datadoghq.v2alpha1.datadogAgent

"DatadogAgent Deployment with the Datadog Operator."

Index

fn new(name)
obj metadata
obj spec

Fields

fn new

new(name)

new returns an instance of DatadogAgent

obj metadata

"ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create."

fn metadata.withAnnotations

withAnnotations(annotations)

"Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations"

fn metadata.withAnnotationsMixin

withAnnotationsMixin(annotations)

"Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations"

Note: This function appends passed data to existing values

fn metadata.withClusterName

withClusterName(clusterName)

"The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request."

fn metadata.withCreationTimestamp

withCreationTimestamp(creationTimestamp)

"Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers."

fn metadata.withDeletionGracePeriodSeconds

withDeletionGracePeriodSeconds(deletionGracePeriodSeconds)

"Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only."

fn metadata.withDeletionTimestamp

withDeletionTimestamp(deletionTimestamp)

"Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers."

fn metadata.withFinalizers

withFinalizers(finalizers)

"Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list."

fn metadata.withFinalizersMixin

withFinalizersMixin(finalizers)

"Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list."

Note: This function appends passed data to existing values

fn metadata.withGenerateName

withGenerateName(generateName)

"GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency"

fn metadata.withGeneration

withGeneration(generation)

"A sequence number representing a specific generation of the desired state. Populated by the system. Read-only."

fn metadata.withLabels

withLabels(labels)

"Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels"

fn metadata.withLabelsMixin

withLabelsMixin(labels)

"Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels"

Note: This function appends passed data to existing values

fn metadata.withName

withName(name)

"Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names"

fn metadata.withNamespace

withNamespace(namespace)

"Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces"

fn metadata.withOwnerReferences

withOwnerReferences(ownerReferences)

"List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller."

fn metadata.withOwnerReferencesMixin

withOwnerReferencesMixin(ownerReferences)

"List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller."

Note: This function appends passed data to existing values

fn metadata.withResourceVersion

withResourceVersion(resourceVersion)

"An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"

fn metadata.withSelfLink

withSelfLink(selfLink)

"SelfLink is a URL representing this object. Populated by the system. Read-only.\n\nDEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release."

fn metadata.withUid

withUid(uid)

"UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids"

obj spec

"DatadogAgentSpec defines the desired state of DatadogAgent"

fn spec.withOverride

withOverride(override)

"Override the default configurations of the agents"

fn spec.withOverrideMixin

withOverrideMixin(override)

"Override the default configurations of the agents"

Note: This function appends passed data to existing values

obj spec.features

"Features running on the Agent and Cluster Agent"

obj spec.features.admissionController

"AdmissionController configuration."

fn spec.features.admissionController.withAgentCommunicationMode

withAgentCommunicationMode(agentCommunicationMode)

"AgentCommunicationMode corresponds to the mode used by the Datadog application libraries to communicate with the Agent. It can be \"hostip\", \"service\", or \"socket\"."

fn spec.features.admissionController.withEnabled

withEnabled(enabled)

"Enabled enables the Admission Controller. Default: true"

fn spec.features.admissionController.withFailurePolicy

withFailurePolicy(failurePolicy)

"FailurePolicy determines how unrecognized and timeout errors are handled."

fn spec.features.admissionController.withMutateUnlabelled

withMutateUnlabelled(mutateUnlabelled)

"MutateUnlabelled enables config injection without the need of pod label 'admission.datadoghq.com/enabled=\"true\"'. Default: false"

fn spec.features.admissionController.withServiceName

withServiceName(serviceName)

"ServiceName corresponds to the webhook service name."

fn spec.features.admissionController.withWebhookName

withWebhookName(webhookName)

"WebhookName is a custom name for the MutatingWebhookConfiguration. Default: \"datadog-webhook\

obj spec.features.apm

"APM (Application Performance Monitoring) configuration."

fn spec.features.apm.withEnabled

withEnabled(enabled)

"Enabled enables Application Performance Monitoring. Default: true"

obj spec.features.apm.hostPortConfig

"HostPortConfig contains host port configuration. Enabled Default: false Port Default: 8126"

fn spec.features.apm.hostPortConfig.withEnabled

withEnabled(enabled)

"Enabled enables host port configuration Default: false"

fn spec.features.apm.hostPortConfig.withHostPort

withHostPort(hostPort)

"Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.) If HostNetwork is enabled, this value must match the ContainerPort."

obj spec.features.apm.instrumentation

"SingleStepInstrumentation allows the agent to inject the Datadog APM libraries into all pods in the cluster. Feature is in beta. See also: https://docs.datadoghq.com/tracing/trace_collection/single-step-apm Enabled Default: false"

fn spec.features.apm.instrumentation.withDisabledNamespaces

withDisabledNamespaces(disabledNamespaces)

"DisabledNamespaces disables injecting the Datadog APM libraries into pods in specific namespaces."

fn spec.features.apm.instrumentation.withDisabledNamespacesMixin

withDisabledNamespacesMixin(disabledNamespaces)

"DisabledNamespaces disables injecting the Datadog APM libraries into pods in specific namespaces."

Note: This function appends passed data to existing values

fn spec.features.apm.instrumentation.withEnabled

withEnabled(enabled)

"Enabled enables injecting the Datadog APM libraries into all pods in the cluster. Default: false"

fn spec.features.apm.instrumentation.withEnabledNamespaces

withEnabledNamespaces(enabledNamespaces)

"EnabledNamespaces enables injecting the Datadog APM libraries into pods in specific namespaces."

fn spec.features.apm.instrumentation.withEnabledNamespacesMixin

withEnabledNamespacesMixin(enabledNamespaces)

"EnabledNamespaces enables injecting the Datadog APM libraries into pods in specific namespaces."

Note: This function appends passed data to existing values

fn spec.features.apm.instrumentation.withLibVersions

withLibVersions(libVersions)

"LibVersions configures injection of specific tracing library versions with Single Step Instrumentation. : ex: \"java\": \"v1.18.0\

fn spec.features.apm.instrumentation.withLibVersionsMixin

withLibVersionsMixin(libVersions)

"LibVersions configures injection of specific tracing library versions with Single Step Instrumentation. : ex: \"java\": \"v1.18.0\

Note: This function appends passed data to existing values

obj spec.features.apm.unixDomainSocketConfig

"UnixDomainSocketConfig contains socket configuration. See also: https://docs.datadoghq.com/agent/kubernetes/apm/?tab=helm#agent-environment-variables Enabled Default: true Path Default: /var/run/datadog/apm.socket"

fn spec.features.apm.unixDomainSocketConfig.withEnabled

withEnabled(enabled)

"Enabled enables Unix Domain Socket. Default: true"

fn spec.features.apm.unixDomainSocketConfig.withPath

withPath(path)

"Path defines the socket path used when enabled."

obj spec.features.clusterChecks

"ClusterChecks configuration."

fn spec.features.clusterChecks.withEnabled

withEnabled(enabled)

"Enables Cluster Checks scheduling in the Cluster Agent. Default: true"

fn spec.features.clusterChecks.withUseClusterChecksRunners

withUseClusterChecksRunners(useClusterChecksRunners)

"Enabled enables Cluster Checks Runners to run all Cluster Checks. Default: false"

obj spec.features.cspm

"CSPM (Cloud Security Posture Management) configuration."

fn spec.features.cspm.withCheckInterval

withCheckInterval(checkInterval)

"CheckInterval defines the check interval."

fn spec.features.cspm.withEnabled

withEnabled(enabled)

"Enabled enables Cloud Security Posture Management. Default: false"

obj spec.features.cspm.customBenchmarks

"CustomBenchmarks contains CSPM benchmarks. The content of the ConfigMap will be merged with the benchmarks bundled with the agent. Any benchmarks with the same name as those existing in the agent will take precedence."

fn spec.features.cspm.customBenchmarks.withConfigData

withConfigData(configData)

"ConfigData corresponds to the configuration file content."

obj spec.features.cspm.customBenchmarks.configMap

"ConfigMap references an existing ConfigMap with the configuration file content."

fn spec.features.cspm.customBenchmarks.configMap.withItems

withItems(items)

"Items maps a ConfigMap data key to a file path mount."

fn spec.features.cspm.customBenchmarks.configMap.withItemsMixin

withItemsMixin(items)

"Items maps a ConfigMap data key to a file path mount."

Note: This function appends passed data to existing values

fn spec.features.cspm.customBenchmarks.configMap.withName

withName(name)

"Name is the name of the ConfigMap."

obj spec.features.cspm.customBenchmarks.configMap.items

"Items maps a ConfigMap data key to a file path mount."

fn spec.features.cspm.customBenchmarks.configMap.items.withKey

withKey(key)

"key is the key to project."

fn spec.features.cspm.customBenchmarks.configMap.items.withMode

withMode(mode)

"mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."

fn spec.features.cspm.customBenchmarks.configMap.items.withPath

withPath(path)

"path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."

obj spec.features.cspm.hostBenchmarks

"HostBenchmarks contains configuration for host benchmarks."

fn spec.features.cspm.hostBenchmarks.withEnabled

withEnabled(enabled)

"Enabled enables host benchmarks. Default: false"

obj spec.features.cws

"CWS (Cloud Workload Security) configuration."

fn spec.features.cws.withEnabled

withEnabled(enabled)

"Enabled enables Cloud Workload Security. Default: false"

fn spec.features.cws.withSyscallMonitorEnabled

withSyscallMonitorEnabled(syscallMonitorEnabled)

"SyscallMonitorEnabled enables Syscall Monitoring (recommended for troubleshooting only). Default: false"

obj spec.features.cws.customPolicies

"CustomPolicies contains security policies. The content of the ConfigMap will be merged with the policies bundled with the agent. Any policies with the same name as those existing in the agent will take precedence."

fn spec.features.cws.customPolicies.withConfigData

withConfigData(configData)

"ConfigData corresponds to the configuration file content."

obj spec.features.cws.customPolicies.configMap

"ConfigMap references an existing ConfigMap with the configuration file content."

fn spec.features.cws.customPolicies.configMap.withItems

withItems(items)

"Items maps a ConfigMap data key to a file path mount."

fn spec.features.cws.customPolicies.configMap.withItemsMixin

withItemsMixin(items)

"Items maps a ConfigMap data key to a file path mount."

Note: This function appends passed data to existing values

fn spec.features.cws.customPolicies.configMap.withName

withName(name)

"Name is the name of the ConfigMap."

obj spec.features.cws.customPolicies.configMap.items

"Items maps a ConfigMap data key to a file path mount."

fn spec.features.cws.customPolicies.configMap.items.withKey

withKey(key)

"key is the key to project."

fn spec.features.cws.customPolicies.configMap.items.withMode

withMode(mode)

"mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."

fn spec.features.cws.customPolicies.configMap.items.withPath

withPath(path)

"path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."

obj spec.features.cws.network

fn spec.features.cws.network.withEnabled

withEnabled(enabled)

"Enabled enables Cloud Workload Security Network detections. Default: true"

obj spec.features.cws.remoteConfiguration

fn spec.features.cws.remoteConfiguration.withEnabled

withEnabled(enabled)

"Enabled enables Remote Configuration for Cloud Workload Security. Default: true"

obj spec.features.cws.securityProfiles

fn spec.features.cws.securityProfiles.withEnabled

withEnabled(enabled)

"Enabled enables Security Profiles collection for Cloud Workload Security. Default: true"

obj spec.features.dogstatsd

"Dogstatsd configuration."

fn spec.features.dogstatsd.withOriginDetectionEnabled

withOriginDetectionEnabled(originDetectionEnabled)

"OriginDetectionEnabled enables origin detection for container tagging. See also: https://docs.datadoghq.com/developers/dogstatsd/unix_socket/#using-origin-detection-for-container-tagging"

fn spec.features.dogstatsd.withTagCardinality

withTagCardinality(tagCardinality)

"TagCardinality configures tag cardinality for the metrics collected using origin detection (low, orchestrator or high). See also: https://docs.datadoghq.com/getting_started/tagging/assigning_tags/?tab=containerizedenvironments#environment-variables Cardinality default: low"

obj spec.features.dogstatsd.hostPortConfig

"HostPortConfig contains host port configuration. Enabled Default: false Port Default: 8125"

fn spec.features.dogstatsd.hostPortConfig.withEnabled

withEnabled(enabled)

"Enabled enables host port configuration Default: false"

fn spec.features.dogstatsd.hostPortConfig.withHostPort

withHostPort(hostPort)

"Port takes a port number (0 < x < 65536) to expose on the host. (Most containers do not need this.) If HostNetwork is enabled, this value must match the ContainerPort."

obj spec.features.dogstatsd.mapperProfiles

"Configure the Dogstasd Mapper Profiles. Can be passed as raw data or via a json encoded string in a config map. See also: https://docs.datadoghq.com/developers/dogstatsd/dogstatsd_mapper/"

fn spec.features.dogstatsd.mapperProfiles.withConfigData

withConfigData(configData)

"ConfigData corresponds to the configuration file content."

obj spec.features.dogstatsd.mapperProfiles.configMap

"ConfigMap references an existing ConfigMap with the configuration file content."

fn spec.features.dogstatsd.mapperProfiles.configMap.withItems

withItems(items)

"Items maps a ConfigMap data key to a file path mount."

fn spec.features.dogstatsd.mapperProfiles.configMap.withItemsMixin

withItemsMixin(items)

"Items maps a ConfigMap data key to a file path mount."

Note: This function appends passed data to existing values

fn spec.features.dogstatsd.mapperProfiles.configMap.withName

withName(name)

"Name is the name of the ConfigMap."

obj spec.features.dogstatsd.mapperProfiles.configMap.items

"Items maps a ConfigMap data key to a file path mount."

fn spec.features.dogstatsd.mapperProfiles.configMap.items.withKey

withKey(key)

"key is the key to project."

fn spec.features.dogstatsd.mapperProfiles.configMap.items.withMode

withMode(mode)

"mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."

fn spec.features.dogstatsd.mapperProfiles.configMap.items.withPath

withPath(path)

"path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."

obj spec.features.dogstatsd.unixDomainSocketConfig

"UnixDomainSocketConfig contains socket configuration. See also: https://docs.datadoghq.com/agent/kubernetes/apm/?tab=helm#agent-environment-variables Enabled Default: true Path Default: /var/run/datadog/dsd.socket"

fn spec.features.dogstatsd.unixDomainSocketConfig.withEnabled

withEnabled(enabled)

"Enabled enables Unix Domain Socket. Default: true"

fn spec.features.dogstatsd.unixDomainSocketConfig.withPath

withPath(path)

"Path defines the socket path used when enabled."

obj spec.features.ebpfCheck

"EBPFCheck configuration."

fn spec.features.ebpfCheck.withEnabled

withEnabled(enabled)

"Enables the eBPF check. Default: false"

obj spec.features.eventCollection

"EventCollection configuration."

fn spec.features.eventCollection.withCollectKubernetesEvents

withCollectKubernetesEvents(collectKubernetesEvents)

"CollectKubernetesEvents enables Kubernetes event collection. Default: true"

obj spec.features.externalMetricsServer

"ExternalMetricsServer configuration."

fn spec.features.externalMetricsServer.withEnabled

withEnabled(enabled)

"Enabled enables the External Metrics Server. Default: false"

fn spec.features.externalMetricsServer.withPort

withPort(port)

"Port specifies the metricsProvider External Metrics Server service port. Default: 8443"

fn spec.features.externalMetricsServer.withRegisterAPIService

withRegisterAPIService(registerAPIService)

"RegisterAPIService registers the External Metrics endpoint as an APIService Default: true"

fn spec.features.externalMetricsServer.withUseDatadogMetrics

withUseDatadogMetrics(useDatadogMetrics)

"UseDatadogMetrics enables usage of the DatadogMetrics CRD (allowing one to scale on arbitrary Datadog metric queries). Default: true"

fn spec.features.externalMetricsServer.withWpaController

withWpaController(wpaController)

"WPAController enables the informer and controller of the Watermark Pod Autoscaler. NOTE: The Watermark Pod Autoscaler controller needs to be installed. See also: https://github.com/DataDog/watermarkpodautoscaler. Default: false"

obj spec.features.externalMetricsServer.endpoint

"Override the API endpoint for the External Metrics Server. URL Default: \"https://app.datadoghq.com\"."

fn spec.features.externalMetricsServer.endpoint.withUrl

withUrl(url)

"URL defines the endpoint URL."

obj spec.features.externalMetricsServer.endpoint.credentials

"Credentials defines the Datadog credentials used to submit data to/query data from Datadog."

fn spec.features.externalMetricsServer.endpoint.credentials.withApiKey

withApiKey(apiKey)

"APIKey configures your Datadog API key. See also: https://app.datadoghq.com/account/settings#agent/kubernetes"

fn spec.features.externalMetricsServer.endpoint.credentials.withAppKey

withAppKey(appKey)

"AppKey configures your Datadog application key. If you are using features.externalMetricsServer.enabled = true, you must set a Datadog application key for read access to your metrics."

obj spec.features.externalMetricsServer.endpoint.credentials.apiSecret

"APISecret references an existing Secret which stores the API key instead of creating a new one. If set, this parameter takes precedence over \"APIKey\"."

fn spec.features.externalMetricsServer.endpoint.credentials.apiSecret.withKeyName

withKeyName(keyName)

"KeyName is the key of the secret to use."

fn spec.features.externalMetricsServer.endpoint.credentials.apiSecret.withSecretName

withSecretName(secretName)

"SecretName is the name of the secret."

obj spec.features.externalMetricsServer.endpoint.credentials.appSecret

"AppSecret references an existing Secret which stores the application key instead of creating a new one. If set, this parameter takes precedence over \"AppKey\"."

fn spec.features.externalMetricsServer.endpoint.credentials.appSecret.withKeyName

withKeyName(keyName)

"KeyName is the key of the secret to use."

fn spec.features.externalMetricsServer.endpoint.credentials.appSecret.withSecretName

withSecretName(secretName)

"SecretName is the name of the secret."

obj spec.features.helmCheck

"HelmCheck configuration."

fn spec.features.helmCheck.withCollectEvents

withCollectEvents(collectEvents)

"CollectEvents set to true enables event collection in the Helm check (Requires Agent 7.36.0+ and Cluster Agent 1.20.0+) Default: false"

fn spec.features.helmCheck.withEnabled

withEnabled(enabled)

"Enabled enables the Helm check. Default: false"

fn spec.features.helmCheck.withValuesAsTags

withValuesAsTags(valuesAsTags)

"ValuesAsTags collects Helm values from a release and uses them as tags (Requires Agent and Cluster Agent 7.40.0+). Default: {}"

fn spec.features.helmCheck.withValuesAsTagsMixin

withValuesAsTagsMixin(valuesAsTags)

"ValuesAsTags collects Helm values from a release and uses them as tags (Requires Agent and Cluster Agent 7.40.0+). Default: {}"

Note: This function appends passed data to existing values

obj spec.features.kubeStateMetricsCore

"KubeStateMetricsCore check configuration."

fn spec.features.kubeStateMetricsCore.withEnabled

withEnabled(enabled)

"Enabled enables Kube State Metrics Core. Default: true"

obj spec.features.kubeStateMetricsCore.conf

"Conf overrides the configuration for the default Kubernetes State Metrics Core check. This must point to a ConfigMap containing a valid cluster check configuration."

fn spec.features.kubeStateMetricsCore.conf.withConfigData

withConfigData(configData)

"ConfigData corresponds to the configuration file content."

obj spec.features.kubeStateMetricsCore.conf.configMap

"ConfigMap references an existing ConfigMap with the configuration file content."

fn spec.features.kubeStateMetricsCore.conf.configMap.withItems

withItems(items)

"Items maps a ConfigMap data key to a file path mount."

fn spec.features.kubeStateMetricsCore.conf.configMap.withItemsMixin

withItemsMixin(items)

"Items maps a ConfigMap data key to a file path mount."

Note: This function appends passed data to existing values

fn spec.features.kubeStateMetricsCore.conf.configMap.withName

withName(name)

"Name is the name of the ConfigMap."

obj spec.features.kubeStateMetricsCore.conf.configMap.items

"Items maps a ConfigMap data key to a file path mount."

fn spec.features.kubeStateMetricsCore.conf.configMap.items.withKey

withKey(key)

"key is the key to project."

fn spec.features.kubeStateMetricsCore.conf.configMap.items.withMode

withMode(mode)

"mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."

fn spec.features.kubeStateMetricsCore.conf.configMap.items.withPath

withPath(path)

"path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."

obj spec.features.liveContainerCollection

"LiveContainerCollection configuration."

fn spec.features.liveContainerCollection.withEnabled

withEnabled(enabled)

"Enables container collection for the Live Container View. Default: true"

obj spec.features.liveProcessCollection

"LiveProcessCollection configuration."

fn spec.features.liveProcessCollection.withEnabled

withEnabled(enabled)

"Enabled enables Process monitoring. Default: false"

fn spec.features.liveProcessCollection.withScrubProcessArguments

withScrubProcessArguments(scrubProcessArguments)

"ScrubProcessArguments enables scrubbing of sensitive data in process command-lines (passwords, tokens, etc. ). Default: true"

fn spec.features.liveProcessCollection.withStripProcessArguments

withStripProcessArguments(stripProcessArguments)

"StripProcessArguments enables stripping of all process arguments. Default: false"

obj spec.features.logCollection

"LogCollection configuration."

fn spec.features.logCollection.withContainerCollectAll

withContainerCollectAll(containerCollectAll)

"ContainerCollectAll enables Log collection from all containers. Default: false"

fn spec.features.logCollection.withContainerCollectUsingFiles

withContainerCollectUsingFiles(containerCollectUsingFiles)

"ContainerCollectUsingFiles enables log collection from files in /var/log/pods instead of using the container runtime API. Collecting logs from files is usually the most efficient way of collecting logs. See also: https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/#log-collection-setup Default: true"

fn spec.features.logCollection.withContainerLogsPath

withContainerLogsPath(containerLogsPath)

"ContainerLogsPath allows log collection from the container log path. Set to a different path if you are not using the Docker runtime. See also: https://docs.datadoghq.com/agent/kubernetes/daemonset_setup/?tab=k8sfile#create-manifest Default: /var/lib/docker/containers"

fn spec.features.logCollection.withContainerSymlinksPath

withContainerSymlinksPath(containerSymlinksPath)

"ContainerSymlinksPath allows log collection to use symbolic links in this directory to validate container ID -> pod. Default: /var/log/containers"

fn spec.features.logCollection.withEnabled

withEnabled(enabled)

"Enabled enables Log collection. Default: false"

fn spec.features.logCollection.withOpenFilesLimit

withOpenFilesLimit(openFilesLimit)

"OpenFilesLimit sets the maximum number of log files that the Datadog Agent tails. Increasing this limit can increase resource consumption of the Agent. See also: https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/#log-collection-setup Default: 100"

fn spec.features.logCollection.withPodLogsPath

withPodLogsPath(podLogsPath)

"PodLogsPath allows log collection from a pod log path. Default: /var/log/pods"

fn spec.features.logCollection.withTempStoragePath

withTempStoragePath(tempStoragePath)

"TempStoragePath (always mounted from the host) is used by the Agent to store information about processed log files. If the Agent is restarted, it starts tailing the log files immediately. Default: /var/lib/datadog-agent/logs"

obj spec.features.npm

"NPM (Network Performance Monitoring) configuration."

fn spec.features.npm.withCollectDNSStats

withCollectDNSStats(collectDNSStats)

"CollectDNSStats enables DNS stat collection. Default: false"

fn spec.features.npm.withEnableConntrack

withEnableConntrack(enableConntrack)

"EnableConntrack enables the system-probe agent to connect to the netlink/conntrack subsystem to add NAT information to connection data. See also: http://conntrack-tools.netfilter.org/ Default: false"

fn spec.features.npm.withEnabled

withEnabled(enabled)

"Enabled enables Network Performance Monitoring. Default: false"

obj spec.features.oomKill

"OOMKill configuration."

fn spec.features.oomKill.withEnabled

withEnabled(enabled)

"Enables the OOMKill eBPF-based check. Default: false"

obj spec.features.orchestratorExplorer

"OrchestratorExplorer check configuration."

fn spec.features.orchestratorExplorer.withCustomResources

withCustomResources(customResources)

"CustomResources defines custom resources for the orchestrator explorer to collect. Each item should follow the convention group/version/kind. For example, datadoghq.com/v1alpha1/datadogmetrics."

fn spec.features.orchestratorExplorer.withCustomResourcesMixin

withCustomResourcesMixin(customResources)

"CustomResources defines custom resources for the orchestrator explorer to collect. Each item should follow the convention group/version/kind. For example, datadoghq.com/v1alpha1/datadogmetrics."

Note: This function appends passed data to existing values

fn spec.features.orchestratorExplorer.withDdUrl

withDdUrl(ddUrl)

"Override the API endpoint for the Orchestrator Explorer. URL Default: \"https://orchestrator.datadoghq.com\"."

fn spec.features.orchestratorExplorer.withEnabled

withEnabled(enabled)

"Enabled enables the Orchestrator Explorer. Default: true"

fn spec.features.orchestratorExplorer.withExtraTags

withExtraTags(extraTags)

"Additional tags to associate with the collected data in the form of a b c. This is a Cluster Agent option distinct from DD_TAGS that is used in the Orchestrator Explorer."

fn spec.features.orchestratorExplorer.withExtraTagsMixin

withExtraTagsMixin(extraTags)

"Additional tags to associate with the collected data in the form of a b c. This is a Cluster Agent option distinct from DD_TAGS that is used in the Orchestrator Explorer."

Note: This function appends passed data to existing values

fn spec.features.orchestratorExplorer.withScrubContainers

withScrubContainers(scrubContainers)

"ScrubContainers enables scrubbing of sensitive container data (passwords, tokens, etc. ). Default: true"

obj spec.features.orchestratorExplorer.conf

"Conf overrides the configuration for the default Orchestrator Explorer check. This must point to a ConfigMap containing a valid cluster check configuration."

fn spec.features.orchestratorExplorer.conf.withConfigData

withConfigData(configData)

"ConfigData corresponds to the configuration file content."

obj spec.features.orchestratorExplorer.conf.configMap

"ConfigMap references an existing ConfigMap with the configuration file content."

fn spec.features.orchestratorExplorer.conf.configMap.withItems

withItems(items)

"Items maps a ConfigMap data key to a file path mount."

fn spec.features.orchestratorExplorer.conf.configMap.withItemsMixin

withItemsMixin(items)

"Items maps a ConfigMap data key to a file path mount."

Note: This function appends passed data to existing values

fn spec.features.orchestratorExplorer.conf.configMap.withName

withName(name)

"Name is the name of the ConfigMap."

obj spec.features.orchestratorExplorer.conf.configMap.items

"Items maps a ConfigMap data key to a file path mount."

fn spec.features.orchestratorExplorer.conf.configMap.items.withKey

withKey(key)

"key is the key to project."

fn spec.features.orchestratorExplorer.conf.configMap.items.withMode

withMode(mode)

"mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."

fn spec.features.orchestratorExplorer.conf.configMap.items.withPath

withPath(path)

"path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."

obj spec.features.otlp

"OTLP ingest configuration"

obj spec.features.otlp.receiver

"Receiver contains configuration for the OTLP ingest receiver."

obj spec.features.otlp.receiver.protocols

"Protocols contains configuration for the OTLP ingest receiver protocols."

obj spec.features.otlp.receiver.protocols.grpc

"GRPC contains configuration for the OTLP ingest OTLP/gRPC receiver."

fn spec.features.otlp.receiver.protocols.grpc.withEnabled

withEnabled(enabled)

"Enable the OTLP/gRPC endpoint."

fn spec.features.otlp.receiver.protocols.grpc.withEndpoint

withEndpoint(endpoint)

"Endpoint for OTLP/gRPC. gRPC supports several naming schemes: https://github.com/grpc/grpc/blob/master/doc/naming.md The Datadog Operator supports only 'host:port' (usually 0.0.0.0:port). Default: 0.0.0.0:4317."

obj spec.features.otlp.receiver.protocols.http

"HTTP contains configuration for the OTLP ingest OTLP/HTTP receiver."

fn spec.features.otlp.receiver.protocols.http.withEnabled

withEnabled(enabled)

"Enable the OTLP/HTTP endpoint."

fn spec.features.otlp.receiver.protocols.http.withEndpoint

withEndpoint(endpoint)

"Endpoint for OTLP/HTTP. Default: '0.0.0.0:4318'."

obj spec.features.processDiscovery

"ProcessDiscovery configuration."

fn spec.features.processDiscovery.withEnabled

withEnabled(enabled)

"Enabled enables the Process Discovery check in the Agent. Default: true"

obj spec.features.prometheusScrape

"PrometheusScrape configuration."

fn spec.features.prometheusScrape.withAdditionalConfigs

withAdditionalConfigs(additionalConfigs)

"AdditionalConfigs allows adding advanced Prometheus check configurations with custom discovery rules."

fn spec.features.prometheusScrape.withEnableServiceEndpoints

withEnableServiceEndpoints(enableServiceEndpoints)

"EnableServiceEndpoints enables generating dedicated checks for service endpoints. Default: false"

fn spec.features.prometheusScrape.withEnabled

withEnabled(enabled)

"Enable autodiscovery of pods and services exposing Prometheus metrics. Default: false"

fn spec.features.prometheusScrape.withVersion

withVersion(version)

"Version specifies the version of the OpenMetrics check. Default: 2"

obj spec.features.remoteConfiguration

"Remote Configuration configuration."

fn spec.features.remoteConfiguration.withEnabled

withEnabled(enabled)

"Enable this option to activate Remote Configuration. Default: true"

obj spec.features.sbom

"SBOM collection configuration."

fn spec.features.sbom.withEnabled

withEnabled(enabled)

"Enable this option to activate SBOM collection. Default: false"

obj spec.features.sbom.containerImage

"SBOMTypeConfig contains configuration for a SBOM collection type."

fn spec.features.sbom.containerImage.withAnalyzers

withAnalyzers(analyzers)

"Analyzers to use for SBOM collection."

fn spec.features.sbom.containerImage.withAnalyzersMixin

withAnalyzersMixin(analyzers)

"Analyzers to use for SBOM collection."

Note: This function appends passed data to existing values

fn spec.features.sbom.containerImage.withEnabled

withEnabled(enabled)

"Enable this option to activate SBOM collection. Default: false"

obj spec.features.sbom.host

"SBOMTypeConfig contains configuration for a SBOM collection type."

fn spec.features.sbom.host.withAnalyzers

withAnalyzers(analyzers)

"Analyzers to use for SBOM collection."

fn spec.features.sbom.host.withAnalyzersMixin

withAnalyzersMixin(analyzers)

"Analyzers to use for SBOM collection."

Note: This function appends passed data to existing values

fn spec.features.sbom.host.withEnabled

withEnabled(enabled)

"Enable this option to activate SBOM collection. Default: false"

obj spec.features.tcpQueueLength

"TCPQueueLength configuration."

fn spec.features.tcpQueueLength.withEnabled

withEnabled(enabled)

"Enables the TCP queue length eBPF-based check. Default: false"

obj spec.features.usm

"USM (Universal Service Monitoring) configuration."

fn spec.features.usm.withEnabled

withEnabled(enabled)

"Enabled enables Universal Service Monitoring. Default: false"

obj spec.global

"Global settings to configure the agents"

fn spec.global.withClusterAgentToken

withClusterAgentToken(clusterAgentToken)

"ClusterAgentToken is the token for communication between the NodeAgent and ClusterAgent."

fn spec.global.withClusterName

withClusterName(clusterName)

"ClusterName sets a unique cluster name for the deployment to easily scope monitoring data in the Datadog app."

fn spec.global.withContainerStrategy

withContainerStrategy(containerStrategy)

"ContainerStrategy determines whether agents run in a single or multiple containers. Default: 'optimized'"

fn spec.global.withCriSocketPath

withCriSocketPath(criSocketPath)

"Path to the container runtime socket (if different from Docker)."

fn spec.global.withDisableNonResourceRules

withDisableNonResourceRules(disableNonResourceRules)

"Set DisableNonResourceRules to exclude NonResourceURLs from default ClusterRoles. Required 'true' for Google Cloud Marketplace."

fn spec.global.withDockerSocketPath

withDockerSocketPath(dockerSocketPath)

"Path to the docker runtime socket."

fn spec.global.withLogLevel

withLogLevel(logLevel)

"LogLevel sets logging verbosity. This can be overridden by container. Valid log levels are: trace, debug, info, warn, error, critical, and off. Default: 'info'"

fn spec.global.withNamespaceLabelsAsTags

withNamespaceLabelsAsTags(namespaceLabelsAsTags)

"Provide a mapping of Kubernetes Namespace Labels to Datadog Tags. : "

fn spec.global.withNamespaceLabelsAsTagsMixin

withNamespaceLabelsAsTagsMixin(namespaceLabelsAsTags)

"Provide a mapping of Kubernetes Namespace Labels to Datadog Tags. : "

Note: This function appends passed data to existing values

fn spec.global.withNodeLabelsAsTags

withNodeLabelsAsTags(nodeLabelsAsTags)

"Provide a mapping of Kubernetes Node Labels to Datadog Tags. : "

fn spec.global.withNodeLabelsAsTagsMixin

withNodeLabelsAsTagsMixin(nodeLabelsAsTags)

"Provide a mapping of Kubernetes Node Labels to Datadog Tags. : "

Note: This function appends passed data to existing values

fn spec.global.withPodAnnotationsAsTags

withPodAnnotationsAsTags(podAnnotationsAsTags)

"Provide a mapping of Kubernetes Annotations to Datadog Tags. : "

fn spec.global.withPodAnnotationsAsTagsMixin

withPodAnnotationsAsTagsMixin(podAnnotationsAsTags)

"Provide a mapping of Kubernetes Annotations to Datadog Tags. : "

Note: This function appends passed data to existing values

fn spec.global.withPodLabelsAsTags

withPodLabelsAsTags(podLabelsAsTags)

"Provide a mapping of Kubernetes Labels to Datadog Tags. : "

fn spec.global.withPodLabelsAsTagsMixin

withPodLabelsAsTagsMixin(podLabelsAsTags)

"Provide a mapping of Kubernetes Labels to Datadog Tags. : "

Note: This function appends passed data to existing values

fn spec.global.withRegistry

withRegistry(registry)

"Registry is the image registry to use for all Agent images. Use 'public.ecr.aws/datadog' for AWS ECR. Use 'docker.io/datadog' for DockerHub. Default: 'gcr.io/datadoghq'"

fn spec.global.withSite

withSite(site)

"Site is the Datadog intake site Agent data are sent to. Set to 'datadoghq.com' to send data to the US1 site (default). Set to 'datadoghq.eu' to send data to the EU site. Set to 'us3.datadoghq.com' to send data to the US3 site. Set to 'us5.datadoghq.com' to send data to the US5 site. Set to 'ddog-gov.com' to send data to the US1-FED site. Set to 'ap1.datadoghq.com' to send data to the AP1 site. Default: 'datadoghq.com'"

fn spec.global.withTags

withTags(tags)

"Tags contains a list of tags to attach to every metric, event and service check collected. Learn more about tagging: https://docs.datadoghq.com/tagging/"

fn spec.global.withTagsMixin

withTagsMixin(tags)

"Tags contains a list of tags to attach to every metric, event and service check collected. Learn more about tagging: https://docs.datadoghq.com/tagging/"

Note: This function appends passed data to existing values

obj spec.global.clusterAgentTokenSecret

"ClusterAgentTokenSecret is the secret containing the Cluster Agent token."

fn spec.global.clusterAgentTokenSecret.withKeyName

withKeyName(keyName)

"KeyName is the key of the secret to use."

fn spec.global.clusterAgentTokenSecret.withSecretName

withSecretName(secretName)

"SecretName is the name of the secret."

obj spec.global.credentials

"Credentials defines the Datadog credentials used to submit data to/query data from Datadog."

fn spec.global.credentials.withApiKey

withApiKey(apiKey)

"APIKey configures your Datadog API key. See also: https://app.datadoghq.com/account/settings#agent/kubernetes"

fn spec.global.credentials.withAppKey

withAppKey(appKey)

"AppKey configures your Datadog application key. If you are using features.externalMetricsServer.enabled = true, you must set a Datadog application key for read access to your metrics."

obj spec.global.credentials.apiSecret

"APISecret references an existing Secret which stores the API key instead of creating a new one. If set, this parameter takes precedence over \"APIKey\"."

fn spec.global.credentials.apiSecret.withKeyName

withKeyName(keyName)

"KeyName is the key of the secret to use."

fn spec.global.credentials.apiSecret.withSecretName

withSecretName(secretName)

"SecretName is the name of the secret."

obj spec.global.credentials.appSecret

"AppSecret references an existing Secret which stores the application key instead of creating a new one. If set, this parameter takes precedence over \"AppKey\"."

fn spec.global.credentials.appSecret.withKeyName

withKeyName(keyName)

"KeyName is the key of the secret to use."

fn spec.global.credentials.appSecret.withSecretName

withSecretName(secretName)

"SecretName is the name of the secret."

obj spec.global.endpoint

"Endpoint is the Datadog intake URL the Agent data are sent to. Only set this option if you need the Agent to send data to a custom URL. Overrides the site setting defined in Site."

fn spec.global.endpoint.withUrl

withUrl(url)

"URL defines the endpoint URL."

obj spec.global.endpoint.credentials

"Credentials defines the Datadog credentials used to submit data to/query data from Datadog."

fn spec.global.endpoint.credentials.withApiKey

withApiKey(apiKey)

"APIKey configures your Datadog API key. See also: https://app.datadoghq.com/account/settings#agent/kubernetes"

fn spec.global.endpoint.credentials.withAppKey

withAppKey(appKey)

"AppKey configures your Datadog application key. If you are using features.externalMetricsServer.enabled = true, you must set a Datadog application key for read access to your metrics."

obj spec.global.endpoint.credentials.apiSecret

"APISecret references an existing Secret which stores the API key instead of creating a new one. If set, this parameter takes precedence over \"APIKey\"."

fn spec.global.endpoint.credentials.apiSecret.withKeyName

withKeyName(keyName)

"KeyName is the key of the secret to use."

fn spec.global.endpoint.credentials.apiSecret.withSecretName

withSecretName(secretName)

"SecretName is the name of the secret."

obj spec.global.endpoint.credentials.appSecret

"AppSecret references an existing Secret which stores the application key instead of creating a new one. If set, this parameter takes precedence over \"AppKey\"."

fn spec.global.endpoint.credentials.appSecret.withKeyName

withKeyName(keyName)

"KeyName is the key of the secret to use."

fn spec.global.endpoint.credentials.appSecret.withSecretName

withSecretName(secretName)

"SecretName is the name of the secret."

obj spec.global.fips

"FIPS contains configuration used to customize the FIPS proxy sidecar."

fn spec.global.fips.withEnabled

withEnabled(enabled)

"Enable FIPS sidecar."

fn spec.global.fips.withLocalAddress

withLocalAddress(localAddress)

"Set the local IP address. Default: 127.0.0.1"

fn spec.global.fips.withPort

withPort(port)

"Port specifies which port is used by the containers to communicate to the FIPS sidecar. Default: 9803"

fn spec.global.fips.withPortRange

withPortRange(portRange)

"PortRange specifies the number of ports used. Default: 15"

fn spec.global.fips.withUseHTTPS

withUseHTTPS(useHTTPS)

"UseHTTPS enables HTTPS. Default: false"

obj spec.global.fips.customFIPSConfig

"CustomFIPSConfig configures a custom configMap to provide the FIPS configuration. Specify custom contents for the FIPS proxy sidecar container config (/etc/datadog-fips-proxy/datadog-fips-proxy.cfg). If empty, the default FIPS proxy sidecar container config is used."

fn spec.global.fips.customFIPSConfig.withConfigData

withConfigData(configData)

"ConfigData corresponds to the configuration file content."

obj spec.global.fips.customFIPSConfig.configMap

"ConfigMap references an existing ConfigMap with the configuration file content."

fn spec.global.fips.customFIPSConfig.configMap.withItems

withItems(items)

"Items maps a ConfigMap data key to a file path mount."

fn spec.global.fips.customFIPSConfig.configMap.withItemsMixin

withItemsMixin(items)

"Items maps a ConfigMap data key to a file path mount."

Note: This function appends passed data to existing values

fn spec.global.fips.customFIPSConfig.configMap.withName

withName(name)

"Name is the name of the ConfigMap."

obj spec.global.fips.customFIPSConfig.configMap.items

"Items maps a ConfigMap data key to a file path mount."

fn spec.global.fips.customFIPSConfig.configMap.items.withKey

withKey(key)

"key is the key to project."

fn spec.global.fips.customFIPSConfig.configMap.items.withMode

withMode(mode)

"mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set."

fn spec.global.fips.customFIPSConfig.configMap.items.withPath

withPath(path)

"path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'."

obj spec.global.fips.image

"The container image of the FIPS sidecar."

fn spec.global.fips.image.withJmxEnabled

withJmxEnabled(jmxEnabled)

"Define whether the Agent image should support JMX. To be used if the Name field does not correspond to a full image string."

fn spec.global.fips.image.withName

withName(name)

"Define the image to use: Use \"gcr.io/datadoghq/agent:latest\" for Datadog Agent 7. Use \"datadog/dogstatsd:latest\" for standalone Datadog Agent DogStatsD 7. Use \"gcr.io/datadoghq/cluster-agent:latest\" for Datadog Cluster Agent. Use \"agent\" with the registry and tag configurations for /agent:. Use \"cluster-agent\" with the registry and tag configurations for /cluster-agent:. If the name is the full image string—<name>:<tag> or <registry>/<name>:<tag>, then tag, jmxEnabled, and global.registry values are ignored. Otherwise, image string is created by overriding default settings with supplied name, tag, and jmxEnabled values; image string is created using default registry unless global.registry is configured."

fn spec.global.fips.image.withPullPolicy

withPullPolicy(pullPolicy)

"The Kubernetes pull policy: Use Always, Never, or IfNotPresent."

fn spec.global.fips.image.withPullSecrets

withPullSecrets(pullSecrets)

"It is possible to specify Docker registry credentials. See https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod"

fn spec.global.fips.image.withPullSecretsMixin

withPullSecretsMixin(pullSecrets)

"It is possible to specify Docker registry credentials. See https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod"

Note: This function appends passed data to existing values

fn spec.global.fips.image.withTag

withTag(tag)

"Define the image tag to use. To be used if the Name field does not correspond to a full image string."

obj spec.global.fips.image.pullSecrets

"It is possible to specify Docker registry credentials. See https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod"

fn spec.global.fips.image.pullSecrets.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"

obj spec.global.fips.resources

"Resources is the requests and limits for the FIPS sidecar container."

fn spec.global.fips.resources.withLimits

withLimits(limits)

"Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"

fn spec.global.fips.resources.withLimitsMixin

withLimitsMixin(limits)

"Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"

Note: This function appends passed data to existing values

fn spec.global.fips.resources.withRequests

withRequests(requests)

"Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"

fn spec.global.fips.resources.withRequestsMixin

withRequestsMixin(requests)

"Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"

Note: This function appends passed data to existing values

obj spec.global.kubelet

"Kubelet contains the kubelet configuration parameters."

fn spec.global.kubelet.withAgentCAPath

withAgentCAPath(agentCAPath)

"AgentCAPath is the container path where the kubelet CA certificate is stored. Default: '/var/run/host-kubelet-ca.crt' if hostCAPath is set, else '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt'"

fn spec.global.kubelet.withHostCAPath

withHostCAPath(hostCAPath)

"HostCAPath is the host path where the kubelet CA certificate is stored."

fn spec.global.kubelet.withTlsVerify

withTlsVerify(tlsVerify)

"TLSVerify toggles kubelet TLS verification. Default: true"

obj spec.global.kubelet.host

"Host overrides the host used to contact kubelet API (default to status.hostIP)."

obj spec.global.kubelet.host.configMapKeyRef

"Selects a key of a ConfigMap."

fn spec.global.kubelet.host.configMapKeyRef.withKey

withKey(key)

"The key to select."

fn spec.global.kubelet.host.configMapKeyRef.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"

fn spec.global.kubelet.host.configMapKeyRef.withOptional

withOptional(optional)

"Specify whether the ConfigMap or its key must be defined"

obj spec.global.kubelet.host.fieldRef

"Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs."

fn spec.global.kubelet.host.fieldRef.withApiVersion

withApiVersion(apiVersion)

"Version of the schema the FieldPath is written in terms of, defaults to \"v1\"."

fn spec.global.kubelet.host.fieldRef.withFieldPath

withFieldPath(fieldPath)

"Path of the field to select in the specified API version."

obj spec.global.kubelet.host.resourceFieldRef

"Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported."

fn spec.global.kubelet.host.resourceFieldRef.withContainerName

withContainerName(containerName)

"Container name: required for volumes, optional for env vars"

fn spec.global.kubelet.host.resourceFieldRef.withDivisor

withDivisor(divisor)

"Specifies the output format of the exposed resources, defaults to \"1\

fn spec.global.kubelet.host.resourceFieldRef.withResource

withResource(resource)

"Required: resource to select"

obj spec.global.kubelet.host.secretKeyRef

"Selects a key of a secret in the pod's namespace"

fn spec.global.kubelet.host.secretKeyRef.withKey

withKey(key)

"The key of the secret to select from. Must be a valid secret key."

fn spec.global.kubelet.host.secretKeyRef.withName

withName(name)

"Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?"

fn spec.global.kubelet.host.secretKeyRef.withOptional

withOptional(optional)

"Specify whether the Secret or its key must be defined"

obj spec.global.localService

"LocalService contains configuration to customize the internal traffic policy service."

fn spec.global.localService.withForceEnableLocalService

withForceEnableLocalService(forceEnableLocalService)

"ForceEnableLocalService forces the creation of the internal traffic policy service to target the agent running on the local node. This parameter only applies to Kubernetes 1.21, where the feature is in alpha and is disabled by default. (On Kubernetes 1.22+, the feature entered beta and the internal traffic service is created by default, so this parameter is ignored.) Default: false"

fn spec.global.localService.withNameOverride

withNameOverride(nameOverride)

"NameOverride defines the name of the internal traffic service to target the agent running on the local node."

obj spec.global.networkPolicy

"NetworkPolicy contains the network configuration."

fn spec.global.networkPolicy.withCreate

withCreate(create)

"Create defines whether to create a NetworkPolicy for the current deployment."

fn spec.global.networkPolicy.withDnsSelectorEndpoints

withDnsSelectorEndpoints(dnsSelectorEndpoints)

"DNSSelectorEndpoints defines the cilium selector of the DNS\u202fserver entity."

fn spec.global.networkPolicy.withDnsSelectorEndpointsMixin

withDnsSelectorEndpointsMixin(dnsSelectorEndpoints)

"DNSSelectorEndpoints defines the cilium selector of the DNS\u202fserver entity."

Note: This function appends passed data to existing values

fn spec.global.networkPolicy.withFlavor

withFlavor(flavor)

"Flavor defines Which network policy to use."

obj spec.global.networkPolicy.dnsSelectorEndpoints

"DNSSelectorEndpoints defines the cilium selector of the DNS\u202fserver entity."

fn spec.global.networkPolicy.dnsSelectorEndpoints.withMatchExpressions

withMatchExpressions(matchExpressions)

"matchExpressions is a list of label selector requirements. The requirements are ANDed."

fn spec.global.networkPolicy.dnsSelectorEndpoints.withMatchExpressionsMixin

withMatchExpressionsMixin(matchExpressions)

"matchExpressions is a list of label selector requirements. The requirements are ANDed."

Note: This function appends passed data to existing values

fn spec.global.networkPolicy.dnsSelectorEndpoints.withMatchLabels

withMatchLabels(matchLabels)

"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed."

fn spec.global.networkPolicy.dnsSelectorEndpoints.withMatchLabelsMixin

withMatchLabelsMixin(matchLabels)

"matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed."

Note: This function appends passed data to existing values

obj spec.global.networkPolicy.dnsSelectorEndpoints.matchExpressions

"matchExpressions is a list of label selector requirements. The requirements are ANDed."

fn spec.global.networkPolicy.dnsSelectorEndpoints.matchExpressions.withKey

withKey(key)

"key is the label key that the selector applies to."

fn spec.global.networkPolicy.dnsSelectorEndpoints.matchExpressions.withOperator

withOperator(operator)

"operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist."

fn spec.global.networkPolicy.dnsSelectorEndpoints.matchExpressions.withValues

withValues(values)

"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch."

fn spec.global.networkPolicy.dnsSelectorEndpoints.matchExpressions.withValuesMixin

withValuesMixin(values)

"values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch."

Note: This function appends passed data to existing values