503 lines
25 KiB
YAML
503 lines
25 KiB
YAML
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.9.2
|
|
creationTimestamp: null
|
|
name: schemaexporters.platform.confluent.io
|
|
spec:
|
|
group: platform.confluent.io
|
|
names:
|
|
categories:
|
|
- all
|
|
- confluent-platform
|
|
- confluent
|
|
kind: SchemaExporter
|
|
listKind: SchemaExporterList
|
|
plural: schemaexporters
|
|
shortNames:
|
|
- se
|
|
- schemaexporter
|
|
singular: schemaexporter
|
|
scope: Namespaced
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- jsonPath: .status.contextName
|
|
name: ContextName
|
|
type: string
|
|
- jsonPath: .status.exporterStatus
|
|
name: ExporterStatus
|
|
type: string
|
|
- jsonPath: .status.state
|
|
name: Status
|
|
type: string
|
|
- jsonPath: .metadata.creationTimestamp
|
|
name: Age
|
|
type: date
|
|
- jsonPath: .status.sourceSchemaRegistry.endpoint
|
|
name: SourceSchemaRegistryEndpoint
|
|
priority: 1
|
|
type: string
|
|
- jsonPath: .status.destinationSchemaRegistry.endpoint
|
|
name: DestinationSchemaRegistryEndpoint
|
|
priority: 1
|
|
type: string
|
|
name: v1beta1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: SchemaExporter is the schema for the SchemaExporter API.
|
|
properties:
|
|
apiVersion:
|
|
description: 'APIVersion defines the versioned schema of this representation
|
|
of an object. Servers should convert recognized schemas to the latest
|
|
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
type: string
|
|
kind:
|
|
description: 'Kind is a string value representing the REST resource this
|
|
object represents. Servers may infer this from the endpoint the client
|
|
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: spec defines the desired state of the schema exporter.
|
|
properties:
|
|
configs:
|
|
additionalProperties:
|
|
type: string
|
|
description: 'configs is a map of string key and value pairs. It specifies
|
|
additional configurations for the schema exporter. More info: https://docs.confluent.io/platform/current/schema-registry/schema-linking-cp.html#create-a-configuration-file-for-the-exporter'
|
|
type: object
|
|
x-kubernetes-map-type: granular
|
|
contextName:
|
|
description: contextName specifies the custom context name in the
|
|
destination Schema Registry cluster where the schemas will be exported.
|
|
If this is defined, contextType will be ignored. If this is not
|
|
defined, schemas will be exported to context in destination based
|
|
on contextType.
|
|
type: string
|
|
contextType:
|
|
description: contextType specifies the type of context created in
|
|
the destination Schema Registry cluster of the schema exporter.
|
|
Valid options are `AUTO` and `NONE`. The default value is `AUTO`.
|
|
enum:
|
|
- AUTO
|
|
- NONE
|
|
type: string
|
|
destinationCluster:
|
|
description: destinationCluster specifies the destination Schema Registry
|
|
cluster. If this is not defined, sourceCluster is chosen as the
|
|
destination and the schema exporter will be exporting schemas across
|
|
contexts within the sourceCluster. Schema exporter should be enabled
|
|
in Schema Registry cluster CR with `spec.enableSchemaExporter`.
|
|
properties:
|
|
schemaRegistryClusterRef:
|
|
description: schemaRegistryClusterRef references the CFK-managed
|
|
Schema Registry cluster.
|
|
properties:
|
|
name:
|
|
description: name specifies the name of the Confluent Platform
|
|
component cluster.
|
|
type: string
|
|
namespace:
|
|
description: namespace specifies the namespace where the Confluent
|
|
Platform component cluster is running.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
schemaRegistryRest:
|
|
description: schemaRegistryRest specifies the Schema Registry
|
|
REST API configuration.
|
|
properties:
|
|
authentication:
|
|
description: authentication specifies the REST API authentication
|
|
mechanism.
|
|
properties:
|
|
basic:
|
|
description: basic specifies the basic authentication
|
|
settings for the REST API client.
|
|
properties:
|
|
debug:
|
|
description: debug enables the basic authentication
|
|
debug logs for JaaS configuration.
|
|
type: boolean
|
|
directoryPathInContainer:
|
|
description: 'directoryPathInContainer allows to pass
|
|
the basic credential through a directory path in
|
|
the container. More info: https://docs.confluent.io/operator/current/co-authenticate.html#basic-authentication'
|
|
minLength: 1
|
|
type: string
|
|
restrictedRoles:
|
|
description: restrictedRoles specify the restricted
|
|
roles on the server side only. Changes will be only
|
|
reflected in Control Center. This configuration
|
|
is ignored on the client side configuration.
|
|
items:
|
|
type: string
|
|
minItems: 1
|
|
type: array
|
|
roles:
|
|
description: roles specify the roles on the server
|
|
side only. This configuration is ignored on the
|
|
client side configuration.
|
|
items:
|
|
type: string
|
|
type: array
|
|
secretRef:
|
|
description: 'secretRef defines secret reference to
|
|
pass the required credentials. More info: https://docs.confluent.io/operator/current/co-authenticate.html#basic-authentication'
|
|
maxLength: 30
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
type: string
|
|
type: object
|
|
bearer:
|
|
description: bearer specifies the bearer authentication
|
|
settings for the REST API client.
|
|
properties:
|
|
directoryPathInContainer:
|
|
description: directoryPathInContainer specifies the
|
|
directory path in the container where the credential
|
|
is mounted.
|
|
minLength: 1
|
|
type: string
|
|
secretRef:
|
|
description: 'secretRef specifies the name of the
|
|
secret that contains the credential. More info:
|
|
https://docs.confluent.io/operator/current/co-authenticate.html#bearer-authentication'
|
|
maxLength: 30
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
type: string
|
|
type: object
|
|
type:
|
|
description: type specifies the REST API authentication
|
|
type. Valid options are `basic`, `bearer`, and `mtls`.
|
|
enum:
|
|
- basic
|
|
- bearer
|
|
- mtls
|
|
type: string
|
|
required:
|
|
- type
|
|
type: object
|
|
endpoint:
|
|
description: endpoint specifies where Confluent REST API is
|
|
running.
|
|
minLength: 1
|
|
pattern: ^https?://.*
|
|
type: string
|
|
kafkaClusterID:
|
|
description: kafkaClusterID specifies the id of Kafka cluster.
|
|
It takes precedence over using the Kafka REST API to get
|
|
the cluster id.
|
|
minLength: 1
|
|
type: string
|
|
tls:
|
|
description: tls specifies the custom TLS structure for the
|
|
application resources, e.g. connector, topic, schema, of
|
|
the Confluent Platform components.
|
|
properties:
|
|
directoryPathInContainer:
|
|
description: directoryPathInContainer contains the directory
|
|
path in the container where `keystore.jks`, `truststore.jks`,
|
|
`jksPassword.txt` keys are mounted.
|
|
minLength: 1
|
|
type: string
|
|
jksPassword:
|
|
description: jksPassword specifies the secret name that
|
|
contains the JKS password.
|
|
properties:
|
|
secretRef:
|
|
description: 'secretRef references the name of the
|
|
secret containing the JKS password. More info: https://docs.confluent.io/operator/current/co-network-encryption.html#configure-user-provided-tls-certificates'
|
|
maxLength: 30
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
type: string
|
|
required:
|
|
- secretRef
|
|
type: object
|
|
secretRef:
|
|
description: 'secretRef specifies the secret name that
|
|
contains the certificates. More info about certificates
|
|
key/value format: https://docs.confluent.io/operator/current/co-network-encryption.html#configure-user-provided-tls-certificates'
|
|
maxLength: 63
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
type: string
|
|
type: object
|
|
type: object
|
|
type: object
|
|
sourceCluster:
|
|
description: sourceCluster specifies the source Schema Registry cluster.
|
|
Schema exporter will be set up in the source cluster. If this is
|
|
not defined, controller will try to auto discover Schema Registry
|
|
in the namespace of the schema exporter. If it cannot discover a
|
|
Schema Registry cluster or more than one Schema Registry clusters
|
|
are found, controller will return error. Schema exporter should
|
|
be enabled in Schema Registry cluster CR with `spec.enableSchemaExporter`.
|
|
properties:
|
|
schemaRegistryClusterRef:
|
|
description: schemaRegistryClusterRef references the CFK-managed
|
|
Schema Registry cluster.
|
|
properties:
|
|
name:
|
|
description: name specifies the name of the Confluent Platform
|
|
component cluster.
|
|
type: string
|
|
namespace:
|
|
description: namespace specifies the namespace where the Confluent
|
|
Platform component cluster is running.
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
schemaRegistryRest:
|
|
description: schemaRegistryRest specifies the Schema Registry
|
|
REST API configuration.
|
|
properties:
|
|
authentication:
|
|
description: authentication specifies the REST API authentication
|
|
mechanism.
|
|
properties:
|
|
basic:
|
|
description: basic specifies the basic authentication
|
|
settings for the REST API client.
|
|
properties:
|
|
debug:
|
|
description: debug enables the basic authentication
|
|
debug logs for JaaS configuration.
|
|
type: boolean
|
|
directoryPathInContainer:
|
|
description: 'directoryPathInContainer allows to pass
|
|
the basic credential through a directory path in
|
|
the container. More info: https://docs.confluent.io/operator/current/co-authenticate.html#basic-authentication'
|
|
minLength: 1
|
|
type: string
|
|
restrictedRoles:
|
|
description: restrictedRoles specify the restricted
|
|
roles on the server side only. Changes will be only
|
|
reflected in Control Center. This configuration
|
|
is ignored on the client side configuration.
|
|
items:
|
|
type: string
|
|
minItems: 1
|
|
type: array
|
|
roles:
|
|
description: roles specify the roles on the server
|
|
side only. This configuration is ignored on the
|
|
client side configuration.
|
|
items:
|
|
type: string
|
|
type: array
|
|
secretRef:
|
|
description: 'secretRef defines secret reference to
|
|
pass the required credentials. More info: https://docs.confluent.io/operator/current/co-authenticate.html#basic-authentication'
|
|
maxLength: 30
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
type: string
|
|
type: object
|
|
bearer:
|
|
description: bearer specifies the bearer authentication
|
|
settings for the REST API client.
|
|
properties:
|
|
directoryPathInContainer:
|
|
description: directoryPathInContainer specifies the
|
|
directory path in the container where the credential
|
|
is mounted.
|
|
minLength: 1
|
|
type: string
|
|
secretRef:
|
|
description: 'secretRef specifies the name of the
|
|
secret that contains the credential. More info:
|
|
https://docs.confluent.io/operator/current/co-authenticate.html#bearer-authentication'
|
|
maxLength: 30
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
type: string
|
|
type: object
|
|
type:
|
|
description: type specifies the REST API authentication
|
|
type. Valid options are `basic`, `bearer`, and `mtls`.
|
|
enum:
|
|
- basic
|
|
- bearer
|
|
- mtls
|
|
type: string
|
|
required:
|
|
- type
|
|
type: object
|
|
endpoint:
|
|
description: endpoint specifies where Confluent REST API is
|
|
running.
|
|
minLength: 1
|
|
pattern: ^https?://.*
|
|
type: string
|
|
kafkaClusterID:
|
|
description: kafkaClusterID specifies the id of Kafka cluster.
|
|
It takes precedence over using the Kafka REST API to get
|
|
the cluster id.
|
|
minLength: 1
|
|
type: string
|
|
tls:
|
|
description: tls specifies the custom TLS structure for the
|
|
application resources, e.g. connector, topic, schema, of
|
|
the Confluent Platform components.
|
|
properties:
|
|
directoryPathInContainer:
|
|
description: directoryPathInContainer contains the directory
|
|
path in the container where `keystore.jks`, `truststore.jks`,
|
|
`jksPassword.txt` keys are mounted.
|
|
minLength: 1
|
|
type: string
|
|
jksPassword:
|
|
description: jksPassword specifies the secret name that
|
|
contains the JKS password.
|
|
properties:
|
|
secretRef:
|
|
description: 'secretRef references the name of the
|
|
secret containing the JKS password. More info: https://docs.confluent.io/operator/current/co-network-encryption.html#configure-user-provided-tls-certificates'
|
|
maxLength: 30
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
type: string
|
|
required:
|
|
- secretRef
|
|
type: object
|
|
secretRef:
|
|
description: 'secretRef specifies the secret name that
|
|
contains the certificates. More info about certificates
|
|
key/value format: https://docs.confluent.io/operator/current/co-network-encryption.html#configure-user-provided-tls-certificates'
|
|
maxLength: 63
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
type: string
|
|
type: object
|
|
type: object
|
|
type: object
|
|
subjectRenameFormat:
|
|
description: subjectRenameFormat specifies the rename format for the
|
|
subjects exported to the destination. For example, if the value
|
|
is `my-${subject}`, subjects at destination will become `my-firstSubject`
|
|
where `firstSubject` is the original subject name.
|
|
type: string
|
|
subjects:
|
|
description: subjects specifies the list of subjects to be exported
|
|
by schema exporter. The default value is `["*"]`. This indicates
|
|
all subjects in the default context.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
status:
|
|
description: status defines the observed state of the schema exporter.
|
|
properties:
|
|
appState:
|
|
default: Unknown
|
|
description: appState is the current state of the schema exporter
|
|
application.
|
|
enum:
|
|
- Unknown
|
|
- Created
|
|
- Failed
|
|
- Deleted
|
|
type: string
|
|
conditions:
|
|
description: conditions are the latest available observations of the
|
|
schema exporter's state.
|
|
items:
|
|
description: Condition represent the latest available observations
|
|
of the current state.
|
|
properties:
|
|
lastProbeTime:
|
|
description: lastProbeTime shows the last time the condition
|
|
was evaluated.
|
|
format: date-time
|
|
type: string
|
|
lastTransitionTime:
|
|
description: lastTransitionTime shows the last time the condition
|
|
was transitioned from one status to another.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: message shows a human-readable message with details
|
|
about the transition.
|
|
type: string
|
|
reason:
|
|
description: reason shows the reason for the last transition
|
|
of the condition.
|
|
type: string
|
|
status:
|
|
description: status shows the status of the condition, one of
|
|
`True`, `False`, or `Unknown`.
|
|
type: string
|
|
type:
|
|
description: type shows the condition type.
|
|
type: string
|
|
type: object
|
|
type: array
|
|
contextName:
|
|
description: contextName shows the name of the context in the destination
|
|
Schema Registry cluster where the schemas will be exported.
|
|
type: string
|
|
contextType:
|
|
description: contextType is the contextType of the schema exporter.
|
|
type: string
|
|
destinationSchemaRegistry:
|
|
description: destinationSchemaRegistry shows the destination Schema
|
|
Registry endpoint, authentication type and if it is using TLS.
|
|
properties:
|
|
authenticationType:
|
|
description: authenticationType is the authentication method used
|
|
for Schema Registry.
|
|
type: string
|
|
endpoint:
|
|
description: endpoint is the Schema Registry REST endpoint.
|
|
type: string
|
|
tls:
|
|
description: tls shows whether the Schema Registry is using TLS.
|
|
type: boolean
|
|
type: object
|
|
exporterStatus:
|
|
description: exporterStatus is the status of the schema exporter.
|
|
type: string
|
|
observedGeneration:
|
|
description: observedGeneration is the most recent generation observed
|
|
for this Confluent component.
|
|
format: int64
|
|
type: integer
|
|
sourceSchemaRegistry:
|
|
description: sourceSchemaRegistry shows the source Schema Registry
|
|
endpoint, authentication type and if it is using TLS.
|
|
properties:
|
|
authenticationType:
|
|
description: authenticationType is the authentication method used
|
|
for Schema Registry.
|
|
type: string
|
|
endpoint:
|
|
description: endpoint is the Schema Registry REST endpoint.
|
|
type: string
|
|
tls:
|
|
description: tls shows whether the Schema Registry is using TLS.
|
|
type: boolean
|
|
type: object
|
|
state:
|
|
description: state is the current state of the schema exporter.
|
|
type: string
|
|
subjects:
|
|
description: subjects is the list of subjects exported by the schema
|
|
exporter.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|