nodeAntiAffinity)

"RetryNodeAntiAffinity is a placeholder for future expansion, only empty nodeAntiAffinity is allowed. In order to prevent running steps on the same host, it uses \"kubernetes.io/hostname\"."

Note: This function appends passed data to existing values

obj retryStrategy.backoff

"Backoff is a backoff strategy to use within retryStrategy"

fn retryStrategy.backoff.withDuration

withDuration(duration)

"Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. \"2m\", \"1h\")"

fn retryStrategy.backoff.withFactor

withFactor(factor)

fn retryStrategy.backoff.withMaxDuration

withMaxDuration(maxDuration)

"MaxDuration is the maximum amount of time allowed for the backoff strategy"

obj script

"ScriptTemplate is a template subtype to enable scripting through code steps"

fn script.withArgs

withArgs(args)

"Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"

fn script.withArgsMixin

withArgsMixin(args)

"Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"

Note: This function appends passed data to existing values

fn script.withCommand

withCommand(command)

"Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"

fn script.withCommandMixin

withCommandMixin(command)

"Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell"

Note: This function appends passed data to existing values

fn script.withEnv

withEnv(env)

"List of environment variables to set in the container. Cannot be updated."

fn script.withEnvFrom

withEnvFrom(envFrom)

"List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated."

fn script.withEnvFromMixin

withEnvFromMixin(envFrom)

"List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated."

Note: This function appends passed data to existing values

fn script.withEnvMixin

withEnvMixin(env)

"List of environment variables to set in the container. Cannot be updated."

Note: This function appends passed data to existing values

fn script.withImage

withImage(image)

"Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets."

fn script.withImagePullPolicy

withImagePullPolicy(imagePullPolicy)

"Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images"

fn script.withName

withName(name)

"Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated."

fn script.withPorts

withPorts(ports)

"List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated."

fn script.withPortsMixin

withPortsMixin(ports)

"List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated."

Note: This function appends passed data to existing values

fn script.withSource

withSource(source)

"Source contains the source code of the script to execute"

fn script.withStdin

withStdin(stdin)

"Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false."

fn script.withStdinOnce

withStdinOnce(stdinOnce)

"Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false"

fn script.withTerminationMessagePath

withTerminationMessagePath(terminationMessagePath)

"Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated."

fn script.withTerminationMessagePolicy

withTerminationMessagePolicy(terminationMessagePolicy)

"Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated."

fn script.withTty

withTty(tty)

"Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false."

fn script.withVolumeDevices

withVolumeDevices(volumeDevices)

"volumeDevices is the list of block devices to be used by the container."

fn script.withVolumeDevicesMixin

withVolumeDevicesMixin(volumeDevices)

"volumeDevices is the list of block devices to be used by the container."

Note: This function appends passed data to existing values

fn script.withVolumeMounts

withVolumeMounts(volumeMounts)

"Pod volumes to mount into the container's filesystem. Cannot be updated."

fn script.withVolumeMountsMixin

withVolumeMountsMixin(volumeMounts)

"Pod volumes to mount into the container's filesystem. Cannot be updated."

Note: This function appends passed data to existing values

fn script.withWorkingDir

withWorkingDir(workingDir)

"Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated."

obj script.lifecycle

"Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted."

obj script.lifecycle.postStart

"LifecycleHandler defines a specific action that should be taken in a lifecycle hook. One and only one of the fields, except TCPSocket must be specified."

obj script.lifecycle.postStart.exec

"ExecAction describes a \"run in container\" action."

fn script.lifecycle.postStart.exec.withCommand

withCommand(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

fn script.lifecycle.postStart.exec.withCommandMixin

withCommandMixin(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

Note: This function appends passed data to existing values

obj script.lifecycle.postStart.httpGet

"HTTPGetAction describes an action based on HTTP Get requests."

fn script.lifecycle.postStart.httpGet.withHost

withHost(host)

"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."

fn script.lifecycle.postStart.httpGet.withHttpHeaders

withHttpHeaders(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

fn script.lifecycle.postStart.httpGet.withHttpHeadersMixin

withHttpHeadersMixin(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

Note: This function appends passed data to existing values

fn script.lifecycle.postStart.httpGet.withPath

withPath(path)

"Path to access on the HTTP server."

fn script.lifecycle.postStart.httpGet.withPort

withPort(port)

fn script.lifecycle.postStart.httpGet.withScheme

withScheme(scheme)

"Scheme to use for connecting to the host. Defaults to HTTP.\n\nPossible enum values:\n - \"HTTP\" means that the scheme used will be http://\n - \"HTTPS\" means that the scheme used will be https://"

obj script.lifecycle.postStart.tcpSocket

"TCPSocketAction describes an action based on opening a socket"

fn script.lifecycle.postStart.tcpSocket.withHost

withHost(host)

"Optional: Host name to connect to, defaults to the pod IP."

fn script.lifecycle.postStart.tcpSocket.withPort

withPort(port)

obj script.lifecycle.preStop

"LifecycleHandler defines a specific action that should be taken in a lifecycle hook. One and only one of the fields, except TCPSocket must be specified."

obj script.lifecycle.preStop.exec

"ExecAction describes a \"run in container\" action."

fn script.lifecycle.preStop.exec.withCommand

withCommand(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

fn script.lifecycle.preStop.exec.withCommandMixin

withCommandMixin(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

Note: This function appends passed data to existing values

obj script.lifecycle.preStop.httpGet

"HTTPGetAction describes an action based on HTTP Get requests."

fn script.lifecycle.preStop.httpGet.withHost

withHost(host)

"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."

fn script.lifecycle.preStop.httpGet.withHttpHeaders

withHttpHeaders(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

fn script.lifecycle.preStop.httpGet.withHttpHeadersMixin

withHttpHeadersMixin(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

Note: This function appends passed data to existing values

fn script.lifecycle.preStop.httpGet.withPath

withPath(path)

"Path to access on the HTTP server."

fn script.lifecycle.preStop.httpGet.withPort

withPort(port)

fn script.lifecycle.preStop.httpGet.withScheme

withScheme(scheme)

"Scheme to use for connecting to the host. Defaults to HTTP.\n\nPossible enum values:\n - \"HTTP\" means that the scheme used will be http://\n - \"HTTPS\" means that the scheme used will be https://"

obj script.lifecycle.preStop.tcpSocket

"TCPSocketAction describes an action based on opening a socket"

fn script.lifecycle.preStop.tcpSocket.withHost

withHost(host)

"Optional: Host name to connect to, defaults to the pod IP."

fn script.lifecycle.preStop.tcpSocket.withPort

withPort(port)

obj script.livenessProbe

"Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic."

fn script.livenessProbe.withFailureThreshold

withFailureThreshold(failureThreshold)

"Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."

fn script.livenessProbe.withInitialDelaySeconds

withInitialDelaySeconds(initialDelaySeconds)

"Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"

fn script.livenessProbe.withPeriodSeconds

withPeriodSeconds(periodSeconds)

"How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."

fn script.livenessProbe.withSuccessThreshold

withSuccessThreshold(successThreshold)

"Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."

fn script.livenessProbe.withTerminationGracePeriodSeconds

withTerminationGracePeriodSeconds(terminationGracePeriodSeconds)

"Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."

fn script.livenessProbe.withTimeoutSeconds

withTimeoutSeconds(timeoutSeconds)

"Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"

obj script.livenessProbe.exec

"ExecAction describes a \"run in container\" action."

fn script.livenessProbe.exec.withCommand

withCommand(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

fn script.livenessProbe.exec.withCommandMixin

withCommandMixin(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

Note: This function appends passed data to existing values

obj script.livenessProbe.grpc

fn script.livenessProbe.grpc.withPort

withPort(port)

"Port number of the gRPC service. Number must be in the range 1 to 65535."

fn script.livenessProbe.grpc.withService

withService(service)

"Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC."

obj script.livenessProbe.httpGet

"HTTPGetAction describes an action based on HTTP Get requests."

fn script.livenessProbe.httpGet.withHost

withHost(host)

"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."

fn script.livenessProbe.httpGet.withHttpHeaders

withHttpHeaders(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

fn script.livenessProbe.httpGet.withHttpHeadersMixin

withHttpHeadersMixin(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

Note: This function appends passed data to existing values

fn script.livenessProbe.httpGet.withPath

withPath(path)

"Path to access on the HTTP server."

fn script.livenessProbe.httpGet.withPort

withPort(port)

fn script.livenessProbe.httpGet.withScheme

withScheme(scheme)

"Scheme to use for connecting to the host. Defaults to HTTP.\n\nPossible enum values:\n - \"HTTP\" means that the scheme used will be http://\n - \"HTTPS\" means that the scheme used will be https://"

obj script.livenessProbe.tcpSocket

"TCPSocketAction describes an action based on opening a socket"

fn script.livenessProbe.tcpSocket.withHost

withHost(host)

"Optional: Host name to connect to, defaults to the pod IP."

fn script.livenessProbe.tcpSocket.withPort

withPort(port)

obj script.readinessProbe

"Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic."

fn script.readinessProbe.withFailureThreshold

withFailureThreshold(failureThreshold)

"Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."

fn script.readinessProbe.withInitialDelaySeconds

withInitialDelaySeconds(initialDelaySeconds)

"Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"

fn script.readinessProbe.withPeriodSeconds

withPeriodSeconds(periodSeconds)

"How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."

fn script.readinessProbe.withSuccessThreshold

withSuccessThreshold(successThreshold)

"Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."

fn script.readinessProbe.withTerminationGracePeriodSeconds

withTerminationGracePeriodSeconds(terminationGracePeriodSeconds)

"Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."

fn script.readinessProbe.withTimeoutSeconds

withTimeoutSeconds(timeoutSeconds)

"Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"

obj script.readinessProbe.exec

"ExecAction describes a \"run in container\" action."

fn script.readinessProbe.exec.withCommand

withCommand(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

fn script.readinessProbe.exec.withCommandMixin

withCommandMixin(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

Note: This function appends passed data to existing values

obj script.readinessProbe.grpc

fn script.readinessProbe.grpc.withPort

withPort(port)

"Port number of the gRPC service. Number must be in the range 1 to 65535."

fn script.readinessProbe.grpc.withService

withService(service)

"Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC."

obj script.readinessProbe.httpGet

"HTTPGetAction describes an action based on HTTP Get requests."

fn script.readinessProbe.httpGet.withHost

withHost(host)

"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."

fn script.readinessProbe.httpGet.withHttpHeaders

withHttpHeaders(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

fn script.readinessProbe.httpGet.withHttpHeadersMixin

withHttpHeadersMixin(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

Note: This function appends passed data to existing values

fn script.readinessProbe.httpGet.withPath

withPath(path)

"Path to access on the HTTP server."

fn script.readinessProbe.httpGet.withPort

withPort(port)

fn script.readinessProbe.httpGet.withScheme

withScheme(scheme)

"Scheme to use for connecting to the host. Defaults to HTTP.\n\nPossible enum values:\n - \"HTTP\" means that the scheme used will be http://\n - \"HTTPS\" means that the scheme used will be https://"

obj script.readinessProbe.tcpSocket

"TCPSocketAction describes an action based on opening a socket"

fn script.readinessProbe.tcpSocket.withHost

withHost(host)

"Optional: Host name to connect to, defaults to the pod IP."

fn script.readinessProbe.tcpSocket.withPort

withPort(port)

obj script.resources

"ResourceRequirements describes the compute resource requirements."

fn script.resources.withLimits

withLimits(limits)

"Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"

fn script.resources.withLimitsMixin

withLimitsMixin(limits)

"Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"

Note: This function appends passed data to existing values

fn script.resources.withRequests

withRequests(requests)

"Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"

fn script.resources.withRequestsMixin

withRequestsMixin(requests)

"Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"

Note: This function appends passed data to existing values

obj script.securityContext

"SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence."

fn script.securityContext.withAllowPrivilegeEscalation

withAllowPrivilegeEscalation(allowPrivilegeEscalation)

"AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows."

fn script.securityContext.withPrivileged

withPrivileged(privileged)

"Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows."

fn script.securityContext.withProcMount

withProcMount(procMount)

"procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows."

fn script.securityContext.withReadOnlyRootFilesystem

withReadOnlyRootFilesystem(readOnlyRootFilesystem)

"Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows."

fn script.securityContext.withRunAsGroup

withRunAsGroup(runAsGroup)

"The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."

fn script.securityContext.withRunAsNonRoot

withRunAsNonRoot(runAsNonRoot)

"Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."

fn script.securityContext.withRunAsUser

withRunAsUser(runAsUser)

"The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows."

obj script.securityContext.capabilities

"Adds and removes POSIX capabilities from running containers."

fn script.securityContext.capabilities.withAdd

withAdd(add)

"Added capabilities"

fn script.securityContext.capabilities.withAddMixin

withAddMixin(add)

"Added capabilities"

Note: This function appends passed data to existing values

fn script.securityContext.capabilities.withDrop

withDrop(drop)

"Removed capabilities"

fn script.securityContext.capabilities.withDropMixin

withDropMixin(drop)

"Removed capabilities"

Note: This function appends passed data to existing values

obj script.securityContext.seLinuxOptions

"SELinuxOptions are the labels to be applied to the container"

fn script.securityContext.seLinuxOptions.withLevel

withLevel(level)

"Level is SELinux level label that applies to the container."

fn script.securityContext.seLinuxOptions.withRole

withRole(role)

"Role is a SELinux role label that applies to the container."

fn script.securityContext.seLinuxOptions.withType

withType(type)

"Type is a SELinux type label that applies to the container."

fn script.securityContext.seLinuxOptions.withUser

withUser(user)

"User is a SELinux user label that applies to the container."

obj script.securityContext.seccompProfile

"SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set."

fn script.securityContext.seccompProfile.withLocalhostProfile

withLocalhostProfile(localhostProfile)

"localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\"."

fn script.securityContext.seccompProfile.withType

withType(type)

"type indicates which kind of seccomp profile will be applied. Valid options are:\n\nLocalhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.\n\nPossible enum values:\n - \"Localhost\" indicates a profile defined in a file on the node should be used. The file's location relative to /seccomp.\n - \"RuntimeDefault\" represents the default container runtime seccomp profile.\n - \"Unconfined\" indicates no seccomp profile is applied (A.K.A. unconfined)."

obj script.securityContext.windowsOptions

"WindowsSecurityContextOptions contain Windows-specific options and credentials."

fn script.securityContext.windowsOptions.withGmsaCredentialSpec

withGmsaCredentialSpec(gmsaCredentialSpec)

"GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field."

fn script.securityContext.windowsOptions.withGmsaCredentialSpecName

withGmsaCredentialSpecName(gmsaCredentialSpecName)

"GMSACredentialSpecName is the name of the GMSA credential spec to use."

fn script.securityContext.windowsOptions.withHostProcess

withHostProcess(hostProcess)

"HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true."

fn script.securityContext.windowsOptions.withRunAsUserName

withRunAsUserName(runAsUserName)

"The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."

obj script.startupProbe

"Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic."

fn script.startupProbe.withFailureThreshold

withFailureThreshold(failureThreshold)

"Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1."

fn script.startupProbe.withInitialDelaySeconds

withInitialDelaySeconds(initialDelaySeconds)

"Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"

fn script.startupProbe.withPeriodSeconds

withPeriodSeconds(periodSeconds)

"How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1."

fn script.startupProbe.withSuccessThreshold

withSuccessThreshold(successThreshold)

"Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1."

fn script.startupProbe.withTerminationGracePeriodSeconds

withTerminationGracePeriodSeconds(terminationGracePeriodSeconds)

"Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset."

fn script.startupProbe.withTimeoutSeconds

withTimeoutSeconds(timeoutSeconds)

"Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"

obj script.startupProbe.exec

"ExecAction describes a \"run in container\" action."

fn script.startupProbe.exec.withCommand

withCommand(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

fn script.startupProbe.exec.withCommandMixin

withCommandMixin(command)

"Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy."

Note: This function appends passed data to existing values

obj script.startupProbe.grpc

fn script.startupProbe.grpc.withPort

withPort(port)

"Port number of the gRPC service. Number must be in the range 1 to 65535."

fn script.startupProbe.grpc.withService

withService(service)

"Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\nIf this is not specified, the default behavior is defined by gRPC."

obj script.startupProbe.httpGet

"HTTPGetAction describes an action based on HTTP Get requests."

fn script.startupProbe.httpGet.withHost

withHost(host)

"Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead."

fn script.startupProbe.httpGet.withHttpHeaders

withHttpHeaders(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

fn script.startupProbe.httpGet.withHttpHeadersMixin

withHttpHeadersMixin(httpHeaders)

"Custom headers to set in the request. HTTP allows repeated headers."

Note: This function appends passed data to existing values

fn script.startupProbe.httpGet.withPath

withPath(path)

"Path to access on the HTTP server."

fn script.startupProbe.httpGet.withPort

withPort(port)

fn script.startupProbe.httpGet.withScheme

withScheme(scheme)

"Scheme to use for connecting to the host. Defaults to HTTP.\n\nPossible enum values:\n - \"HTTP\" means that the scheme used will be http://\n - \"HTTPS\" means that the scheme used will be https://"

obj script.startupProbe.tcpSocket

"TCPSocketAction describes an action based on opening a socket"

fn script.startupProbe.tcpSocket.withHost

withHost(host)

"Optional: Host name to connect to, defaults to the pod IP."

fn script.startupProbe.tcpSocket.withPort

withPort(port)

obj securityContext

"PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext."

fn securityContext.withFsGroup

withFsGroup(fsGroup)

"A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows."

fn securityContext.withFsGroupChangePolicy

withFsGroupChangePolicy(fsGroupChangePolicy)

"fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows."

fn securityContext.withRunAsGroup

withRunAsGroup(runAsGroup)

"The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows."

fn securityContext.withRunAsNonRoot

withRunAsNonRoot(runAsNonRoot)

"Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."

fn securityContext.withRunAsUser

withRunAsUser(runAsUser)

"The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows."

fn securityContext.withSupplementalGroups

withSupplementalGroups(supplementalGroups)

"A list of groups applied to the first process run in each container, in addition to the container's primary GID. If unspecified, no groups will be added to any container. Note that this field cannot be set when spec.os.name is windows."

fn securityContext.withSupplementalGroupsMixin

withSupplementalGroupsMixin(supplementalGroups)

"A list of groups applied to the first process run in each container, in addition to the container's primary GID. If unspecified, no groups will be added to any container. Note that this field cannot be set when spec.os.name is windows."

Note: This function appends passed data to existing values

fn securityContext.withSysctls

withSysctls(sysctls)

"Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows."

fn securityContext.withSysctlsMixin

withSysctlsMixin(sysctls)

"Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows."

Note: This function appends passed data to existing values

obj securityContext.seLinuxOptions

"SELinuxOptions are the labels to be applied to the container"

fn securityContext.seLinuxOptions.withLevel

withLevel(level)

"Level is SELinux level label that applies to the container."

fn securityContext.seLinuxOptions.withRole

withRole(role)

"Role is a SELinux role label that applies to the container."

fn securityContext.seLinuxOptions.withType

withType(type)

"Type is a SELinux type label that applies to the container."

fn securityContext.seLinuxOptions.withUser

withUser(user)

"User is a SELinux user label that applies to the container."

obj securityContext.seccompProfile

"SeccompProfile defines a pod/container's seccomp profile settings. Only one profile source may be set."

fn securityContext.seccompProfile.withLocalhostProfile

withLocalhostProfile(localhostProfile)

"localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is \"Localhost\"."

fn securityContext.seccompProfile.withType

withType(type)

"type indicates which kind of seccomp profile will be applied. Valid options are:\n\nLocalhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.\n\nPossible enum values:\n - \"Localhost\" indicates a profile defined in a file on the node should be used. The file's location relative to /seccomp.\n - \"RuntimeDefault\" represents the default container runtime seccomp profile.\n - \"Unconfined\" indicates no seccomp profile is applied (A.K.A. unconfined)."

obj securityContext.windowsOptions

"WindowsSecurityContextOptions contain Windows-specific options and credentials."

fn securityContext.windowsOptions.withGmsaCredentialSpec

withGmsaCredentialSpec(gmsaCredentialSpec)

"GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field."

fn securityContext.windowsOptions.withGmsaCredentialSpecName

withGmsaCredentialSpecName(gmsaCredentialSpecName)

"GMSACredentialSpecName is the name of the GMSA credential spec to use."

fn securityContext.windowsOptions.withHostProcess

withHostProcess(hostProcess)

"HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true."

fn securityContext.windowsOptions.withRunAsUserName

withRunAsUserName(runAsUserName)

"The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."

obj suspend

"SuspendTemplate is a template subtype to suspend a workflow at a predetermined point in time"

fn suspend.withDuration

withDuration(duration)

"Duration is the seconds to wait before automatically resuming a template"

obj synchronization

"Synchronization holds synchronization lock configuration"

obj synchronization.mutex

"Mutex holds Mutex configuration"

fn synchronization.mutex.withName

withName(name)

"name of the mutex"

obj synchronization.semaphore

"SemaphoreRef is a reference of Semaphore"

obj synchronization.semaphore.configMapKeyRef

"Selects a key from a ConfigMap."

fn synchronization.semaphore.configMapKeyRef.withKey

withKey(key)

"The key to select."

fn synchronization.semaphore.configMapKeyRef.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names"

fn synchronization.semaphore.configMapKeyRef.withOptional

withOptional(optional)

"Specify whether the ConfigMap or its key must be defined"